Solid-state drives are fast becoming popular replacements for hard drives, especially in laptops, but experts caution that SSDs aren't as secure as commonly thought.
SSDs may offer better data security than traditional hard drives, but they do not completely erase data and are vulnerable to physical hacks from light sources like an ultraviolet laser, experts say.
Despite their relatively high cost and concerns about durability, SSDs are gaining popularity, particularly for use in laptops, because they consume less power and access data more quickly. Securing data on SSDs could become a larger issue when the technology becomes more widely used and reaches other portable devices like smart phones, experts said.
Many SSDs use industry-standard NAND flash chips that were designed for cameras and MP3 players, so they have no physical security hooks that prevent them from being removed from enclosures, said Jim Handy, director of Objective Analysis, a semiconductor research and consulting firm. A hacker could easily unsolder NAND chips from an SSD and read the data using a flash chip programmer.
Once the data is read, the files could be reassembled using data recovery software, Handy said. "There's really nothing sophisticated about this process," he said.
Another physical hack involves using an ultraviolet laser to wipe out lock bits -- or encryption locks -- from fuses on chips that secure SSDs, said a chip hacker who prefers to be called Bunnie and runs the blog site bunnie studios. Data arrays from SSDs can be read using standard means after the lock bits are wiped.
"No fancy equipment is required to read the [data] array once it is unlocked," Bunnie said. For example, the data arrays can be read using conventional ROM readers, devices typically meant to burn and verify unsecured ROM devices.
To lessen chances of hackers stealing data, encryption keys could be integrated inside the SSD controller device to handle disk encryption at the hardware level, said Craig Rawlings, marketing director at Kilopass. Kilopass sells products using XPM (extra permanent memory) technology that stores keys in system-on-chip devices.
Encryption keys can be hacked, but experts agreed that encryption is the necessary first step to secure data on SSDs. Many companies, including Safend and Encryptx, have products that encrypt data on storage devices including SSDs.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. How to improve employee productivity in small and medium businesses
Achieving the impossible: Unlimited application scalability
Data grids and service-oriented architecture
Everything you need to know about email and web security (but were afraid to ask)
CRM your salespeople will love
Wireless LANs: Is my enterprise at risk?
Controlling storage costs with Oracle database 11g
IT Service Management Needs and Adoption Trends: An Analysis of a Global Survey of IT Executives
- White PaperYour organisation may well have devised and implemented an Acceptable Use Policy (AUP) some time ago in order to guard against the risks of inappropriate use of computer systems by your workers, but are you confident that your AUP remains 'fit for purpose'? Read on to discover how you can enhance the effectiveness of your AUP.
- White PaperJoin industry expert Bob Spurzem and Chuck Arconi of Fox Hollow to discover how to reduce Exchange total storage and keep it at a manageable level. Learn how Exchange storage growth can be contained without sacrificing security and accessibility.
- White PaperDiscover how the integration of disparate technologies in your company can lead to greater user productivity, improved management, lower costs, higher efficiency, and easier risk mitigation.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
CBS website bitten by iFrame hack 02 December, 2008 07:30:00
Russian malware distributors have launched another iFrame attack on a sub-domain of the cbs.com site.TV network CBS has become the latest big name to have it website used to host malware, a security company has reported. - +
Excerpt: Counterterrorism Strategies for Corporations 27 November, 2008 12:36:00
Mike Ackerman calls terrorism "the skunk at the globalization lawn party." His new book lays out 10 principles for how businesses can prepare and respond.Mike Ackerman calls terrorism "the skunk at the globalization lawn party." His new book lays out 10 principles for how businesses can prepare and respond. - +
The 10 Ackerman Principles of Counterterrorism 27 November, 2008 12:43:00
Consultant and author Mike Ackerman's 10 counterterrorism principles for business.Consultant and author Mike Ackerman's 10 counterterrorism principles for business. - +
Survey: Despite Risks, Employees Still Holiday Shop at Work 27 November, 2008 10:02:00
As Cyber Monday approaches, research suggests a majority of workers will use their work computer to shop this holiday season. But despite the continued growth in online shopping, employees and business still don't understand the riskAs Cyber Monday approaches, research suggests a majority of workers will use their work computer to shop this holiday season. But despite the continued growth in online shopping, employees and business still don't understand the risk. - +
Why Cybercrime is Thriving 27 November, 2008 11:52:00
A new Symantec report reveals just how large and sophisticated the online underground economy has grownA new Symantec report reveals just how large and sophisticated the online underground economy has grown.
FrontRange Solutions launches HEAT Plus Mobile to reduce help desk costs and improve service management productivity 02 December, 2008 15:15:00
AARNet Helps to Advance Indigenous Health 02 December, 2008 12:44:00
Orbis selects Telstra International as its data centre partner for the UK, Europe and Middle East Region 02 December, 2008 11:23:00
ComOps Deploys Corporate Performance Reporting Solution For Healthcare Test Manufacturer 02 December, 2008 10:09:00
Mornington Peninsula Shire implements Objective to manage knowledge and deliver service excellence 02 December, 2008 09:56:00
|
||
|
||
|
|
||
|
How to improve employee productivity in small and medium businesses
U.S. businesses lose 5.4 billion productive hours through employees searching for information annually. Avoid the same inefficiencies occurring in your business. Read on to discover the productivity issues facing SMBs and how the Oracle Application Express (APEX) can improve employee productivity and enhance development efficiencies.
Buying Guides
Buying Guides
