Full disk encryption on a SSD?

Five_Star

Five_Star

Five_Star

Associate
Joined
20 Oct 2002
Posts
1,127
Location
Redcar
I’m currently running a 500GB SATA drive in my works laptop, it’s fully encrypted with Windows 7 BitLocker. I want to up the pace and get a SSD for my boot disk, probably the 80GB Intel as any much more than that won’t get the OK by the boss.

Does BitLocker or any type of full disk encryption degrade SSDs, does it affect the lifespan of the disk at all?

I must have full disk encryption on to satisfy the security policy for laptops so I need a SSD that can work well with it.
 
I've got the 160GB intel in my laptop encrypted using truecrypt whole drive encryption but only on the OS partition.

I read that having the entire drive encrypted does cause problems as wear levelling doesn't work as well since it thinks the entire drive is full. The solution is to have a smaller OS partition and only encrypt that fully. I've got a second partition with selected folders encrypted (using EFS) so it still leaves plenty of drive space unencrypted.
 
Thanks, I guess I'm worrying too much about the drive wear as its a business expense so will be written off in 2-3 years. I guess nobody has usage projections for SSDs yet as they are so new?

I'd still like to think somebody is running Windows 7 ultimate with an SSD and using BitLocker?
 
Ooh, this could be interesting :).

We encrypt our laptops with Guardian Edge (but might change to BitLocker on Win7), and funnily enough encrypting a 5400RPM HDD slows it right down.... but the laptops don't need much local storage, and an SSD would speed them right up....

<Subscribes)
 
wow I wasn't expecting a response from the Microsoft Windows Client Team. I know how to use Bit Locker already I guess I'll have to watch the vid to see if it explains in detail if it affects a) the performance of the SSD and b) encrypting the drive fully reduces its life expectancy.
 
Well that video was fairly useless, all it told me was to configure BitLocker using group policy :confused: no mention of BitLockers performance :rolleyes:

Doing a wider search last night I did find some technical benchmarks and the news isn't great. This guy did a test with Utimaco Safeguard Enterprise on a Intel x-25 160GB and it was dog slow http://www.madshrimps.be/?action=getarticle&articID=965 I couldn't find anything conclusive though for BitLocker which is what I need to use.

If the SSD is going to be no faster than my current SATA laptop disk I'll just stick with that and save my budget allocation.
 
Maybe try a hardware encrypted disk? Seagate do them, should be a bit nippier than software based encryption.
 
No idea on BitLockers performance but with truecrypt my ssd is still a lot faster than the original 5400rpm drive. Made a massive difference for me.
 
It may be worth approching one of the review sites and asking if they've had any experience with bitlocker and ssd's. Even if they haven't they may test it for you, even seize the opportunity and write an article.
 
We're using Windows 7+ Bitlocker and also are trialing hardware encrypted SSDs. So far everything points in favour of SSDs giving the biggest performance boost, with software vs hardware encryption giving limited additional speed improvements.

My machine has now been in use for 2 years, and it's still fast when compared against a same spec machine but with traditional hard disk. I'm still happy with boot times, file loading etc. Disk size has yet to decrease by any significant amount, so assuming a 3year lifecycle things are looking good.

Those in our company who've been lucky enough to get SSDs (all new machines have SSDs now) report similar satisfaction with speed over time, and we've yet to encounter any issues with 'wear'.

We also use ofline folders wherever possible reducing the amount of data on the local machine, my machine has just 30GB SSD, yet is still only half used so this may have some positive effect.
 
Well from our laptop vendor the cost of the hardware encrypted SSD is the same as a standard SSD and includes necessary client side management application. If we want central management that'll add to the yearly IT budget, but the cost is no worse than licensing costs from competing software encryption vendors. Overll the decision to take the hardware encrypting SSDs was a no brainer cost wise, even if we stick to using bitlocker.

We've also calculated the cost benefits of SSDs vs traditional disks in all laptops, and in the last round of pricing cuts from our vendor the prices switched from "either way" to "totally in favor of SSDs".
 
You must log in or register to reply here.
Back
Top Bottom