Who Should Own Your Smartphone? 129
snydeq writes "The great corporate barrier against employees using personal smartphones in business contexts has been breached, writes InfoWorld's Galen Gruman. According to a recent report from Forrester Research, half of the smartphones in use among US and Canadian businesses are not company-issued equipment. In fact, some organizations are even subsidizing employees' service plans as an easy way to avoid the procurement and management headaches of an increasingly standard piece of work equipment. Gruman discusses the pros and cons of going with a subsidized, employee-owned smartphone plan, which is part of a larger trend that sees IT loosening its grip on 'dual-use' devices, including laptops and PCs."
It can be a blurry line (Score:3, Informative)
Even though I own my own smartphone [nokia.com], where I work (a very large IT company) there is an increasingly lengthy list of requirements and checks for any device connected to the corporate network.
I value my choice and don't want my employer to get me a phone but if I use it for work it is an increasing amount of hassle
Re:It can be a blurry line (Score:4, Insightful)
But it is great to think of dumping all the procurement/management onto the end user...
Re: (Score:3, Insightful)
Or when you want me to enable IMAP because that's all that a single employee's phone supports (and we use Exchange/MAPI like most similar companies), then again, I wonder why we let people use personal devices.
You know, because ticking a single box to enable IMAP is hard. And because you wouldn't want to allow pretty much every device under the sun, rather than a few in the exclusive have-paid-microsoft/are-microsoft club to connect.
Re:It can be a blurry line (Score:4, Interesting)
Sorry, to self reply, but I realise that the point I'm making here is rather cryptic. Your job as a sysadmin is to make sure that people can do their job in as straightforward a way possible, that means that you should be bending for your users. If your users want to use something you don't yet support, it's your job to figure out how to support it.
I appreciate that there are times where you get a higher payoff by saying "fuck that one guy with the weird kit, we'll get more by giving benefit to those 100 guys over there instead", but not ticking the IMAP box is not one of those times. By ticking the IMAP box you get to let everyone work how they want, and lose nothing.
Re: (Score:2)
Re: (Score:1)
Yes, and again, the point I'm making is that as a sysadmin, the environment *should* be controlling you. Your users want personal devices on the network? LET THEM! It's not your job to tell them what they can't do, it's your job to tell them "yeh, that's working for you now, you can do your job better".
Re: (Score:3, Insightful)
I'll let the 'environment control me' when I get a budget large enough to take on whatever the end-users can throw at me. Until that unlikely day occurs I will continue to control my environment, extending it as much as my budget allows. To do anything else is fiscally irresponsible and simply bad for business regardless of what you think.
Re:It can be a blurry line (Score:4, Insightful)
Re: (Score:1)
IT is a support function of the company. IT personnel should do everything in their power to help the company make more profit. If that means making an extra effort so a salesguy can use his cool new phone so he works harder, do it. If it means saying no to the sales guy who wants to give a prospect a $50,000 piece of equipment to make a $10,000 sale, tell them no.
Its a pretty simple formula if you keep it always at the forefront of your thinking.
Re: (Score:2)
Re: (Score:2)
As long as what they're requesting adheres to the corporate security policy, then yes, you have an obligation to do your job. But if they're asking for something that does not adhere to the policy, even if the policy is restrictive, then you'd be remiss in allowing it. A lot of us work in industries dealing with a lot of sensitive personal data. Would you like to find out your bank or hospital was letting anyone and their brother connect to their network with whatever device they felt like, for the sake of
Re: (Score:2)
It does if people are downloading their company mail and attachments via IMAP to a devices that is insecure.
I'd rather be Mordac, Preventer of Services than Unemployable, Breacher of Private Data. That eventuality doesn't seem to bother you, and that's unfortunate for your customers.
Re: (Score:2)
I solved that problem by being a self-centered douchebag.
Fixed that for you.
Re: (Score:2)
Re: (Score:2, Informative)
EAS supports the enforcement of policies (device MUST have password, device MUST be encrypted). IMAP does not.
Also, many phones do not support IMAP/TLS, but support EAS over HTTPS. Using unencrypted IMAP for your corporate mail seems like a very bad idea, no matter how you put it.
Re: (Score:2, Insightful)
Re: (Score:3, Informative)
Your job as a sysadmin is to make sure that people can do their job in as straightforward a way possible, that means that you should be bending for your users. If your users want to use something you don't yet support, it's your job to figure out how to support it.
Provided that it fits into the existing security framework & other policies for auditing, yes.
We don't allow IMAP/POP connections either. In our company, if you're allowed remote access to email, you have an RSA token for outlook web access, a
Re: (Score:2, Interesting)
On the other hand, if you own your own phone, you get to decide how you use it. You are not obliged to answer it at any time of the day or night on the PHB's whim, and you are not subject to corporate restrictions on what you use the bandwidth for.
Some people find it necessary to carry their work around like a parasite on their backs, but IMO life is better when I can leave work on my desk and come back to
Re: (Score:3, Informative)
"If your users want to use something you don't yet support, it's your job to figure out how to support it."
WRONG. It is the job of IT to help the business make money. If the cost of supproring a SINGLE user getting their toy working exceeds the benefit to the business of getting said toy to work, then it is the rational decision to say no.
And you might think that. Just tick the IMAP box. Except then you suddenly need to pay attention to any announced vunerablities in the IMAP service. You might suddenl
Re:It can be a blurry line (Score:4, Interesting)
Oh, but then what does the mighty IT department do? Actually many devices support the Exchange-only servers, but enabling IMAP+SSL would probably cover all devices currently on the market (even my 2y old HTCs). And it's not a single user usually, once enable many could profit. And updates come automatically these days. So, dear admins, do the magic of checking the box and then you can get back to reading /.
Re: (Score:2)
Re: (Score:1)
WRONG. It is the job of IT to help the business make money.
Um... a lot of us work for non-profits, you insensitive capitalist!
Re: (Score:1)
You know, because ticking a single box to enable IMAP is hard. And because you wouldn't want to allow pretty much every device under the sun, rather than a few in the exclusive have-paid-microsoft/are-microsoft club to connect.
Enabling IMAP won't do a bit of good if it's not open through the firewall. Opening the hole in the firewall requires change control documentation for SOX purposes, good governance, and security sanity, and no change request gets approved without business justification. YMMV.
Re:It can be a blurry line (Score:5, Funny)
Well - under these conditions, it becomes your responsibility to educate the poor fool. Really, you MUST launch into a tirade/lecture, informing him that impulsive buying, without even researching what the hell he needs or wants is the sign of a seriously diseased mind, and that his status as an employee is in jeopardy. Offer to help him, and when he agrees, reach into your desk for the 3 pound hammer, smash the damned phone, and tell him that it just your little secret - you won't tell management that he's a senile moron who is losing his tenuous grip on reality.
At this point, you inform him of the half dozen best choices for a personal phone, and usher him out of your office/cubicle/dungeon.
Re:It can be a blurry line (Score:4, Funny)
Who amongst the horde of slashdotters can lift a 3-lb hammer, let alone use it to smash something?
Re:It can be a blurry line (Score:4, Funny)
I don't know what GP was thinking... BOFH-tactics usually involve electricity and/or Halon.
Re: (Score:2)
Re: (Score:1)
Okay clueless employee here:
I want to run Opera Mini web browser. My provider is Virgin Mobile. How do I figure out which of their phones will run this software?
Re: (Score:2)
http://www.opera.com/press/releases/2009/04/01_2/ [opera.com]
But, of course, you realize that which browser you are using is probably the least of your concerns, when it comes to connecting with your company's network. Are these phones compatible, in all respects, including the security software?
Best thing to do is, ASK YOUR IT PEOPLE!!
Re:It can be a blurry line (Score:5, Informative)
enable IMAP because that's all that a single employee's phone supports (and we use Exchange/MAPI like most similar companies),
Sounds like you are the problem. That is not a standard documented protocol.
Exchange/MAPI is a standard documented protocol (Score:1)
That's how non-MS devices are able to communicate with it.
And even if it were a completely closed solution that only MS phones could connect to, so what? How is it a corporation's responsibility, internally, to work with other devices? Sure, if I ran a company I'd make it as easy as possible for people to connect because I'd want to enable them to check their work email elsewhere. But if security were more of a priority, or if maintaining a simpler system were, I see a lot of merit to locking it down to
Re: (Score:2)
Re: (Score:1)
by WhatAmIDoingHere (742870) writes: Alter Relationship sexwithanimals@gmail.com on Wednesday March 24, @04:15PM (#31605220) Homepage
There's a local hospital near me that added all the fancy iPhone stuff to their email system. One person uses an iPhone. Everyone else uses a Blackberry.
I was going to ask about "fancy iPhone stuff" until I saw the relationship between your user name / e-mail address / post involving a local hospital.
Re: (Score:2)
Re: (Score:1)
As far as "connecting" to the network, I have no issue with what you use, assuming it isn't a device made for malevolence. However, when you come running into my office at 4:56 wanting help with your $latest_awesome_phone, that I know nothing about, then I start to wonder if letting you use your home device for work was a good idea. Or when you want me to enable IMAP because that's all that a single employee's phone supports (and we use Exchange/MAPI like most similar companies), then again, I wonder why we let people use personal devices. But it is great to think of dumping all the procurement/management onto the end user...
Re: (Score:3, Insightful)
Even though I own my own smartphone [nokia.com], ...where I work (a very large IT company) there is an increasingly lengthy list
of requirements and checks for any device connected to the corporate network...
This is the big issue with ownership & management - requirements for devices to utilize company resources (and whether or not the device needs to utilize company network resources). If the device will connect to the company network, the IT department has a very good case for managing (and/or owning) the device. It really comes down to network security, and disallowing rogue devices from connecting to the network. In a large company with many IT resources (and many to protect), it's far easier to say
Re:It can be a blurry line (Score:4, Interesting)
Granted, we're a smaller company, but we've taken the opposite approach. In the office, you either have a Mac Mini or an iMac. But when people are hired, we pay them a $3,500 signing bonus with the expectation that it is to buy a new laptop of their choice. Overwhelmingly they buy MacBook Pro's and add XP or Windows 7 with VMware/Parallels and we add $45 to the first paycheck of the month to cover data plans and "business" minutes/texts on their cell phones.
We find that they usually take much better care of the laptops when it's "their" laptop and it beats having to carry two cell phones.
Re: (Score:1)
Re: (Score:2)
damn. so, are they hiring?
Re: (Score:1)
First things first. Is "company data" - email, contacts, files - accessible from your phone? If so, they have a vested interest in making sure that data is not compromised when your phone is lost or stolen. As a result, PIN/password requirements, encryption, antivirus, and remote wipe capabilities are generally required. In some cases where devices have a tunnel to the corporate network (Blackberry), they will possibly want to control what apps you install to prevent malicious ones from accessing the cor
I prefer complete independence, thanks (Score:5, Insightful)
Re: (Score:3, Insightful)
Sadly, if they subsidize your phone, they may actually incur legal liabilities of your actions.. For both parties it should be 100% separate. Just makes business ( and personal ) sense.
Re: (Score:2)
Now, THERE'S an idea. People get the stupidest freaking gifts for service anniversaries. A telephone that is compatible with company systems is one of the best ideas I've ever heard of.
Now, let's try to convince the people who actually choose those "gifts".
Re:I prefer complete independence, thanks (Score:4, Informative)
We have a ton of people with their own blackberries signing up. They all are informed several times by us that their phone is open for legal discovery and a possible remote wipe if needed.
As the IT person, I DON'T use my personal phone. And I'd rather not. I don't understand why my company is ok with the use of personal phones...it just seems like so much unecessary liability and extra work. Personal devices aren't just a security risk, its an administration nightmare. Try providing technical support or troubleshooting a single error for 15 different platforms. It sucks. And it eats up time.
Re: (Score:2)
Call me a stodgy person, but I don't want corporate data on a personal phone. I much rather see employees get Windows Mobile devices, iPhones, or Blackberries where IT has full control of the device, including denying access to the camera (some contracts require cameras be disabled on phones), pushing out policies to wipe phones if they are off the network for x days, or remote wipe.
Re: (Score:1)
It's easy to see why any company is ok with this (or more acurately part of the company). It comes down to $$$$$$$$. If I don't own it, then it doesn't appear on the books as capital and the company saves money. You see, a manager doesn't want to pay for anything they don't have to. In fact a lot of their bonuses revolve around reducing costs and this would seem an easy way to achieve that. I.e pass some of the cost onto the employee.
I personally carry two phones, one personal and one for the company
Re: (Score:2)
My company is in the process of phasing in this sort of policy (BYODevice). The company will support you as far as getting connected to our systems (via BBES, for example) - technical support & troubleshooting of the devices and the software is left to the wireless provider. Which is part of the point of the whole thing - the company doesn't have to pay employees to do that support.
Re: (Score:3, Insightful)
I'm with you. So far I've never had a job where I was asked to carry a smartphone as part of my job, and I'm glad for that (I wouldn't say no, but I wouldn't like the idea).
If I ever was asked to carry a smartphone attached to my corporate email, I'd at least think about using my own device so I don't have to carry two. I definitely don't want to do my personal business on the company-owned device, so I'd want my own, but depending on what degree I'd be able to keep my work and personal stuff separate on
Still not protected. (Score:3, Informative)
Anything of yours can be subpoenaed in a lawsuit. Northwest Airlines subpoenaed [zdnet.com] the *personal* computers of their employees when they suspected their employees were getting too uppity^H^H^H^H^H^H, I mean, striking by calling in sick.
It hardly matters if you use encryption, etc... the legal discovery process can violate whatever privacy you thought you had. It only takes a credible allegation of wrongdoing - not even "beyond a reasonable doubt" - to discover all of your personal files, etc... and, becau
Re: (Score:1)
Re: (Score:2)
Your tin foil hat is wearing thin, time for a new one.
Re:I prefer complete independence, thanks (Score:4, Interesting)
Re: (Score:2)
Pretty much the same with me. Everyone in my department has company issued Blackberrys. I have a company issued US Cellular flip phone due to crappy Verizon coverage where I live. I like the fact that the only "tether" I have is a simple phone. Holds a charge for a week, inbound texts only, and I don't have to baby it. It's bad enough with that. I'd hate for people to get the expectation I am available all the time. I only check mail at my desk at work. If I get a call about an issue at work, and I am at ho
ME! (Score:1)
Re: (Score:2)
Who pays/paid for it?
When my company paid for my cell phone. I left it in my desk at work.
Now that they canceled that policy to save $$, they can go to hell if they want my personal cell number.
If I'm not at my desk or on Sametime, good luck finding me.
Re: (Score:1, Insightful)
When my company paid for my cell phone. I left it in my desk at work.
Now that they canceled that policy to save $$, they can go to hell if they want my personal cell number.
Your company having your phone number is a pretty normal thing.
Your company having your phone number doesn't change how many hours you are expected to work. If your company expects lots of unpaid overtime, I doubt having your personal cell number changes that.
And if you use your personal cell phone (or car, or anything else) for business
Re: (Score:2)
You sound like an AWESOME guy to work with.
Re: (Score:2)
Who pays/paid for it?
When my company paid for my cell phone. I left it in my desk at work.
Now that they canceled that policy to save $$, they can go to hell if they want my personal cell number.
If I'm not at my desk or on Sametime, good luck finding me.
Heh, I did the same thing a dozen years ago when they required me to have a pager for times I wasn't at my desk. Fine, I'll carry it during working hours, but it goes in the desk drawer when I leave.
If an employer wants me perpetually on call, not only should they provide the device, but it should be explicitly stated in my employment agreement up front and duly compensated. I've seen so many co-workers get used this way simply because they don't know how to say "no".
Depends on usage (Score:3, Insightful)
I would always want my own unrestricted phone under my own control. If, as the case is now, that phone gets light-moderate work related use, that's fine since it beats the other option of having 2 phones. Also, if I drop or break it, there's no drama (apart from having to replace it). Now if I was using the phone for hours each day, I'd be wanting a separate work phone.
Re: (Score:2)
My policy for a long time was that if I had a salaried position where they expected me to respond to work calls/emails outside of work ours, then they needed to get me a separate work phone for that. I didn't want people calling my personal phone. Part of the idea is maintaining a small barrier between personal time and work time-- essentially that I know when an email is a work email is a work email and I can choose to ignore it. I didn't want people calling my personal cell phone unless there was an em
Re: (Score:2)
Meh. If you're on call, you're owned anyway. Which phone they call you on doesn't matter and you won't get any separation between work and personal time (when you are on call). If your company doesn't respect that you have time when you're not on call, that's a whole other issue.
Re: (Score:2)
Yeah, it's somewhat minor, but the way I see it is, when you're on call at that level, you need every bit of separation you can get so that you can stay sane. There were times when I'd ignore my work phone or even turn it off. The idea was to allow clients/users a method to contact me when I was free, but one which I could turn off. In case of a real emergency, my boss had my real cell phone number.
It worked. It made sense. But these days it should be possible to accomplish the same thing without actu
Re: (Score:2, Interesting)
Re: (Score:3, Interesting)
I find it much more convenient to maintain a single phone. I accept that my boss can then call me on it. If I objected to that yes I'd get a company phone, and keep my private number unlisted. But support is part of my job and I'm happy to help in a genuine emergency providing that it isn't abused. So far I've only received one unexpected call when I wasn't on support for the night in 5 years at my current job.
Re: (Score:2)
Actually the situation I'm describing was the result of a deal that I had with my boss. My boss was the person that I trusted not to abuse having my personal cell phone number, and I would have been less likely to trust HR. As far as I can recall, HR only had my home phone number, not my cell.
As far as I know there aren't really laws about that sort of thing in the US, but either way I wouldn't have minded in this case. I had a good boss who viewed "protecting his employees" as a major part of his job.
Re: (Score:1)
Google Smartphones Are Business Un-Friendly (Score:1)
Re: (Score:2)
When I said, "Not there yet, but it's coming," I was talking about in my own personal phone. I meant something more like "I don't have it yet, but I'm probably going to get a Nexus One soon."
Re: (Score:2)
I'm kind of looking forward to having a Google Voice enabled phone. Not there yet, but it's coming.
I'm confused by this statement. Google makes a great app for the Android phones that seamlessly integrates with Google Voice. And, now that the app has push functionality, it's that much better.
After some consideration... (Score:4, Insightful)
I'm going to have to go with "Me", Regis.
I have no problem using or not using it for work. If they want something specific, they can feel free to shell for it.
I hate phones (Score:1)
I worked for YottaYotta for a bit over a year as a sysadmin. My boss wanted me to have a cell phone so I could be called on weekends to Fix Things That Broke.
I'd take a phone home. I'd watch the signal strength, and every place along the route where it was weak, I'd phone his office number and leave a message with my location. The next day I would give him a map with the spots I'd called from.
Two days later I'd get a new phone.
After five phones he admitted that this wasn't going to work. So I was allowe
I should (Score:2)
Because if I'm carrying it at all times, then I'm using it for personal reasons. As such, to keep my privacy I'll use my own. If they want to pay for some/all of the plan I'll take the money as reimbursement, but I want the control.
Of course, I don't even tell my employer that I own a cell phone. I don't feel like being 24/7 on call for them, and after hours calls from them go directly to voicemail.
Security and restrictions (Score:3, Insightful)
Do you care about securing smartphones, laptops, etc? Do you want to reserve the right to restrict their use?
If they can access and store company information, introduce infections into company systems, or pull customer information, then maybe you should reconsider the cost-saving approach.
I wish my company paid for my phone... (Score:2)
Where I work, the company *may* (if you qualify and are VP approved) pay for your phone bill if you either get on the 'company calling/data plan' or identify the personal/work calls. However, they don't pay for any type of phone. You buy your phone out of your own pocket.
Another Reason to Love My Employer (Score:4, Interesting)
The rule where I work (Netflix) is simple:
1. We give you a Blackberry or an iPhone (you pick)
2. We pay for the plan
3. You use it responsibly
4. You figure out what "responsibly" means.
5. There is no Rule 5
Re: (Score:1)
Re: (Score:2)
I have a similar situation at my employers:
You get a choice of Nokia E series or Windows Mobile phones (usually HTC). The reason being they both support MS Exchange email.
The company pays for the plan, and the phone can be used for personal calls becuase we're on a hight corporate plan, and unless you're a heavy user (we have people racking thousands $ in monthly bills because of roaming) then your bill will be reasonable.
This is the reason why when I joined the company, I signed over my phone number to the
Re: (Score:1, Troll)
but at least for us here in the hirer ranks of engineering.
At what rank of engineering do you get to hire people?
Re: (Score:2)
"We" said the anonymous coward. Who are you to not allow me into those ranks?
Re: (Score:2)
"a Blackberry or an iPhone"
No android selection? That sucks. Still, can't complain if it's free, I suppose!
No Android because there is no active sync support, no hardware level encryption, and unencrypted removable storage.
http://code.google.com/p/android/issues/detail?id=4475 [google.com]
Been there, done that (Score:3, Interesting)
I worked for a year and a half (not in the IT industry) in a position where I had to carry a company phone... and I also carried my own phone, because the company phone was strictly business. It is a hassle having to juggle two pieces of gear, especially since the job did not involve sitting at a desk.
That said, I'm all in favor of using my own phone for company business, as long as it doesn't burn through my minutes. Since my current job does involve a desk and a land line, that isn't really an issue.
Re: (Score:1)
Call Forwarding (Score:3, Interesting)
Current setup:
Work phone is a crappy blackberry pearl (the "keyboard" on it sucks).
Personal phone is a HTC Hero.
I simply have the blackberry forward all calls to my personal cell phone. This way if I ever leave the company, the HTC is still mine, if they need the work phone back because they are investigating something, I simply remove the call forwarding setup and give it back to them.
Only downside is if you miss a call that was forwarded to you, when you call back they get to see your personal cell phone number. This could be avoided by instead having the work phone forward to a google voice account #, and then on the personal phone, just use google voice to return calls.
Re: (Score:1)
HR issues (Score:2)
Where I work a policy had to be implemented limiting the use of personal devices to access work resources (ie email). There are a lot of hourly employees here and by law if an hourly employee responds to an email after hours, they need to be paid for time worked. HR decided that they didn't want to deal with tracking all of the random hours so they just implemented a policy that denies employee devices on the network. If there are outlier cases like where an hourly employee needs to help with an after ho
Nobody! (Score:2)
They tried to buy me one, but I don't want a smartphone. I want my phone to make phone calls and texts. The latter because it's handy to have my systems email me text alerts when something's going wrong.
I had a hell of a time convincing them to go away and leave me alone.
Re: (Score:2)
Same deal here. I was supposed to change to a Blackberry, like everyone else. Fortunately Verizon coverage sucks where I live so I was able to keep the Motorola flip phone. Longer battery life, and all I get are texts from my systems. No email BS.
Heck, I work for a mobile phone company.... (Score:2)
And they make me pay for my own service. Discounted, but I still have to pay. The phone is mine.
And because of this, I can refuse to receive work email on it. Come 5 pm, I'm out, and I'll be back tomorrow. No answering mail at 2 am for me.
VPN / Wireless office (Score:2)
You can't have cheap intra-company calls and VPN Value Added Services if you're just paying the employee's bill.
My employer owns mine.... (Score:2)
...and pays for all calls. Nice little tax break for me.
Libertarian response (Score:2)
Who paid for it? That's who owns it.
Now if you are being compensated by your employer then you are contracting your property to the employer, the employer can place stipulations on the contract which you are free not to agree to and not sign the contract. This is quite clear in Australian contract and tax law. I own the device, employer contracts the device from me which is why I
Old joke, but.... (Score:1)
Always separate your job and your private life. (Score:2)
My company has no business with my private phone, instant messenger, e-mail, etc.
Just like my home, the job is taboo. A boss calling me at home, if it’s not a big time emergency, will get him in trouble with me.
If they want me to have a business mobile phone number, they provide a separate business phone.
Pe-fucking-riod!
At IBM... (Score:1)
We've been responsible for our own cell phones including smartphones, and given a $50 reimbursement for them for a few years. Now IBM is phasing this out, instead issuing corporate cell phones which may NOT be used for personal calls. Many see this as a way for IBM to save money, as most employees refuse to carry two cell phones and thus don't even use the new plan.