digital spring cleaningThis time of year many of us think about cleaning out closets and switching seasons.  Spring cleaning is a ritual for some while others just think it is a good idea if they had time.  While I certainly land in the latter category for household chores when it comes to digital clutter I lean more towards the former.  By doing some digital spring cleaning you can double check the security of your devices and reduce your attack surface at the same time.  Plus, it is way easier than cleaning out the old hall closet that may have monsters lurking in the back of it.

Make the time to clean your digital clutter at least once or twice a year and you will feel better for it.  Why not do digital spring cleaning?

In this episode:

Digital Spring Cleaning – Ep 155

Today’s Episode is brought to you by:

Kardon and HIPAA for MSPs / Security First IT

Where to meet us

[02:05] Next HIPAA Boot Camp – Live in Tucker, GA – July 19 and 20th: www.HelpMeWithHIPAA.com/bootcamp

  • Super Early bird until 6/15 – $1,297
  • Early bird 6/16 – 7/8 – $1,497
  • Regular pricing – $1,697

Bring more than one and get 10% discount off the total price.

Want to be part of Help Me With HIPAA? Donate to the cause at www.HelpMeWithHIPAA.com/give

HMWH App now has more features.  You can now access a PDF with the show notes ready for your HIPAA training documentation!  Find it under the bonus feature in the app for both the Apple and Android versions.  It is a little gift box on the app bar.

Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA

[11:07]

Digital Spring Cleaning

To begin your digital spring cleaning pull out your risk analysis hardware and software inventory reports.  You do have them, right?  By starting from that point you get a 2-for because you do a review of it and make sure you consider everything you have to clear out at the same time.

Pick the items that you use the most plus some that haven’t been cleaned out in a while.  Assign tasks to each person on your team.  Call up your IT vendor and ask them to help out.  You don’t have to do all devices but those that haven’t been cleaned up for a while or those that are used the most need a new shine on them.  Make the list of which closets er… devices you will be cleaning out for this cleaning project and get started.

When I clean out a closet I like to take everything out and then put everything back in.  For digital devices that means a wipe and restore.  That is the LAST thing I want to do on my device.  Maybe a no-brainer to do that on ones used as basic workstations but high volume or high usage devices need more gentle cleaning.

PC security cleaning

  • Clean up apps.
    • Remove unused
    • Make sure latest updates are in place
  • Change passwords – bonus run your security challenge in your PW manager
  • Check your AV and firewall messages and system logs for odd occurrences
  • Check for BIOS and driver updates for system components
  • Confirm encryption in place as needed

PC data clean up

  • Clean up your downloads folder
  • Clean up your documents folder
  • Clear Windows temp folder
  • Check the AppData folder for remnants of data
  • Check users set up on the device and make sure you know they are the ones you should have and only those
  • Delete old WiFi connections from hotels, other offices, etc.
  • Empty the recycle bin
  • Older drives should have the defrag run on them once you are done

Mobile devices have the most debris

  • App proliferation is a huge problem
  • Clean up the data on the devices too
  • Make sure old text messages are being deleted

Server and cloud services digital debris

  • Clean up the user list and make sure the data owned by disabled users are accounted for or properly deleted
  • Check special privilege accounts to see that the proper people have them
  • Clean up the apps and digital debris here too

Purge old data that isn’t needed any longer

This one is the hard part for most folks.  We have all become digital pack rats of some sort.  Yes, there are things you can’t just get rid of but that does not mean EVERYTHING must be kept.

Clean up your email accounts and get rid of those list services and newsletters you never read.  If you do want to read them then make changes to make sure they show up in your priority email.

The documents you saved from 8 years ago are likely not needed unless it is related to financial, legal, or medical records under certain circumstances.  A presentation you did back then can certainly go.  How about a letter confirming you received or didn’t receive a delivery 6 years ago?  Those kinds of things can go.  You don’t need them and they are just one more thing to save and restore and protect.

This includes getting rid of old machines laying around the office.  Even old hard drives not used any longer.  Just make sure you do it following your disposal policies and procedures.  A good thing to get a grip on and make sure they are clean is all of the little USB jump drives laying around.

Old records in your legacy EHRs

This is the biggest chunk of information stored in most medical environments.  Vendors don’t let you purge them but what about backing them up and deleting them.  If you very rarely access this information but you keep it for legal purposes work with your vendors to have a method to save it off to an encrypted hard drive that you don’t keep up and running connected to the network.  It is there if you ever need it but it isn’t part of your nightly backups and it isn’t there for attackers to access or encrypted with ransomware.

Digital clutter or debris will continue to proliferate until we get better at cleaning it up.  Think of it as a little dust tumbleweed that will soon be growing the size of a basketball.  That kind of dust can’t be ignored anymore while you have your morning coffee.  Take the time to do a bit of digital spring cleaning.  Your systems, your data, and your security will be better for after it.  Then, you can enjoy a feeling of accomplishment knowing the digital dust ball just got a little smaller in your office.

Please remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word.  As always, send in your questions and ideas!

HIPAA is not about compliance, it’s about patient care. TM

Share This
HIPAA Boot Camp