A financial services company is decommissioning several servers that were used to process and store customer financial records and Personally Identifiable Information (PII). The company's data retention policy no longer requires the data to be kept. Management has mandated that the data must be destroyed in a way that provides the highest level of assurance against data recovery. Which of the following methods should the administrator use for the hard drives?
Physically shred the hard drives.
Reformat the hard drives and repurpose them in a test environment.
The correct answer is to physically shred the hard drives. For highly sensitive data such as PII and financial records, physical destruction provides the highest level of assurance that the data is completely irrecoverable. According to NIST SP 800-88, the 'Destroy' method, which includes shredding, pulverizing, or incinerating, renders data recovery impossible.
Degaussing, which uses a powerful magnetic field, is a valid data destruction method for magnetic media like traditional Hard Disk Drives (HDDs), but it is completely ineffective on Solid-State Drives (SSDs) which do not store data magnetically. Since a server environment may contain SSDs, relying on degaussing alone is a risk. Performing a multipass wipe is a data sanitization technique, but it does not provide the same level of certainty as physical destruction and may not be considered sufficient for the highest level of security. Reformatting and repurposing the drives is entirely inappropriate for this scenario as reformatting does not securely erase data, leaving it vulnerable to recovery.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is physically shredding hard drives the most secure method for data destruction?
Open an interactive chat with Bash
What is the limitation of degaussing when destroying hard drives?
Open an interactive chat with Bash
Why is a multipass wipe not sufficient for the highest level of data destruction assurance?