"However, I'm pretty sure that Suncorp's looked over the legal/regulatory/liability issues that this type of computing presents." Can you say, "Sony" or "RSA" or "DigiNotar"? just because they're big doesn't mean they have covered all their bases. Just sayin'.
Interesting - this is the model NWEA is actually unconsciously moving toward. Maybe I'm looking at managing the wrong end? However with BYO how do you prevent what is effectively DoS if an infected machine or ten plop on your LAN? Dave -----Original Message----- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Tuesday, October 18, 2011 2:33 AM To: NT System Admin Issues Subject: RE: Macs and vunerabilities Let's not confuse delivery with due diligence. In a regulated industry, I'm sure there are plenty of lawyers and risk managers who can give opinions and descriptions about what *should* happen. Delivery is something completely separate, and lots of very large organisations struggle to do anything in a timely manner. However, I'm pretty sure that Suncorp's looked over the legal/regulatory/liability issues that this type of computing presents. And I suspect that the Australian banking regulator is also looking at it. Cheers Ken -----Original Message----- From: Alan Davies [mailto:adav...@cls-services.com] Sent: Tuesday, 18 October 2011 4:26 PM To: NT System Admin Issues Subject: RE: Macs and vunerabilities Fair enough! However, re the Aus story (sorry, not time to read today), size is never a good indicator of performance (ahem!)!! Honestly .. if I had a penny .. Big corporations (16k is medium) struggle to change or control their environment as often as not. Sony had terrible security. The biggest banks can't detect rogue traders. Lots of people, big and small, do things very poorly. a -----Original Message----- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: 18 October 2011 03:53 To: NT System Admin Issues Subject: RE: Macs and vunerabilities When I said "it doesn't matter", I'm speaking to the technical points - not the commercials, legals, occupational health and safety etc. concerns. FWIW, this bank is already offering this in Aus: http://www.theaustralian.com.au/australian-it/suncorp-goes-byo-in-hardware-as-staff-are-encouraged-to-plug-in-their-devices/story-e6frgakx-1226029655986 Given their size (16,000 employees), I'm sure they've done their due diligence. Cheers Ken -----Original Message----- From: Alan Davies [mailto:adav...@cls-services.com] Sent: Monday, 17 October 2011 11:30 PM To: NT System Admin Issues Subject: RE: Macs and vunerabilities Not true - you take on liability as an employer. You may protect the rest of your network to some extent with the example below, but it doesn't change your liability. And I'd still want a VPN in front of RDS/Citrix rather than direct access - you wouldn't put your Citrix servers direct on the Internet ... a -----Original Message----- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: 17 October 2011 16:28 To: NT System Admin Issues Subject: RE: Macs and vunerabilities You could provide all corporate services via VDI (RDS or Citrix). With other isolation techniques, it doesn't really matter what the end users bring in. Also have some policies for end-users to follow (e.g. installing AV - that can be managed centrally without them having to be part of a domain). There's at least one mid-tier bank in Aus doing this very thing (Suncorp-Metway) Cheers Ken ************************************************************************************ WARNING: The information in this email and any attachments is confidential and may be legally privileged. If you are not the named addressee, you must not use, copy or disclose this email (including any attachments) or the information in it save to the named addressee nor take any action in reliance on it. If you receive this email or any attachments in error, please notify the sender immediately and then delete the same and any copies. "CLS Services Ltd × Registered in England No 4132704 × Registered Office: Exchange Tower × One Harbour Exchange Square × London E14 9GE" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin