Technology Advisor Blog

Do you keep your important files in the trash?

Posted by Ann Westerheim on 3/26/14 8:28 AM

email TrashAt a recent industry event, I had the opportunity to share some "war stories" over lunch. One of the guys at the table told a tale of an email server crash on a Friday night that one of his techs rescued after many hours of effort late into the night.  The Microsoft Exchange server had crashed, and they ran recovery and clean up tools to get the mail running again.  Mission accomplished!

Until Monday morning when they received a frantic call from the customer reporting missing mail!  After a few questions, they figured out that the missing mail was from the "Deleted Items" folder, which had been cleaned out as part of the best practices for getting the mail up and running again.  This turned out to be a major problem, because the user was actually intentionally storing important mail in the "Deleted Items" folder.  The funny thing is that all of us at the table had heard this before from other sites over the years, so this wasn't an isolated incident.

If you happen to be one of these users who keeps important files in the trash, stop!  Storing valuables in the trash doesn't make sense.   You wouldn't keep your important paper files in a trash can and get angry when the cleaning service emptied the trash, and it doesn't make sense to keep your electronic files in the electronic trash.  

Thinking about this dilemma, it seems that the users who do this may want to segment their mail between what has been read (winds up in the trash) and what still needs follow up (stays in the inbox).  What may be occurring is that the users don't know that you can create folders in your mail, just like you can with your regular files.  Creating folders is the right way to organize your mail.  

Create a mailbox subfolderTo create a subfolder in your Inbox, right click on the Inbox and select New Folder.  You'll then have the option to name the folder whatever you want, such as "Important Stuff". 

New Mail Folder Name

As for your Deleted Items folder, the contents will remain in this folder until you empty the contents.  You can do this by right-clicking on the folder, and select "Empty Folder" from the pull-down.  Its a "best practice" to keep this folder (and all your folders!) free of clutter. 

To organize your mail, you can create as many folders as you want.  Think through a plan that works for you such as organizing by client account, or vendor, etc, but don't leave it all in your inbox, and don't use your "trash" for storage!

Tags: eMail, deleted items

Do you know where your WISP is?

Posted by Ann Westerheim on 3/20/14 8:26 AM

Do you know where your WISP is?March 1 was the 4th anniversary of the Massachusetts Data Protection Law which was introduced to help protect residents against identity theft and fraud.  The law identifies requirements businesses must follow to secure protected information, which includes a resident's first name or initial and last name, combined with a number of specified protected information including drivers license number, bank account number, social security number, credit card numbers, etc. We've all read the headlines about the major retailers such as Target, Hannafords, and TJX who have been in the news over the years for security breaches, but many small business owners may not be fully aware that the law applies to ALL businesses, large and small.

Do you know where your WISP is? A WISP is a Written Information Security Policy.  Its not enough to follow the guidelines identified in the law, you must also have a written policy.  The anniversary of the law going into effect is a good time to assess your own situation with respect to compliance.

The Massachusetts Data Protection Law includes the following requirements:

  1. Secure User Authentication Protocols  (use of strong passwords, and no passwords on post-its under your mouse pad!)
  2. Secure Access Control Methods (access to protected information needs to be restricted to those who need access to perform their jobs)
  3. Encryption of all transmitted records and files containing personal information that will travel across public networks, and encryption of all data containing personal information to be transmitted wirelessly (wireless networks must be encrypted, and NEVER send protected information via regular email).
  4. Reasonable monitoring of systems for unauthorized use of or access to personal information (Do you have a way to identify if someone is trying to access your network?)
  5. Encryption of all personal information stored on laptops or other portable devices (Newer laptops are encryption ready so you don't need extra software)
  6. For files containing personal information on a system that is connected to the Internet, there must be reasonably up-to-date firewall protection and operating system security patches, reasonably designed to maintain the integrity of the personal information  (all those updates we talk about every "patch Tuesday" are required by law!)
  7. Reasonably up-to-date versions of system security agent software which must include malware protection and reasonably up-to-date patches and virus definitions, or a version of such software that can still be supported with up-to-date patches and virus definitions, and is set to receive the most current security updates on a regular basis. (one of the key reasons we advise all clients to sign up for monitoring through managed services).
  8. Education and training of employees on the proper use of the computer  security system and the importance of personal information security (in our experience, the vast majority of problems we see are caused by users who don't fully understand security requirements and may inadvertently work around them).
In addition to complying to all these requirements, you also need to have a written policy that describes how you do this.  We recommend keeping this as simple as possible, but it has to be written down.  Do you know where your WISP is?

Tags: MA Data Security Law, 201 CMR 17.00, Security Requirements

Subscribe by Email

Most Popular Posts

Browse by Tag

See all tags...

Connect With Us

Older Blog Posts

For older Ekaru blog posts, go to ekaru.blogspot.com.