The only other thing is if the information stored on it falls under HIPAA. I haven't looked at it that closely, but it may have something regarding the age or patch status of systems that would put you out of compliance regardless of how secure your implementation is.

@Dashrender said:

@Kelly said:

I think two phones should be normative. I'm probably in the minority, but I don't like BYOD. Can you consider a phone a secure business device if it is used for Netflix, Candy Crush, and for keeping the 3 year old quiet? This is a significant orientation change in my opinion. It is putting a small computing device in the hands of employees that can be secured and controlled in a major way. The "app gap" is almost a feature :). I'm not sure I'm communicating clearly, but even if this is not currently the standard, it should be.

I completely get what you are saying - but the end result is that the non technical CEO does not want to carry around two devices - one for facebooking/twitter/personal email/personal texting, etc and a second one for business.

Nor should he have to. Virtualization already exists that allows business apps to exist in a type of container that can have separate authentication requirements than the base phone.

There was a named TouchDown that did this at least for Exchange based email.

I know other products also exist to create this separation between the user's junk and the business stuff.

It would be very cool to have a containerized, secure, business OS run within a personal phone. I would push to move in this direction almost regardless of the platform or other considerations.

@scottalanmiller said:

I'm all for companies offering devices, but requiring them feels like an epic fail except in the most extreme special cases. This is why people hate Blackberry, it was just the shitty second phone you had to carry.

This phone is dual SIM, so you could put both a personal number and a work number in it, so for someone who didn't want the full smartphone experience on the personal front, it could do both.

@scottalanmiller said:

I think BYOD caused modern security to happen.

@scottalanmiller said:

They didn't do it "for" BYOD, BYOD became a natural extension of the improvements in security.

You can't have it both ways, you need to pick one

@scottalanmiller said:

@Kelly said:

BYOD was never something that was good in the view of securing and maintaining company communications. It was initially a way to save money, and then became normal.

I don't agree. I think BYOD caused modern security to happen. It wasn't about saving money, it was about better design. Once you went to what I call the "citadel" design of your network, BYOD was trivial. In the enterprise, I saw functionality drive BYOD, not cost savings. The cost savings thing I only heard about in the SMB a decade later.

I feel like I'm inviting a @scottalanmiller firehose of information here, but what functionality gains were seen by using BYOD? The devices were unchanged generally. Perhaps it is the difference in our experiences, but I don't even see how what your describing makes any sense. The decade thing seems a bit farfetched as BYOD really only became a thing, in SMB afaik, in the late aughts. To put enterprise BYOD back into the late '90's seems a bit incredible.

BYOD was never something that was good in the view of securing and maintaining company communications. It was initially a way to save money, and then became normal.

@scottalanmiller said:

@Kelly said:

This is a significant orientation change in my opinion. It is putting a small computing device in the hands of employees that can be secured and controlled in a major way.

For companies that depend on the LAN and can't figure out BYOD. As someone who spent a long time in this world where a second phone was needed, it caused revolt. People just stopped working rather than keep the device charged, protected, etc. It's horrible, especially when the device starts becoming enormous like this. If this was my only device, sure, but as a second "carry this around all the time" no thanks.

Was there a specific reason you excluded the forgoing portion of my post? It seems that those considerations are very germane to the discussion. Yes, people revolt at even the slightest inconvenience, but that doesn't mean it is in the best interest of the business to cater to them even at a larger inconvenience like having two phones (one of which replaces their laptop).

I think two phones should be normative. I'm probably in the minority, but I don't like BYOD. Can you consider a phone a secure business device if it is used for Netflix, Candy Crush, and for keeping the 3 year old quiet? This is a significant orientation change in my opinion. It is putting a small computing device in the hands of employees that can be secured and controlled in a major way. The "app gap" is almost a feature :). I'm not sure I'm communicating clearly, but even if this is not currently the standard, it should be.

@Dashrender said:

I'm not really sure how this is saying "screw you" to the carriers, but I agree this is a pretty nice setup for the business person on the go.

There is a not insignificant amount of revenue gained from selling upmarket phones, and that is where many of businesses go because they need the performance.

What excites me the most about this, isn't the actual device necessarily, but the promise of the concept. This moves the idea of one device doing all of our computing from concept to reality. It doesn't meet my needs per se, but it meets many needs in the larger universe of compute. I also like the fact that this is a way to say "screw you" to the carriers who have never worked for the customers' best interest in any way.

HP is releasing a Windows 10 Mobile device aimed at the enterprise. This seems like an interesting riposte to the BYOD craze: https://www.thurrott.com/hardware/64677/elite-x3-hp-takes-windows-phone-enterprise.

@scottalanmiller said:

@gjacobse said:

• PC or MAC?

Mac would be okay but probably pretty costly for running Windows 10.

In the ultra light category the MBAs are fairly competitive price wise.

I'm partial to the HP Spectre x360. The Dell XPS 13 really looks sharp, but I haven't worked with it.

After playing Fable: TLC for awhile I decided to revisit Fable III, so I reinstalled that. I did opt to back an interesting kickstarter: https://www.kickstarter.com/projects/1314680699/children-of-zodiarcs-a-new-tactical-jrpg-by-aaa-ve/. Hopefully it is actually released soon.

If there is going to be a band at the end party, it would be really helpful to have a place where the music isn't deafening for people that just want to hang out.

This should also be a concern for internal systems. Having the ability to MitM a server if you can take a client even through other means is a pretty large problem.

@nadnerB said:

hands out chill pills
Wow, one thing is painfully obvious here.
You all live in the wrong part of the world.

There was a time in my life where I seriously contemplated emigrating. Not because of anything wrong with the US, but because I liked the parts of AUS I'd been to, and the people I'd met.

@JaredBusch said:

@NattNatt said:

I remember mine...always been a bit wary of using an application to store them...then, if someone gets into that, they have everything surely..?

I have hundreds of unique passwords for all the various systems and sites and services I use. There is zero chance that I can remember all of those passwords.

I'm with you on that. It seems like every government agency has different requirements, and many of them state that you cannot reuse a password period. I cannot keep 20+ passwords with their crazy and conflicting complexity requirements stashed in my head when I only use them once a month (to keep my account active).

I use LastPass currently. I'm waiting warily for LMI to do something stupid and I'll jump then, but at this point the effort is not worth it.

@scottalanmiller said:

@Kelly said:

ITAR makes anything hosted security difficult.

FTFY

Yes, it makes everything harder, but makes hosted things, at best, hard; typically infeasible.

@scottalanmiller said:

@Kelly said:

So apparently ManageEngine ServiceDesk can run on Linux: https://www.manageengine.com/products/service-desk/help/adminguide/introduction/installation-linux.html. I may have to

Only place any of us have ever run it

But then again, the hosted version is free, so why run your own?

Compliance issues. ITAR makes anything hosted difficult.