When it comes to mobile security, no consideration is more important than data storage. Sure, viruses and malware can infect operating systems, forcing you to invest time and energy into flattening and rebuilding systems after a breach. Or people could steal physical computers, leaving you with the expense and hassle of replacing the system. But in almost every organization’s digital cache, the real value is their data — personal details, trade secrets, privileged information and private communications — and the risk of that data falling into the wrong hands far surpasses any other concern in mobile security.
Keeping your data secured on all fronts can be difficult, but solid state drives (SSDs), with their inherent performance advantages, can make this task easier and more efficient by supporting encryption.
Why encryption is essential to data security
The central tenet of storage security is encryption. Many organizations assume that a device containing sensitive data will be lost or stolen at some point. The key, then, isn’t to focus all of your resources on keeping track of physical devices or the components of their drives; it’s to protect the actual data stored on them. Indeed, lost or compromised data can be far more costly than a lost computer.
Encryption is the process of obscuring data by running it through complex mathematical formulas. A secret phrase, called a key, is then required to undo that process and restore the original version of the data. That way, even if the storage device where the data resides is lost or stolen, the data cannot be read — at least, not without that key.
There’s definitely much more to the math behind encryption, including how many passes are made through the encryption scheme, how long the key is and more. As encryption grows more complex, it becomes more intensive from both a read/write perspective and a processor usage standpoint, which can bog down a computer’s processing. This is where the native speed advantage of SSDs comes in. The faster that data can be put into or pulled from the drive, the faster the calculations involved in the encryption/decryption process can occur.
Prepare for your storage upgrade
Which form factors and interfaces make the most sense for your company's storage needs? Download Now
SSDs and encryption: security and speed
Encryption can be achieved in two ways. One is through software, where the computer’s main processor does the math to perform the decryption and encryption. The other involves, in essence, delegating the encryption to the drive hardware so that the storage device itself handles the math. The drive then presents the host CPU and memory with fresh decrypted data so that there is no “performance tax,” or lag, on the main system components.
Samsung’s server-class SSDs contain options for full disk encryption within the hardware, making enterprise data security as simple as clicking a box and providing a key. Typically, this involves the drive storing a copy of the decryption key in a protected area within the drive controller circuitry itself and then encrypting that key with another key that’s provided at boot time by the user, like a multifactor PIN or passcode.
What happens if there’s a break-in and computers are stolen? Would your information be protected? With hardware encryption, as long as the user-held key is not provided at boot time, the information would be secure.
Remaining secure without being slow
Doesn’t encryption slow things down? The math behind encryption does require resources, and the more data you have, the faster your drive needs to read and write, which requires more involved math. This effect is often particularly noticeable on legacy spinning media. Solid state media’s faster performance helps to mitigate the impact of the encryption “performance penalty” so users can remain productive and rest assured that the sensitive data they’re using will remain secure at all times.