oROEchimaru
Supreme [H]ardness
- Joined
- Jun 1, 2004
- Messages
- 4,662
Hello, I am reviewing our encryption policies and want to review "every sector" vs "data only" for ssds.
The theory is that sectors need to be free for optimal SSD usage and that "Every sector would lead to problems". My concern is "data only" which appears to be a recommended setting for SSDs.
My concern is:
a. if you delete files, do those sectors remain encrypted? If not, does the "data only" mode propose a risk to recovery by apps like recuva or do the sectors stay encrypted?
b. similar to the first, if you formatted, would the "data only" sectors that had been deleted by a user (deleted documents for instance, temp files cleaned by ccleaner etc) would this also be recoverable?
If the data was fresh/never written to i'm ok with it not being encrypted. However my concern is as the sectors get free'd by the o/s (vm/pagefile changes, files are deleted, recycling bin, files are moved etc) does the encryption software keep the former sectors encrypted or does it free them up?
c. I think as long as data stays encrypted once deleted its fine EXCEPT if the ssd was already deployed and active in the environment and data was deleted by a user. Once encryption began those sectors would not get encryption and would still pose a risk to recovery.
The theory is that sectors need to be free for optimal SSD usage and that "Every sector would lead to problems". My concern is "data only" which appears to be a recommended setting for SSDs.
My concern is:
a. if you delete files, do those sectors remain encrypted? If not, does the "data only" mode propose a risk to recovery by apps like recuva or do the sectors stay encrypted?
b. similar to the first, if you formatted, would the "data only" sectors that had been deleted by a user (deleted documents for instance, temp files cleaned by ccleaner etc) would this also be recoverable?
If the data was fresh/never written to i'm ok with it not being encrypted. However my concern is as the sectors get free'd by the o/s (vm/pagefile changes, files are deleted, recycling bin, files are moved etc) does the encryption software keep the former sectors encrypted or does it free them up?
c. I think as long as data stays encrypted once deleted its fine EXCEPT if the ssd was already deployed and active in the environment and data was deleted by a user. Once encryption began those sectors would not get encryption and would still pose a risk to recovery.
Last edited: