DMA Protection on Surface devices

Direct Memory Access (DMA) protection is designed to mitigate potential security vulnerabilities associated with using removable SSDs or external storage devices. Newer Surface devices come with DMA Protection enabled by default. These include Surface Laptop Studio 2, Surface Go 4, Surface Laptop Go 3, Surface Pro 9, Surface Pro 9 with 5G, Surface Pro 8, Surface Laptop Studio, Surface Go 3, Surface Laptop SE, Surface Pro 7+, Surface Pro 7, Surface Laptop 3, Surface Laptop 4, Surface Laptop 5, and Surface Pro X. To check the presence of DMA protection feature on your device, open System Information (Start > msinfo32.exe), as shown in the figure below.

System information showing DMA Protection enabled.

If a Surface removable SSD is tampered with, the device will shut off power. The resulting reboot causes UEFI to wipe memory, to erase any residual data.