If given the choice between using some crappy piece of hardware your company hands out or your own personal computer or mobile device, which would you choose? It’s pretty much a no-brainer, especially if you’re an Apple fan working in a Windows world. Apparently Big Blue (IBM) is finally catching up with the Bring Your Own Device (BYOD) movement, and allowing their employees to bring their own preferred devices to work. But, that doesn’t mean that it’s easy sailing for its employees who are looking to take advantage of software or services they prefer over the IBMified devices. Nope, corporate IT policy is still pretty heavy-handed, and your iPhone will still get Big Blued.
Horan goes on to highlight how “conservative” the company is, and bemoans the lack of basic “awareness as to what constitutes a risk” among her employees. I’d like to suggest that if she really meant it, she’d take a moment and have her IT department explain to employees why using iCloud or Siri could be a security risk instead of disabling it on employees’ mobile devices. A simple, “people can steal our trade secrets if these services are breached” email should be sufficient and still give people the ability to ask Siri where the closest taco stand is in the area.
The best security policy is one that actually educates employees to help them make smart security decisions, not one that removes access or limits their functionality to certain applications without a basic discussion about the risks. Then again, having a smarter, more secure workforce would likely mean less IT jobs, so… there’s that.