Quote:
Originally Posted by DNSB
Hmmm... we need to block users from running web servers on their MacBooks. See to it immediately.
And yes, I'm an IT person and I would consider running any network server on your computer as being a security issue until proven otherwise.
|
Well, I don't know that I disagree with you, but I don't actually have any employer-sensitive content on my MacBook. I use it exclusively to ssh connect to the company's network and do my work on the machines I connect to. I wasn't connected to that VPN at the time I loaded my e-reader, and in addition I was in my home behind my router which disallows all incoming connections.
So I agree with you in principle - I understand that you wouldn't trust my home network's firewall unless it were under your control. But here's the thing - if someone breached that firewall from the outside, they'd have to use my company VPN connection to reach company machinery in order to access any sensitive materials. And that's something that could happen whether I ran a network server for about 45 seconds once in a blue moon or not.
I agree in principle, but totally disagree that I created any sort of real issue.
I assume that the reason for killing the USB ports is because my company doesn't trust ME not to make copies of sensitive company stuff. I find that sort of insulting, but oh well - it's a big company and I realize that all apple barrels contain some bad apples.
Here's what will happen if this goes too far. I put a LOT of extra time into my work. It's easy to do, because I have this computer right with me all the time, and when I think of something relevant to work I need to do, I do it.
But if you guys just keep on cranking down on this until I'm unable to "dual use" my computer, then what will happen is I'll buy a personal use computer, and then the work computer will sit either in my office evenings and weekends, or at the very least in my bag - it won't be "right there" when work-related thoughts come to me in the off hours. So my employer will wind up getting LESS WORK from me. That cost, multiplied many-fold across the employee base, should be considered in your analysis of how to proceed as well.
There's a balancing act that needs to be performed here. I seriously doubt it will get performed very well - one problem with modern corporations is that the various specialty groups within them lose sight of everything other than their own narrow focus. So how much extra work I give my employer is "not your problem." But if you REALLY want to do what's overall best for your employer, then that sort of reasoning should be applied and considered.
Cheers,
Kip