University IT wants to take away my Inc

[KenV]

I was wondering if anyone had any strategies to try to help keep this from happenning.

I work in the med school at a university (think blue with the letter before Z) that has decided to suddenly become security conscious after having a laptop stolen. They have decided that all email needs to be protected as if it contains HIPAA and one month after I bought my Inc with my discretionary funds, they are telling me that only iPhones or Blackberry's will be allowed. The main rationale I am being told is that the SD card cannot be encrypted.

Despite my pointing out multiple times how frequently the iPhone gets hacked, they do not want to hear this. It is not only that I love my Inc, but I have invested in the apps, the accessories and probably most, the time to learn and use my phone for everything that I love about it. I have read the stories about the Droid Pro, but that encryption will not be available upon shipping. I wonder if it is a software implementation if it might become available for the Inc... Or maybe one of the xda folks will put out a custom kernel or rom that enables this...

Or do you all think this is just wishful thinking?

I have been saying that they can have it back when they pry it from my cold dead hands. My next post might be in the classifieds seeking a new job.

 

[cpjr]

Email isnt stored on the SDcard, problem solved.

Someone correct me if Im wrong.

PS- They are idiots.

 

[Droids]

What cpjr said. The connection is encrypted and the email isn't stored on the sd card. Froyo gave the IT peeps what they wanted. Is there no one in your IT department with an Android device running Froyo? Are they really that clueless?

 

[KenV]

What cpjr said. The connection is encrypted and the email isn't stored on the sd card. Froyo gave the IT peeps what they wanted. Is there no one in your IT department with an Android device running Froyo? Are they really that clueless?

What I fear is that it is really the lawyers calling the shots and it is all overkill. I doubt anyone in the IT leadership actually has an Android phone. To put it in context - for the first time they are actually asking clients to upgrade from XP and IE6. Every desktop and laptop suddenly has to have whole disk PGP encryption installed. They are talking about requiring two factor authentication to access email from your home computer. And they are having all of the individual departments foot the bill for all of this. If I have to go back to using a Blackberry, I am going to cry.

 

[cpjr]

Who is paying for your phone? If they are then you really cant say anything.

If you are....screw them. Tell them when they are paying the bill, you'll use what they prefer.

 

[alitke]

If they are not paying for your phone then they have no say in the matter.
Lastly, tell them you want a written notification from a lawyer stating that you cannot use your phone.

Your Android device is no more at risk than a blackberry or iPhone. As long as you place a notification at the bottom saying something along the lines of "if you receive this in error" or such you are covered anyways. It is definitely all smoke up the you know what.

 

[mwhartman]

I would argue that you can password protect your device. If you can find an app that allows the phone to be wiped should it be lost or stolen would add another level of protection.

What truly puzzles me -- why is the school is supporting any email that may contain patient information. My sense is they have bigger security concerns.

Mike

 

[brochaos]

yea i thought the whole point of froyo was to bring all of the security to the email stuff. remote wipe, domain password, yadda yadda.

 

[alitke]

I would argue that you can password protect your device. If you can find an app that allows the phone to be wiped should it be lost or stolen would add another level of protection.

What truly puzzles me -- why is the school is supporting any email that may contain patient information. My sense is they have bigger security concerns.

Mike

I agree. This sounds more like some kind of racism, or would it be techism, toward an Android device. Makes zero sense in the real world why 2 devices would be ok but the third not allowed. I mean I would understand if Android was hacked daily and everyone knew you could easily get access to it but that is just not the case.

 

[KenV]

Thanks for all of your input.

It really does seem like 'techism' to me. Another factor may also be the newness of the device. These guys behave like massive IT bears - slow to awaken and then slow clumsy but powerful swipes at a threat that has already passed. They just decided that it was OK for everyone to upgrade from Office 2003 to 2007.

In fact, I paid for my device through my own departmental discretionary funds and that is how the bills are paid, so it is kind of in between. In all truth, even if bought my own Android phone, if the policy is that I cannot use it, then that is that. I am reminded over and over that even though America is a democracy, the university is a dictatorship. We have been very poorly informed about these security changes and most emails requesting information go unanswered. If you write complaining, you are sure to get silence in return. And let's face it, most of the leadership at these type places are Mac yuppies . They look down their noses at the Android techie-types:reddroid:.

 

[mwhartman]

Thanks for all of your input.

It really does seem like 'techism' to me. Another factor may also be the newness of the device. These guys behave like massive IT bears - slow to awaken and then slow clumsy but powerful swipes at a threat that has already passed. They just decided that it was OK for everyone to upgrade from Office 2003 to 2007.

In fact, I paid for my device through my own departmental discretionary funds and that is how the bills are paid, so it is kind of in between. In all truth, even if bought my own Android phone, if the policy is that I cannot use it, then that is that. I am reminded over and over that even though America is a democracy, the university is a dictatorship. We have been very poorly informed about these security changes and most emails requesting information go unanswered. If you write complaining, you are sure to get silence in return. And let's face it, most of the leadership at these type places are Mac yuppies . They look down their noses at the Android techie-types:reddroid:.

Prior to retiring, I was the IT director in central HR at a rather large University, so I do have insight into this matter.

Based on what you have written I would agree that the IT folks are not as current as they should be. HIPAA covers a wide range of issues. It would be interesting to compare the institutions policy/procedure to the IT groups written policy/procedure.

It would also be fun to include the E-Discovery policy.


Finally, the IT folks that worked throughout my former place of employment used a variety of computers. Admittedly, there seemed to be a preference to Mac but they were professional enough to support all. In view of the what you have written those individuals appear unable to connect the dots on a number of issues.


Good luck!

 

[cpjr]

Thanks for all of your input.

It really does seem like 'techism' to me. Another factor may also be the newness of the device. These guys behave like massive IT bears - slow to awaken and then slow clumsy but powerful swipes at a threat that has already passed. They just decided that it was OK for everyone to upgrade from Office 2003 to 2007.

In fact, I paid for my device through my own departmental discretionary funds and that is how the bills are paid, so it is kind of in between. In all truth, even if bought my own Android phone, if the policy is that I cannot use it, then that is that. I am reminded over and over that even though America is a democracy, the university is a dictatorship. We have been very poorly informed about these security changes and most emails requesting information go unanswered. If you write complaining, you are sure to get silence in return. And let's face it, most of the leadership at these type places are Mac yuppies . They look down their noses at the Android techie-types:reddroid:.

Prior to retiring, I was the IT director in central HR at a rather large University, so I do have insight into this matter.

Based on what you have written I would agree that the IT folks are not as current as they should be. HIPAA covers a wide range of issues. It would be interesting to compare the institutions policy/procedure to the IT groups written policy/procedure.

It would also be fun to include the E-Discovery policy.


Finally, the IT folks that worked throughout my former place of employment used a variety of computers. Admittedly, there seemed to be a preference to Mac but they were professional enough to support all. In view of the what you have written those individuals appear unable to connect the dots on a number of issues.


Good luck!

Yeah I have also had a number of years put into the IT field. Last call was the NOC Director for a wireless data communications company.

And yeah, thats a long explanation to my first statement, "they are idiots".

 

[Grimster]

Its not YOUR phone. You didnt pay a penny for it so you have no say. If you want your own phone go out and buy one like everyone else.

 

[KenV]

Its not YOUR phone. You didnt pay a penny for it so you have no say. If you want your own phone go out and buy one like everyone else.

Wow. Maybe you work in IT where I do, because that is exactly their attitude.

If you read the thread carefully, IT here does not care who pays the bills. They are moving towards not allowing email access from Android phones. Period.

I would strongly argue that I do indirectly pay for my phone. I can use my discretionary funds for any work related activities. I always go over and use personal funds for the difference. I could easily save my phone related expenses and pay for them personally.

Over one half of the operating budget of the school comes from grants and clinical activity. I substantially contribute to both of these, way in excess of the salary I draw. It is from this budget that IT operates plus the direct charges they draw from me for my email account, etc. They operate in this manner in a monopoly state. Until their attitude and behavior begins to reflect that I contribute to their support and that the faculty are educated consumers, not children to be told what to do, they will be seen as arrogant adversaries, instead of the cooperative partners that they should be. Without the faculty, there is no school. With no school, there is no need for IT.

 

[megawatz]

Tell them to get with the program, stop being slackers and upgrade to Android. The only reason they're arguing with you against this is because they don't know the logistics of how android really works. Android has just as many security features (if not more) than the iCrap and the Crackberries. If its your discretionary funds then tell them to talk to your lawyer, and see how they'll handle it. You're basically being discriminated against as well. This whole "techism" thing you refer to.

All in all: iPhones and Blackberrys are NOT all thats out there anymore. They're idiots, you're the smart one. Fight. Defend. Honor.