MSA customer wants user to use personal (BYOD) computer

MSA customer wants user to use personal (BYOD) computer

I hope you’re well. I understand some usersi will be using their personal computers for work. This presents serious security concerns in terms of safeguarding your company’s data and your customers’ data.

We recommend that you do not allow users to do this, as it undermines the efforts you are paying us for to keep your data and your company secure. IT may also violate your cybersecurity insurance policy. (You'd need to discuss that with your insurance agent.)

[OPTIONAL] If users must user their home computers, we should set up a VPN so they can safely tunnel into work sites.

I urge you to take these steps in order to protect against issues that may arise if machines are not receiving patch management services and managed anti-virus.


[Particularly with users working from home, it’s difficult to know who has access to the machines and what mayhem may result, even if accidentally.]

 

Alternatively, it is probably more cost-effective and safer to simply purchase company machines for these users.



    • Related Articles

    • Workflow: New User (New Contact) for Current Customer

      Any time a new user is onboarded, whether the customer explicitly says so or not, you (the person responsible for the ticket at any given time) must perform the following action to ensure they are properly onboarded in our systems and in the ...

    • Remove Contact (User) for RMM Customer

      Use ticket category: Administrative Change/Request. Confirm the ticket contact field is populated Choose ticket template "[Current Customer] Remove Contact/User for Current RMM Customer". Add either the generic or the customer-specific checklist for ...

    • Access to Company Resources From a Personal Computer - Verbiage

      For Customer considering allowing users to use a personal machine: Hi XXX, I hope all is well. I understand you have a [some/an intern)s)/consultant(s) PICK THE RIGHT ONE AND EDIT CAREFULLY] joining [company name] soon. I'm writing to strongly advise ...

    • Customer Cyber Security Incident Response Plan (for Incidents External to GGIT)

      Customer Cyber Security Incident Response Plan (for Incidents External to GGIT) This document describes the steps our internal team should take in the event of a cyber security incident at a managed services customer of ours. For purposes of this ...

    • New RMM or Backup Service contract procedures

      New Services (RMM/Backup) contract procedures These instructions assume the following: Customer has signed contract via DocuSign. Customer has also signed the T & C (general consulting) agreement. Otherwise send this agreement via Docusign. I. Create ...