I'm currently using an old HP server to handle the erasure of hard drives with O&O SafeErase, but I've found the reporting features lacking. This issue came up during our last ISO 27001 audit, which has led us to seek better alternatives that not only safely wipe disks but also provide comprehensive reports. I'm looking for suggestions on effective solutions you've implemented for this purpose.
5 Answers
For HDD erasure, we typically use Parted Magic as well, but when it comes to data security, we just go straight for physical destruction of the drives. It's a guaranteed way to ensure data can't be recovered.
If you're using desktops, you might want to try Parted Magic for your erasure needs. It can boot into a lightweight Linux environment and offers erase options with a basic reporting feature. While the report is a bit basic, it includes the device and disk serial numbers, which can help with compliance documentation.
We use KillDisk, which runs multiple passes and includes verification checks. The best part is it generates a report and even prints a label for each wiped drive that we can show to auditors. Just keep in mind, I don’t have a solution for physical destruction yet, so we've kind of accumulated a pile of old disks!
Sending disks to a certified shredder is the way to go for peace of mind and compliance.
The most foolproof method is to send your drives off for shredding. Some companies even provide video confirmation of the destruction process, which adds a layer of assurance. It's by far the safest choice to ensure compliance.
Watching the shredding process in action is quite memorable! I once saw all our decommissioned drives fall into the shredder – quite a show!
While shredding is effective, it can be wasteful. Sometimes I wish we could repurpose old drives instead of destroying them completely.
Thanks for the tip! It turns out another department in our organization is already using Blancco's Drive Eraser, so I might check that out as a potential solution.