A systems administrator is decommissioning a server that contained sensitive financial records subject to strict regulatory compliance. The company's policy requires that the hard disk drives (HDDs) be physically destroyed to make data recovery impossible. Which of the following methods provides the HIGHEST level of security for media destruction?
Performing a cryptographic erase on the drives.
Shredding the drives into fine particles using a certified industrial shredder.
Drilling multiple holes through the drive platters and chassis.
Degaussing the drives to erase the magnetic field.
The correct answer is to shred the drives using a certified industrial shredder. This method physically destroys the drive platters into small, irrecoverable fragments, providing the highest level of security and ensuring compliance with strict data destruction policies. NIST SP 800-88 Rev. 1 categorizes shredding as a 'Destroy' method, designed to completely destroy the media.
Degaussing is a 'Purge' method that erases data on magnetic media but is ineffective on Solid-State Drives (SSDs) and is not considered physical destruction. Drilling holes in the platters physically damages the drive, but data recovery may still be possible from the remaining platter fragments by a determined attacker. A cryptographic erase is a sanitization method that makes data unreadable by erasing the encryption key; it is not a form of physical destruction and its effectiveness depends on the integrity of the initial encryption implementation.