End-users will have to buy their own notebooks
...but guess who's responsible for keeping them secure
By Salvatore Salamone, Bio-IT World | Bio-IT World | Published: 07:00, 05 January 2006
Most people load software onto their company notebook computers - even if they are not supposed to. Personally, on my Bio-IT World notebook, I've got Google Desktop, Palm software, the drivers for my digital camera and a wireless adapter card, open-source programs Thunderbird and Audacity, and licensed copies (which I purchased) of Microsoft Front Page and Adobe Acrobat.
Many life scientists and most people I encounter have a similar mix of personal software installed on their company notebooks. It's a fact of life these days.
People often work nights and weekends and feel as though they own the computer. So the general feeling is, Why not customise it to the extent allowed by their IT departments?
Such behavior and feelings are the seeds behind a nascent, yet soon-to-be-growing, trend: employee ownership of notebook computers.
Want a notebook? Buy your own!
The IT consultancy Gartner predicts that by 2008, 10 percent of companies will require that employees purchase their own notebook computers. Gartner believes the shift will likely be encouraged by offering employees some form of notebook allowances similar to the way many companies today offer car mileage allowances to sales reps and others who need a car to do their job.
From an IT perspective, the shift to employee-owned notebooks carries a mixed bag of pros and cons. "Transferring notebook ownership to employees does not eliminate the cost of PCs, but shifts it to employee benefits and indirect user operational costs," said Leslie Fiering, research vice president at Gartner. She noted that the payback to a company is in removing PC assets from company books.
Naturally, transferring ownership to employees carries risks especially if a notebook contains corporate data that might cause liability or fiduciary problems if that data is released. Similarly, companies may find it difficult to protect intellectual property contained in lab data on a home notebook, and may also have issues complying with
Obviously, there will have to be adequate security and policies in place to deal with these problems. But the question is: Who will be responsible for ensuring that a notebook is secured?
IT still has the responsibility
It is likely that IT will retain responsibility for maintaining security since most people are not very vigilant about securing their home computers.
A recent survey by America Online and the National Cyber Security Alliance found that 81 percent of home PC users lacked at least one of the three key security features (antivirus software, a firewall, and spyware protection) deemed necessary to protect a computer today. And many people who had these secure software packages installed did not update them frequently enough to protect their computers.
To address such shortcomings, organisations will have to turn to tools that automatically update antivirus and spyware detection software. And they will also need to check personal firewall properties to make sure it has not been readjusted by a home user in such a way as to compromise corporate standards for safety.
IT departments already do most of these tasks on a regular basis with corporate-owned notebooks. If user-owned notebooks become the norm, the biggest difference will be the need for policies that give IT the authority to require that notebooks meet specific security standards before they can connect to the corporate network.