Ask Slashdot: Should Employers Ban Smartphones? 510
An anonymous reader writes "Due to a concern that smartphones (and other electronic devices) could be infected with malware and used to spy on sensitive information, my employer has recently banned all personal electronic devices from their spaces. The concern comes from articles like this one. My question to slashdot readers: How reasonable is this concern? How can this sort of malware be prevented from showing up on our devices? Is there a way to educate employees about preventing this sort of thing rather than banning the devices altogether? This current reality is that people have started to rely on having their smartphones with them at all times for things such as receiving emergency calls from day cares and schools, making personal calls during normal working hours (i.e. to make doctor's appointments), accessing password managers, and scheduling calendar events."
Re:Suck it up. (Score:5, Interesting)
As long as my job pays me for every minute they intrude into my personal life or past the 8 hours a day I owe them, sounds fine with me.
It Depends... (Score:4, Interesting)
If you're working on material or systems that are classified, or something akin to the iPhone 6, then yeah. Letting *any* communications device into the work area is a very bad idea. You are being targeted. Probably very specifically, too.
If you're not working on anything of that nature, then probably not. Who cares if anyone sees the inside of your office? Or hears you talking sports scores? It's creepy as Hell, and you should probably be more worried about the fact that someone is mucking around inside your phone, listening to you.
The exception to this, is when you walk by some moron's desk, and they have their smartphone plugged into the USB port of the computer, MOUNTED AS A HARD DRIVE.
A computer which is inside the company firewall.
Sometimes, you just have to assume the lowest common denominator, because convenience in listening to an MP3 collection will always trump common sense.
Re:No (Score:5, Interesting)
MobileIron (Score:5, Interesting)
We switched all of our cell phones from one carrier to ATT and we purchased the MobileIron software (VPS and Sentry) to control all the aspects of the company phones that enter our buildings. In addition, for the people who chose the monthly subsidy as opposed to a company phone, we prevent them from getting WiFi access from within our offices as best we can (MAC whitelisting isn't foolproof but helps with 99% of our users). We don't allow the non-company provided phones to work if they are plugged into workstations via USB cable. With MobileIron I can control basically every aspect of their smartphones including camera control, data usage, app installs, etc.
Now, we don't have this fully running in production yet so I can't comment on the pitfalls I'm sure to face, but the short answer is workplaces don't necessarily need to ban smartphones as that could actually cripple some business processes; however, they are definitely a security threat that need to be managed just like other corporate and employee owned devices.
Re:What a good little slave you are (Score:4, Interesting)
No, it's certainly not an "American" thing. It's a bunch of indignant unmarried, childless aspies who've never actually faced the problem spouting off about their "issues" with policies like this. And I'm pretty sure there's no national boundaries for that.
Most employers have a "reasonable personal use" policy. If you're spending hours on the phone gossipping with your neighbors, then yeah, you'll probably be talked to. Have to take a short break to call the doctor's office to schedule a checkup? Call your wife to ask her to pick up the kids because you're going to be stuck at the office a little later than expected? Call the plumber to come fix that frozen pipe? Arrange with UPS to pick up the package at their delivery center since you won't be home to receive it? Get a call from daycare to let you know that little Johnny just had an allergic reaction?
These are all typical things you might need to do during the day, and these are all typical things that corporate "acceptable use policy" will deem "acceptable use," except for certain very specific cases - i.e., DoD contracting, very very secret "trade secret" work, etc. Most companies won't allow you to connect personal devices to the corporate network, but more and more of them are setting up secondary "internet only" networks for phones, tablets, personal laptops, and the like. This concern about "they could hijack your phone and take pictures of your facility and map the interior!" is silly for anybody who doesn't work in a top secret facility.
Here's an easy rule of thumb test: if you can bring your kid into your office and let them sit around there with you... you don't need to restrict cell phone use.
Re:No persuasion required (Score:0, Interesting)
I see software developers must have modded this to +4 informative. The key word here is "personal". You don't need your personal phone and personal laptop for business work. That's why the company provides you with a phone and laptop. I pointed out that it's developers who modded this up because developers rarely understand computer security, and often are the first idiots in a company to apply a script kiddie crack to get admin rights on their laptop. "Debug isn't enough! I have to install my program after compiling it! I also have to install Diablo3_keygenV0_3,exe because it's vital for my work! I had to repartition my drive because I wanted to install MyPC@home so that I could keep up with my side-job." Debug is enough. Installing your program is what the test lab is for. Diablo3 isn't part of your job, and if it were, you'd have a valid license from us. Really? You're admitting to the last one? Let's go have a chat with HR.
In the course of writing this, it's down to +1, so it seems some other mods are sensible, but this message still stands for the early dummies. Captcha:bemoan