I’ve written on Oppo previously a bit about some of our IT challenges in a state university library, like up until late last year working on a Dell SFF pc rocking an Intel Q6400 and 4GB of DDR2 ram (and only because I had scavenged sticks of RAM from machines in vacant offices), and finally getting a “new” pc in the form of a refurbished 3rd gen Core I5 machine rocking 8GB of DDR3. Yesterday I checked out a short-term use faculty/staff laptop for a project outside my usual work area. It turns out our six short term use laptops are actually decent (for a state government operation) in the form of Dell XPS machines running 6th-gen Core i7, 8gb of DDR4 and 500gb ssd. I was disappointed the systems folks told me I couldn’t just keep it as my primary machine docked at my desk with a monitor and real keyboard/mouse. As a side note, this thing is rocking Widows 10 1511 build.
Being me, I had to fire it up and see what it was, and what was on it. This lead to first interested discovery a previous users leaving files in the clear in the downloads folder. The bounty included a faculty member’s promotion and tenure dossier, an employment contract, a spouse’s employment contract, some bank statements and a copy of a credit report. These files had been left by multiple previous users. Being a nice guy, I loaded a file shredder app on the laptop and securely deleted these files. I also broke out the windex and gave the whole thing a much needed cleaning.
After finding those previous files sitting in the clear, I couldn’t help but be curious about what else might be out there on it since we’ve clearly got some folks here who aren’t techies. A basic file recovery program pulled up 100GB of files people thought they had deleted files by emptying the recycle bin... It recovered 9,997 images, which caused me ponder whether I might incur some kind of a reporting obligation and how much I really wanted to know about my coworkers.
I ended up settling on a spot check of the recovered files, which revealed pretty innocuous stuff like expense reports from travel, teaching materials for ironically enough information literacy classes (thankfully nothing FERPA related), spreadsheets for research projects, a turbo tax return, lots of ring tones, promotional images for the university and library, a bunch of stock photos and the occasional (clothed) selfie. After unofficially consulting with our systems folks, they unofficially agreed with my plan of a disk clean up and defrag, and then letting the machine sit overnight and overwrite the free space on the drive.
While nothing was too far outside our permissible personal use policy, it was still a bit surprising. Hopefully our systems folks will put out a gentle reminder, and maybe we’ll do a little infosec professional development at some point like teaching folks how to securely delete a file... They might also consider having the kids on circulation desk wiping the free space on them when they’re checked back in occasionally.