When tasked with collecting data from multiple storage drives, keep in mind that devices exist which can image multiple drives simultaneously. A forensic imaging device such as the ICS-JMR's RRoadMASSter-3 X2 Forensic Hard Drive Acquisition/Duplicator/Analysis Lab, or Media Clone's SuperImager Plus Desktop NVME Gen-3 can image multiple drives at the same time.

These devices should support the following operations:

1. Create forensic images of multiple drives saved on to one single drive used to collect data.

2. Wipe drives using protocols such as the Department of Defense's 5220.22-M standard (see the Tip of the Night for February 26, 2016), or Secure Erase standard (see the Tip of the Night for February 28, 2016).

3. Encrypt data using AES-256 encryption. See the Tip of the Night for May 13, 2017.

4. Hash collected files using the SHA-1 and MD-5 algorithms.

5. Capture cell phone data.

6. Analyze the data using common forensic software from industry leaders like Encase, NUIX, and FTK.

7. Run parallel operations on USB and SATA ports. A Serial ATA port connects a drive to the motherboard. See the Tip of the Night for January 22, 2016.

8. Operate in write block mode to allow read only access to collected data.

9. Run a keyword search of the source data.

10. Capture data from the source drive sector by sector (for a discussion of sectors see the Tip of the Night for October 31, 2015), or only capture allocated space on a drive.

NVMe (nonvolatile memory express) ports on a forensic imaging device will allow for the fastest access to solid state drives.