Should Employees Buy Their Own Computers?

Local ID10T writes "Data security vs. productivity. We have all heard the arguments. Most of us use some of our personal equipment for work, but is it a good idea? 'You are at work. Your computer is five years old, runs Windows XP. Your company phone has a tiny screen and doesn't know what the internet is. Idling at home is a snazzy, super-fast laptop, and your own smartphone is barred from accessing work e-mail. There's a reason for that: IT provisioning is an expensive business. Companies can struggle to keep up with the constant rate of technological change. The devices employees have at home and in their pockets are often far more powerful than those provided for them. So what if you let your staff use their own equipment?' Companies such as Microsoft, Intel, Kraft, Citrix, and global law firm SNR Denton seem to think it's a decent idea."

Fat chance

[Anonymous Coward]

All the projects in your personal computer can be claimed to belong to the company, unless they make agreement in writing. Also, this will create major headache in company's IT and software licensing business.

No.

[bb5ch39t]

My machines belong to me. The stuff on them is mine, not the company's. And I don't want any confusion about that. I have VPN access from home to the corporate LAN. We also have a Windows "work at home" server which is accessible via MS's mstsc. I use that, not the VPN/LAN. I use Linux at home and rdesktop to access that server. Once on that server, I use mstsc to access my work desktop. Why? it makes my home machine safer. My home machine is more of a "dumb terminal" which cannot be infected by or infect anything at work. Or at least it is significantly less likely. I'm not aware of any virus which can spread over an mstsc link. Which means little, given my ignorance. My home system is behind a firewall/router, so hopefully it is too much trouble to crack. I don't need "impossible", just need "harder than average" to discourage most. Running Linux and no Windows also helps.

Re:Nah

[NFN_NLN]

Wouldn't work. The company would always care about its own security.

Agreed.

1. Security
  a. If computers are coming and going without permission how do you know which are from employees and which are rogue systems
  b. If computers are coming and going how do you ensure they aren't a threat for Virii or bots
    i. At least with company sanctioned computers they should have virus scanners with updated definitions
2. Standardization
  a. Whaawhaaa, my xxx isn't working properly; can you fix it: "I NEED IT RIGHT NOW"
    i. Troubleshooting some hipsters 3D floating mouse with alpha drivers for Windows 7 is just a waste of time
  b. Why can't my Windows 7 Home edition logon the domain, no one told me this when I bought it

This is a windows only shop...

[sillivalley]

Until director-level folks, CEO, CFO, other executives, and board members start demanding to use their iPads for things like e-mail and calendars.

About the only defense IT has is to say, "Fine, to do that we have to do a forklift upgrade of our mail/calendar infrastructure -- $xxx,xxx."

But when the CEO and CFO say, "do it," you do it.

Oh, and don't start on those weirdo creative types in marketing and documentation that bring in their own Macs anyway...

Some businesses, rather than going neurotic about access controls are instead asking, how do we enable employees to use the best tools for their jobs? Yeah, some can get away with XP on a Pentium box. Others want Linux and command lines. Others go for Macs. An iPad can be nearly deal for an exec that lives by e-mail and calendar and doesn't do a lot of content creation.

Figure out how to give people access to the tools that work -- for them

Re:Nah

[SerpentMage]

Sorry but you are thinking in the box.

It is easy to setup a secure system. In fact I would argue it would be an even more secure system. Namely you create hard DMZ zones. So for examples developers would have access to version control systems, and development virtual machines that run a plain vanilla server environment. Then once it works there the source code imported back into the security zone. In the security zone the code would auto compile and run as per instructions given by the developer.

Imagine that, it would be like cloud computing and I would argue it would be safe safe safe because only a very very small subset of people are allowed access to the critical information.

And if you have to have access to the internal system, then that is why we have things like remote logins...

Re:Nah

[c++0xFF]

The rationale there is usually to make sure they take care of the tools. My brother owned a house painting business. In that industry the workers buy their own brushes. And it makes sense: when he supplied the brushes, they got trashed within a job or two ... leaving them out, not cleaning them properly, and so on. It was unsustainable. I think it even translated to the tools he did supply (paint sprayers, for example), where they took better care of those tools as well.

But I'm not sure this translates well to computers. I don't even trust my IT department to do the maintenance on my work computer properly. Having people maintain their own computers would be even worse.

Re:Nah

[walt-sjc]

No it doesn't translate well to computers.

Do you really want your financial, personal, or medical information on some random idiot's personal machine? A machine (maybe a laptop) that someone's kid uses to download all sorts of crap? What if the machine gets stolen while at the office? Who pays? What about the data? Can you mandate full drive encryption? How do you audit it?

Think of the legal liability.

No, no, it's not a good idea when you think past the initial $$$$ and allure of having a non-sucky work machine. Yeah, a good machine costs a few dollars, but compared to the cost of wages and other overhead associated with an employee, it is fricking stupid to saddle the employee with a crap machine that hinders their productivity. If a better machine increases productivity more than 5% then, as a company, you are insane to keep around a 5 year old machine with a tiny monitor.

We keep most of our clients on a 3 year rotation. The tax laws make it reasonable to do so. We track maintenance costs on systems, and find that as a machine ages, it really does get more expensive to maintain and it costs the company more in lost productivity than it's worth. With rare exceptions, our clients understand this. Tech isn't cheap but not keeping up costs more.