The short answer:
Software erasure (NIST 800-88) is sufficient for most functional drives and provides the best value recovery. Physical shredding is required when drives are non-functional, when sector standards mandate it, or when erasure cannot be verified. Degaussing destroys HDDs and magnetic tape but has no effect on SSDs — it should never be used as a sole method for modern storage unless combined with physical destruction. All three methods can be GDPR-compliant when accompanied by individually serialised certificates.
This page compares each method across six evaluation criteria. It follows our published review methodology. We are an ITAD provider with a commercial interest in the outcome — we disclose this and include honest cases where a given method, including options we do not primarily offer, is the right fit.
Page details
Last reviewed: 20 April 2026
Methodology: 7-step framework
Bias disclosure: TFix offers erasure and shredding. We do not offer standalone degaussing.
Jump to ScoresThis comparison applies to UK organisations disposing of enterprise IT equipment (servers, desktops, laptops, external storage, mixed HDD/SSD estates). It assumes GDPR applies and that audit-ready documentation is required.
Overwrites all data blocks using a certified algorithm (NIST 800-88 Rev.1, HMG IS5, Blancco). Drive remains physically intact and can re-enter use or resale. Generates a per-device certificate of sanitisation.
Supports: HDDs, functional SSDs, USB drives
Does not support: Failed/non-readable media, encrypted SSDs with uncertain key state
Drive is mechanically destroyed to a defined particle size (typically 6mm or smaller for BS EN 15713 compliance). Media cannot be reused. Generates a certificate of destruction with device serial numbers.
Supports: All storage media types including SSDs, HDDs, mobile devices, tapes, optical
Does not support: Any recovery of asset value
Applies a high-intensity magnetic field to erase magnetic media. Destroys the drive's servo tracks, rendering it permanently non-functional. Only effective on magnetic storage.
Supports: HDDs, LTO tape, floppy disks
Does not support: SSDs, USB sticks, optical discs — has no effect on NAND flash
Scores are 1 (poor fit) to 5 (strong fit) for a UK enterprise organisation with a mixed HDD/SSD estate, GDPR obligations, and an audit requirement. Methodology here.
| Criterion | Software Erasure | Physical Shredding | Degaussing |
|---|---|---|---|
| Security Assurance | 4/5 Verified, serialised certs. Requires functional media. | 5/5 Irreversible physical destruction. Highest assurance. | 2/5 Ineffective on SSDs. Cannot confirm success without verification. |
| Regulatory Compliance | 5/5 NIST 800-88, GDPR, ISO 27001 — fully compliant with certs. | 5/5 BS EN 15713, GDPR — accepted in all regulated sectors. | 3/5 Compliant for magnetic media only. Mixed estates require supplementary method. |
| Logistics Complexity | 5/5 Can be done on-site or at secure facility. Minimal handling. | 4/5 Requires transport to shredding facility or mobile shredder. Manageable. | 3/5 Specialist equipment required. Often needs facility-based processing. |
| Speed & Scheduling | 4/5 Parallel processing across multiple drives. Hours to days for large estates. | 5/5 Fast throughput. Entire estate can be processed in a single session. | 3/5 Drive-by-drive processing. Slow for large volumes. |
| Documentation Outputs | 5/5 Per-device certificate with serial number, algorithm, pass/fail status. | 5/5 Certificate of destruction with serial numbers and destruction date. | 3/5 Batch certificates common. Per-device tracking varies by provider. |
| Commercial Fit | 5/5 Drive reusable — offsets cost or generates revenue through resale. | 3/5 No asset recovery. Cost per device higher but justified by risk reduction. | 2/5 Drive permanently non-functional. No resale value. Incomplete alone for mixed estates. |
Not suitable: Failed or non-readable drives, encrypted SSDs with uncertain key provenance.
Not suitable: When asset recovery value is a priority — all drives are permanently destroyed.
Not suitable: Any estate with SSDs, USB flash, optical discs, or modern NVMe storage. Not suitable as a standalone method for most enterprise estates.
Yes, when performed to NIST 800-88 or HMG IS5 standards and accompanied by individually serialised certificates. The GDPR requires evidenced, auditable proof — not a specific method. Erasure meets this requirement for functional drives.
Shredding is required when erasure cannot be verified (failed, damaged, or partially readable drives), when sector or contractual standards mandate physical destruction, or when your organisation's risk posture demands it regardless of regulatory minimum.
No. Degaussing has no effect on solid-state storage, USB flash, or NVMe drives. Applying degaussing to an SSD estate provides a false sense of security. SSDs require either certified erasure or physical shredding.
Yes — this is the standard approach for mixed estates. Functional drives proceed through certified erasure with per-device certificates. Failed or high-risk drives go to physical shredding. Both outputs feed into a single combined destruction report.
We use certified software erasure (NIST 800-88) for functional drives and physical shredding for failed media — generating per-device certificates for both. All destruction is carried out at our licensed facility with full chain of custody.
We do not use degaussing as a sole destruction method. For mixed estates including SSDs, we will never certify a degaussing-only run as complete.
Related decision pages