wow, that's a nice cliff you've found. inline below. On Sat, Nov 12, 2011 at 10:27 PM, Jim McAtee <[email protected]> wrote:
> ----- Original Message ----- From: Steven Peck > > To: "NT System Admin Issues" > <[email protected]**software.com<[email protected]> > > > Sent: Saturday, November 12, 2011 9:00 PM > > Subject: Re: Cell Phone Policies > > It is a requirement from our corporate security and legal to show that we >> are fulfilling our regulatory obligations regarding data. You and I know >> that someone can do any number of deliberate things. A lawyer in a court >> room can point to any number of other things. >> > > So you're saying that it's a security requirement even though the company > realizes that it actually provides verly little security? Or in other > words, it's pretty much just for show. > > > No. We currently do NOT have such a policy. Currently we do NOT allow personal devices to connect to the network through VPN. There is limited external Citrix access and VPN if you have a company laptop. If we allowed peronal cell phones, you as an employee would have to sign consent as part of your gaining the priveledge of using your prefered personal phone. Note, I think using your own personal cell phone for work is near to stupid but that's my own personal opinion, not the companies or anyone else who has had a different experience or situation than I amin. Of course it's a moot point because we don't currently allow it. > If we can remote wipe a phone as part of our account termination process >> with corporate phones and we control the phone, why wouldn't we wipe an >> end >> users personal phone upon empolyee termination (voluntary or otherwise)? >> > > Because > > a) it's a *personal* phone? > Because they would sign a form both informing them this was the price of using their iPhone (with Good technology client) etc. > and > > b) Everybody, including your employees, realize that this draconian policy > accomplishes absolutely nothing. > > If your mythical 'everybody' realized it, we wouldn't be bound by the regulations on data and privacy we are. Oh ya, WHAT POLICIES? You are reacting so like an end user here. This is NOT my personal policy you are getting worked up over. This would be the policy that the corporation decided on. My bosses, bosses, boss. The CIO and CEO. Not anyone in the rank and file of IT. > You're going to recall a corporate phone in any case. Why wouldn't you > wipe it clean? That's no different than reimaging the hard drive of a > corporate PC before giving it to another employee or cleaing out the > drawers of a desk. > The theory is that people wishing for whatever bizarre reason to subsidize the company, would have their personal device subject to the same company policy only they get to use their own phone. > > This ensures the employee doesn't accidently retain things they shouldn't. >> > > What was the answer to the first question? Do you permit employees to > download and reply to email on their home computers? If so, what is the > company policy to the messages/data that end up on those computers? How do > you "ensure" that employees don't accidentally retain the data? > Um, that never actually came up. That said, no, we do not. The only remote access is on company owned PCs and limited Citrix access (with copy and paste disabled). To achive Citrix access you have to attend a security class, and sign some stuff saying you read policies and agreed to them. People can do a 'what if' however they want. They can think the worst of all of humanity, or they can make it so that mistakes and accidents are difficult to happen within the bounds of acceptable risk that the senior management of the comapny decide to accept. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ > <http://www.sunbeltsoftware.**com/Business/VIPRE-Enterprise/<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > **> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt-software.** > com/read/my_forums/ <http://lyris.sunbelt-software.com/read/my_forums/> > or send an email to > listmanager@lyris.**sunbeltsoftware.com<[email protected]> > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
