Until the results of a study were released late last month, few storage experts thought that it would be more challenging to erase data stored on solid-state drives than it would be to delete data from hard disk drives.
"I don't think anyone ever knew about this," said Bruce Schneier, chief security technology officer at BT Group and author of multiple books on data security matters.
Other industry experts acknowledged that they were also surprised by the findings of researchers at the University of California. However, they mostly agreed that some SSD sanitation methods can work better than others.
For example, some noted that SSDs with native encryption capabilities can usually prevent data from being accessed, even after a drive's end of life.
The study found that completely erasing data stored on SSDs is at best a difficult task and at worst nearly impossible. While overwriting data a number of times can ensure data erasure on many SSDs, the researchers found that they were still able to recover data on some overwritten drives.
The UCSD researchers tested 12 SSDs and identified that none of the available software techniques for erasing individual files was fully effective.
The researchers did not identify the products used in the test.
In a paper titled "Reliably Erasing Data from Flash-Based Solid State Drives," the researchers reported that "all single-file overwrite sanitisation protocols failed" and "between 4% and 75% of the files' contents remained on the SATA SSDs."
USB flash drives didn't do much better. Between 0.57% and 84.9% of data remained on the drives after an overwrite was attempted.
The researchers even tried overwriting free space on the SSDs and defragmenting them to redistribute data and encourage the flash translation layer to reuse more physical storage locations. That process also proved mostly ineffective, they said.
Data on only one third of the 12 SSDs tested was erased when researchers used the native "Erase Unit" command in the drives. In that test, one SSD had reported itself to be fully sanitised, yet researchers were able to recover data on the drive.
Kent Smith, senior director of product marketing at SSD controller maker SandForce Inc., said most data stored on an SSD should be safe when cryptographic erasure processes are used.
The technique calls for first encrypting an SSD, which would allow access only to those with passwords. When the SSD reaches the end of its life, the user can delete the encryption keys, which Smith said would remove the possibility of unencrypting and accessing the data.
"Unless you can break the 128-bit AES encryption algorithm, there's just no way to get to the data," Smith said.
The UCSD researchers agreed that crypto-erasure is a good way to ensure that an SSD can be sanitised at its end of life or when it's entered for reuse.
Schneier is a fan of using inexpensive SSDs and encrypting their data with freeware, such as TrueCrypt, or with relatively low-cost products, like PGPdisk.
SSD makers are pushing the National Institute of Standards and Technology to redefine some of the military erase overwrite protocols to recognize that encrypted drives can be cryptographically erased without the need to overwrite the flash.
"But that's not happening tomorrow," Smith said. "Government agencies take a long time to embrace standards."
Return to security news headlines
View Security News Archive