Oct 28, 2011

How difficult is it to start allowing employees to use their personal tablets and still meet our security requirements?

We are considering changing our policy to allow employees to use their personal tablets to connect to our network. Can this be safely implemented or does dealing with a variety of different software/hardware combinations make it too difficult to implement and ensure that everyone is running updated antivirus software as required by my company’s security policy?


If you do decide to allow personal tablets, you can at least take a number of steps to help protect your network while allowing machines outside of your administrative control access.  Don’t store data locally, store and access data on servers on a secure network.  Require users of mobile devices to use real-time protection like Trend Micro Mobile Security for Android phones and tablets.   I would also mandate that employees limit use of their devices to themselves as sole user to decrease chances of a careless child or spouse inadvertently causing problems, but with personally owned devices that is pretty much impossible to enforce.  You can use something like AppCentral for mobile application management to monitor when someone installs a new app in violation of company policy, but you can really stop it before it happens.  I would still ask it of them even so.

Hmmm. Your best bet is to probably just let them use company owned tablets instead. That may be the safest thing to do though some employees may chafe against the policy. Employee owned devices may or may not adhere to your security standards over time.

Wells Fargo recently said no to letting employee owned devices connect to their network. Here's the article, it might be food for thought.

Wells Fargo says no to personal smartphones and tablets, period


"Wells Fargo's IT group has a simple answer for employees who want to hook personal devices up to corporate systems: No.

"They can't connect them to our networks," says Wayne Mekjian, executive vice president and CIO of information services at Wells Fargo. "We won't let them in."

The "just say no" policy applies to Apple iPads, Android tablets and smartphones owned by employees. The company also has strict policies regarding use of Twitter and Facebook, making the sites off-limits to many. Wells Fargo does, however, supply employees with corporate-approved smartphones, and a limited deployment of iPads that can connect to e-mail and other corporate systems."
Answer this