Understanding NAND-Based Secure Data Removal
It’s important to talk about the vital process of securely removing data, specifically from NAND-based media. Secure erase isn’t the only way to protect your embedded device data, but it is one of the most effective. Encryption and encoding are also good tools to use for secure data at rest. However, when a design falls into the wrong hands, these methods are insufficient to protect that data forever – it is better to have the data removed when it is no longer required. There is no lasting security through obscurity.
The truth is that with securely erasing NAND-based media, things are not like they were in the past with older media. This is simply a more challenging process than with older magnetic designs. Ultimately, removing secure data is a process of connected steps, and the best designs involve information from the flash media, file system, and application vendors.
In this blog post I’d like to describe in more detail some of the steps taken to securely remove data