How Secure is SSD Encryption Really?

Dec 10, 2019

When your South Dakota company spends money to upgrade hardware, there are several priorities;  It has to meet your needs now and in the foreseeable future, it has to integrate with current operating systems, and of course it must be secure.

When it comes to solid-state drives (SSDs) that store data, security is of the utmost importance.  As a business owner, you have a legal responsibility to protect the sensitive data your customers entrust to you.

There are several ways to protect data on your network, but when it comes to storage, encryption is a common solution.  Encryption protects your data even if hackers somehow break through your firewall or other defenses.

Unfortunately, a recent study uncovered an alarming vulnerability in some SSD security that could be exploited to unlock all the content stored within.  How secure is your SSD encryption?  Here’s what you need to know.

Radboud Research

Radboud University in the Netherlands released research last year that proved some SSDs, including both internal (computer, laptop, etc.) and external (USB connected) storage devices, may not be as secure as we’d like to believe, even with use of encryption software.  While the research team notified affected manufacturers like Crucial and Samsung, the models found to be compromised were widely available commercially, and considering how long many companies keep SSDs, many are likely still in use.

What went wrong with these devices?  The problem lies with the popular BitLocker encryption software used by Windows.  The default setting is hardware encryption, but this leaves certain SSDs open to attack by which the password validation routine is modified, allowing hackers to bypass security features like a password and instantly access data.

How to Secure Your Data

The good news is there’s a way to defend against attack, even if you have affected SSDs and you’re using BitLocker.  All you have to do, according to researchers, is select the software encryption setting for BitLocker, rather than relying solely on the default hardware encryption.

There is a catch, though.  If you do this with SSDs that you’ve already integrated into your system, any existing data will not be re-encrypted under the new settings.  If you install a brand new SSD with proper settings, you should be fine.  For older devices, nothing but a total wipe and reinstallation with new settings implemented will do.

Moving Forward

If you’re working with older SSDs or models known to be subject to this particular flaw, there’s no easy way to protect vulnerable data.  You’ll have to migrate the data to secure drives in order to wipe and reinstall existing devices, at which point you may simply decide to upgrade to new, more secure SSDs, especially considering recent technological advances that significantly increase storage capacity.

In this case, you’ll still need to properly dispose of data on your drives for security purposes.  The best way to do this is working with a certified ITAD (IT Asset Disposition) service provider for SSD wiping or SSD shredding to ensure all data is completely destroyed.

When it’s time for your South Dakota business to upgrade to new SSDs and destroy old hardware, contact the experienced and reliable team at SEAM at 605-274-7326 (SEAM) or online to request a quote.

SEAM provides IT recycling and data destruction services including onsite shredding and hard drive wiping to South Dakota, North Dakota, Minnesota, Iowa, and Nebraska.

Schedule a pickup or contact us for more information.