johnbegy2
(John9983)
1
Hi,
As an network administrator, what is your policy on allowing employees to bring in their own peripherals to attach to company owned computers. I’m speaking mainly of keyboards, monitor, and mice (KVM).
Can you imagine, employees don’t like the clunky old 15" CRT and would prefer to and are willing to fork over their own money to buy a larger flat screen monitor to use while at work.
My feeling is not to allow this practice as I lose sight of what is company owned and what is not. Keeping track of what is ours and what is theirs would be a logistical nightmare. But then, I use Spiceworks and I should be able to track this.
So the question is: am I being stodgy for wanting to keep everything on the network company owned; and, if I allow employee owned KVM on the network, how should it be tracked?
Thanks,
John
31 Spice ups
kelly
(Sosipater)
2
We have a no personal computer equipment policy here. If they really need something specifically (ergonomic reasons, etc.) the company buys it for them. If there is no business case for the company to purchase it they don’t get it.
mdberman2
(Bermanistan)
3
Besides, wouldn’t it get messy if something company-owned damages something personally-owned or vice versa?
Or if the user hooked something up wrong, and damaged the whole lot?
Those reasons alone are enough to say no.
noah7888
(Noitall)
4
Simple, the employee can bring in products they buy, but the second they hook them up they belong to IT. Problem solved. This goes double for netbooks, ipads, etc.
We struggle with this one - most of our equipment is donated, and some of it is employee owned.
The previous IT admin allowed this, but I’m changing policy - so far no resistance. I’m changing it to state that personal equipment will be allowed, but it first has to be turned over to IT for a complete reload and AV install, etc, and will be a monitored computer as long as you wish for it to be used here. When you depart or wish to have it removed, IT will reload it with your software if you wish, or simply erase it.
I know this has hangups with quitting employees, etc, but we’re working on it! Hopefully in the near future we can state that no personal computers will be allowed. We have an interesting dynamic here…
Generally speaking, we buy anything a user “needs” (including wireless keyboards and ergo mice). I replace monitors when they go out, but we don’t have any CRT monitors here (all LCD).
I have asset tags on all company owned equipment (I could care less about mice and keyboards), so keeping them separate is not an issue.
I only insist on two things for peripherals or monitors that users bring from home:
- I inspect them prior to installation. If I say no, it does not get hooked up.
- Users read and sign our equipment policy.
The equipment policy basically says that the company is not responsible for damage to anything not owned by the company, and that the user is responsible for anything damaged by their personal equipment, as determined by IT.
When they see that, most of them decide it’s not worth the risk. Or they don’t care, and sign it anyway.
In the 5 years that I’ve had this policy I’ve never had an issue. And about 70% of the crap that users lug in and think they need doesn’t get installed after they read the equipment policy.
Our computer use policy specifically forbids employees from installing any software or attaching ANYTHING (including cameras, phones, and USB drives) to their computer that is not approved by IT, and must also have a signed copy of the equipment policy on file with HR.
The users get their freedom, but with it comes responsibility. I’ve found that it works pretty well.
We have the same policy as Thereal_Joe. We won’t let them do it. Upon occassion, people have ignored the policy. It certainly depends upon on the situation. (We had one person bring in their own telephone headset and amp. We’re not sure why, because all she needed was to meet with us for about 10 minutes so we could find out what, exactly, she wanted. Eventually we found a wireless headset installed at her desk. In this case, we’ll ignore it. If it is lost or damaged, we’ll ignore that too.
If it were something that could have security or stability impolications, the items in question would be removed and the employee would be reprimanded.
bret9118
(Bret8924)
8
Dont allow people to bring stuff from home.
I had a guy one time bring his laptop into the network I just took over. His laptop was a mess, blamed our network for causing problems, and wanted me to fix it. I laughed at him.
Who pays for it if it gets broken or stolen?
alex3031
(Alex3031)
9
I don’t see the tracking as the real issue, if you log all company assets what’s not purchased through the company is easy enough to know. But the other concerns about things breaking, etc… are valid concerns. I can’t say I am innocent of not breaking this policy myself though, When I started here I was given a laptop with 512MB of RAM I had some laptop RAM at home I brought it in and put it in the machine, with all the crap I run I needed more.
jon0533
(Jon534)
10
I am starting to deal with this in my company as well. The interesting issue here is that users bringing in personal items will become more of an issue, especially with things like iPads and smartphones. I have taken the stance that users can use personal equipment with no expectation of support form IT and for devices that can house data( i.e. thumb drives, phones, tablets) IT has to have control of the unit and the ability to limit or delete data at IT’s discretion. I actually have them sign an agreement with these stipulations spelled out. That usually stops the employee in their tracks. Trying to limit data leakage is a nightmare and I have started with policy and then follow up with technology that supports the policy. Good luck.
Bret8924 wrote:
Dont allow people to bring stuff from home.
I had a guy one time bring his laptop into the network I just took over. His laptop was a mess, blamed our network for causing problems, and wanted me to fix it. I laughed at him.
Who pays for it if it gets broken or stolen?
Ditto…Way too much risk for normal level employees to bring their consumer level stuff in. That all said, in my current IT position I personally do bring in my own equipment in. I know it does not have Limewire, et al on it plus it has a decent virus scanner and so forth. We technically do not currently have a policy in our AUP but thinking of adding one. You need to think of the least common detonator in allowing this for normal users. User brings in home laptop unit that neighbor kid has ‘worked’ on. Then all of a sudden you network is down do to LimeWire, AutoRun viruses and so forth…That and ‘Hey, this place ‘broke’ my laptop-you fix it now’ idiocy.
richd3713
(Rich D.)
12
We do not allow employee’s to bring in any of their equipment from home to use on our network, too much of a risk that we do not want to get involved with. There have been times when an employee has come to us and needed help with their home stuff and we may take a look at something after business hours and off site but that is about it.
alex3031
(Alex3031)
13
Limewire itself isn’t the problem, it’s what idiots download using it. I have used limewire for downloading before just fine, never caught a virus.
itslave
(ITSlave)
14
Sosipater wrote:
We have a no personal computer equipment policy here. If they really need something specifically (ergonomic reasons, etc.) the company buys it for them. If there is no business case for the company to purchase it they don’t get it.
Same here. I think letting people bring in their own equipment, no matter how big or small, is a slippery slope. We don’t even let them order stuff on their own–they have to do it through IT. #1 it cuts down on needless spending (why buy a keyboard when we have 20 in stock?) it also avoids us having to troubleshoot shit that isn’t ours.
Troubleshooting a user’s keyboard today is troubleshooting their dusty, roach-infested laptop tomorrow.
Liability is a big factor too:
1 . If something happens to the work place and their equipment is on site you could be responsible to repair or replace it.
- If software on board the machine is not licensed properly and a inspection happens to occur, you could be liable and fined for any illegitimate copies of the software on that machine.
I Agree with Sosipater if the Company Needs are satisfied they do not need it unless there is a health issue, however if the suggestion can provide cost savings then the company will purchase it.
Personal property is not allowed here with certain exceptions, mainly managers and the developers. The general staff is not allowed to hook up anything to their systems. I even verify that the cell phone chargers are wall units and not the USB cables. The only thing that I have brought in is an old KVM I was not using to replace the one that died here, working on 1 system on the bench at a time is a waste of time.
People do that at my company all the time and the problem with that is that they also want you to fix it when it breaks.
Same as ITSlave
Users order needed stuff by helpdesk system, if there is really no need for new wireless mouse - we don’t order.
The “user’s stuff, non approved, non tested is responsible for company loss” works great. So users do not bring their home gadgets and instead they ask their manager for it…
This is always a tough one. We are small enough that right now we allow then to use their own equipment. In fact I use my own personal laptop because our equipment simply is not very good. As we grow though I believe we will have to implement a policy because it will become a logistical nightmare. Computers are not allowed on the network here without passing inspection (current av and patch levels etc), but I could see cases where if you are not very tight with inventory documentation disputes about what belongs to whom could erupt.
It is going to be a pain to get people how have already on board to accept this, so my advice is to nip it before it ever starts if you can.
