Jousting at Windmills - Protecting Privacy on Leaving an Organization


Over the last two weeks, I've had two separate interactions with educators caught in a draconian system, their Windows computers locked down by strict  Active Directory policies, their email encased in shellack to the benefit of the organization. Each bemoaned the fact that they couldn't get their emails out of MS Exchange, that when they left their respective organizations, the next person to use their computers might be able to access confidential documents.

"Why don't you move your emails to Gmail and 'boot & nuke' your computer?" I asked when they came to see me. I started to feel like Dr. Death, someone who provides assistance to others as they gut their technology for critical, salvageable information and then delivers coup de grace so that the data will be unreachable, unassailable in a blinding whirlwind of zeroes and ones and randomness. It also feels a bit like jousting at windmills, actions of great import to the imagination and little else. ;-)

"What do you mean?" was the response.
"You can easily move your work computer's, non-confidential emails out of Exchange to a cloud-based service like Gmail. That will give you access over the long haul and you won't have to mess with trying to run MS Outlook on your home computer. And, before you turn that laptop in with years of confidential data, why not wipe the hard drive so you know that you've protected the data? After all, the Helpdesk can re-image the machine quickly, which they probably wouldn't do if you just left it there for the next person [they would not]."

The steps to do this yourself are pretty straightforward:

1) Setup a Gmail account (you can always use what you already have), then connect your MS Outlook to that Gmail account. You simply create a new account and set Gmail up with these settings. Then, you can click and drag or right-click and move/copy your work email to your Gmail account. There's a nice tutorial here, and another one here.

If setting up MS Outlook isn't an option, and Thunderbird will interface with your MS Exchange server--it depends on whether the server admins will allow IMAP connections--then you can use Mozilla Thunderbird to do the same thing.

Once you've moved all your emails out of MS Outlook, you're ready for step 2--boot-n-nuke your computer.

DBAN Boot-n-Nuke's Autonuke in action
Image Source: WipeYourData

2) Boot-n-Nuke: Protecting confidential data is simply something school districts have failed to do. If you're leaving a school district, chances are you've handled tons of confidential data at some point. You may also want to prevent others from accessing data that is on your computer. Of course, you probably should provide a copy of critical data--maybe on a USB flash drive or external hard drive--that the person taking your place will need. But there is still tons of content that may be irrelevant, made obsolete by time, new projects or changing scope of the job. 

To ensure the data is gone, make yourself a bootable USB flash drive. Find yourself a USB flash drive (1-2 gigs is fine, like these) and then download two programs:

A) Unetbootin for Windows, Linux or MacThis will take an ISO file and put it onto a flash drive, making the USB Flash drive bootable with whatever you put on it.

B) Darik's Boot-n-Nuke - Using Unetbootin, you can put this on a flash drive, start your computer up with it (on a Dell laptop, press F12 to choose what you start up from, whether CD, Hard drive or USB flash drive), then wipe out your computer.
DBAN is a self-contained boot disk that automatically and completely deletes the contents of any hard disk that it can detect. It is a means of ensuring due diligence in computer recycling, a way of preventing identity theft if you want to sell a computer, and a solution to totally clean a Microsoft Windows installation of viruses and spyware. DBAN prevents or thoroughly hinders all known techniques of hard disk forensic analysis.
There are several tutorials's one you could use.

3) Return the Computer, free of confidential data.

Get Blog Updates via Email!
Enter your email address:
Delivered by FeedBurner

Everything posted on Miguel Guhlin's blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure


Sandy Kendell said…
These are great tips, Miguel! Prior to reading this I would never have thought to wipe my own hard drive if I left a school district, and I'm even thinking now about what happens when my computer or laptop gets replaced by a new one. It would probably be a good idea to wipe the old one so no matter whether it gets re-deployed or recycled, no one can get to any documents that were on the hard drive.

A couple of thoughts - It's important to remember that even if you take all of your email with you, it still exists in the district archive. Also your documents may be saved on district servers or in cloud-based solutions, where it is much more difficult to truly delete what you have stored.

We should probably all learn how to wipe/reset our iPads, tablets, and district provided smartphones now, too!

Sandy, you're absolutely right about putting the data in the cloud. Unfortunately, it's quite difficult for these folks to do anything more complicated at their current fossilized stage of tech-development (smile). While the tech is getting easier (iPads), protecting confidential data gets tougher.

With appreciation,

Popular posts from this blog

Rough and Ready - #iPad Created Narrated Slideshow

Old Made New: Back to Bunsen Labs Linux (Updated)

The Inside Scoop: EdTech 2020 Virtual Conference #edtech #zoom