Current state of the art, encryption on ssd
Actually the points in focus are widely discussed in web.
However it is not easy to see what the current status is.
Sleek new computer came in. It is equipped with one ssd.
It is the boot disk with operating system on it. There won't be any additional
operating system on it.
No other internal disks are present. As soon as the usage of new comp will start the sensitive user data
will be stored on that ssd, apart from operating system, used software and non-sensitive
The question is if this is the only moment to carry out some measures of
protection / precaution in order to achieve the goal described below?
- be able to remove the sensitive data from ssd in unrecoverable fashion if
the comp should be resaled some day in the future
- prevent the sensitive data from being accessed by unathorized persons
if some day this comp should be in repair service
If possible the goal seeked by other methods than whole disk encryption.
The goal is also to have a solution with none negative impacts
to usage of the computer in all other aspects.
If the answer to question asked above is "yes" what are the necessary
measures to be made now?
Can the goal be achieved in 100 per cent reliable way?