2008/11/10 John Jasen <[EMAIL PROTECTED]>: > Kate Harris wrote: >>> You then use the corporate legal policy to create an IT policy that >>> 'conforms', i.e., personal data will not be tolerated (or backed up and >>> restored) on company laptops. >> I'm not sure I want to go so hard on personal data, but... if the >> policy exists it doesn't have to be fully enforced all of the time, >> just if needed. > It has to be enforced consistently, or else it can be held to be > unenforceable. You can't fire user X over doing un-allowed-activity-A, > where users Y and Z do it and get away with it.
Oh indeed. Once the seal is broken on severe punishments for transgressions consistency must be applied. But there are degrees of transgression in this case - a letter to a solicitor accidentally saved to a laptop and forgotten about vs. GBs of copyright material which was not legally purchased. Reasonable and proportional response is implicit in the policies at the moment with the wording "may be subject to disciplinary action, up to and including termination of employment" where disciplicanry action may start with a stern word from a line manager which doesn't go on file. -- http://www.totkat.org/ _______________________________________________ Tech mailing list Tech@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/