Policies shape our world in IT, from acceptable use agreements to BYOD compliance. No matter how thorough we try to be, however, too few of us have policies in place that address what users should do when bad luck (or poor judgment) strike.
Since you can't always be there at the moment of truth, make sure your users know these five basic principles ahead of time.
1.Turn the machine off at the first sign of hard drive failure.
Hard-drive trouble doesn't have to equal the end of the world. That is, provided you're fortunate enough to recover data prior to the volume becoming unmountable.
Maximize the odds of recovery by training users to power down ASAP once it's determined there is something physically wrong with the hard drive. Figuring this out usually isn't tough — it could be something as simple as receiving a S.M.A.R.T. failure message during boot, to something more subtle like multiple entries in the Windows System log from a source of “DISK.”
Either way, powering the computer down and sending the device to IT immediately is critical in salvaging any critical information. Once IT has the hard drive, it can be mounted in another machine for data recovery, which dramatically reduces overhead, since it won't be performing the read/write operations intrinsic to running an operating system. This approach will yield the greatest chance of recovering important data.
2. Have a shipping policy and make sure your users are aware of it.
In the event that a machine needs repair and has to be shipped out for service, don't make a bad situation worse by allowing users — who often don't understand how sensitive electronics are — to ship without guidance.
When crafting shipping guidelines for returning electronics, it’s important to keep it simple. While specifics are normally good, most end-users have no concept of shipping terms like “minimum edge crush test” and would more readily understand language like “at least three inches of padding (bubble-wrap or styrofoam) on every side of the device.”
Mention that notebooks should ship with their batteries removed and that ink and toner cartridges should be taken out of printers prior to shipment.
3. Make sure users understand the difference between System Restore and System Recovery.
It sounds basic to those of us working in IT, but the subtle difference between the terms has spelled disaster for more than a few users who had every intention of running the non-destructive option and lost all their data.
System Restore is a tool that comes with most versions of Windows. It allows users to turn the clock back to a happier time when their computer worked without incident. System Recovery, however, is provided by many hardware manufacturers and allows the system to be reset completely back to its factory state.
Most users will resort to their own devices when your helpdesk is unavailable, so make sure they understand the difference between the two—even if it's a “by the way” mention as part of their initial orientation and training.
4. Tell your users what to do in the event of a spill.
Once again, the enemy here is panic. In the event of a device suffering from water damage, the first step is to remove the power supply and the battery. Tell users not to worry about shutting the device down gracefully (you'd be amazed at how many people are linear thinkers, even in situations like this).
In the event the device contains a hard drive, it's also usually a good idea (in cases of submersion) to remove that and dry that, if practical. Everything else is pretty secondary, since 99 percent of the time, the damage is already done and despite what you may have heard on the Internet, no amount of white rice is going to fix it.
5. Don't allow users to store passwords on their devices.
No amount of security or encryption can outsmart a thief who can see the user's password(s) taped to their wrist rest or monitor. Most of the time when devices go missing, IT departments are more worried about data falling into the wrong hands than they are about the devices themselves.
Make this less of a concern by setting — and more importantly — enforcing policies of diligence where this is concerned. When a machine comes through your IT department with passwords taped to it, take the time to give that person a call and let them know this is not okay. A seemingly awkward conversation now can save everyone a lot of headache later.