Sanitizing SSDs

This paper (warning: PDF) from the Usenix FAST conference looks at an interesting question: with hard drives quickly giving way to solid-state drives (SSDs), how do we securely wipe data from workstations using the new technology?

From the paper:

Reliably erasing data from storage media (sanitizing the
media) is a critical component of secure data manage-
ment. While sanitizing entire disks and individual files is
well-understood for hard drives, flash-based solid state
disks have a very different internal architecture, so it
is unclear whether hard drive techniques will work for
SSDs as well.

We empirically evaluate the effectiveness of hard
drive-oriented techniques and of the SSDs’ built-in san-
itization commands by extracting raw data from the
SSD’s flash chips after applying these techniques and
commands. Our results lead to three conclusions:
First, built-in commands are effective, but manufactur-
ers sometimes implement them incorrectly. Second,
overwriting the entire visible address space of an SSD
twice is usually, but not always, sufficient to sanitize the
drive. Third, none of the existing hard drive-oriented
techniques for individual file sanitization are effective on
SSDs.

Leave a Reply

Your email address will not be published. Required fields are marked *

*