Solid State Drives (SSD) are the future, and they’ll one day replace Hard Disk Drives (HDD) as the default hardware for storing files on computers. Now, some of these SSDs support hardware encryption, but there’s a problem.
Vulnerabilities in hardware encryption of Self-encrypting drives
According to the latest report, SSDs that support hardware encryption might not be that safe. However, we should point out that Microsoft is aware of the problem and has since come up with a workaround. For the time being, Microsoft suggests using the software-based encryption method provided by BitLocker Drive Encryption.
We understand that by default, BitLocker Drive Encryption manages hardware encryption. But since there’s a problem, Windows 10 users can create a Group Policy to force software encryption.
Windows 10 will only do this only when BitLocker is activated, according to the software giant.
Now, for those who want to check the type of drive encryption that is in use, follow the steps below:
- Run ‘manage-bde.exe -status’ from an elevated command prompt.
- If none of the drives listed report “Hardware Encryption” for the Encryption Method field, then this device is using software encryption and is not affected by vulnerabilities associated with self-encrypting drive encryption.
If the drive you’re using has hardware-based encryption and is affected, you can mitigate by doing the following:
- Configure and deploy a Group Policy to enable forced software encryption.
- Fully turn off BitLocker to decrypt the drive.
- Enable BitLocker again.
Bear in mind that there’s no need to reformat your drive or to reinstall any of your programs after enabling BitLocker software encryption.
You can read the full report on Microsoft.com.