Worried about social media-crazed Gen Y workers opening your network to all sorts of risks by rampant downloading and p2p file sharing on company computers?
For one Canadian technology company the solution was simple – let workers bring their own computers and have them worry about security.
Gibraltar Solutions Inc., a virtualization reseller based in Ottawa, runs a corporate Bring-Your-Own Laptop (BYOL) program that has been a hit not only with both existing and new hires because of the flexibility and freedom it affords user but also for IT administrator who oversee network security.
Participants in BYOL programs are typically handed a budget of up to $2,100 and given free reign on what machine to purchase. The computer belongs to the employee and they get to chose how it’s configured.
“The biggest thing that most young workers want today is access to social networks like Facebook and Twitter – even in the workplace,” says Trent Dilkie, vice president and CSO of the 12-year-old virtualization solutions firm.
“We have a few Gen Y consultants and employees and we decided we won’t get in their way as long as the network is not at risk,” said Dilkie.
Dilkie is well aware the unpopularity of social networking among employers and the risks posed by un-controlled online activities. According to a recent report by security firm Sophos, at least 25 per cent of firms suffer from social network phishing attacks and attacks continue to increase. But the Gibraltar Solutions CSO also wanted to boost production and provide employees an encouraging workplace.
“We decided to step back and see what our employees can do,” said Dilkie.
Gibraltar Solution, however, did take a few precautions.
The company, which partners with other virtualization software makers such as Citix, VMware and Microsoft, employed a Citrix xen-based client hypervisor, to protect Gibraltar’s network assets.
“This essentially divides the physical laptop or desktop into two virtual machines,” said Dilkie.
One part of the laptop is for personal use. Users can load whatever software or application they want on this area. “A firewall separates a locked down part that contains a virtually managed operating system,” said Dilkie.
This second partition is controlled by IT administrators and requires users to go through authentication to access.
Gibraltar‘s BYOL program is still relatively new, but Dilkie said so far it has reduced the hours spent on help desk tasks and application deployment. The virtualization enables administrators to deploy software or deal with most application-related issues remotely. If the machine breaks down, it’s the user’s responsibility to get it fixed.
“Saving on administration costs is a big payback,” said Dilkie.
Kurt Roemer, chief security strategist for Chicago-based virtualization software provider Citirx says a similar BYOL program has been in place for over a year at Citrix.
“More than 80 per cent of our staff are Gen Y workers. Access to social networking tools is an expectation,” Roemer said.
Macbooks are a favourite for many Citrix workers on the program
Partitioning an employee-owned machine has some pretty compelling security bonuses he said. “For one thing if an employee’s laptop gets stolen, hackers won’t be able to get into the corporate side and hack our network because that portion is locked down.”
More than 200 staffers have signed for the program. Employees taking advantage of the program love the idea of having a single machine to contain both business and personal applications and avoid switching between two computers, said Roemer.
BYOL programs need some restrictions though. For example Citrix requires employees to use either Windows or Mac operating systems. Gibraltar employees need to install antivirus software and buy a three-year, full-service warranty this ensured that tech support from the manufacturer can be on hand within 24 hours and supply a loaner when needed.