We speak often of securing data at rest (DAR) since it’s important to our customers. Secure DAR solutions call for equipping an SSD with a hardware encryption engine (EE). This self-encrypting drive (SED) automatically encrypts any data as it’s written to the drive and automatically decrypts data as it’s read from the drive. 

When we talk about securing DAR, it’s easy to think of data currently stored in drives in notepads, laptop, or desktop computer. However, at some point, the computer or drive will be upgraded. Or transferred to someone else. Or simply reused. These cases offer significant security concerns if data is left on these systems.

Especially if the drive contains confidential, sensitive, or classified information.

So, it is necessary to be able to securely erase SSDs. In this context, the term ‘sanitation’ refers to rendering access to the data on the drive infeasible for a given level of effort.

Some users mistakenly assume that using standard operating system-based “delete” functions is sufficient to sanitize the drive. However, this is not the case because these functions simply update the drive’s directory while leaving the data untouched. Even a “format drive” command does not erase data stored on the drive (it just makes it harder to find).

Media Sanitation Methods

The three commonly recognized types of media sanitation are Clear, Purge, and Destroy. Clear applies logical techniques to sanitize data in all user-addressable storage locations; for example, using operating system-based “write” functions to write 0s into all locations. At the other end of the sanitization spectrum we have Destroy, which may involve shredding, grinding, disintegrating, pulverizing, melting, or incinerating the drive. Conceptually residing between Clear and Destroy is Purge, which applies physical or logical techniques that render data recovery infeasible using state of the art laboratory techniques. In the case of HDDs, for example a common Purge technique is to apply a strong magnetic field in a process called degaussing (if the field is strong enough to render the drive inoperable, degaussing transitions to being considered as a Destroy technique).

Although HDDs and SDDs perform the same function (store data) from a user perspective, they have different internal architectures. In the case of SSDs, there are four main areas where data is stored: system area blocks, active data blocks, spare blocks (which can contain old copies of user data), and retired blocks (damaged blocks that can contain old copies of user data).

Since different makes of HDDs and SDDs have different architectures, drive manufacturers provide methods to securely erase their drives. For example, Secure Erase is a drive format command that will write 0s into every area where data is stored on the drive, whether it’s an HDD or SSD. Note that Secure Erase is a software-driven task. A higher-performing alternative, independent of the host computer, is a dedicated hardware device such as the WiebeTech® NVMe Drive eRazer™ for NVMe SSDs or the Drive eRazer Ultra for SATA devices.

Crypto Erase and PSID Revert

In the case of SEDs from DIGISTOR, there are two options to securely erase data: Crypto (Cryptographic) Erase and PSID Revert:

• • • Crypto Erase wipes any cryptographic keys stored on the drive, which makes any encrypted data stored on the drive unreadable and useless to a bad actor. If time is of the essence, as can be the case in military deployments in the field, for example, then using Crypto Erase deletes access to encrypted data in a matter of seconds.

      Note that NIST cautions that there are instances in which Crypto Erase is not appropriate. For example, when there are questions whether the keys have been securely managed. Another example is if data existed on the drive before encryption was initiated. Section 2.6 of the NIST Guidelines for Media Sanitation discusses these cases, as well as others.
       

    • PSID Revert provides an “Instant Security Erase”. PSID Revert is a feature that erases all data of SED drive with Opal-activated encrypted data structure by reverting SSD with PSID. Since the key is reset, the previously encrypted data cannot be accessed anymore.

At DIGISTOR, we specialize in helping military and government agencies and commercial entities of all sizes find the right encrypted storage solution to secure their DAR. With a wide range of secure storage offerings, from bare drives to removable solutions to Commercial Solutions for Classified (CSfC)-ready SSDs, we can assist you with specifying the appropriate storage devices to secure your important data. If you have any questions as to how securing DAR might apply to your own data security requirements, please feel free to contact us.

Further Reading

NIST Special Publication 800-88, Revision 1: Guidelines for Media Sanitization (Published February 5, 2015)