W5 Discussion Comments

Employer Policies: I included this question so that you can see that control over personal devices is an issue that requires management attention. You gave some good examples of problems and polices that are exist in the real world. This is the first class where large numbers of students "discovered" that they had important company data on their laptops and had (valid) concerns about how the company was protecting this data.

Company Laptops: You gave an example of where a company required encryption of the entire laptop hard disk and some of the problems that this created. There is a classic trade-off between security and convenience and the nature of the business and the importance of the data being protected help determine security trade-offs. The most expensive edition of Windows 7 supports full disk encryption without the need for third party software.

Company Laptops - employees: . As an employee, I would work on the assumption that the next time I came into the office, I could be laid off and the company would take immediate possession of the company laptop. I would not have an opportunity to backup or erase data.

Cloud Storage: In D2, you mentioned the potential problem with storing data in the Cloud and that policies have not caught-up with the technology. I agree. Imagine a Salesman that is about to quit copying the entire customer list to his or her personal Dropbox or Google Drive account.

Personal Experience: I have one personal laptop computer that contains my personal data and files that I use for teaching at Dominican. I perform complete and incremental backups to an external hard drive twice each week using Norton Ghost. The external hard drive is mirrored to a portable hard drive that I store away from my computer. The backups are completely encrypted.

I almost never take my laptop away from home. Instead, when I am at Dominican, I access my home laptop remotely using Logmein.com. When I am at home, I can access the Dominican desktop in my office also using logmein.com. I access my desktop machine at my consulting client using Windows Remote through the client's Virtual Private Network. This allows me to do most of my work from home. My laptop hard disk is not encrypted so I don't store student or client information on it. Some critical personal files are encrypted but not as many as should be. On my next laptop, the entire hard disk will be encrypted.

In the future, I will have less data stored on my laptop. I have an iPhone Personal Hotspot that allows me to access the Internet at a fairly fast speed from every place I work and travel. This means I can access data stored at Dominican, at my client, or on Google or on Windows Live from almost anywhere.

Opinion: It is becoming much easier to store data in secure locations and access the data from anywhere. Therefore the need to carry critical data on a laptop should be steadily decreasing.