Enterprise security policy

/

I received an email reminder from the client recently.

"Please don't plug external/personal laptops into the corporate network, this is against the enterprise security policy".

This blog is not a criticism of this security policy.  In fact, I tend to agree with the gist of this security policy.  It is always better to tell your less-computer-savvy users to avoid plugging in potential trouble into the network.

However, this does reminds me of a few things I wanted to rant about:

1. What about things like: External Hard Drives, USB sticks (and by extension, iPods or digital cameras)? 

They can transfer viruses too.  There was a news just this January where the USB digital picture frames many people got for $50 from Best Buy for their grand dad for Chrismas, and it was infecting their PCs.

http://www.news.com/8301-10789_3-9843574-57.html

Personally I think the network must be smart enough to detect virus troubles and drops the device from the network automatically, in a corporate environment, this goes for both "internal" as well as "external" machines.

Enterprise Security Policy by limiting who can or can't plug into the network is extremely naive, and possibly only give a false sense of security.  I sincerely hope there's a second line of defense on the network beyond just this policy.

2. Licences on development machines

For many years, I do work on a laptop with all the tools already installed, licensed and configured correctly.  So when I showed up at a new client/project I'm ready to go on day one.  Trouble is, many clients have a similar requirement in not allowing external machines to be used on the network - usually that's a set back for development time with lots of "develop on laptop", "copy over on USB stick", "test on client network"...  rinse and repeat.  This is a workable solution, but it is time consuming and still requires a basic setup on the client's development computer (at least VS.NET)

I thought there are a lot of parallels between a consultant vs say a plumber.

Plumbers shows up at the project with their own hammer.  The client doesn't have to buy a hammer for the plumber.

If a consultant shows up at the project with their own laptops.  The client shouldn't have to buy a new laptop (or the tools on it) for the consultant. 

What happens though, when the client won't let the plumber use the plumber's own hammers on his sink?  How can the plumber do his work?

Oh by the way we're still waiting for a few more licences for Resharper.