A few months ago, the US Department of Health and Human Services defined a data breach as “a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.” Avoiding this means controlling network traffic, access to the device and applications, and protecting the data in storage.
Keeping track of the users secure data is the responsibility of the embedded RTOS and file system, and this includes utilizing the proper methods to remove data from the device. The same methods could be used on non-secure data, of course, but they usually have an added performance cost. Reliance Nitro works with the eMMC secure operations to provide these methods on only the appropriate data, resulting in the best possible performance. More about this in our white paper release this week.
For media that isn’t eMMC, security methods in the firmware don’t always exist. Another way to protect sensitive data is encryption. At the application level, specific data would be encrypted before being sent through the file system. As long as the decryption key isn’t accessible, the data can be considered safe.
If the application can’t be changed, the remaining option for security is some form of encryption. According to our recent survey, the majority of our contacts use a hardware encryption solution, though some of that may factor into network traffic as mentioned above. One alternative to a hardware solution is software encryption, which can be added as a layer between the file system and the block device. Reliance Nitro includes hooks to work with a software encryption layer, and the results are invisible to the application and user.
Take a deeper look at flash data security, and learn about secure NAND erase methods in our new whitepaper.