• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Electrical Engineering News and Products

Electronics Engineering Resources, Articles, Forums, Tear Down Videos and Technical Electronics How-To's

  • Products / Components
    • Analog ICs
    • Connectors
    • Microcontrollers
    • Power Electronics
    • Sensors
    • Test and Measurement
    • Wire / Cable
  • Applications
    • Automotive
    • Industrial
    • IoT
    • Medical
    • Telecommunications
    • Wearables
    • Wireless
  • Resources
    • Covid-19
    • DesignFast
    • Ebooks / Tech Tips
    • EE Forums
      • EDABoard.com
      • Electro-Tech-Online.com
    • FAQs
    • 2020 LEAP Awards
    • Oscilloscope Product Finder
    • Podcasts
    • Webinars
    • White Papers
  • Videos
    • Teardown Videos
  • Lee’s Teardowns
    • Teardown Videos
  • Learning Center
  • 5G
  • Women in Engineering

SSDs: secure erase or sanitize?

September 10, 2018 By Scott Thornton

When you’re done with a data storage drive, it’s nice to make sure that all of the data is scrubbed from it. A drive that’s returned, repurposed, or discarded can have personal or confidential data on it. Discarded drives have been found with everything from financial and medical data, email, and even pornography on them. New personal computers are migrating from standard Hard Disk Drives (HDDs) to Solid State Drives (SSDs). SSDs are generally faster to access if they are not too large. (Addressing can get cumbersome and start to get slow if you start to have addresses greater than 32-bits long). However, permanently erasing SSDs is not the same as for HDDs. HDDs can be overwritten multiple times, which takes some time to do. However, for most SSDs no overwrite command is available for sanitizing the drive. Methods to sanitize HDDs often do not work on SSDs. Erasure methods are very different between the two storage technologies. The term “sanitize” describes a process where data is irretrievably removed from a storage device such that it is not possible to forensically (or otherwise) reconstruct it.

SSDs

Figure 1: Erasing or sanitizing an SSD should only take a minute or less. (Image source: Micron)

There are a few methods for permanently destroying data on a drive: A Crypto Erase applies to self-encrypting drives that allow you to change the media encryption key. Once the encryption key is changed, the data becomes inaccessible or no longer understandable. Another well-known sanitization operation is to overwrite the existing data with something else. Overwriting data doesn’t work well with SSDs because SSDs don’t work like traditional HDDs. One of the reasons it’s a problem to overwrite NAND flash SSDs is that the system has to issue an ERASE command first before it can perform a WRITE command to the same physical location.

Another way to sanitize NAND flash-based SSD is by using Block Erase on every element in the flash array. Block Erase sets the voltage level on each storage element to a significantly higher level than the standard operating voltage and then drops it to ground. Another method to sanitize a drive is to physically destroy the hard drive platter with a hammer or destroy the silicon chip of the SSD by shredding it or otherwise physically destroying it. (Note: shredding the silicon might damage your shredder machine.) The latter method is final, however, in that the drive is permanently destroyed and cannot be re-used as if fresh out of the box as can be done with other methods. Secure erase will delete the mapping table for the drive but will not wipe all of the blocks that have been written on. Sanitization not only removes the map but also erases all blocks that have been written on. If you have an NVMe SSD, the NVMe specification supports a sanitize command. NVMe, ATA, and SCSI sanitize commands were designed to erase SSD storage that’s accessible via both the host interface and the internal firmware of the drive.

Secure erase is faster, but not as complete. Data on a drive that has been securely erased or sanitized cannot be recovered. If power is interrupted during a secure erase, secure erase may continue as soon as power is restored or the user may need to issue another secure erase command when power is restored. Note that SSD manufacturers do not follow a universal command to sanitize drives.

Erasing an SSD with a Sanitize Block Erase (e.g., on Micron SSDs) can be much faster than using overwrite command on an HDD. On an HDD, a bit-by-bit overwrite operation can take hundreds of minutes since two to three passes are recommended. But on a Micron SSD, for example, the Block Erase command can be implemented on many blocks simultaneously so that a 1TB drive can be sanitized in about one minute (Figure 1). If possible, use the software provided by your SSD manufacturer to sanitize your SSD. Otherwise, you can try manufacturers software to securely erase your drive. Some examples of SSD manufacturer software that’s used to manage the SSD are the Intel SSD Toolbox, the SanDisk SSD Dashboard, Micron SSD Management, or the Samsung Magician Software.

SanDisk SSD Dashboard

Figure 2: Screenshot of the SanDisk SSD Dashboard. (Image source: SanDisk)

But how do you prove that your drive has been sanitized? You can try using data recovery software to see if the data is still accessible. Some companies perform verification of sanitization for drives, such as Kroll Ontrack. The National Institute of Standards and Technology (NIST) offers guidelines for media sanitization in a document called Special Publication 800-88, “Guidelines for Media Sanitation.” (Figure 2) The document covers media sanitization for many media types, include NVMe SSDs, iPhones and iPads, Blackberry, ATA SSDs, SCSI HDDs, USB removable media, and a few other media types.

 

Filed Under: FAQ, Featured, Microcontroller Tips Tagged With: basics, FAQ, Intel, micron, samsung, sandisk

Primary Sidebar

EE Training Center Classrooms

“ee

“ee

“ee

“ee

Featured Resources

  • NEW! EE World Online Learning Center
  • CUI Devices – CUI Insights Blog
  • EE Classroom: Power Delivery
  • EE Classroom: Building Automation
  • EE Classroom: Aerospace & Defense
  • EE Classroom: Grid Infrastructure

Autonomous & Connected Vehicles 2019


RSS Current EDABoard.com discussions

  • What the best way to store data of size ( 90,000 * 32) bit (taken from a text file) using VHDL?
  • HSPICE Simulation refuses to match the Spectre Simulation
  • How to draw a helical coil around a rectangular core in Maxwell?
  • Where can I find the description of each layer in TSMC's pdk?
  • Same geometry but slightly different results

RSS Current Electro-Tech-Online.com Discussions

  • Where has the fun gone?
  • Where can I find a pole pig?
  • Voltage based relay
  • XC8 v2.31 Help: Integer Arithmetic With Numbers Larger Than 32 Bits?
  • new to Ardunio but trying to compile

Oscilloscopes Product Finder

Follow EE World on Twitter

Tweets by @EEWorldOnline

Footer

EE World Online

EE WORLD ONLINE NETWORK

  • DesignFast
  • EDABoard Forums
  • Electro-Tech-Online Forums
  • Microcontroller Tips
  • Analog IC Tips
  • Connector Tips
  • Engineer's Garage
  • Power Electronic Tips
  • Sensor Tips
  • Test and Measurement Tips
  • Wire & Cable Tips
  • 5G Technology World

EE WORLD ONLINE

  • Subscribe to our newsletter
  • Lee's teardown videos
  • Advertise with us
  • Contact us
  • About Us
Follow us on TwitterAdd us on FacebookFollow us on YouTube Add us on Instagram

Copyright © 2021 · WTWH Media LLC and its licensors. All rights reserved.
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media.

Privacy Policy