Why Data Sanitation Matters

By Floyd GoodrichMarch 26, 2017

The word “sanitize” usually refers to the cleanup of unwanted elements. However, “sanitize” in data sanitization, is used as a term that defines a cleaning process by which data is securely removed from a storage device to a point where reconstruction of the data isn't possible by any forensic means.

In this era securing sensitive information is critically important, even when the storage device completes its life cycle. This is why ensuring complete removal of the data from a memory device is extremely crucial. There are various storage devices that offer effective ways to perform a comprehensive drive erase, such as Micron's SSD, which completes the sanitization process securely at much faster speeds compared to the traditional HDD storage.

Benefits of SSDs Over HDDs in Data Sanitization

Conventionally, the followed method to permanently remove data from a magnetic media such as a HDD was like overwriting the existing data with a set pattern of “all 0’s”. Nevertheless, this process can be time-consuming and expensive. The erase operation can also prove to be inefficient and counterproductive in making the data totally unrecoverable.

Unlike HDDs, there isn’t any overwrite command in the NAND flash storage that is present in almost all SSDs. NAND flash memory is unique, as in when a particular element is stored in an SSD, the data has to first go through a discrete ERASE command and then only the WRITE instruction can be executed at the physical location.

Micron SSDs provide fast, secure, and effective means to eliminate the entire data from a flash drive without incessantly filling and erasing the storage drive. The SANITIZE command, when implemented in caps, ascribes to the specifications of ATA Command Set (ACS) that starts the data sanitization process on the SSD.

Use of the Legacy Security Erase Command to Completely Erase the Data on an SSD

There’s another way to fully remove the contents of an SSD using the traditional Security Erase command. The legacy Security Erase command is a part of the older ATA spec and is the most preferred practice to erase data from older SSD versions that support the SATA 3.0 specifications. The newer SSD variants such as SATA 3.1, however, register both Security Erase and SANITIZE commands.

Micron, as advised in the published interface standard of the ATA Command Set accessible at t13.org, advocates implementation of the SECURITY ERASE PREPARE command prior to the SECURITY ERASE UNIT command before proceeding with Security Erase operation on SSDs.

Command Execution to Perform Data Sanitization on SSDs

The sanitization process — regardless of whether the SANITIZE BLOCK ERASE command or the conventional SECURITY ERASE UNIT command is being used — is identical on the drive. The proprietary firmware of Micron notifies the SSD controller to convey a BLOCK ERASE instruction to all NAND devices on the storage drive along with the space allocated for retired blocks and over provisioning, which is practically inaccessible by the user or the host computer.

The SSD controller, in cases where the data sanitization process is started by a host computer, simultaneously sanitizes the NAND FLASH components as per specifications under maximum rated power consumption of the SSD. The SANITIZE BLOCK ERASE and the SECURITY ERASE UNIT command, due to this parallel mechanism, can accomplish data sanitization at great speeds, typically within a minute on Micron SSDs.

How Secure Is Data Sanitization on Micron SSDs?

As detected by some scientists and engineers, there are chances of stray electron footprints in the NAND cells even after a data sanitization process has been undertaken. Micron accepts this possibility, but since the Block Erase process, especially on Micron SSDs, upraises each NAND cell to a similar erase voltage; it is somewhat impossible to recover data based on stray leftover signals.

Moreover, the SANITIZE process is secure, unlike a disk write, which can be interrupted in between. A power outage can momentarily pause the sanitization process but the operation automatically resumes when the connection is reinstated. The SSD, during this process, stops communicating with the host computer till the sanitization of data is successfully completed.

Micron, a global leader in storage and memory solutions, acknowledges the criticality and privacy of sensitive, high-security data. In order to assist its customers with permanent, secure sanitization, the company has collaborated with third-party security companies to ensure irretrievable data sanitization per the ATA Command Set specifications.