HyperX Community


SSD Data Wiping: Sanitize or Secure Erase SSDs?

Media reports, Such As This  Computerworld article , Kingston Caused a lot of customers to be Concerned about Their procedures for Securely erasing all data from Their Kingston SSDs. Were like many articles based upon a  University of California San Diego study  revealed That Certain Processes That to wipe data from SSDs data whos left behind.

We will look at what the study says, and Provide You With step-by-step instructions to do a Secure Erase Which will wipe out all data from Kingston V Series G2, V100, V + G2, and V + 100 SSD.

Study: SSDs store data differently from hard disk drives

The Ability to totally erase data from storage devices is a critical component of secure data management, Regardless of Whether the organization is just throwing away an old system or repurposing it for someone else's use. Researchers from the Department of Computer Science and Engineering and one from the Center for Magnetic Recording and Research at the University of California found That Have Existing disk sanitization techniques originally used for hard drives do not work on SSDs Because the internal architecture of an SSD is very different from a that of a hard disk drive.

"Reliable SSD sanitization requires built-in, verifiable sanitize operations," the Researchers wrote.

Most modern SSDs Have That built-in commands instruct on-board firmware to run a sanitization standard protocol on the drive to remove all data. Since the manufacturer has "full knowledge" of the drive's design, These techniques Should be reliable, but Researchers found many of the implementations That Were flawed.

Sanitizing a storage device using ATA Secure Erase

Sanitizing is the removal of sensitive data from a system or storage device with the intent That the data can not be reconstructed by any Known technique. That for data residing on hard drives and solid state drives (SSD), a method Known as ATA Secure Erase is the MOST effective.

ATA Secure Erase is part of the ANSI ATA specification and When to Implemented Correctly, wipes The entire contents of a drive at the hardware level Instead of through software tools. Software tools over-write data on hard drives and SSDs, Often through multiple passes; over-writing The Problem with SSDs Is That Such software tools can not access all the storage areas on an SSD, leaving behind blocks of data in the service regions of the drive (examples: Bad Blocks, Wear-Leveling Blocks, etc.)

When an ATA Secure Erase (SE) command is issued against a SSD's built-in controller That properly supports it, the SSD controller resets all its storage cells as empty (releasing stored electrons) - just THUS restoring the SSD to factory default settings and write performance. When Implemented properly, SE will process all regions Including the protected storage service regions of the half.

Secure Erase is Recognized by the US National Institute for Standards and Technology (NIST), as an effective and secure way to meet legal requirements data sanitization attacks against up to laboratory level. Kingston SSDNow drives support the ATA Security Command for proper data sanitization and destruction.

Data sanitation regulations and organizational requirements

There are Numerous state and federal regulations That Contain Provisions related to the sanitization and disposal of data. For example, at least 10 states enacted laws Have That requires destruction of "personal information" when it is no longer needed for business.

The Health Insurance Portability and Accountability Act ("HIPAA") requires disposal at a formal documentation of procedures to Ensure health information is properly sanitized prior to Being discarded.

The Payment Card Industry Data Security Standard (PCI DSS) 9.10 That requirement stipulates storage media be destroyed when it is no longer needed for business or legal reasons. PCI-DSS is setup to verify That cardholder data on electronic media is rendered unrecoverable via a secure wipe program in Accordance With industry-accepted standards for secure deletion, or Otherwise physically destroying the media.

Additionally, many large private companies are now Requiring That data on all electronic storage media be sanitized prior to the media's sale, donation, transfer of ownership and disposal.

ATA Secure Erase tools

A DOS shareware tool called HDDErase can be used to execute a Secure Erase. HDDErase is available here.

HDDErase is an easy-to-use tool That runs from a DOS bootable drive. In order to run the system BIOS must be HDDErase Set to "IDE" or "Compatibility" mode in order for the drive to be Recognized by HDDErase. HDDErase can only be run on systems That drives are attached to a SATA or IDE ports Directly and not through a USB bridge or enclosure.

Running HDDErase

To execute a HDDErase using Secure Erase, boot from a DOS bootable drive Containing HDDErase and type hdderase, at the command prompt.

Next, HDDErase will confirm you want to run this program, select "and" to proceed. This step will be followed by additional disclaimers and a license agreement. Follow the on-screen instructions.

Next, HDDErase That will confirm all data will be "Deleted" from the selected drive. Select "and" to proceed.

Next, select the drive to be erased. In This example P0 Should be selected.

Next, select "1" to execute a Secure Erase.

Confirm by selecting 'c' to continue

When Secure Erase has finished a message will Appear That Secure Erase is complete.

Just enter N and exit.

The web site has detailed documentation on This utility.

Proper Sanitation of Kingston SSDs: Secure Erase Use Only

Secure Erase using a utility That properly implements the ATA Secure Erase command is the best way to Effectively wipe all data from a Kingston SSD.

One key benefit for IT - Secure Erasing an SSD no longer requires the 6 or more hours required for a multi-pass wipe hard drive. On a 256GB Kingston SSDNow V + 100, to Secure Erase can be completed in 2 minutes. Some SSDs can take longer, but not nearly as long as mechanical hard drives!

Author: Cameron Crandall - Kingston Technology

runCallbackScript();