The time has come for businesses to seriously evaluate how they will prepare for solid state drive decommissioning. Just a few years ago, SSDs were only beginning to make a home in enterprise and cloud data centers, as flash storage was still fairly expensive. However, gradual cost declines have combined with new performance demands to make SSDs popular. As these storage devices go through their service lives, companies must figure out how they will properly erase data – a complex process with an SSD.
Flash on the rise
To understand the problem of destroying flash-based storage devices, organizations must first consider just how pervasive the technology is. It may not seem like much, but continued iterative flash storage penetration growth is hitting a tipping point as more companies embrace the technology. Liz Conner, research manager for storage systems at IDC explained that a consistent move away from traditional storage technologies is well underway.
“The enterprise storage market closed out the first quarter relatively flat, yet adhered to a familiar pattern,” said Conner. “Spending on traditional external arrays continues to slowly shrink while spending on all-flash deployments once again posted strong growth and helped to drive the overall market. Meanwhile the very nature of the hyperscale business leads to heavy fluctuations within the market segment, displaying solid growth in 1Q17.”
Developing strategies to destroy flash-based storage media, particularly SSDs, begins with understanding precisely why they are so hard to destroy.
“Companies must figure out how they will properly erase data – a complex process with an SSD.”
SSDs and the data deletion problem
Flash memory has long been used in system cache, DRAM and similar solutions. In these settings, a basic flash configuration is used next to a switch that adjusts the charge of transistors to write a 0 or 1 and store data. Once the power is turned off, the data is deleted. SSDs are designed to take the high performance of flash memory and combine it with the long-term storage offered by hard disks. This was eventually accomplished using floating gate transistors.
In a floating gate transistor, the charge is maintained consistently within the storage device, and quantum tunneling is used to switch the charge between a 0 or 1. As a result, the data is stored permanently to the chip, without any moving parts or magnetic charges. The ability to retain charge and provide resilient storage makes SSDs incredibly difficult to destroy, a point that is accentuated by how the floating gate system works when expanded across an entire storage device.
An SSD is structured to store data in pages and blocks. Each block will contain a certain number of pages, and these pages contain a certain amount of data storage capacity. As the SSD controller works to store data intelligently, it will find a blank page and write data to it until a block is full. Once all of the blocks are full, the controller will identify unused pages every time it needs to write new data to the drive. From there, the SSD will memorize data structures and reorganize pages and blocks to make space for the new information. SSDs don’t rewrite over old data, they simply move it around and reorganize it so eke out capacity. Information is never truly erase.
Encryption – The first step toward SSD deletion
Because SSDs are designed to retain data and constantly move it around rather than lose it, a software erase is extremely difficult to complete. A Lifehacker report recommended that people encrypt their SSDs to protect data. Instead of erasing data, an encryption tool will put the data in code, making it nearly impossible to read.
The problem with encryption comes with the core concept of a code. Once a code is broken, the data is completely visible. For most people and data types, that won’t matter because the effort that goes into breaking a good encryption code isn’t worthwhile. However, organizations handling particularly sensitive information need to do more than just encrypt because data thieves may have the motivation or resources needed to break through the code and steal data. For SSDs, physical destruction through shredding is often the best option.
“Proper SSD destruction depends on specialized tools.”
Physical SSD destruction
A ZDNet report pointed out that the combination of TRIM commands and built in garbage collection tools – systems designed to ensure data stored on SSDs is never truly lost – create unique challenges for data destruction. The news source eventually recommends physical destruction as a simple, safe way to physically destroy SSDs. However, ZDNet’s focus on a consumer audience means it suggests hammers, nails and similar methods, which are not precise enough for the enterprise. SSD shredders are necessary when sensitive data is involved.
Shredding isn’t as simple as chopping an SSD into small pieces. Instead, proper SSD destruction depends on specialized tools that will shred the device into small enough bits to leave the data entirely unrecoverable. Think back to our discussion around floating gate transistors and data pages – those storage methods make for an incredibly small storage footprint, and shredding must be so fine as to undo the veracity of the floating gate and make data inaccessible. This is exactly what professional SSD shredders do.
The issue, for most businesses, is that they don’t necessarily have the resources to invest in a shredder that is only good for SSDs. This is where Proton Data Security offers an advantage. Our PDS-88 Solid State Media Shredder can shred any device using solid state storage media. This can include:
- SD cards.
- Flash drives.
Furthermore, the shredder can even handle CDs and DVDs, providing a varied and reliable data destruction tool that complies with NIST, HIPAA, ISO and PCI DSS regulations.
Flash storage is uniquely designed for data resiliency, a problem that can cause problems for businesses as they work to establish hardware decommissioning plans for their initial flash investments. A good media shredder can offer companies the tools they need to not only handle SSDs, but also help destroy the myriad device types that are storing sensitive business data.