personal or work one?

This may not apply everywhere but the gist I was given (which of course is not reflected in the draconian policy I drafted) is that:

if someone was using their own kit it became too much much trouble to monitor things. If there's a reason to single someone out then something more could be done but as a general proposition tracking every device that logs into the system and tying it to an individual sits firmly in the 'Too Much Trouble' box. eg, how can you ever prove that a given device that's been spotted accessing WOTB belongs to Charles21 or CWC without CCTV and peering-over-your-shoulder style snooping?

However if it's work kit, don't do anything more than a reasonable amount of general web browsing (as the audit trail is easier to acquire and pin onto you - every work laptop will be asset registered and traceable back to you, and browsing histories and so on will be sitting backed up on a server somewhere).

Posted By: CWC, Jan 14, 10:40:09