webinar- overcoming the unseen data destrution issues in solid state drives
TRANSCRIPT
1
Overcoming the Unseen Data Destruction Issues in Solid State Drives
© 2017 Blancco Oy Ltd. All rights Reserved.
2© 2017 Blancco Oy Ltd. All rights Reserved.
Meet Our Speakers
Russ Ernst
Vice President, Product Management, Blancco
Technology Group
Neil Simmons
Director of Business Process
and Engineering, Arrow Value Recovery
Steve Manalac
Sr. Manager of Technical Engineering, Arrow Value
Recovery
© 2017 Blancco Oy Ltd. All rights Reserved.
Exploring Different SSD Technologies & How Data Is Stored
Vendor & Interface Issues
Data Destruction Methods: What Works vs. What Doesn’t Work
DEMO: Using Blancco Drive Eraser to Sanitize SSDs
SSD Market Trends
4© 2017 Blancco Oy Ltd. All rights Reserved.
SSD Market Trends
5© 2017 Blancco Oy Ltd. All rights Reserved.
SSD Market Is Poised for Growth
Source: TrendFocus, SSD Market At Glance in Q2 2016
6© 2017 Blancco Oy Ltd. All rights Reserved.
Source: TrendFocus, SSD Market At Glance in Q2 2016
• The price computer makers paid for SSDs dropped by as much as 12%
• A 128GB SSD now retails between $38 and about $49 (Amazon) and a 250GB SSD runs from $52-$81 (Amazon)
• Growth is driven by cloud computing, performance advantages of SSDs over HDDs, an increase in the number of data centers and rising big data applications
The SSD Sweet Spot
7© 2017 Blancco Oy Ltd. All rights Reserved.
LIVE POLL: Does your organization currently use SSDs as its primary storage method?
• Yes• No• No, but we’re planning to invest more in SSDs in the near future
8© 2017 Blancco Oy Ltd. All rights Reserved.
Exploring Different SSD Technologies & How Data Is Stored
9© 2017 Blancco Oy Ltd. All rights Reserved.
SSDs vs. HDDs: Understanding the Differences
SSDs (Flash): • More choice when modernizing
storage environment
• Fast speeds
• High cost
• Less power consumption
• Improved data center performance
HDDs (Spinning Media):• Easy to buy in stores
• Slow speeds
• Affordable (dollars per gigabyte)
• Less durable
• Bulkier form factor
10
Three Popular SSD Formats
© 2017 Blancco Oy Ltd. All rights Reserved.
NVMe
• Better hardware interface
• Shorter hardware data path
• Simplified data stack
• Suitable for buffering and caching applications
• Suitable for loading databases
• Popular due to the large demand for video for customer apps
PCIe SATA • Essentially the 1st
type of SSD deployed to the marketplace
• Represents the majority of the volume
• Use the standard SATA interface making it possible to upgrade devices with HDDs
• They physically fit in many device types
11© 2017 Blancco Oy Ltd. All rights Reserved.Source: www.usenix.org
How Data Is Stored on SSDs
12© 2017 Blancco Oy Ltd. All rights Reserved.
Vendor & Interface Issues
13© 2017 Blancco Oy Ltd. All rights Reserved.
Vendor & Interface Issues
• SSDs can reserve an additional percentage of total drive capacity/memory space as a provision for background activities, such as garbage collection.
• Some SSD manufacturers provide software tools to allow for over-provisioning of drives by the user.
• Even without special software, any user can set aside a portion of the SSD when first setting it up in the system by creating a partition that does not use the drive’s full capacity.
14© 2017 Blancco Oy Ltd. All rights Reserved.
Data Destruction Issues: What Works & What Doesn’t
15© 2017 Blancco Oy Ltd. All rights Reserved.
LIVE POLL: How does your organization currently sanitize SSDs?
• Degaussing• Cryptographic erasure• Physical destruction• Secure data erasure • None of the above• I don’t know
16© 2017 Blancco Oy Ltd. All rights Reserved.
Degaussing: Why It Isn’t Effective
• SSDs use integrated circuit assemblies to store data, unlike traditional HDDs
• Because SSDs don’t store data magnetically, degaussing isn’t capable of securely destroying data on them
17© 2017 Blancco Oy Ltd. All rights Reserved.
Crypto Erase: The Underlying Issues
• Implementation issues
• Broken crypto keys
• Data remanence
• Side channel attacks
• Human errors
• Policy/regulatory compliance issues
18© 2017 Blancco Oy Ltd. All rights Reserved.
Physical Destruction: Why It’s Not Ideal
• SSDs are not fully destroyed by standard hard drive shredders; IC chips can remain intact and recovered
• If/when 3rd party asset recycler is used, insecure transportation of SSDs could lead to data loss/theft
• Harmful toxic waste
19© 2017 Blancco Oy Ltd. All rights Reserved.
Secure Data Erasure: Why It Works• Overwrites the data multiple
times (as many as possible) and scrubs the data all the way down into the over-provisioned cells
• Overwrites more data within the uncompressible data stream --> data is erased all the way down into the over-provisioned cells
• Unless you can independently verify a drive is really deleting your data, most of the ‘pre-installed’ data wiping utilities aren’t secure or reliable
Researchers from Department of Computer Science and Engineering at the University of California, San Diego
tested 12 SSDs
20© 2017 Blancco Oy Ltd. All rights Reserved.
Questions to Ask Before Selecting a Data Erasure Method & Solution
21© 2017 Blancco Oy Ltd. All rights Reserved.
DEMO: Blancco Drive Eraser
22© 2017 Blancco Oy Ltd. All rights Reserved.
• Universally Suitable• Ensures SSDs are securely erased regardless of make or model• Covers most common SSD interfaces, including SATA and SAS
• Any Freeze Lock on the SSD Is Automatically Removed• Freeze lock removal procedure, mandatory step to securely erase SSDs
• Multiple Random Overwrites• Truly random / uncompressible data, not merely a repeating bit pattern• Double pass ensures data is written across the full logical capacity of the
SSD (and not just compressed)• Firmware Level Erasure• Leverages essential internal erasure commands to secure SSDs
• Full Verification• Ensures operational validity of the drive• Detects any anomalies in the erasure process
Blancco Patented SSD Erasure Method
23© 2017 Blancco Oy Ltd. All rights Reserved.
Dedicated erasure standard, can be used as the default eraser
SSD Erasure Standard
24© 2017 Blancco Oy Ltd. All rights Reserved.
Possibility to switch automatically SSDs to “Blancco SSD Erasure”
Default to SSD Erasure
25© 2017 Blancco Oy Ltd. All rights Reserved.
If an SSD is detected on the machine, a popup informs about its presence
SSD Detection
26© 2017 Blancco Oy Ltd. All rights Reserved.
Blancco SSD Erasure clearly called out as the erasure method
SSD Erasure
27© 2017 Blancco Oy Ltd. All rights Reserved.
SSD is clearly reported in the erasure certificate
SSD Erasure Report
28
Arrow’s Value Recovery group specializes in IT asset recovery and reverse supply chain solutions and partners with Blancco Technology
Group to ensure data-bearing equipment is properly sanitized.
How Arrow Helps Organizations:• Protect their brand• Ensure data security and compliance• Contribute to corporate sustainability and environmental stewardship• Maximize value return on technology
© 2017 Blancco Oy Ltd. All rights Reserved.
Today’s Webinar Sponsor
29© 2017 Blancco Oy Ltd. All rights Reserved.
Q&A
30© 2017 Blancco Oy Ltd. All rights Reserved.
Content You May Find Useful:
“A Look Inside SSDs and the Unseen Data Destruction Risks”: https://www.blancco.com/resources/white-papers/a-look-inside-ssds-unseen-data-destruction-risks/
“The Leftovers: A Data Recovery Study”: http://info.blancco.com/en-rs-leftovers-a-data-recovery-study
“The Information End Game: What You Need to Know to Protect Corporate Data Throughout its Lifecycle”:
http://www2.blancco.com/en/white-paper/the-information-end-game-what-you-need-to-know-to-protect-corporate-data