On Wed, Aug 18, 2010 at 11:42 AM, David Lum <[email protected]> wrote: > How do you guys manage deleting data from employees that have left the > company, what’s your process?
Everyone has their own needs, but here's what we do: We have a checklist (in the sense of a list of things to check) we run through. Covers all the stuff IT is responsible for. AD account, app accounts, "cloud" accounts, phones, access badge, company directory, etc., etc. We set email and voice mail with a "As of DATE, NAME is no longer employed at COMPANY. Please contact NAME at PHONE if you need assistance." response message. We block new voice mail. We go through their voice mail to check for any old messages which need forwarding. We often grant someone (usually the supervisor) access to the ex-employee's user folder and Exchange mailbox for a month or so. The someone goes through and picks out anything important. They watch the mailbox to see if anyone important mails the ex-employee. Eventually, we export the Exchange mailbox to PST, ZIP that up, and ZIP up the user folder. Remove all from primary server storage. Write ZIPs to optical media as a permanent archive. Keep convenience copies on an IT PC. Depending on user and circumstance, we may or may not wipe the PC before reusing. Things are locked down pretty tight here, so we may just delete their cached user profile folder. We keep AD user accounts around "forever", so SIDs still resolve. But we disable the account, remove from all groups except "Old Users", and change the password to a long random string we don't record. We only have 120 employees so AD space isn't a concern. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
