Thoughts and feelings about bring your own device.

[badbass]

How do you feel about an employee or student coming to work or school with a black bag. No one knows what is in that bag. Okay get to the point you are saying. If you are given the chance to bring your own laptop tablet or other device to school or work what could or would happen. No one knows what is on the thing that is in the black bag. Can everyone run software to suck all the bandwidth down. If a user brings a network device there could be other problems. Send fake ip addresses on the network. What happens if a machine with out a clean bill of health ends up on the network? There are other concerns. If I could put the students in there own vlan that will work for wifi devices. Ethernet devices are a problem who has what device and what device belongs. let me know any thoughts you have on the issue.

[cooper]

Donno about school but at work I'm trusted to the point where I can bring along anything and so long as I don't purposefully go about ransacking the place and being a nuisance (a.k.a. being a dick) then it's all fair game.

If I did go about being a dick, I expect to get a friendly but stern talking to from the local admin depending on his mood, the amount of his time I've been wasting and caffeine level which could in excessive cases mean my own manager is brought into the conversation and I'd have to explain myself to see if I still have a desk at the company.

I expect school to be kinda similar, except the network is probably better protected against threats from within.

[TN.Frank]

I think it's a good idea. That way you'd not have to be stuck running Windows.

[THCMinister]

One company I worked for had a policy for standard employees, it would not allow bring your own devices. Unless you wanted the company to pay your cellphone bill you could bring your own device as long as it had specific apps installed to monitor usage and remote wiping etc. Non-Standard employees such as myself, had pretty much free range(with some limits) when it came to having our own laptops at work. They provided cellphones, laptops, and workstations. I had two personal laptops(for development/testing/network tools to make sure people were doing their work) and a personal cell(Android with custom rom with hacked hotspot, which they paid for) and a company cell(minus the monitoring junk.

We found employees that would try to sneak in personal devices(to take work home,etc) and use them on our network. Having the network locked down prevented them from getting far. They could not access the net/local resources and we were alerted when devices were connected to hard wire your tried to connect to wifi. We had certificate base security for the wifi and everything was locked down so only a privileged few could add/remove devices.

I personally don't like others bringing their own device on a network that I manage, Unless they can be justified and monitored. On workstations/laptops we issued, they had the Burners/USB removable media disabled, just to name a couple measures we took.

[Rkiver]

I'd say it all depends on how the companies policies.

I've worked in places where everything was provided and monitored, and you could not use your own equipment, that was mostly due to development happening and they were paranoid about stuff leaking out, and fair enough.

I've worked in places where it was "bring your own if you want" and the issues that sometimes caused were annoying.

Right now I provide ICT for a few schools, and it's simple, if you want to use your own laptop or tablet you can, but be aware that ALL traffic can and may be monitored. Had one teacher bring in an Apple TV to hook up to the overhead projector and use it to then mirror her iPad. The Apple TV would not connect to the Wireless Network due to the security settings on said network. She wanted me to turn them off for her beloved Apple products. Response was a very clear "No", if you want to add things in, physically, it has to be signed off by me, you didn't. Not going to happen.

As for the computer lab the students use. EVERYTHING is locked down, screens can be monitored in real time etc. Had some parents complain about lack of privacy for their kids. They are in school, there is no privacy, get over it.

[cooper]

if you want to add things in, physically, it has to be signed off by me, you didn't. Not going to happen.

Yeah. I've worked in places where they had very strict policies (and rightfully so in their specific context) but if you needed to hook something up that they weren't able to provide from their own validated set of equipment you simply had to ask a week or 2 in advance and one of the admins would schedule a meeting with you where you'd bring along your device and they'd go over their own requirements with you in an effort to get your piece of kit to work in accordance with their guidelines. If you did that in a friendly and respectful manner (hint: fetching the admins a round of coffee goes a long way and DOES get you remembered) they'd help you set things up in such a way that you can do what you want, possibly just for the duration of your event, and everybody's happy.

Just make sure that you understand the admin's position. It's NOT his or her task to get YOUR piece of kit working on THEIR network.

When they don't seem to cooperate with you, there's a reason for that and you're better off trying to understand that reason and trying to fix that than you are complaining to their superior.

[Rkiver]

Yeah. I've worked in places where they had very strict policies (and rightfully so in their specific context) but if you needed to hook something up that they weren't able to provide from their own validated set of equipment you simply had to ask a week or 2 in advance and one of the admins would schedule a meeting with you where you'd bring along your device and they'd go over their own requirements with you in an effort to get your piece of kit to work in accordance with their guidelines. If you did that in a friendly and respectful manner (hint: fetching the admins a round of coffee goes a long way and DOES get you remembered) they'd help you set things up in such a way that you can do what you want, possibly just for the duration of your event, and everybody's happy.

Just make sure that you understand the admin's position. It's NOT his or her task to get YOUR piece of kit working on THEIR network.

When they don't seem to cooperate with you, there's a reason for that and you're better off trying to understand that reason and trying to fix that than you are complaining to their superior.

All of this.

Asking me in advance, getting me a coffee, telling me why you want to use your own piece of kit. If they had taken that time, I'd have the time to go through why it may or may not work, and then possibly find a work around.

But (as with a lot of Apple fanpeople, not users who just like, I mean worship at the alter of Jobs crowd), if can't be their iPad or Apple device that are wrong, it has to be EVERY OTHER BIT OF EQUIPMENT that is working fine.

I have a set amount of time in the school each week, I must budget it out to the most important tasks (server updates, making sure the computer labs are fine etc), at the VERY bottom is teachers own equipment. If the school provides it, then it's under my remit. If it is their own, honestly I don't have the time or patience.

[badbass]

Thanks you guys are awesome. My mom thinks in a controlled environment it is a good idea. Using your own device to work on a project or use a resource not available in a company. The bad someone plugs a router in to create there own Wi-Fi network. It also has a network switch on it. Now you have a device firing out duplicate ip addresses. This is something that might happen in a school. I have even seen students create an SSL tunnel to their home networks to bypass security.

If it is maintained right it could be something that could have value. Separate Vlans. Imagine having a day to bring your own device to school. Fortunately there is a firewall to protect the network and block content. Things like Vlans, content based firewalls will fix some of the problems. It is just like anything the bugs need to be worked out. Thanks again.