Bring your own hardware to work day and why it is a bad idea

Allowing employees to bring their own hardware to work seems like a good idea. The company avoids the cost of buying new hardware when new employees are brought onboard. New employees do not have to learn new computers. On-call and on travel connections are seamless and without the hassle of juggling multiple devices. However, there are risks to intermingling personal and professional computing.

* When someone selects to upload their address book to a social networking site, they may take their work address book along with their personal. That information may be better off private.

* Network security is a mixture of hardware hardening, protective software and human efforts. When using personal devices for work purposes, the exposure to the personal side of the web creates new aspects that could be breached. From a social networking application download to accidentally visiting a phishing website, personal behavior online can contaminate the corporate network.

* One alternative to limiting the security risk of individuals using personal hardware is to limit individuals in how they use their own device. Employees could in turn demand a corporate device rather than be restricted in how they use their own property. The second solution is to monitor everything the employee does on their own device, whether it is used for professional or personal purposes. Whether it is the loss of privacy rights or loss of property rights, the employee still loses.

* Malicious software already resident on the personal device could potentially use the conversion to “professional use” to contaminate a corporate network. One solution is to scan and then cleanse the device, though this will increase the effort required to make personal devices safe for corporate use.

* A security breach may necessitate securing and then studying the device traced to the leak or that stored sensitive information. Losing a work computer costs a day or more of productivity at work. Taking a personal device used for work purposes can put someone’s entire life on hold.

* The blend of corporate and personal devices creates a whole host of legal quandaries. Many employers state that work devices cannot be used for political, proselytizing, harassing, outside employment or illegal activities. Shall someone be prohibited from using their hardware used at work for political campaigning or religious discussions? Shall employees be penalized for working on a freelance project on their own device that is shared by the employer? Do employees face professional sanctions for performing these personal activities on a “bring your hardware to work” device?

Advertisements
Filed under: An IE in IT

About the Author

Posted by

Tamara Wilhite is the IE in IT blogger for the IISE. She is a Six Sigma green belt with experience in IT, PDM software, the defense industry and recycling industries.