RE: Old user data
On the employee termination form there is a check box that managers can check if they want access to data. - If they want data access our accounts team sets permissions and then then sends them an email with instructions. - they are also notified of the delete date, they can request an extension - if they don't, it's gone. If they have data on a shares are on your LAN, how do you find it and kill it? Dave From: Steven Peck [mailto:sep...@gmail.com] Sent: Wednesday, August 18, 2010 11:35 AM To: NT System Admin Issues Subject: Re: Old user data We disable the user account and move it to a specific OU. 30 days we delete the user account. - We have a script which checks daily and if there is no AD account will delete the user network drive, terminal server profile - We have Exchange set to kill disconnected mailboxes 30 days so email has 60 days grace On the employee termination form there is a check box that managers can check if they want access to data. - If they want data access our accounts team sets permissions and then then sends them an email with instructions. - they are also notified of the delete date, they can request an extension - if they don't, it's gone. - if necessary we can restore from backup. 5k+ employees, only happened once in the last few years Steven Peck http://www.blkmtn.org On Wed, Aug 18, 2010 at 10:37 AM, Ziots, Edward ezi...@lifespan.orgmailto:ezi...@lifespan.org wrote: Isn't the property created on the companies computers by the employees during said work, the property of the company? Why does an employee that leaves entitled to any information whatsoever? Again HR policy will dictate what is truly personal, and what is business related, but could be a nice avenue for information disclosure... if you aren't careful. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.orgmailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: Devin Meade [mailto:devin.me...@gmail.commailto:devin.me...@gmail.com] Sent: Wednesday, August 18, 2010 12:03 PM To: NT System Admin Issues Subject: Re: Old user data We just revamped this process. The user prep's an exit folder. The user's supervisor makes a pass through it to cull any contract docs etc out. The the IS dept head does the same. Then we burn a CD or DVD fur the user. Before this is done, we make a separate image of their workstation, user folder and export the mailbox to PST. We attempt to capture and undisturbed copy of this data. This is burned to CD/DVD. This goes to HR and they follow their own data retention policies. IS maintains no long term archives of this data type. We keep their old workstation for no more than a week or two. It may have CAD templates and Lord-Knows-What-Else. We change the user's password and their dept head is supposed to login as the user and poke around to see if they need anything. This is a subset of a Data Retention Policy, I'm sure I forgot something... Devin On Wed, Aug 18, 2010 at 10:48 AM, Andrew S. Baker asbz...@gmail.commailto:asbz...@gmail.com wrote: Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... Signature powered by WiseStamphttp://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] Sent: Wednesday, August 18, 2010 11:43 AM To: NT System Admin Issues Subject: Old user data How do you guys manage deleting data from employees that have left the company, what's your process? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Old user data
How do you guys manage deleting data from employees that have left the company, what's your process? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Old user data
Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc From: David Lum [mailto:david@nwea.org] Sent: Wednesday, August 18, 2010 11:43 AM To: NT System Admin Issues Subject: Old user data How do you guys manage deleting data from employees that have left the company, what's your process? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Old user data
Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. *ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp http://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.comwrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc *From:* David Lum [mailto:david@nwea.org] *Sent:* Wednesday, August 18, 2010 11:43 AM *To:* NT System Admin Issues *Subject:* Old user data How do you guys manage deleting data from employees that have left the company, what’s your process? *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Old user data
Uh-oh. Orphaned footnote... Sent slowly via my BBerry... -Original Message- From: Andrew S. Baker asbz...@gmail.com Date: Wed, 18 Aug 2010 11:48:06 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Reply-To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Re: Old user data Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. *ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp http://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.comwrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc *From:* David Lum [mailto:david@nwea.org] *Sent:* Wednesday, August 18, 2010 11:43 AM *To:* NT System Admin Issues *Subject:* Old user data How do you guys manage deleting data from employees that have left the company, what’s your process? *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Old user data
Or [3]. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Dave Florea [mailto:blazer...@gmail.com] Sent: Wednesday, August 18, 2010 11:58 AM To: NT System Admin Issues Subject: Re: Old user data Uh-oh. Orphaned footnote... Sent slowly via my BBerry... From: Andrew S. Baker asbz...@gmail.com Date: Wed, 18 Aug 2010 11:48:06 -0400 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Re: Old user data Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... Signature powered by WiseStamphttp://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] Sent: Wednesday, August 18, 2010 11:43 AM To: NT System Admin Issues Subject: Old user data How do you guys manage deleting data from employees that have left the company, what's your process? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Old user data
We just revamped this process. The user prep's an exit folder. The user's supervisor makes a pass through it to cull any contract docs etc out. The the IS dept head does the same. Then we burn a CD or DVD fur the user. Before this is done, we make a separate image of their workstation, user folder and export the mailbox to PST. We attempt to capture and undisturbed copy of this data. This is burned to CD/DVD. This goes to HR and they follow their own data retention policies. IS maintains no long term archives of this data type. We keep their old workstation for no more than a week or two. It may have CAD templates and Lord-Knows-What-Else. We change the user's password and their dept head is supposed to login as the user and poke around to see if they need anything. This is a subset of a Data Retention Policy, I'm sure I forgot something... Devin On Wed, Aug 18, 2010 at 10:48 AM, Andrew S. Baker asbz...@gmail.com wrote: Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. *ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp http://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.comwrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc *From:* David Lum [mailto:david@nwea.org] *Sent:* Wednesday, August 18, 2010 11:43 AM *To:* NT System Admin Issues *Subject:* Old user data How do you guys manage deleting data from employees that have left the company, what’s your process? *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Old user data
It that part of an exit checklist? We have a lot of churn here, namely contractors but a fair amount of employees over a year... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, August 18, 2010 8:48 AM To: NT System Admin Issues Subject: Re: Old user data Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... Signature powered by WiseStamphttp://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] Sent: Wednesday, August 18, 2010 11:43 AM To: NT System Admin Issues Subject: Old user data How do you guys manage deleting data from employees that have left the company, what's your process? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Old user data
If you were asking me ... we do have a Workstation and User Retirement checklist. It has a number of conditions as in if the employee is terminated and how long the computer will remain in service. It has Active Directory checklist, mailbox checklist (ie if the email addy will be redirected), we run Trend Micro and LANDesk so the that has to be accounted for etc. The last step is a secure disk wipe (DBAN etc). We may (or may not) divide up these tasks and you must initial any steps you do. Devin On Wed, Aug 18, 2010 at 11:18 AM, David Lum david@nwea.org wrote: It that part of an exit checklist? We have a lot of churn here, namely contractors but a fair amount of employees over a year… *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 *From:* Andrew S. Baker [mailto:asbz...@gmail.com] *Sent:* Wednesday, August 18, 2010 8:48 AM *To:* NT System Admin Issues *Subject:* Re: Old user data Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. *ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp http://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.com wrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc *From:* David Lum [mailto:david@nwea.org] *Sent:* Wednesday, August 18, 2010 11:43 AM *To:* NT System Admin Issues *Subject:* Old user data How do you guys manage deleting data from employees that have left the company, what’s your process? *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Old user data
On Wed, Aug 18, 2010 at 11:42 AM, David Lum david@nwea.org wrote: How do you guys manage deleting data from employees that have left the company, what’s your process? Everyone has their own needs, but here's what we do: We have a checklist (in the sense of a list of things to check) we run through. Covers all the stuff IT is responsible for. AD account, app accounts, cloud accounts, phones, access badge, company directory, etc., etc. We set email and voice mail with a As of DATE, NAME is no longer employed at COMPANY. Please contact NAME at PHONE if you need assistance. response message. We block new voice mail. We go through their voice mail to check for any old messages which need forwarding. We often grant someone (usually the supervisor) access to the ex-employee's user folder and Exchange mailbox for a month or so. The someone goes through and picks out anything important. They watch the mailbox to see if anyone important mails the ex-employee. Eventually, we export the Exchange mailbox to PST, ZIP that up, and ZIP up the user folder. Remove all from primary server storage. Write ZIPs to optical media as a permanent archive. Keep convenience copies on an IT PC. Depending on user and circumstance, we may or may not wipe the PC before reusing. Things are locked down pretty tight here, so we may just delete their cached user profile folder. We keep AD user accounts around forever, so SIDs still resolve. But we disable the account, remove from all groups except Old Users, and change the password to a long random string we don't record. We only have 120 employees so AD space isn't a concern. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Old user data
Isn't the property created on the companies computers by the employees during said work, the property of the company? Why does an employee that leaves entitled to any information whatsoever? Again HR policy will dictate what is truly personal, and what is business related, but could be a nice avenue for information disclosure... if you aren't careful. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Devin Meade [mailto:devin.me...@gmail.com] Sent: Wednesday, August 18, 2010 12:03 PM To: NT System Admin Issues Subject: Re: Old user data We just revamped this process. The user prep's an exit folder. The user's supervisor makes a pass through it to cull any contract docs etc out. The the IS dept head does the same. Then we burn a CD or DVD fur the user. Before this is done, we make a separate image of their workstation, user folder and export the mailbox to PST. We attempt to capture and undisturbed copy of this data. This is burned to CD/DVD. This goes to HR and they follow their own data retention policies. IS maintains no long term archives of this data type. We keep their old workstation for no more than a week or two. It may have CAD templates and Lord-Knows-What-Else. We change the user's password and their dept head is supposed to login as the user and poke around to see if they need anything. This is a subset of a Data Retention Policy, I'm sure I forgot something... Devin On Wed, Aug 18, 2010 at 10:48 AM, Andrew S. Baker asbz...@gmail.com wrote: Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. ASB (My XeeSM Profile) http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... Signature powered by WiseStamp http://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.com wrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc From: David Lum [mailto:david@nwea.org] Sent: Wednesday, August 18, 2010 11:43 AM To: NT System Admin Issues Subject: Old user data How do you guys manage deleting data from employees that have left the company, what's your process? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Old user data
We disable the user account and move it to a specific OU. 30 days we delete the user account. - We have a script which checks daily and if there is no AD account will delete the user network drive, terminal server profile - We have Exchange set to kill disconnected mailboxes 30 days so email has 60 days grace On the employee termination form there is a check box that managers can check if they want access to data. - If they want data access our accounts team sets permissions and then then sends them an email with instructions. - they are also notified of the delete date, they can request an extension - if they don't, it's gone. - if necessary we can restore from backup. 5k+ employees, only happened once in the last few years Steven Peck http://www.blkmtn.org On Wed, Aug 18, 2010 at 10:37 AM, Ziots, Edward ezi...@lifespan.org wrote: Isn’t the property created on the companies computers by the employees during said work, the property of the company? Why does an employee that leaves entitled to any information whatsoever? Again HR policy will dictate what is truly personal, and what is business related, but could be a nice avenue for information disclosure… if you aren’t careful. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* Devin Meade [mailto:devin.me...@gmail.com] *Sent:* Wednesday, August 18, 2010 12:03 PM *To:* NT System Admin Issues *Subject:* Re: Old user data We just revamped this process. The user prep's an exit folder. The user's supervisor makes a pass through it to cull any contract docs etc out. The the IS dept head does the same. Then we burn a CD or DVD fur the user. Before this is done, we make a separate image of their workstation, user folder and export the mailbox to PST. We attempt to capture and undisturbed copy of this data. This is burned to CD/DVD. This goes to HR and they follow their own data retention policies. IS maintains no long term archives of this data type. We keep their old workstation for no more than a week or two. It may have CAD templates and Lord-Knows-What-Else. We change the user's password and their dept head is supposed to login as the user and poke around to see if they need anything. This is a subset of a Data Retention Policy, I'm sure I forgot something... Devin On Wed, Aug 18, 2010 at 10:48 AM, Andrew S. Baker asbz...@gmail.com wrote: Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. *ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp http://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.com wrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc *From:* David Lum [mailto:david@nwea.org] *Sent:* Wednesday, August 18, 2010 11:43 AM *To:* NT System Admin Issues *Subject:* Old user data How do you guys manage deleting data from employees that have left the company, what’s your process? *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Old user data
Yes it is the IP of the company and our AUP says so. All employees sign an AUP and it goes to their HR file. We have had employees leave and ask for their user folder. The management team goes through it with the AUP in mind. We have had instances when the Exit Team denied the entire folder. If they want a copy of their mailbox, well that's easy . . . UMMM NO. Everything is reviewed against the AUP. The AUP was made by laywersand it's iron-clad. What I have seen leave the firm is pretty benign (scans of PE certificates, kiddo pictures, etc). Our dept heads had this argument before. My contention is why the heck is IT deciding what data leaves or stays? Before our we got Religion about data retention and company Intellectual Property, when someone left the firm, they would send them to IS to get any files they wanted (I don't have the time, you do it). Whatever! I/we in IT pretty much had to get their dept head involved anyway due to the nature of the personal folder. I argued that this is a management and HR issue. They needed to come up with a policy. One that's aligned to our industry's needs and regulations. I.T. should advise on how to achieve that . . . no more. So at the end of the day, what they get to take with time is their kids pictures, professional certifications (if any) and possibly files from professional associations they are personally members of (ASHRAE is one of them). Some of this is so esoteric that we cant tell what it is, therefore the policy change to bring their dept head into it. We do use a checklist. On Wed, Aug 18, 2010 at 12:37 PM, Ziots, Edward ezi...@lifespan.org wrote: Isn’t the property created on the companies computers by the employees during said work, the property of the company? Why does an employee that leaves entitled to any information whatsoever? Again HR policy will dictate what is truly personal, and what is business related, but could be a nice avenue for information disclosure… if you aren’t careful. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* Devin Meade [mailto:devin.me...@gmail.com] *Sent:* Wednesday, August 18, 2010 12:03 PM *To:* NT System Admin Issues *Subject:* Re: Old user data We just revamped this process. The user prep's an exit folder. The user's supervisor makes a pass through it to cull any contract docs etc out. The the IS dept head does the same. Then we burn a CD or DVD fur the user. Before this is done, we make a separate image of their workstation, user folder and export the mailbox to PST. We attempt to capture and undisturbed copy of this data. This is burned to CD/DVD. This goes to HR and they follow their own data retention policies. IS maintains no long term archives of this data type. We keep their old workstation for no more than a week or two. It may have CAD templates and Lord-Knows-What-Else. We change the user's password and their dept head is supposed to login as the user and poke around to see if they need anything. This is a subset of a Data Retention Policy, I'm sure I forgot something... Devin On Wed, Aug 18, 2010 at 10:48 AM, Andrew S. Baker asbz...@gmail.com wrote: Definitely. Or give them a DVD. We don't allow them access to the former user's location for file storage, as that creates too many plausible deniability [1] scenarios. *ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp http://www.wisestamp.com/email-install [1] Mix and match posting [2] [2] Inside joke [3] Even bigger inside joke On Wed, Aug 18, 2010 at 11:45 AM, Steven M. Caesare scaes...@caesare.com wrote: Contact supervisor and offer to copy data to new location of their choice, often as a subdir to them. -sc *From:* David Lum [mailto:david@nwea.org] *Sent:* Wednesday, August 18, 2010 11:43 AM *To:* NT System Admin Issues *Subject:* Old user data How do you guys manage deleting data from employees that have left the company, what’s your process? *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Old user data
On Wed, Aug 18, 2010 at 1:37 PM, Ziots, Edward ezi...@lifespan.org wrote: Isn’t the property created on the companies computers by the employees during said work, the property of the company? My understanding is incomplete, but I believe: This depends somewhat on jurisdiction. Different states have different laws. And unless a formal policy is already in place, it may be open to legal argument. Here, our policy handbook says everything done on a company PC is property of the company. The company lawyer at least glanced at that and okayed it. Management sometimes still allows people to request things when leaving, but it usually has to be vetted by someone (e.g., supervisor). -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Old user data
On Wed, Aug 18, 2010 at 1:37 PM, Ziots, Edward ezi...@lifespan.org wrote: Isn’t the property created on the companies computers by the employees during said work, the property of the company? My understanding is incomplete, but I believe: This depends somewhat on jurisdiction. Different states have different laws. And unless a formal policy is already in place, it may be open to legal argument. Here, our policy handbook says everything done on a company PC is property of the company. The company lawyer at least glanced at that and okayed it. Management sometimes still allows people to request things when leaving, but it usually has to be vetted by someone (e.g., supervisor). -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~