What about the exemption process? Working in a fortune 500 company, this is a challenge I run into all of the time. I have to leave the office and work from alternate locations to get all aspects of my job function performed due to such measures. And that's AFTER I had to create a custom build of my laptop to be able to use the non-standard programs that are critical to both my and the organization's success.

Implementing measures to secure these endpoints is an excellent plan for the stifling of innovation, collaboration, and productivity. Another key point the author missed is that if computers are to be used only for business purposes, employees will have to not be at work to conduct other tasks that need to be done during business hours. Therefore, the amount of time people spend working in a given year goes down. Therefore, the overall productivity of each employee goes down. As expensive as viruses and worms, as well as current security technology is to deploy and maintain, it's still cheaper than the alternative. If it isn't, then your risk managment methodology that you use to justify your decisions in business terms is grossly out of whack.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/372/32776#32776