Presentation is loading. Please wait.

Presentation is loading. Please wait.

Recovering Data from Flash and SSD. Proprietary | Kroll Ontrack Your presenters today Jennifer Duits Sr. Marketing Specialist Kroll Ontrack, Inc. Steve.

Published byJulianna Ellwood Modified over 9 years ago

Similar presentations

Presentation on theme: "Recovering Data from Flash and SSD. Proprietary | Kroll Ontrack Your presenters today Jennifer Duits Sr. Marketing Specialist Kroll Ontrack, Inc. Steve."— Presentation transcript:

1 Recovering Data from Flash and SSD

2 Proprietary | Kroll Ontrack Your presenters today Jennifer Duits Sr. Marketing Specialist Kroll Ontrack, Inc. Steve Hruska Research & Development Engineer Kroll Ontrack, Inc. Teleconference information -------------------------------------------------------  1-866-579-8110  Participant Pass code: 381605 2

3 Proprietary | Kroll Ontrack Today We Will Discuss:  SSD Survey Results  HDD vs. Flash/SSD Technology  Flash/SSD Data Recovery  SSD Data Encryption  SSD Data Erasure  Summary/Q&A 3

4 SSD Survey

5 Proprietary | Kroll Ontrack SSD Customer Survey –August 2013 5

6 HDD vs Flash/SSD Technology

7 Proprietary | Kroll Ontrack Deliveries HDD vs. SSD 7 * Source: IHS iSuppli, January 2013 ** Source: Coughlin Associates, May 2012 in millions

8 Proprietary | Kroll Ontrack Hard Drive Internals 8  Spinning hard drives look like a record player with one or more disks (platters) and a read/write head on each side of each platter.  Hard drives store data by magnetizing parts of the disks and store data sequentially.  A cleanroom environment is necessary in the majority of recoveries. Microscope view of magnetized bits on a platter Data Servotracks + ECC

9 Proprietary | Kroll Ontrack HDD Roadmap – HDD GAP Performance Increase: »CPU 8-10x »DRAM 7-9x »Network 100x »Bus 20x Capacity Roadmap: »Heat Assisted Magnetic Recording (HAMR) »Bit Patterned Media (BPM) »Shingled Magnetic Recording (SMR) 9 Performance GAP: Disk Drive 1.2x

10 Proprietary | Kroll Ontrack Solid State Drive - SSD

11 Proprietary | Kroll Ontrack Solid State Drive Internals 11  Solid State Drives have no moving parts.  The data is not stored sequentially on the chips so the engineer must re-assemble the data, similar to a Raid recovery. Connector Controller Chip Memory Chips Memory Chips Removed

12 Proprietary | Kroll Ontrack Memory Chips - Blocks - Pages 12 = Page [smallest Unit] 4 KB or 8 KB Block [128 Pages = 1 Block] Possible status: > free > filled with data  marked for deletion  bad Smallest Unit to delete! Memory-Chip [ n Blocks = 1 Chip ] 0 n

13 Proprietary | Kroll Ontrack NAND-Flash Type 13  SLC = Single Level Cell: Highest endurance; Highest performance; Most expensive  MLC = Multi Level Cell: Moderate cost; Read intense apps; Web server  eMLC = Enterprise MLC: Lowered wear rates at moderate cost; Database apps  TLC = Triple Level Cell: Low cost; High density; Consumer Electronics Source: SAMSUNG

14 Proprietary | Kroll Ontrack HDD vs SSD Manufacturers: HDD Graphic Source: Chris Ritter, Buzzfeed.com 14

15 Proprietary | Kroll Ontrack SSD Manufacturers 15 Six NAND Manufacturers but > 200 SSD Manufacturers SSD is easy to build: Controller, NAND, Firmware,…

16 Proprietary | Kroll Ontrack Realities of SSDs  SSDs and HDDs are equally reliable »Susceptible to different types of failures »Limited time for testing SSDs for Mean Time Between Failures (MTBF)  SSDs work well in a hybrid data storage environment »Adds speed for commonly accessed data  SSDs and HDDs measure endurance differently »SSDs increase in endurance when used for low-write processes  SSD data recoveries are more complex »Inconsistent standards between manufacturers 16

17 SSD Data Recovery

18 Proprietary | Kroll Ontrack Types of HDD Failures

19 Proprietary | Kroll Ontrack Types of Flash/SSD Failures 19

20 Proprietary | Kroll Ontrack Types of Flash/SSD Failures  User Error/Environmental Influences »Fire/Water Damage »Broken Connector/Physical Damage »Deleted Data »Virus  Electronics Component Failure »Flash Controller »Flash NAND Memory Chip »Component Failure  System Area Corruption »Erased/Corrupted Mapping Table »Erased/Corrupted Firmware 20

21 Proprietary | Kroll Ontrack Rise of SSD Deliveries and SSD Recoveries 21 SSD Drives Shipped Source: IHS iSuppli, January 2013 HDD Drives Shipped Source: Coughlin Associates, May 2012

22 Proprietary | Kroll Ontrack SSD Recovery Challenges 22 What?Why? Software/Hardware Proprietary ToolsOnly a few tools are on the market -new tools are constantly in development Time ConsumingNeed to research the algorithms used to originally store the data Wear leveling (balances usage evenly across all disk sectors) Creates added complexity when piecing the data back together – we see a lot of duplicate files RAID-like configuration Individual memory chips on devices make data less contiguous and difficult to piece back together Lack of standardized configurations Many recovery jobs bring new challenges and new algorithms

23 SSD Data Encryption

24 Proprietary | Kroll Ontrack Types of Encryption 24 Type of EncryptionRisks and Opportunities Software Encryption (eg. BitLocker, Pointsec, etc.) The master key is in your hands – even when a data recovery from a physically damaged hard disk is necessary the use of the key, password or pass-phrase guarantees access to your stored data. Hardware Encryption or Self- encrypted Drive (SED) The device holds the key to the encrypted data on your drive. The data is stored encrypted by default.

25 Data Erasure for SSD

26 Proprietary | Kroll Ontrack SSD Data Erasure Study Research from UCSD shows that techniques designed for erasing hard drives such as overwriting and using built-in secure erase commands are unreliable when used on SSDs and sometimes results in all the data remaining intact. Individual file erasure techniques all failed and left at least 10MB of a 1000MB file 26

27 Proprietary | Kroll Ontrack The Challenges of Data Erasure Retired Block:  One bad cell can make a block become retired  One Block has 128 pages  1 page 4 or 8 KB 27

28 Proprietary | Kroll Ontrack Data Erasure Techniques 28 Secure data erasure is at a very critical point with SSDs. Erase MethodSecurity Issues Erase SoftwareMay not completely erase SSD -Bad blocks, firmware, smart data not erased “Secure Erase Function” or “Enhanced Secure Erase Function” Secure-but not supported by all Flash controllers Physical DestructionSecure via shredding. Cannot re-use the drive Cryptographical EraseEncryption needs to be set up before data is written on the drive

29 Proprietary | Kroll Ontrack Recommendations for Data Erasure Our Recommendations for erasing sensitive data:  Use encryption on your SSD from day 1  Delete the remaining data with cryptographic erase by deleting the encryption key.  Employ multiple erase methods for encrypted drives  Overwriting + Secure Erase + Cryptographic (SED)  Use physical destruction  Shredding  If you want to be sure your data is erased – use Kroll Ontrack’s Erasure Verification Service 29

30 How Is Kroll Ontrack Overcoming Data Recovery Challenges?

31 Proprietary | Kroll Ontrack Staying Ahead Of The Curve  R&D team fully dedicated to advancing our capabilities.  Just In Time (JIT) development team available for customized software development and tools when needed.  Long-standing relationships with leading data storage manufacturers. 31

32 What Should You Take Away From Today’s Webinar?

33 Proprietary | Kroll Ontrack Summary 33  SSD technology will continue to grow. »Choose your technology wisely… Do your research for your needs  No matter how good or safe a technology is data loss can always happen.  Be prepared and make data recovery a part of your disaster recovery plan. »Chose your data recovery provider carefully –Availability 24/7/365 –Possibility of just-in-time development of client-built tools –Do they provide R&D –What about data safety and data protection Don’t forget to back up your data regularly!

34 Proprietary | Kroll Ontrack Kroll Ontrack – Worldwide Reach 34 EMEA UK France Germany Italy Norway Poland Netherlands NORTH AMERICA Los Angeles Minneapolis Washington DC New York City Toronto APAC Singapore Hong Kong Japan Australia

35 Proprietary | Kroll Ontrack Thank you for your interest! What questions do you have? Peter Magnuson Key Account Manager 952.516.3527 www.krollontrack.com Follow us on : http://www.thedatarecoveryblog.com/ 35

Download ppt "Recovering Data from Flash and SSD. Proprietary | Kroll Ontrack Your presenters today Jennifer Duits Sr. Marketing Specialist Kroll Ontrack, Inc. Steve."

Similar presentations

Chapter 13: I/O Systems I/O Hardware Application I/O Interface

Chapter 13: I/O Systems I/O Hardware Application I/O Interface
Exit a Customer Chapter 8. Exit a Customer 8-2 Objectives Perform exit summary process consisting of the following steps: Review service records Close.

Exit a Customer Chapter 8. Exit a Customer 8-2 Objectives Perform exit summary process consisting of the following steps: Review service records Close.
Create an Application Title 1A - Adult Chapter 3.

Create an Application Title 1A - Adult Chapter 3.
1 DDS Xpress Digital Data Storage Solution. 2 Long-term Goal Legacy Telecoms switches are still operational Expected lifespan at least another 10 years.

1 DDS Xpress Digital Data Storage Solution. 2 Long-term Goal Legacy Telecoms switches are still operational Expected lifespan at least another 10 years.
© SafeNet Confidential and Proprietary Administering SafeNet StorageSecure Smart Card Module 3: Lesson 5 SafeNet StorageSecure Storage Security Course.

© SafeNet Confidential and Proprietary Administering SafeNet StorageSecure Smart Card Module 3: Lesson 5 SafeNet StorageSecure Storage Security Course.
Our Digital World Second Edition

Our Digital World Second Edition
IT253: Computer Organization

IT253: Computer Organization
Configuration management

Configuration management
Storing Data: Disk Organization and I/O

Storing Data: Disk Organization and I/O
88 CHAPTER SECONDARY STORAGE. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 8-2 Competencies Distinguish between primary & secondary storage.

88 CHAPTER SECONDARY STORAGE. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 8-2 Competencies Distinguish between primary & secondary storage.
1 RAID Overview 91.560. 2 n Computing speeds double every 3 years n Disk speeds cant keep up n Data needs higher MTBF than any component in system n IO.

1 RAID Overview n Computing speeds double every 3 years n Disk speeds cant keep up n Data needs higher MTBF than any component in system n IO.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Hard Disk Drives Chapter 7.

Hard Disk Drives Chapter 7.
4.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 4: Organizing a Disk for Data.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 4: Organizing a Disk for Data.
Your Interactive Guide to the Digital World Discovering Computers 2012.

Your Interactive Guide to the Digital World Discovering Computers 2012.
RAID Oh yes Whats RAID? Redundant Array (of) Independent Disks. A scheme involving multiple disks which replicates data across multiple drives. Methods.

RAID Oh yes Whats RAID? Redundant Array (of) Independent Disks. A scheme involving multiple disks which replicates data across multiple drives. Methods.
Living in a Digital World Discovering Computers 2010.

Living in a Digital World Discovering Computers 2010.
Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Secondary Storage Chapter 7.

Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Secondary Storage Chapter 7.
Mehdi Naghavi naghavi@iust.ac.ir naghavi@aut.ac.ir Spring 1386 Operating Systems Mehdi Naghavi naghavi@iust.ac.ir naghavi@aut.ac.ir Spring 1386.

Mehdi Naghavi Spring 1386 Operating Systems Mehdi Naghavi Spring 1386.
Solid State Drive. Advantages Reliability in portable environments and no noise No moving parts Faster start up Does not need spin up Extremely low.

Solid State Drive. Advantages Reliability in portable environments and no noise No moving parts Faster start up Does not need spin up Extremely low.

Similar presentations

Ads by Google