LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Condense Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Sender:	Records Management Program <[log in to unmask]>
Date:	Fri, 26 May 2006 09:18:11 -0700
Content-Disposition:	inline
Reply-To:	Records Management Program <[log in to unmask]>
Subject:	Re: Checklist for stolen laptops
MIME-Version:	1.0
Content-Transfer-Encoding:	quoted-printable
In-Reply-To:	<[log in to unmask]>
Content-Type:	text/plain; charset=ISO-8859-1; format=flowed
From:	Larry Medina <[log in to unmask]>
Parts/Attachments:	text/plain (51 lines)

On 5/25/06, Glenn Sanders <[log in to unmask]> wrote:
>
> Good morning everyone.
>
> I've been using all the recent flurries of reports about lost or stolen
> laptops, privacy breaches, confidential info going astray etc, to wave the
> flag a bit around my organisation along the lines of "it's not the laptop
> we should worry about, it's what was on the hard drive".
>
> As a result of discussions with our internal audit, IT and security
> people, I am now in the loop to find out when laptops go missing, and I'd
> like to have a little checklist I could send to the distraught laptop
> owner to find out any recordkeeping implications of the loss, as part of
> due diligence.
>

Where I'm presently incarcerated.... errr... employed... =)

...there are very strict guidelines about the use of organizationally owned
laptops outside of the premises.  Prior to a laptop being taken offsite, you
have to complete a property pass and have an image made of the hard drive.
In addition, only the applications licensed TO THAT LAPTOP can be installed
on it, so you can't "sync" to your desktop and mirror the hard drive.  Any
data being taken must also be mirrored before you go, to ensure if something
is damaged/lost, it's only a copy.  And when you return, you go through the
reverse procedure.  Naturally, we have VERY strict rules about the type of
data anyone is allowed to take with them.

Understandably, not all organizations have the same policies/practices in
place.  However, this is another case of "risk management related to records
management" that an organization has to make some decisions about.
Depending on the nature of the business you do, and the type/s of data
people are allowed to have on their laptops, you need to make a decision
about how much protection is enough?  And what measures should an employee
be required to comply with prior to leaving the facility, while in
possession of the laptop outside of the facility, and when returning to the
facility?

In most cases, the data is of much greater value than the laptop itself...
in more ways than one.

Larry

-- 
Larry Medina
Danville, CA
RIM Professional since 1972

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance

ATOM RSS1 RSS2

LISTSERV.IGGURU.US