ATA Secure Erase is part of the ATA ANSI specification and when implemented correctly, wipes the entire contents of a drive at the hardware level instead of through software tools. Software tools over-write data on hard drives and SSDs, often through multiple passes; the problem with SSDs is that such software over-writing tools cannot access all the storage areas on an SSD, leaving behind blocks of data in the service regions of the drive (examples: Bad Blocks, reserved Wear-Leveling Blocks, etc.)
When an ATA Secure Erase (SE) command is issued against a SSD’s built-in controller that properly supports it, the SSD controller resets all its storage cells as empty (releasing stored electrons) – thus restoring the SSD to factory default settings and write performance. When properly implemented, SE will process all storage regions including the protected service regions of the media.
Liberally copied from http://www.kingston.com/us/community/articledetail?ArticleId=10 [via archive.org], emphasis mine.
The problem is, that according to some that both support and proper implementation of ATA Secure Erase by the manufacturers are “lacking”.
This research paper from 2011 shows on half the SSDs tested the ATA secure erase failed to effectively destroy the data on the drive.
In that same research paper testing showed that maybe surprisingly to some, traditional multi-pass overwrites of the SSD were actually mostly successful, although still some data (possibly from those reserved area’s of an SSD that are outside the disks reported size) could be recovered.
So the short answer is: using software to sanitize a whole SSD may or may not be 100% effective.
It may still be sufficient for your requirements though.
Second, doing it on a server running production: My impression is that most manuals advise booting from a rescue disk to wipe disks for the simple reason that using software to wipe your boot/OS disk will fail miserably and most laptops and PC’s have only a single disk.
The universal risks of executing potentially (or rather intentional) destructive commands on production systems apply as well of course.
Encrypting your drives will make (partial) recovery of data from disposed disks (SSD’s or the spinning kind) much less likely. As long as the whole drive was encrypted and you didn’t have an un-encrypted (swap) partition on it of course.
Otherwise, these always the shredder.