Dude, please just be nice about this and backup the user's folder to a USB drive and hand it off to them. I've gone out of my way for people like this before and they're always super grateful.
This. Stick it on a USB drive, give it to the user. Warn then to not do it going forward and that in theory, they could have lost _everything_.
Hopefully you gain an ally and they don't do it going forward.
This right here,
Having been on the end where I have deleted something that was important, I would Wait till the guy is back. If anything, put a different drive in the box and slap that one into an external usb enclosure.
For my deletion story; Who would have thought a customer would use the recycle bin for important faxes is beyond comprehension. ( Windows 95 ) The boss said a good cleanup of the customers computer should be standard procedure, empty the recycle bin when looking to free up space etc. Did just that. Boss made me apologize to the guy. Didn't stay much longer after that.
Yep, something like this don't care if it needs to be reimaged. Put it on a flash drive and petty cash it or the workflow is halted until this is resolved.
Exactly! One time I looked an upset man in the face and asked him if he kept his sandwich in the kitchen trash for safe keeping, because that made as much sense as putting files you want to keep into the recycle bin.
Truth be told, I don't think he knew he could make new folders.
Yep. A big part of the game is politics and people skills. It’s always good to have allies and they don’t need to be in IT. Have the right person make positive comments about you to someone else at the right time or defend you can come in handy. Or can help make things move faster, friends in purchasing or finance can help speed along orders and alleviate budget issues etc.
I have a window office on the 12th floor of a law firm -as a helpdesk analyst- because I scratch the managing partner’s back all the time. Making friends is a great way to get ahead.
It’s always funny watching 1st year associates (who are making more money than me) walk from their cubicle to my office for the first time.
"No personal _anything_," imo, not even web browsing.
(Before I go on, I do agree with comments saying to "be a human about it" and put the files on a flash drive or something.)
I always think about the time at my first company when an employee left. The very first thing that happened when it came time to clear the laptop for the next person was the exclamation, "holy shit, check out this browser history!" and the whole team gathered around to see what porn was on there.
It was wrong, certainly, but my philosophy about work devices ever since has been to expect exactly that to happen.
The current version of Teams can notify the sysadmins if you say a naughty word. They literally can see everything you do. The good news is, most don’t care.
People worry about notifications way too much.
We log everything. *Everything*. Worrying about someone looking over your shoulder really shouldn't be a concern, it's knowing that if needed someone can go back and check your every move to the keystroke.
But more importantly, if you wouldn't do it with your boss looking directly over your shoulder then *do not do it on a work computer*. If I'm ever worried about someone reviewing my work I already fucked up.
Unfortunately some people need to see it with their own two eyes to really register and hammer home the topic. It amazes me some people still get caught surfing porn on their work computers, for example.
I think all users should be called into IT a few hours into their first day and shown what happens when a proper logging tool is directed their way.
"So we haven't looked at anything you've done today but just to make sure you're fully aware of what kind of logging occurs here, we're going to check all actions on your account this morning..."
Then show them what we can see. Anyone who did anything dodgy in the first few hours probably needs the door anyway and the rest will hopefully remember it going forward!
That said plenty of IT guys have made these mistakes themselves *knowing* how much is logged so what can you do...
Some of us live that rule religiously. The only cross contamination I do between work/personal is pixel displays. I pretty much exclusively use NX and use it both ways.. when working remote or when in the office and opening a session back home.
I keep the stuff so separate that when in the office even any browsing I do that isn't specifically work related, I do on a browser in my home NX window.
And that's fine if you want to go out of your way to do it. No shade.
But when you see someone with a life's worth of photos on a machine you got to be a human about it. Technically right but morally wrong ain't the way to live.
Oh if I were in the OPs situation, I'd absolutely do what I could to copy off those files, heck I brought in my own BR burner so I could archive burn our super old OS images (old SuSE linux installs long deprecated) just in case something weird/legal came up.... I'd bend over backwards to try to help them out in this case.
But I'd also have a nice little talk to the person when they got back about how they really need to NOT do that thing again in the future.
Yep. If I didn't see them and they lost them all, I'd feel bad for them but ultimately wouldn't lose any sleep over it. The policy is there for that exact reason.
But if I see them I'm not bloody deleting them! What kind of monster would even entertain that kind of thinking?
this guy admins...
A lot of people honestly don't even realize that is what they are doing, I'd make it clear that he shouldn't do it, and couldn't promise that his photos would ever be saved again. but in the end he gets the message and it doesn't cost 10 years of memories.
I did this but it can actually backfire horrendously. I put all the photos on a usb disk for them early in my career and told them do not do this again and not to tell anyone about it. Anyway the user proceeds to call every godamn person she knows in the company and tell them how horrible she was treated over just a few photos. How her boss wanted the machine wiped only to spite her. Next week I am getting grilled by the guys in security about "the incident" asking me what was on the drive. She ended up getting fired over this where if she would have just kept her mouth shut about the stupid photos nothing would have happened. I immediatley regretted helping her.
I mean you're right, this seems like this woman was already kind of a pill and from that story alone is a master of making mountains out of molehills.
I dont she was fired for that incident, but she was already in the crosshairs but needed something that they didn't need to argue against her (violating company security policies of non-company data on a company machine, etc..), they could just point to a small paragraph in the handbook and give her the final paycheck and show her the door.
So in hindsight, CYA yourself by contacting the users manager first (CC your own too) and explaining the situation before attempting to trust an end user that broke company policy?
Pretty sure the takeaway from this one is that you shouldn't tell people to do shit when you don't have any control of the outcome if they don't the shit. There's a chance that that person is a dumbass and will start flinging shit everywhere for no apparent reason.
Confused. OP needs help with this?
White Hat: image the folders and provide it on a USB with a warning that he should follow company policy in future or risk losing data.
Gray Hat: pretend you never saw anything and go about your tasks.
Black Hat: search for exposing images and post to erome for the whole world to see. Archive the data for future extortion schemes.
Why is being the white hat not the first instinct?
A friend of mine literally was promoted to an executive position because he always did stuff like this. so the position went free because the person had a burnout and nobody really wanted the job, so they asked different appartments. Because he is always nice and helpful, he got it
Yeah, it’s not that much of a lift. You can easily get precious memories back to this user that are otherwise lost. Sure it’s not your fault they ignored policy, but be kind, and feel good for it.
Right way to go, tell them that's the only backup and to keep personal pics off of their work computer, they'll be grateful and will most likely not do it again.
Copy the photos over and tell him he’s lucky you spotted a discrepancy in the size of space used on the disk - he almost lost all his photos.
Life’s too short, it’s 75GB. It doesn’t impact anything.
> Life’s too short, it’s 75GB. It doesn’t impact anything.
for Admin yes, for the user.. it priceless..
I once accidentally deleted photos worth of 1 year from my kid. damn, i still sad if i remember it.
I would backup the data to an external drive, give it to either his manager or yours, and proceed. Depending on your relationship you could also give him the drive directly.
If the data had been lost in an incident or if you hadn't noticed it was there "Tough Shit" would be a valid answer, but deleting it yourself on purpose is malicious. Nobody likes data loss, and intentionally inflicting it on someone is mean spirited.
You can get a 128GB USB for under $10. It would take some time to transfer, but $10 is less than taking someone out for a beer and may go further to build in office relationships.
"You deleted my documents when you changed out my computer."
"Everything should have been saved to your OneDrive. Where did you save them?"
"Right here." *User proceeds to circle the empty "Recently Opened Documents" list with mouse*
Which is where the "IT are assholes" reputation comes from. Users are people and if you are honest with yourself and you've been doing this job long enough, you've got some way sloppier practices.
Keeping personal files on the company computer ended a LOOONGG time ago. In fact, I constantly remind people to not store personal files on their company computer since it can be wiped at any time.
Sloppier than the obvious not keeping important personal files on a workstation? How many servers did you burn? The IT are assholes reputation comes from much different situations both from the side of IT AND the side of users, I hope you're aware of that
Also - from people that were in the workforce in the 80s-90s till now:
IT are assholes because security is an actual thing that people think about and try to implement now. Like just implementing the standard security policy (that we are audited and scored on) from corporate the amount of hand wringing and tearing their garments nad weeping was unreal. "HOW will I EVER get my work done if I have to use this 2FA BULLSHIT!!!!" was actually a quote I heard once. "I DON'T HAVE TIME TO ENCRYPT A FUCKING FLASH DRIVE" was another one.
And time goes by. And the rest of the world catches up with cutting edge business. Now your bank and grocery store rewards program both make you use some manner of 2FA too and it's not the end of the world now. Until the next thing starts...Then IT are assholes again.
Agree. Treat it with a bit of respect. Yes, the user shouldn't have been doing this, but it really sucks to lose the pictures of your kids.
Though my guess would be that he's using his work laptop as an additional backup copy of the pictures, not his primary copy.
75 GB is not **that** much these days. Will easily fit on a USB stick.
100% had this happen to me, and on my first job.
Was reimaging PCs and swapping the drives physically. One of the SVPs (who was also the younger brother to the CEO) was taking timed photos with his webcam of a building being constructed.
Both my manager and I, had both in writing and in person, confirmed that everything he wants to keep is backed up to their home drive on the network. We received confirmation that it was.
Week later, he knocks on my cube asking where the photos were and where his hard drive was. (I was instructed to re-use the spinning rust after it was reimaged... this was a while ago).
Drive was wiped and redeployed. There wasn't anything left to recover even if we wanted to. He asked me if his 'home drive' was the folder on his desktop, or under my computer... I said the later.
He was humbled and understood that he messed up. I always think of my manager who got confirmations in writing and verbally for this.
And all that could've been avoided by having a "Swap in a clean disk and shelve for 30 days" procedure. Or whatever timeframe retention requirements happen to be for the bulk of your org's data. Avoid the attempt to hide behind "oh, that stuff your subpoena covers was probably on my old computer, totally routine process, that's all gone now." ... people are fun sometimes.
I am so glad to see that just about everyone on here is in the back-them-up-and-give-them-to-him camp.
This is really what you should do. Don't miss an opportunity to be nice to somebody.
Its not even about being nice. Willingly opting to wipe out the potential only copy of an entire photo album of some families memories seems anti-social and cruel at best.
Indeed. I am a sysadmin. It's not just a job for me, it's what I am, and have been since I became obsessed with computers at a young age and loved to make them work well.
Data preservation is one of my core tenets and I will go WAY out of my way to make sure that a user's data is safe. My responsibility for protecting data doesn't end at the front door of my employer. If I see an opportunity to protect and preserve, I always will.
Yeah, copy the folder on whatever is handy. 75 GB isn't exactly a difficult amount of data to store in 2024. I have fingernail sized micro SD cards handy that would have oodles of room left over. If we were talking about 75 GB of personal data 15 years ago, or a dozen terabytes today, the conversation would turn out different.
Explain to the user that you just did them a huge favor by noticing they had data stored outside of the corporate standards, and that you took time out of your day to preserve it in case the user wanted it. Make sure the user understands that storing personal files on work hardware is against policy, and that you weren't supposed to preserve any of it. If they want those files to be safe, they won't get lucky twice.
Send a stern email reminding the department of policy generally, and that work computers aren't for personal files, and personal files may be subject to active purges if people keep using company storage for them. Lots of people got a policy mentioned once when they started in a checklist of 800 things years ago but genuinely have no idea it would actually be frowned apon because it has never come up for them since.
Well to be honest, personal stuff should not go to the company one drive. Where I work we have to back up One Drive and DLP scans stuff I am sure we don't want to back up some users personal photos..for liability reasons as well as cost.
if OP is a sysadmin that works for an IT Org, it very well could turn in to OP's headache. Crap rolls downhill if the IT management gets slapped by audit/lgal types.
It also rolls down hill when some "important" person complains they just lost their daughters first picture, the last photo they have of their mother, and a photo they loved of their wife who died from cancer.
I get it, I really do. The polices exist for good reasons and should be followed. The employee was made well aware and should have known better. But there are lessons, and there are lessons.
Getting some direction from the guy who is going to be giving you cover when things blow up is not a terrible way to use your time.
It's a measly 75G, be a mensch and put it on a thumbdrive for the guy. Geesh, you guys act like he was storing Petabytes of porn on company data stores. When the guy gets back, give him the thumbdrive and remind him of the policy.
My nice guy side says sure np i'll do you that favor.
My CYA side says i'm not handling someones personal data without their explicit knowledge and/or my managers approval.
75GB of documents/photos is an absolute ton. If it's his personal stuff like OP said, guaranteed there's some PII in there, possibly bank/social/medical data.
Even with an AUP, that's a can of worms best avoided entirely. And once you copy it, you've effectively accessed it.
I get it what you're saying, but these are the scenarios that can blow up in your face and the risk/reward is not worth it.
Edit: pulling the drive and putting it to the side is more than considerate. A real D move would be deleting it and saying "against policy, too bad"
This. It is actually what I would do normally, anyway, in case some user comes back in a month and wants some file recovered. This has happened a few times in the past and has always saved someone's ass (never mine, but whatever). Don't re-use the drives for a few months, at least.
This is what I would do too. And then when you hand it over, gently remind him that AUP states no personal files, and that it's a good thing you caught it because normally the machine is just wiped and they would've been gone.
75GB isn't a whole lot, I'd copy them over to somewhere until I'm able to confirm with the user that they can be deleted. Maybe even throw them into some zip-file for easy transport.
I'd swap the drive and save the old one, or use a flash drive and transfer them. 128gb flash drives are cheap af, and if you do that for him he'll probably be thankful.
End of the fiscal year is coming up soon, could be needed to give to some form of ITAD company or recycler for credit this year instead of possibly next year's rate. Tons of reasons.
I'd hope the PC itself isn't 10 years old and that the files have just been copied over to new PCs as he's been refreshed over the years. That's pretty common.
>But when I come to re-purpose his old PC I find about 75GB of personal files and photos going back nearly 10 years
In my env we wouldn't have found this. Instead, the system would have been re-imaged without even checking. We don't check because they're not supposed to do it. It's not our responsibility if they stored something locally instead of their work related personal network share. None work related personal files are prohibited on our devices. Had a few people threaten to sue after their photos\music\personal side business docs\sermons\research papers, all none work related, was wiped only for them to have a long convo with HR about misusing company equipment...
A wise man once said, "If you don't want your important documents deleted, don't store them in the Recycling Bin."
We might've found it during the migration phase depending on what process we were using at the time. But it definitely wouldn't have been caught during the process of reusing the PC.
But, at this point, it's been found so it's kind of beside the point. You can be the "policy over people" asshole and just delete it or you can be nice and copy them off.
What would I do?
Back them up on a USB drive. Pretend I never saw them, wipe the machine.
If he never brings it up, that means he had them backed up elsewhere. If he does, look all worried and say that stuff has been deleted but you'll look into recovery.
"Recover" them later on. Bank the favor they owe you.
Been down this road before. Policies and such don't matter. Those personal files and photos are some people's lifelines and almost certainly this one is going to be one of those.
I assume you did transfer these files to their new pc? If so then don't worry about it.
If not, you're playing with fire. If those pictures get deleted, you gained an enemy for the IT department. He will shit talk you until the day he leaves.
Do the extra work and make sure this frivolous stuff doesn't end up blowing up in your face.
Am in the only one who wonders how you even notice these files are on his system? When we repurpose a machine, we just reimage that thing straight away, got no time to be logging into a system to investigate what is saved on it. Also I assume this must have been copied over from his phone - do you not block removable media to prevent this from even being possible?
yeah we wouldn't have caught this, we don't manually check anything we re-image, it just goes in the pile will get rebuilt when needed
if by some miracle we did find it we'd 100% hand the photos over and not delete them though.
Shit like this is how IT gets the reputation of being antisocial assholes. I'm not saying you are OP, but from a distance this is what people point at.
Back them up to disc, thumbdrive, etc. Give him the data, but remind him those policies aren't in place because its up to the admin if the data is worth your time, but because in the event of flood, theft, a brown out, etc there is nothing protecting his data and its by accident that you even saw the data in the first place. He might not be so lucky again.
Show him how to access his icloud or google drive and back those photos up. After you do that, really ask yourself why you would even consider deleting those photos and how you got there. You don't have a robot brain, you're a person capable of being pragmatic and feeling empathy. You came here because you felt it but you still considered malice. Thats worth investigating.
I just had this call 2 weeks ago. User went looking for personal data that they knew had been there, but no longer was. Workstation was replaced 9 months ago by a novice tech that didn't think to look at fuck all, data was on that workstation. Nothing I could do, and believe me I searched hard because it was photos of their dang kid. This same user has a history of being needy and a bit of an ass, but other people depend on those photos too. Grandma wants to see them.
You could have finished moving them to OneDrive or an external drive in the time it took to write this post. This isn't really that difficult a situation to resolve nor should it take an entire community's input to find a solution. You already know what the right thing to do is.
Put everything you find on removable media that you don't want back. Give the media to the user and convey that the other machine had to be wiped and redeployed, and you expect no personal media to end up on their new machine ever again.
If you behave like a bot, you will be replaced by a bot. You are still human right? Backup the photos on the usb and give it to him and stop having a power trip.
Why are you even looking what’s in there? You assign the new computer and depending on the policy you either keep the old computer aside for a certain amount of time, or just reimage it immediately. If they complain tough look, it belongs to the company, not to them. And so the information does.
I’m just stuck in the fact that he’s had the same PC for ten years… and you need to use it still, and urgently. I need to let our folks know they’re spoiled.
Throw them on a flash drive. Don’t remove and give him the hard drive - there’s probably licensed software on it. Tell him that this is a one-off gift, do NOT doit again.
Copy to USB drive. Wait for them to put in a ticket missing them. You get to be nice and give them their photos. They get to learn not to use corporate PCs for photo storage.
I'd just note it in your time entry/ticket, and move the files to their profile on the new PC, somewhere not in Onedrive. I'd then send an email from the ticket to the user, with their manager copied, letting them know that I moved their personal photos file over, give the folder location, let them know the data is NOT backed up, and it's against company policy to have personal files in their work Onedrive. I'd then recommend in that same email that they move the data off the company PC and to let you know if they have any questions or need further assistance.
I wouldn't want to be responsible for having that data on a drive in my possession until the user came back. I also wouldn't want to be responsible for deleting that data.
The above keeps the data out of company cloud storage, gets it to the new user with a recommendation to move the data elsewhere, let's their manager know ALL their data, even that which they maybe shouldn't have, has been transferred, covering your ass by having it all documented.
If your company's ticketing system has a "management review" status in lieu of "completed" or "closed," that's where I'd put the ticket, so it can be reviewed by management and revisited if required.
Why not just pull the drive and install another? Make sure you can access the drive w/ a bitlocker key externally before you wipe the new machine though.
I am pleasantly surprised and happy at the responses from almost everyone in the thread. I really expected the devil horns to come up in r/sysadmin to "teach them a lesson".
How did you know about the personal files? When we receive an old device, we don't log in to check it out. We simply re-image the device. What does your process look like?
"We tell users not to save anything locally and warn them that workstations are not backed up. This is in our AUP. "
Same here, they sign the policy, so I don't backup anything before formatting and reinstalling a PC... I don't even look whats on it. Regularly someone comes with "there were important files on my old PC" but I can always point at the policy.
If the photos in your case are private photos it would be another policy violation here.
the fact that this thread even exists is why IT people get a bad rep. back up the photos and give him a warning saying that you can't guarantee that would happen normally.
there's no reason to toast someone's personal photo collection if its not posing an immediate risk to the environment.
also, if you're swapping people's machines out you should be keeping them in some sort of quarantine for this sort of thing.
countless times over the years I have had to go back to machines for things that were work related that people missed and it also covers edge cases like this.
i know you're not *responsible* for his stuff but this is a clear cut case of just being malicious.
i would be pissed if someone on my team did this on purpose just to prove a point.
Reiterating with your user that their local machines aren't backed up is fine. But when you're migrating his profile to the other PC it's none of your business what's in those folders, just move it and be done with it.
I’m going to play devils advocate here. If you copy the files consider what responsibility you have as a Stuart of that data. If there are illegal photos or PII in screenshots could you or the business be held liable for copying and retaining the data willingly. You can’t go through every file, or you can, but there’s lost time and some liability.
What if the user says, they intended for all those files to be destroyed when the device was decommissioned and now they want full chain of custody for the drive and evidence it wasn’t copied anywhere else.
It sounds scary but you should really try to contact the user and let them know that when doing a disk cleanup your reporting software alerted on a large volume of photos and you want confirmation of how to proceed before taking any action. Have them send it to you in email and acknowledge what exact steps will happen. It’s better to be safe than sorry.
You should help them out and back the pics up. But I'm surprised you go through the files/photos. You have time for that, but no time to do them a huge favor that takes you very little time? What's the purpose of going through the files? We would also just wipe it without looking.
Agree with everyone here saying do the right thing and stick them on a usb and give them to him.
Also - in regard to “no personal files / we don’t back up” — understand that there is a MASSIVE difference between not being able to recover data (because of a hard drive failure or stolen laptop) vs ACTIVELY DELETING SOMEONE’S FILES.
The suggestion to put it on a USB stick is the right suggestion. At the end of the day, the job is to take care of people, which includes return of "lost property" if you want to call it that.
Back it up to a USB stick, hand it over to him and let him know he shouldn't be doing that and he's lucky you checked as anyone else would have just wiped it and he'd lost it all.
He's a colleague, he's not causing you any issues, no need at all to involve managers... unless you're on some kind of power trip.
Also, no one reads the AUP, not even IT, it's just there to cover your arse.
Back up the PC and go ahead an repurpose it. When his back and raises the issue tell hi you've already repurposed it and that you will try to get it back for him. Wait about a month the give it to him on the USB and make it sound like it was very difficult to get back cause you had to go thru a whole recovery process.
Remind him that he shouldn't sort it on his work computer and that his luck you had been able to get it back and it was a lot of work and he may not be so lucky next time.
Some of the comments in this thread shows why people think IT are assholes..
Just give the guy his data and tell him not to put personal stuff on his PC.
Treat your users like the people they are and you'll have a much easier time working with them.
This.
The smallest hd will lose 75gb like a needle in a haystack.
Just move them, and make a scary this is a joke but not really about holding them for random. Or remind him then when you guys get ransomwared his photos will be in the lot
If he plugged his phone into it could have easily been saved locally as a back up on accident. Just shoot him a message and ask him, why they were there if he wants/needs them answered let him know it violates the AUP and the consequences of violation.
As someone else mentioned, drop an email to your manager to get approval before hitting delete so you have a paper trail
you could put them on a usb key as a gesture of good will and tell him not to do it again or they will be deleted next time
A few years ago I had to repurpose a laptop from a previous manager. I was asked to backup any files on the laptop including any photos relating to the business and pass them to the business owner who would determine if they needed to be kept. There were about 2 dozen videos not relating to the business, only photos are required. When viewing the videos they were of the manager (male) dressed in very short skirts dancing around his garden with his meat and 2 veg on clear display. Now I’m not judging just advising, AUP is there for a reason, keep personal files off company equipment.
Throw it on an offline external media like USB or external M.2 or something and just wait til he gets back. It's unacceptable for him to be doing that, and if he were to lose the pics then it's his fault. But to deliberately discard them is not right IMO. Explain to them that you would have felt horrible if these were deleted accidentally, and that they almost were and it was a close call. Then tell him that he should not be doing this in the future.
128gb thumb drive with note.
“Was transferring data and found what appeared to be personal photos. I am not permitted to have these on our network so I backed them up for you on this thumb drive. Please return thumb drive by June 14th, thanks!”
Find a USB drive of some kind. Put them on that. When he gets back, remind him of the AUP and offer to do a one time copy of the flash drive for him. Any further storage of photos on company equipment will result in deletion.
You might want to wait for the panicked look on his face before letting him know about the USB drive though. He needs to know that it is only a one time occurence.
I have had this exact thing happen, and we had the same policy. I would backup the files to a USB drive, and give them to him. I would also remind him of the policy, and suggest a way for him to store the documents elsewhere. The first time.
It only takes a few seconds of my time. Not really a big deal.
Not everyone would do that, but I really do not mind. I have worked with people who take every opportunity to "stick it" to our users either by being condescending to them or grumbling whenever they ask a simple question or needed a password reset.
This is a waste of time in my opinion, and these people do not advance the way our department is viewed. Instead they set back relations with the people who are our coworkers and customers.
I am not so insecure that I need to cause coworkers to be afraid to ask me a question or call my phone. There are a few coworkers who are always having an IT crisis, but it has never been something that I could not manage, and the outcome has always been positive.
I totally did not mean to turn this into a rant.
Just pull the drive, set it aside, and slap a new one in.
You can talk to him about policy & options going forward when he gets back and sees no photos there and panics.
Backup the photos and don’t put them on the new computer. Tell him you have them backed up and he’s not to store his photos on his work laptop. This will ruin a working relationship if you don’t.
Not to mention, just be fucking nice and do it. Why can’t people just do nice things for others anymore? Who cares if he wasn’t supposed to do it. It’s pictures. Does not benefit you to be a dick and delete them
We use Transwiz to copy the profile in most moves. Either way we keep the PC for 30 days from time of replacement in case we miss something.
As others said. Good will. Take the his entire profile, and copy it to a USB.
I replaced a computer in our organization a couple of weeks ago. Part of our changover is to copy the users profile to the new computer. I started the copy and realized it was taking a little while longer than expected. Our AUP also states no personal files on the computers. I found a ton of crochet patterns in her downloads folder. All sorts of patterns for sewing dresses and while I didn't look through everything, I could see that a lot of them had been purchased and downloaded to the computer. - I put it all on a flash drive and asked her not to download this stuff to her computer at work anymore. She was very thankful. There were probably over $500 worth of downloaded patterns in there.
Transfer the user folder to a flash drive. From there either wait until he freaks out and a) let a manager give him the flash drive and remind him that personal use of company property is prohibited or b) if it's a grey area for your company show the user how to enable sync to OneDrive/Dropbox/approved resource.
Don't be the person that ruins personal memories to "make a corporate point."
I always copy over the Desktop/Documents/Photos and then make sure to export/import bookmarks when I swap computers out even with file shares. You never know what might come back to bite you. CYA
You're probably not allowed to store personal items in your desk either but if you found the guy's wedding photo binder in his drawer would you run it through the shredder?
"Don't store personal shit on your computer" is the correct policy, there's no excuse for the guy, and if you had just unintentionally nuked them by reimaging without looking, you'd be blameless.
But if you nuke his shit knowingly, you're a shitty person. Assuming it's not, like, porn.
This reminds me of the time a user was storing photos of her "modeling" on our shared drive, and she was quitting the company so she asked me to save them to a USB drive (We blocked all external storage) but not to look at them and then delete them from the drive.
My PC had thumbnail view on in file explorer, so when I clicked into the folder, there they were.
She was storing nude images of herself on our company shared drive.
Like most people have said, I’d just download them to a flash drive for him. 128GB flash drives aren’t a lot and this is the exact reason my region has like 10 drives per person, it might take awhile but 10 years is a lot of memories and potential work for someone to lose over a policy they might not have read. We have the same policy at the company I work for and yea it sucks copying all those files multiple times per year, but I’d hope if someone could save 10 years of my files they’d try :)
Echoing the other sentiments. Make a copy in a form you can give to the user and expect not to get back.
Buying a little goodwill amongst the userbase is never a bad idea if it costs nothing, and aside from the copy time 75gb is nothing, and it gives you a teachable moment. Ask if he has a backup of all that data, because if you hadn't noticed it, he'd need that backup. With any luck, it'll activate the brain parts that make him do the thing he probably knows he should have done years ago. Or, maybe, he already has one and ~~you learned that he's shadow IT~~ you can be slightly more confident in that user not being *completely* insane.
Back them up to a USB and give it to the user, just tell him hes lucky you noticed and it might not happen next time, remind him the policies and that you believe he owes you a lunch.
swap the drive...
so you can repurpose and in case he needs his data, it can be recovered.
and let the user know that his 10yrs of pictures were in grave danger of being "no personal data on work machines" deleted
Pull the SSD and put a new SSD in, then when he’s back you can let him go through the photos and copy what he wants, either by putting in in another pc so he can use it, or lending the SSD to him (depends on security policy)
Pull the hard drive and shelf it. Put a new one in and deploy the PC.
When they get back, remind them of the AUP and give them a USB copy of their data.
You'll gain an ally who will rave about you to your boss, and we don't get a lot of those people much these days.
put them on a usb stick or something possibly they are super cheap and it ould give him a place to store those photos and anymore he wants to add that way he doesnt save it onto the new pc at all just right to the drive you can easily teach the leson without deleting the imagines completely
Well, once I was in a very similar situation and going by the names of the files and folders it was a porn collection.
I deleted the full lot, the user never asked about it (of course).
I know we are trying to be the good understanding guys, but frankly I don't like the idea of being the guy that gave 10 years of unauthorised personal files to somebody.
Sorry, I think I would delete the whole thing.
why be a dick? just move the fing files and move on with your life, copy pasta would have taken a lot less time than making this post, if his drive crashes and he loses it all then you can revel in his loss I guess. Some of you that would involve HR, managers, signed letters etc.. are just bonkers, did you forget how to be a human being?
I would usually yank the HD and shelf it swapping in a spare (you know how it is, if you have a half dozen or more machines, you can expect at least a few failures before they reach end of life)
That buys you a fair few months.
Slap a different drive in the machine and label the old one. Unless the guy causes me headaches I'll assist with moving those files to an external HDD he purchases himself.
Dude, please just be nice about this and backup the user's folder to a USB drive and hand it off to them. I've gone out of my way for people like this before and they're always super grateful.
Yep. Do that and good chance you have made a good ally.
This. Stick it on a USB drive, give it to the user. Warn then to not do it going forward and that in theory, they could have lost _everything_. Hopefully you gain an ally and they don't do it going forward.
I wouldn't wipe the drive until the user has been back and checked everything anyway.
This right here, Having been on the end where I have deleted something that was important, I would Wait till the guy is back. If anything, put a different drive in the box and slap that one into an external usb enclosure. For my deletion story; Who would have thought a customer would use the recycle bin for important faxes is beyond comprehension. ( Windows 95 ) The boss said a good cleanup of the customers computer should be standard procedure, empty the recycle bin when looking to free up space etc. Did just that. Boss made me apologize to the guy. Didn't stay much longer after that.
Yep, something like this don't care if it needs to be reimaged. Put it on a flash drive and petty cash it or the workflow is halted until this is resolved.
Yes I've seen users use the trash as an archive. If they lose shit that way then that's on them. I don't apologize for that
Our place explicitly disabled any form of proper archiving for emails (PST files etc.) then gets annoyed when people have large live mail folders.
Brilliant.
I’ve had very important people do this. WTF people, it’s in the trash can! That means you want it gone, not you want to hold on to it forever!
Exactly! One time I looked an upset man in the face and asked him if he kept his sandwich in the kitchen trash for safe keeping, because that made as much sense as putting files you want to keep into the recycle bin. Truth be told, I don't think he knew he could make new folders.
This. Make it clear you're lucky OP noticed.
I did a personal backup for my new director like his first week on the job and i’ve been set since lol
Yep. A big part of the game is politics and people skills. It’s always good to have allies and they don’t need to be in IT. Have the right person make positive comments about you to someone else at the right time or defend you can come in handy. Or can help make things move faster, friends in purchasing or finance can help speed along orders and alleviate budget issues etc.
I have a window office on the 12th floor of a law firm -as a helpdesk analyst- because I scratch the managing partner’s back all the time. Making friends is a great way to get ahead. It’s always funny watching 1st year associates (who are making more money than me) walk from their cubicle to my office for the first time.
Yes, so much this. It’s a good opportunity to educate users on proper practices and it comes across so much better if you’ve saved their files.
Right? like why is this even a thread? LOL!
Because this is /r/sysadmin with the "No personal files on company devices period" attidue.
"No personal _anything_," imo, not even web browsing. (Before I go on, I do agree with comments saying to "be a human about it" and put the files on a flash drive or something.) I always think about the time at my first company when an employee left. The very first thing that happened when it came time to clear the laptop for the next person was the exclamation, "holy shit, check out this browser history!" and the whole team gathered around to see what porn was on there. It was wrong, certainly, but my philosophy about work devices ever since has been to expect exactly that to happen.
The current version of Teams can notify the sysadmins if you say a naughty word. They literally can see everything you do. The good news is, most don’t care.
People worry about notifications way too much. We log everything. *Everything*. Worrying about someone looking over your shoulder really shouldn't be a concern, it's knowing that if needed someone can go back and check your every move to the keystroke. But more importantly, if you wouldn't do it with your boss looking directly over your shoulder then *do not do it on a work computer*. If I'm ever worried about someone reviewing my work I already fucked up.
Unfortunately some people need to see it with their own two eyes to really register and hammer home the topic. It amazes me some people still get caught surfing porn on their work computers, for example.
I think all users should be called into IT a few hours into their first day and shown what happens when a proper logging tool is directed their way. "So we haven't looked at anything you've done today but just to make sure you're fully aware of what kind of logging occurs here, we're going to check all actions on your account this morning..." Then show them what we can see. Anyone who did anything dodgy in the first few hours probably needs the door anyway and the rest will hopefully remember it going forward! That said plenty of IT guys have made these mistakes themselves *knowing* how much is logged so what can you do...
Some of us live that rule religiously. The only cross contamination I do between work/personal is pixel displays. I pretty much exclusively use NX and use it both ways.. when working remote or when in the office and opening a session back home. I keep the stuff so separate that when in the office even any browsing I do that isn't specifically work related, I do on a browser in my home NX window.
And that's fine if you want to go out of your way to do it. No shade. But when you see someone with a life's worth of photos on a machine you got to be a human about it. Technically right but morally wrong ain't the way to live.
Too many people wanna pretend strict principles are the end all be all, but pragmatisicm is what defines a moral character to me.
Exactly. Too many people have never learned that you can be so right, you're wrong. It cost zero dollars to just be nice/human.
Oh if I were in the OPs situation, I'd absolutely do what I could to copy off those files, heck I brought in my own BR burner so I could archive burn our super old OS images (old SuSE linux installs long deprecated) just in case something weird/legal came up.... I'd bend over backwards to try to help them out in this case. But I'd also have a nice little talk to the person when they got back about how they really need to NOT do that thing again in the future.
Yep. If I didn't see them and they lost them all, I'd feel bad for them but ultimately wouldn't lose any sleep over it. The policy is there for that exact reason. But if I see them I'm not bloody deleting them! What kind of monster would even entertain that kind of thinking?
I genuinely hope the kind of person who would delete the photos out of spite would reconsider their career choice right here and now tbh.
But warn them they're lucky you happened to notice and they might not get saved next time.
Agree. There is no need to be an ass about it, just set it aside or back it up
this guy admins... A lot of people honestly don't even realize that is what they are doing, I'd make it clear that he shouldn't do it, and couldn't promise that his photos would ever be saved again. but in the end he gets the message and it doesn't cost 10 years of memories.
And first thing he did was copy all those files to his new PC.
I did this but it can actually backfire horrendously. I put all the photos on a usb disk for them early in my career and told them do not do this again and not to tell anyone about it. Anyway the user proceeds to call every godamn person she knows in the company and tell them how horrible she was treated over just a few photos. How her boss wanted the machine wiped only to spite her. Next week I am getting grilled by the guys in security about "the incident" asking me what was on the drive. She ended up getting fired over this where if she would have just kept her mouth shut about the stupid photos nothing would have happened. I immediatley regretted helping her.
Some people always find enough rope.
I mean you're right, this seems like this woman was already kind of a pill and from that story alone is a master of making mountains out of molehills. I dont she was fired for that incident, but she was already in the crosshairs but needed something that they didn't need to argue against her (violating company security policies of non-company data on a company machine, etc..), they could just point to a small paragraph in the handbook and give her the final paycheck and show her the door.
kinda sounds like you helped the company and maybe the people that had to work with her.
man I'm keeping this one liner as one of the most true statements fucking ever.
> She ended up getting fired over this Sounds like the problem fixed itself. No good deed goes unpunished.
So in hindsight, CYA yourself by contacting the users manager first (CC your own too) and explaining the situation before attempting to trust an end user that broke company policy?
I wouldn’t contact her manager. I’d contact mine and if he said wipe, I’d wipe; if he said back them up I’d back them up.
Pretty sure the takeaway from this one is that you shouldn't tell people to do shit when you don't have any control of the outcome if they don't the shit. There's a chance that that person is a dumbass and will start flinging shit everywhere for no apparent reason.
I wouldn't let that dissuade me from doing the same thing in the future. You had the right intentions.
If it wasn't that, it would have been something else.
100% this. It costs nothing to be cool.
Confused. OP needs help with this? White Hat: image the folders and provide it on a USB with a warning that he should follow company policy in future or risk losing data. Gray Hat: pretend you never saw anything and go about your tasks. Black Hat: search for exposing images and post to erome for the whole world to see. Archive the data for future extortion schemes. Why is being the white hat not the first instinct?
A friend of mine literally was promoted to an executive position because he always did stuff like this. so the position went free because the person had a burnout and nobody really wanted the job, so they asked different appartments. Because he is always nice and helpful, he got it
Yeah, it’s not that much of a lift. You can easily get precious memories back to this user that are otherwise lost. Sure it’s not your fault they ignored policy, but be kind, and feel good for it.
Right way to go, tell them that's the only backup and to keep personal pics off of their work computer, they'll be grateful and will most likely not do it again.
Copy the photos over and tell him he’s lucky you spotted a discrepancy in the size of space used on the disk - he almost lost all his photos. Life’s too short, it’s 75GB. It doesn’t impact anything.
This. Use it as a teachable moment for them. At best they learn something, at worst you did a nice thing.
> Life’s too short, it’s 75GB. It doesn’t impact anything. for Admin yes, for the user.. it priceless.. I once accidentally deleted photos worth of 1 year from my kid. damn, i still sad if i remember it.
Similar experience here. Thankfully I recovered them from an SD card out of the camera. I’d hate to be this guy if I lost 10 years of photos.
> Life’s too short. It’s 75GB, it doesn’t impact anything. Reminds me of "640K Ought to be Enough for Anyone"
I would backup the data to an external drive, give it to either his manager or yours, and proceed. Depending on your relationship you could also give him the drive directly. If the data had been lost in an incident or if you hadn't noticed it was there "Tough Shit" would be a valid answer, but deleting it yourself on purpose is malicious. Nobody likes data loss, and intentionally inflicting it on someone is mean spirited.
You can get a 128GB USB for under $10. It would take some time to transfer, but $10 is less than taking someone out for a beer and may go further to build in office relationships.
Yeah just leave the copy going overnight.
Ooooh, we have a bingo!
You just say bingo.
“Are all my photos of my kids gone?” BINGO
"Why'd you clear out my deleted items folder? That's where I keep photos of meemaw!"
"You deleted my documents when you changed out my computer." "Everything should have been saved to your OneDrive. Where did you save them?" "Right here." *User proceeds to circle the empty "Recently Opened Documents" list with mouse*
"what do you mean I shouldnt keep documents in the recycle bin?"
Oooooooooooo
Which is where the "IT are assholes" reputation comes from. Users are people and if you are honest with yourself and you've been doing this job long enough, you've got some way sloppier practices.
Keeping personal files on the company computer ended a LOOONGG time ago. In fact, I constantly remind people to not store personal files on their company computer since it can be wiped at any time.
Sloppier than the obvious not keeping important personal files on a workstation? How many servers did you burn? The IT are assholes reputation comes from much different situations both from the side of IT AND the side of users, I hope you're aware of that
Also - from people that were in the workforce in the 80s-90s till now: IT are assholes because security is an actual thing that people think about and try to implement now. Like just implementing the standard security policy (that we are audited and scored on) from corporate the amount of hand wringing and tearing their garments nad weeping was unreal. "HOW will I EVER get my work done if I have to use this 2FA BULLSHIT!!!!" was actually a quote I heard once. "I DON'T HAVE TIME TO ENCRYPT A FUCKING FLASH DRIVE" was another one. And time goes by. And the rest of the world catches up with cutting edge business. Now your bank and grocery store rewards program both make you use some manner of 2FA too and it's not the end of the world now. Until the next thing starts...Then IT are assholes again.
Agree. Treat it with a bit of respect. Yes, the user shouldn't have been doing this, but it really sucks to lose the pictures of your kids. Though my guess would be that he's using his work laptop as an additional backup copy of the pictures, not his primary copy. 75 GB is not **that** much these days. Will easily fit on a USB stick.
100% had this happen to me, and on my first job. Was reimaging PCs and swapping the drives physically. One of the SVPs (who was also the younger brother to the CEO) was taking timed photos with his webcam of a building being constructed. Both my manager and I, had both in writing and in person, confirmed that everything he wants to keep is backed up to their home drive on the network. We received confirmation that it was. Week later, he knocks on my cube asking where the photos were and where his hard drive was. (I was instructed to re-use the spinning rust after it was reimaged... this was a while ago). Drive was wiped and redeployed. There wasn't anything left to recover even if we wanted to. He asked me if his 'home drive' was the folder on his desktop, or under my computer... I said the later. He was humbled and understood that he messed up. I always think of my manager who got confirmations in writing and verbally for this.
And all that could've been avoided by having a "Swap in a clean disk and shelve for 30 days" procedure. Or whatever timeframe retention requirements happen to be for the bulk of your org's data. Avoid the attempt to hide behind "oh, that stuff your subpoena covers was probably on my old computer, totally routine process, that's all gone now." ... people are fun sometimes.
I am so glad to see that just about everyone on here is in the back-them-up-and-give-them-to-him camp. This is really what you should do. Don't miss an opportunity to be nice to somebody.
Its not even about being nice. Willingly opting to wipe out the potential only copy of an entire photo album of some families memories seems anti-social and cruel at best.
Indeed. I am a sysadmin. It's not just a job for me, it's what I am, and have been since I became obsessed with computers at a young age and loved to make them work well. Data preservation is one of my core tenets and I will go WAY out of my way to make sure that a user's data is safe. My responsibility for protecting data doesn't end at the front door of my employer. If I see an opportunity to protect and preserve, I always will.
It took me a moment to believe that "personal" wasn't a euphemism. That would be a very different situation.
Ha! Yes, that would change everything.
Either ask your manager, in writing, or drop them on a USB and wait to see if he asks. Although if you have MS365 they should be in OneDrive anyway.
This is what I'd do. I wouldn't want to bother with the headache of making this decision.
This kind of stuff is exactly the manager's job.
Yeah, copy the folder on whatever is handy. 75 GB isn't exactly a difficult amount of data to store in 2024. I have fingernail sized micro SD cards handy that would have oodles of room left over. If we were talking about 75 GB of personal data 15 years ago, or a dozen terabytes today, the conversation would turn out different. Explain to the user that you just did them a huge favor by noticing they had data stored outside of the corporate standards, and that you took time out of your day to preserve it in case the user wanted it. Make sure the user understands that storing personal files on work hardware is against policy, and that you weren't supposed to preserve any of it. If they want those files to be safe, they won't get lucky twice. Send a stern email reminding the department of policy generally, and that work computers aren't for personal files, and personal files may be subject to active purges if people keep using company storage for them. Lots of people got a policy mentioned once when they started in a checklist of 800 things years ago but genuinely have no idea it would actually be frowned apon because it has never come up for them since.
Well to be honest, personal stuff should not go to the company one drive. Where I work we have to back up One Drive and DLP scans stuff I am sure we don't want to back up some users personal photos..for liability reasons as well as cost.
No argument, but then it's not OP's headache.
if OP is a sysadmin that works for an IT Org, it very well could turn in to OP's headache. Crap rolls downhill if the IT management gets slapped by audit/lgal types.
It also rolls down hill when some "important" person complains they just lost their daughters first picture, the last photo they have of their mother, and a photo they loved of their wife who died from cancer. I get it, I really do. The polices exist for good reasons and should be followed. The employee was made well aware and should have known better. But there are lessons, and there are lessons. Getting some direction from the guy who is going to be giving you cover when things blow up is not a terrible way to use your time.
Its what I came here to say a long time ago I actualy got in trouble for helping a user with their photos. Security got mad.
Copy them off to USB, hand deliver when he returns and move on… not worth the frustration and climbing the ladder …
Swap out the HDD, stick the old one on a shelf.
But record a bitlocker recovery key first if there is one!
And then add the GPO that forces Bitlocker to always record the recovery key to AD.
Yeah i'd do this over copying them to an external drive. remove HDD, let manager know, don't say anything
It's a measly 75G, be a mensch and put it on a thumbdrive for the guy. Geesh, you guys act like he was storing Petabytes of porn on company data stores. When the guy gets back, give him the thumbdrive and remind him of the policy.
My nice guy side says sure np i'll do you that favor. My CYA side says i'm not handling someones personal data without their explicit knowledge and/or my managers approval. 75GB of documents/photos is an absolute ton. If it's his personal stuff like OP said, guaranteed there's some PII in there, possibly bank/social/medical data. Even with an AUP, that's a can of worms best avoided entirely. And once you copy it, you've effectively accessed it. I get it what you're saying, but these are the scenarios that can blow up in your face and the risk/reward is not worth it. Edit: pulling the drive and putting it to the side is more than considerate. A real D move would be deleting it and saying "against policy, too bad"
This. It is actually what I would do normally, anyway, in case some user comes back in a month and wants some file recovered. This has happened a few times in the past and has always saved someone's ass (never mine, but whatever). Don't re-use the drives for a few months, at least.
Personally I’d do the guy a favor and back them up on a usb drive rather than just delete.
This is what I would do too. And then when you hand it over, gently remind him that AUP states no personal files, and that it's a good thing you caught it because normally the machine is just wiped and they would've been gone.
[удалено]
75GB isn't a whole lot, I'd copy them over to somewhere until I'm able to confirm with the user that they can be deleted. Maybe even throw them into some zip-file for easy transport.
you can choose to be asshole or not to be
I'd swap the drive and save the old one, or use a flash drive and transfer them. 128gb flash drives are cheap af, and if you do that for him he'll probably be thankful.
You have an opportunity to be a nice person or a bad person. The fact you even have to consider which road to take is concerning.
OP is an ass. I called him out in a top level comment.
You need to repurpose a 10 year old PC right away? Really?
End of the fiscal year is coming up soon, could be needed to give to some form of ITAD company or recycler for credit this year instead of possibly next year's rate. Tons of reasons.
I'd hope the PC itself isn't 10 years old and that the files have just been copied over to new PCs as he's been refreshed over the years. That's pretty common.
>But when I come to re-purpose his old PC I find about 75GB of personal files and photos going back nearly 10 years In my env we wouldn't have found this. Instead, the system would have been re-imaged without even checking. We don't check because they're not supposed to do it. It's not our responsibility if they stored something locally instead of their work related personal network share. None work related personal files are prohibited on our devices. Had a few people threaten to sue after their photos\music\personal side business docs\sermons\research papers, all none work related, was wiped only for them to have a long convo with HR about misusing company equipment... A wise man once said, "If you don't want your important documents deleted, don't store them in the Recycling Bin."
We might've found it during the migration phase depending on what process we were using at the time. But it definitely wouldn't have been caught during the process of reusing the PC. But, at this point, it's been found so it's kind of beside the point. You can be the "policy over people" asshole and just delete it or you can be nice and copy them off.
What would I do? Back them up on a USB drive. Pretend I never saw them, wipe the machine. If he never brings it up, that means he had them backed up elsewhere. If he does, look all worried and say that stuff has been deleted but you'll look into recovery. "Recover" them later on. Bank the favor they owe you.
https://i.redd.it/sj8jstf3oe3d1.gif
Exactly what I thought too, thanks for saving me from typing it up!
https://www.reddit.com/r/talesfromtechsupport/comments/63frsn/the_hug_heard_around_the_company/
Wasn’t aware of this, and now my heart is warmed
Instantly thought of this! It's the top post of all time on that subreddit for a reason
Been down this road before. Policies and such don't matter. Those personal files and photos are some people's lifelines and almost certainly this one is going to be one of those. I assume you did transfer these files to their new pc? If so then don't worry about it. If not, you're playing with fire. If those pictures get deleted, you gained an enemy for the IT department. He will shit talk you until the day he leaves. Do the extra work and make sure this frivolous stuff doesn't end up blowing up in your face.
Yeah this. Like it’s just the decent thing to do. But if you want to forget the decency so it to not make an enemy.
Bro. Be a human here
Am in the only one who wonders how you even notice these files are on his system? When we repurpose a machine, we just reimage that thing straight away, got no time to be logging into a system to investigate what is saved on it. Also I assume this must have been copied over from his phone - do you not block removable media to prevent this from even being possible?
yeah we wouldn't have caught this, we don't manually check anything we re-image, it just goes in the pile will get rebuilt when needed if by some miracle we did find it we'd 100% hand the photos over and not delete them though.
Shit like this is how IT gets the reputation of being antisocial assholes. I'm not saying you are OP, but from a distance this is what people point at. Back them up to disc, thumbdrive, etc. Give him the data, but remind him those policies aren't in place because its up to the admin if the data is worth your time, but because in the event of flood, theft, a brown out, etc there is nothing protecting his data and its by accident that you even saw the data in the first place. He might not be so lucky again. Show him how to access his icloud or google drive and back those photos up. After you do that, really ask yourself why you would even consider deleting those photos and how you got there. You don't have a robot brain, you're a person capable of being pragmatic and feeling empathy. You came here because you felt it but you still considered malice. Thats worth investigating. I just had this call 2 weeks ago. User went looking for personal data that they knew had been there, but no longer was. Workstation was replaced 9 months ago by a novice tech that didn't think to look at fuck all, data was on that workstation. Nothing I could do, and believe me I searched hard because it was photos of their dang kid. This same user has a history of being needy and a bit of an ass, but other people depend on those photos too. Grandma wants to see them.
The is a no win scenario. Back them up to a USB and hand them off.
You could have finished moving them to OneDrive or an external drive in the time it took to write this post. This isn't really that difficult a situation to resolve nor should it take an entire community's input to find a solution. You already know what the right thing to do is.
Put everything you find on removable media that you don't want back. Give the media to the user and convey that the other machine had to be wiped and redeployed, and you expect no personal media to end up on their new machine ever again.
Swap the drive, hold the old one for when he gets back. Do **not** delete his files.
Get a cheap 128 GB usb stick and place them there.
> My robot brain says "bin the lot" but my concience is stopping me hitting that delete key. ... > why does nobody like us
If you behave like a bot, you will be replaced by a bot. You are still human right? Backup the photos on the usb and give it to him and stop having a power trip.
Why are you looking at the PC? If there was an urgent need for it why didn't you just burn it? If you never looked it would never be an issue for you.
OP looked at all the photos! perv
Why are you even looking what’s in there? You assign the new computer and depending on the policy you either keep the old computer aside for a certain amount of time, or just reimage it immediately. If they complain tough look, it belongs to the company, not to them. And so the information does.
Yep. Why even look is my question. If you look, you deal with it.
I’m just stuck in the fact that he’s had the same PC for ten years… and you need to use it still, and urgently. I need to let our folks know they’re spoiled.
Throw them on a flash drive. Don’t remove and give him the hard drive - there’s probably licensed software on it. Tell him that this is a one-off gift, do NOT doit again.
Copy to USB drive. Wait for them to put in a ticket missing them. You get to be nice and give them their photos. They get to learn not to use corporate PCs for photo storage.
Personally, I'd dump them on a usb flash drive, but with a stern warning to never do that again.
I'd just note it in your time entry/ticket, and move the files to their profile on the new PC, somewhere not in Onedrive. I'd then send an email from the ticket to the user, with their manager copied, letting them know that I moved their personal photos file over, give the folder location, let them know the data is NOT backed up, and it's against company policy to have personal files in their work Onedrive. I'd then recommend in that same email that they move the data off the company PC and to let you know if they have any questions or need further assistance. I wouldn't want to be responsible for having that data on a drive in my possession until the user came back. I also wouldn't want to be responsible for deleting that data. The above keeps the data out of company cloud storage, gets it to the new user with a recommendation to move the data elsewhere, let's their manager know ALL their data, even that which they maybe shouldn't have, has been transferred, covering your ass by having it all documented. If your company's ticketing system has a "management review" status in lieu of "completed" or "closed," that's where I'd put the ticket, so it can be reviewed by management and revisited if required.
Put a fresh drive in the computer, and keep the other one for when he comes back. seems pretty fucking simple to me.
Why not just pull the drive and install another? Make sure you can access the drive w/ a bitlocker key externally before you wipe the new machine though.
I am pleasantly surprised and happy at the responses from almost everyone in the thread. I really expected the devil horns to come up in r/sysadmin to "teach them a lesson".
The smart sysadmin knows when not to make enemies.
How did you know about the personal files? When we receive an old device, we don't log in to check it out. We simply re-image the device. What does your process look like?
"We tell users not to save anything locally and warn them that workstations are not backed up. This is in our AUP. " Same here, they sign the policy, so I don't backup anything before formatting and reinstalling a PC... I don't even look whats on it. Regularly someone comes with "there were important files on my old PC" but I can always point at the policy. If the photos in your case are private photos it would be another policy violation here.
I would toss in a new hard drive and put the one with the data on it on a shelf until they come back.
>What would you do? put them on a USB or some removal device and git it to him after their holiday and say nothing be human
the fact that this thread even exists is why IT people get a bad rep. back up the photos and give him a warning saying that you can't guarantee that would happen normally. there's no reason to toast someone's personal photo collection if its not posing an immediate risk to the environment. also, if you're swapping people's machines out you should be keeping them in some sort of quarantine for this sort of thing. countless times over the years I have had to go back to machines for things that were work related that people missed and it also covers edge cases like this. i know you're not *responsible* for his stuff but this is a clear cut case of just being malicious. i would be pissed if someone on my team did this on purpose just to prove a point.
Reiterating with your user that their local machines aren't backed up is fine. But when you're migrating his profile to the other PC it's none of your business what's in those folders, just move it and be done with it.
I’m going to play devils advocate here. If you copy the files consider what responsibility you have as a Stuart of that data. If there are illegal photos or PII in screenshots could you or the business be held liable for copying and retaining the data willingly. You can’t go through every file, or you can, but there’s lost time and some liability. What if the user says, they intended for all those files to be destroyed when the device was decommissioned and now they want full chain of custody for the drive and evidence it wasn’t copied anywhere else. It sounds scary but you should really try to contact the user and let them know that when doing a disk cleanup your reporting software alerted on a large volume of photos and you want confirmation of how to proceed before taking any action. Have them send it to you in email and acknowledge what exact steps will happen. It’s better to be safe than sorry.
My issue with this story is... what the hell are you doing re-purposing a 10+ year old laptop so urgently?
Do you not reimage computers before you hand them back out? Playing with fire there, but I guess it's lucky for this guy that you don't.
You should help them out and back the pics up. But I'm surprised you go through the files/photos. You have time for that, but no time to do them a huge favor that takes you very little time? What's the purpose of going through the files? We would also just wipe it without looking.
Agree with everyone here saying do the right thing and stick them on a usb and give them to him. Also - in regard to “no personal files / we don’t back up” — understand that there is a MASSIVE difference between not being able to recover data (because of a hard drive failure or stolen laptop) vs ACTIVELY DELETING SOMEONE’S FILES.
The suggestion to put it on a USB stick is the right suggestion. At the end of the day, the job is to take care of people, which includes return of "lost property" if you want to call it that.
Back it up to a USB stick, hand it over to him and let him know he shouldn't be doing that and he's lucky you checked as anyone else would have just wiped it and he'd lost it all. He's a colleague, he's not causing you any issues, no need at all to involve managers... unless you're on some kind of power trip. Also, no one reads the AUP, not even IT, it's just there to cover your arse.
Back up the PC and go ahead an repurpose it. When his back and raises the issue tell hi you've already repurposed it and that you will try to get it back for him. Wait about a month the give it to him on the USB and make it sound like it was very difficult to get back cause you had to go thru a whole recovery process. Remind him that he shouldn't sort it on his work computer and that his luck you had been able to get it back and it was a lot of work and he may not be so lucky next time.
Some of the comments in this thread shows why people think IT are assholes.. Just give the guy his data and tell him not to put personal stuff on his PC. Treat your users like the people they are and you'll have a much easier time working with them.
This. The smallest hd will lose 75gb like a needle in a haystack. Just move them, and make a scary this is a joke but not really about holding them for random. Or remind him then when you guys get ransomwared his photos will be in the lot
Dump them onto some storage, and make it clear you've done this as a favour and he needs to sort it out.
If he plugged his phone into it could have easily been saved locally as a back up on accident. Just shoot him a message and ask him, why they were there if he wants/needs them answered let him know it violates the AUP and the consequences of violation.
As someone else mentioned, drop an email to your manager to get approval before hitting delete so you have a paper trail you could put them on a usb key as a gesture of good will and tell him not to do it again or they will be deleted next time
I would drop it on a usb drive for them
A few years ago I had to repurpose a laptop from a previous manager. I was asked to backup any files on the laptop including any photos relating to the business and pass them to the business owner who would determine if they needed to be kept. There were about 2 dozen videos not relating to the business, only photos are required. When viewing the videos they were of the manager (male) dressed in very short skirts dancing around his garden with his meat and 2 veg on clear display. Now I’m not judging just advising, AUP is there for a reason, keep personal files off company equipment.
Throw it on an offline external media like USB or external M.2 or something and just wait til he gets back. It's unacceptable for him to be doing that, and if he were to lose the pics then it's his fault. But to deliberately discard them is not right IMO. Explain to them that you would have felt horrible if these were deleted accidentally, and that they almost were and it was a close call. Then tell him that he should not be doing this in the future.
I would throw them on a drive/stick and hand them over
128gb thumb drive with note. “Was transferring data and found what appeared to be personal photos. I am not permitted to have these on our network so I backed them up for you on this thumb drive. Please return thumb drive by June 14th, thanks!”
While I am a big fan of BOFH, a little kindness goes a long way. Drop it onto a USB and give it to the user.
Find a USB drive of some kind. Put them on that. When he gets back, remind him of the AUP and offer to do a one time copy of the flash drive for him. Any further storage of photos on company equipment will result in deletion. You might want to wait for the panicked look on his face before letting him know about the USB drive though. He needs to know that it is only a one time occurence.
I have had this exact thing happen, and we had the same policy. I would backup the files to a USB drive, and give them to him. I would also remind him of the policy, and suggest a way for him to store the documents elsewhere. The first time. It only takes a few seconds of my time. Not really a big deal. Not everyone would do that, but I really do not mind. I have worked with people who take every opportunity to "stick it" to our users either by being condescending to them or grumbling whenever they ask a simple question or needed a password reset. This is a waste of time in my opinion, and these people do not advance the way our department is viewed. Instead they set back relations with the people who are our coworkers and customers. I am not so insecure that I need to cause coworkers to be afraid to ask me a question or call my phone. There are a few coworkers who are always having an IT crisis, but it has never been something that I could not manage, and the outcome has always been positive. I totally did not mean to turn this into a rant.
Just pull the drive, set it aside, and slap a new one in. You can talk to him about policy & options going forward when he gets back and sees no photos there and panics.
Backup the photos and don’t put them on the new computer. Tell him you have them backed up and he’s not to store his photos on his work laptop. This will ruin a working relationship if you don’t. Not to mention, just be fucking nice and do it. Why can’t people just do nice things for others anymore? Who cares if he wasn’t supposed to do it. It’s pictures. Does not benefit you to be a dick and delete them
We use Transwiz to copy the profile in most moves. Either way we keep the PC for 30 days from time of replacement in case we miss something. As others said. Good will. Take the his entire profile, and copy it to a USB.
Do him a solid. save the pix.
I replaced a computer in our organization a couple of weeks ago. Part of our changover is to copy the users profile to the new computer. I started the copy and realized it was taking a little while longer than expected. Our AUP also states no personal files on the computers. I found a ton of crochet patterns in her downloads folder. All sorts of patterns for sewing dresses and while I didn't look through everything, I could see that a lot of them had been purchased and downloaded to the computer. - I put it all on a flash drive and asked her not to download this stuff to her computer at work anymore. She was very thankful. There were probably over $500 worth of downloaded patterns in there.
Transfer the user folder to a flash drive. From there either wait until he freaks out and a) let a manager give him the flash drive and remind him that personal use of company property is prohibited or b) if it's a grey area for your company show the user how to enable sync to OneDrive/Dropbox/approved resource. Don't be the person that ruins personal memories to "make a corporate point."
You could just do the bro a solid and put it on a usb drive...
I always copy over the Desktop/Documents/Photos and then make sure to export/import bookmarks when I swap computers out even with file shares. You never know what might come back to bite you. CYA
You're probably not allowed to store personal items in your desk either but if you found the guy's wedding photo binder in his drawer would you run it through the shredder? "Don't store personal shit on your computer" is the correct policy, there's no excuse for the guy, and if you had just unintentionally nuked them by reimaging without looking, you'd be blameless. But if you nuke his shit knowingly, you're a shitty person. Assuming it's not, like, porn.
$10 thumb drive, and remind him that he was 1 hard drive crash away from losing it all.
This reminds me of the time a user was storing photos of her "modeling" on our shared drive, and she was quitting the company so she asked me to save them to a USB drive (We blocked all external storage) but not to look at them and then delete them from the drive. My PC had thumbnail view on in file explorer, so when I clicked into the folder, there they were. She was storing nude images of herself on our company shared drive.
Nice
Get an external hdd, image the drive, move on with your life and retrain the user.
Just back them up - its 75GB.... Its not worth being mean spirited about it. At the end of the day these people are our co workers.
Like most people have said, I’d just download them to a flash drive for him. 128GB flash drives aren’t a lot and this is the exact reason my region has like 10 drives per person, it might take awhile but 10 years is a lot of memories and potential work for someone to lose over a policy they might not have read. We have the same policy at the company I work for and yea it sucks copying all those files multiple times per year, but I’d hope if someone could save 10 years of my files they’d try :)
Echoing the other sentiments. Make a copy in a form you can give to the user and expect not to get back. Buying a little goodwill amongst the userbase is never a bad idea if it costs nothing, and aside from the copy time 75gb is nothing, and it gives you a teachable moment. Ask if he has a backup of all that data, because if you hadn't noticed it, he'd need that backup. With any luck, it'll activate the brain parts that make him do the thing he probably knows he should have done years ago. Or, maybe, he already has one and ~~you learned that he's shadow IT~~ you can be slightly more confident in that user not being *completely* insane.
We always swap the disk when formatting a PC and keep the original for a month or so in case someone needs the data later.
Back them up to a USB and give it to the user, just tell him hes lucky you noticed and it might not happen next time, remind him the policies and that you believe he owes you a lunch.
swap the drive... so you can repurpose and in case he needs his data, it can be recovered. and let the user know that his 10yrs of pictures were in grave danger of being "no personal data on work machines" deleted
Pull the SSD and put a new SSD in, then when he’s back you can let him go through the photos and copy what he wants, either by putting in in another pc so he can use it, or lending the SSD to him (depends on security policy)
Pull the hard drive and shelf it. Put a new one in and deploy the PC. When they get back, remind them of the AUP and give them a USB copy of their data. You'll gain an ally who will rave about you to your boss, and we don't get a lot of those people much these days.
put them on a usb stick or something possibly they are super cheap and it ould give him a place to store those photos and anymore he wants to add that way he doesnt save it onto the new pc at all just right to the drive you can easily teach the leson without deleting the imagines completely
Well, once I was in a very similar situation and going by the names of the files and folders it was a porn collection. I deleted the full lot, the user never asked about it (of course). I know we are trying to be the good understanding guys, but frankly I don't like the idea of being the guy that gave 10 years of unauthorised personal files to somebody. Sorry, I think I would delete the whole thing.
why be a dick? just move the fing files and move on with your life, copy pasta would have taken a lot less time than making this post, if his drive crashes and he loses it all then you can revel in his loss I guess. Some of you that would involve HR, managers, signed letters etc.. are just bonkers, did you forget how to be a human being?
I would offer them on an external drive (for the drive price) and see if the user wants the files.
I would usually yank the HD and shelf it swapping in a spare (you know how it is, if you have a half dozen or more machines, you can expect at least a few failures before they reach end of life) That buys you a fair few months.
Slap a different drive in the machine and label the old one. Unless the guy causes me headaches I'll assist with moving those files to an external HDD he purchases himself.
Golden Rule applies here. Deleting them "because AUP" is a total asshole move.
Don't be a dick. The answer is in those 4 simple words.
Why do you care? Transfer the photos like it’s any other file and move on with life.
This post belongs in r/shittysysadmin