What should a financial institution primarily employ to ensure the data on decommissioned servers stays irretrievable?

The correct approach for ensuring that data on decommissioned servers remains irretrievable involves a sanitization process that includes multiple passes of overwriting and degaussing. This method ensures that any data that was previously stored on the servers is thoroughly and effectively removed.

Multiple passes of overwriting serve to replace the original data with garbage data, making it difficult or impossible to recover the original information. The practice of degaussing involves demagnetizing the storage media, which disrupts the magnetic fields that hold the data, further ensuring that the information cannot be retrieved. Both techniques work in tandem to provide a high level of assurance that sensitive data, such as financial information, is permanently destroyed and cannot be accessed by any means.

While other methods may provide some level of security, they do not offer the same level of thoroughness as the sanitization process that includes multiple overwriting passes and degaussing. For instance, physical destruction of the servers, although effective, can be resource-intensive and may not be necessary if the sanitization can effectively ensure data irretrievability. Other options, such as backing up data to external storage or storing servers in a secure location, do not address the primary concern of making existing data irretrievable from decommissioned