The question, “Where’s my data?” is a common one. When the answer is on a USB drive, this makes sensitive data more vulnerable. As Security Today1 points out, “Do a simple Google search on data loss involving non-encrypted USBs and you will see numerous examples of organizations that did not have a solid plan in place and what the legal, financial and reputational consequences [were].”
The good news is there is a way to protect the data and the agency it belongs to by choosing a self-encrypting solid state drive (SSD), which is still portable like a simple thumb drive, but far more reliable.
What is encryption and how does it work?
Encryption is the process of taking data and scrambling or encoding it so it can only be read by those who are authorized to do so. This is crucial because when it comes to portable SSDs or any portable drives, there’s always a chance that the drive might get lost or stolen. However, if the drive is encrypted the data is less likely to fall into the wrong hands. With government data this is especially important, as it can have greater implications than in the private sector.
How over-provisioning SSDs impacts performance
Get your free white paper on how over-provisioning of SSDs can improve memory performance. Download Now
Many storage offerings use software encryption as their security feature. Software encryption scrambles the data as it’s written to the storage device, creating a key to lock it down. The key can then “unlock” or unscramble the data so the user can read it. The encryption happens via the system’s main central processing unit (CPU), and the protected data is stored in the memory of the system itself. The problem with this type of encryption is that hackers, or anyone with enough patience and the right tools, can simply keep trying different keys until the data is unlocked. Better software encryption uses more than one key. This is often called public key encryption.
Either way, there is room for error because humans are in charge of the keys. A key stored on the same system as the encrypted drive is going to be easily discovered and used. Humans also have to remember to actually encrypt the file or drive, and when you’re rushed for time, this simple step could be overlooked.
The benefits of hardware-based self-encryption
Hardware-based encryption is quite different from software-based encryption, as the data encryption and key management happen on the drive itself at the hardware layer. For example, the Samsung 980 and 980 PRO both ship with built-in hardware-level 256-bit advanced encryption standard (AES) encryption. This means the encryption keys are built into the drive controller rather than its system memory. The technology ensures that hardware encryption is always on once it is enabled, and both the data encryption and user authentication are performed in the high security of the drive controller. It also protects the device against brute-force hacking, where attackers keep trying random keys to decrypt the data.
Another benefit of hardware encryption is speed. Software encryption can slow down a system’s processor speed because it has to take the time to encrypt and decrypt data. This can lead to users skipping the step completely to ensure faster loading and data access. In an agency that’s constantly facing deadlines, this can mean the difference between getting work done on time and having to stay late.
Combining hardware-based encryption with self-encryption — two features on the Samsung 980 and 980 PRO — ensures that every bit of data written to the drive is encrypted automatically into the drive controller. Drives are secure, and users and their agencies don’t have to worry about user error or data loss.
To learn more about Samsung’s self-encrypting SSDs, check out this article about how secure data transfer and storage are top priorities in the public sector — and find out how SSDs solve government challenges in this free white paper.
1 “Encrypt Your Flash Drive” September 3, 2020.