Beware of Drive Erasure Problems on SSD Drives

There is a lot of interesting research going on right now with the processes and tools that may be useful in erasing the new solid state drives that many laptops and other systems are using. The traditional methods of magnetic cleansing (degaussing), and even file over-write tools that have been in use now for decades in many organizations, have little to no effect on removing sensitive data on these solid state drives.

Here is a nice article explaining some of the problems.

As described in the article, it seems that many of our current data management and cleansing techniques simply do not apply to these solid state memory-based devices. This makes drive encryption all the more urgent, as these systems are beginning to pop up in many organizations that are starting their hardware refresh processes after delaying them due to economic conditions.

If you are an information security team, or an IT team considering such purchases, please make appropriate cryptography a part of your solution. Many solutions exist by a variety of vendors today with pricing ranging from near zero to the cost of full-scale commercial enterprise implementations in the hundreds of thousands of dollars. Complexity also ranges from trivial and built into the operating system to quite high, depending on centralized management and remote assistance capabilities.

No matter how you to choose to address the problem, the key factor is that you are aware that SSD systems are a different animal with unique challenges versus traditional hard disks. Knowing that will at least put you on the right path toward investigating a solution and updating your processes.