| |||||||||
| |||||||||
Current Filter: >>>>>> Erasing the data on Solid State Drives: Impossible or just difficult? Editorial Type: Industry Focus Date: 01-2014 Views: 3055 Key Topics: Security Solid State Drives Storage Risk Management Encryption Key Companies: ADISA University of South Wales Key Products: Key Industries: | |||
| Thanks to Solid State Drives (SSD), the wider world has now become our office. But there are many thorny issues regarding the retirement of these assets. Steve Mellings, ADISA, and Professor Andrew Blyth, University of South Wales, offer their expert insights How and where we work has changed dramatically in the past 10 years. Users now demand the ability to work where they like, which has seen technology move from desk-based devices to a multitude of platforms usedin the workplace. Manufacturers have re-energised the market by introducing smaller, lighter, but more powerful devices, which has allowed more productive working practices to evolve. Consequently, working on trains, in hotels and at home has now become part and parcel of everyday life. A key component in facilitating this has been the evolution of NAND-based storage technology. Commonly referred to as Solid State Drives (SSD), this new small form factor storage has allowed devices to become more portable, faster and more utilitarian. Adoption of this technology has led to a series of challenges later within the product lifecycle, which were perhaps not considered at the point of deployment. Issues surrounding device security and management are well documented, but new concerns have emerged regarding the retirement of these assets. Too many businesses are unaware of the challenge of competently erasing SSD and are either allowing uncontrolled risk into the organisation or adopting a risk avoidance approach at end of life. So what exactly are these issues and how can we resolve them?
CHALLENGES OF DATA OVERWRITING There are a range of technical functions that happen during the operation of SSD, including wear levelling, garbage collection and data compression. During in-life use, these processes are the very core of the benefit of using SSD, but at end of life they become a significant handicap when validating traditional data overwriting techniques. Traditional overwriting (commonly referred to as data erasure) is achieved by writing a series of characters to all addressable areas of a magnetic hard drive. Validating that this has occurred is easy, as a sample of sectors can be read, with confirmation that either (a) there is no information present or (b) consistent overwriting patterns are in place. For SSD overwriting, there are different approaches. Three of the most common are:
• A known pattern of data is written from the start of the device to the end of the device. The number of times that this process is repeated is derived from the implementation of the wear levelling algorithm. The algorithm is implemented differently by each vendor and on different devices from the same vendor, so the number of necessary overwrites to successfully remove all data varies The key problem when dealing with SSD is how do we validate that the overwriting process has been successful? A successful overwrite could be measured in two ways: (a) that all physical memory locations have been overwritten or (b) that there is no data recoverable using forensic techniques.
Page 1 2 | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |