Policy, Program and Procedures

 View Only

  • 1.  BYOD - keyboards

    Posted 08-05-2024 09:05 AM

    This may seem miniscule… but what are the risks for employees bringing their own colorful keyboards and using them for work purposes?  I'm new to the ISO position here and these new, colorful keyboards seem to be showing up more & more the last couple of months.  Wondering if this is something I should worry about or if I'm over thinking things.  Other IT positions I've held, we never let anyone bring in their own colorful keyboards and now that I'm back in the financial world I have some concerns.  

    Does anyone else have thoughts on this?  Need a little guidance if I decide to be the "bad guy" & ask everyone to take their colorful keyboards home. 



  • 2.  RE: BYOD - keyboards

    Posted 08-05-2024 09:11 AM

    Hello Shelly. As long as these are standard USB keyboards, there is no risk. This is more of customization when it comes to peripherals vs any actual risk. The designs and customization appeals more to younger generations.


    Original Message


  • 3.  RE: BYOD - keyboards

    This message was posted by a user wishing to remain anonymous
    Posted 08-05-2024 09:37 AM
    This message was posted by a user wishing to remain anonymous

    Not sure what a "colorful" keyboard is. (Beyond the obvious.)

    Initial questions, to me, are: What is your company's policy towards the use of personal devices/hardware for work? Has the CISO performed a risk assessment of keyboards generally and set policy? Who has the authority to pair devices (monitors/mice/keyboards etc.) to work issued equipment? 

    These are the main, but not necessarily all, risks. 

    Perhaps you should discuss with your CISO or Head of IT - whomever has the authority over these issues.

    Good luck.


    Original Message


  • 4.  RE: BYOD - keyboards

    Posted 08-05-2024 09:47 AM

    Yes, just the obvious...colorful/pretty keyboards instead of the default black Dell keyboards.  These are all USB keyboards, so nothing to downloads as our users don't have admin creds.  The CISO retired earlier this year & I replaced her as the ISO...so this is my wheelhouse to make a decision on.  We do not allow BYOD for laptops or tablets, but keyboards would be in a different category than a normal BYOD device.  


    Original Message


  • 5.  RE: BYOD - keyboards

    Posted 08-05-2024 10:38 AM

    No ,we do not allow personal keyboards/ mice/ monitors or the wireless versions.   We have it policy that no one other than IT should be plugging anything into their machine.  In my experience these things get out of hand quickly.  Well, if I can bring this in and plug it in then I can do this other thing too.

     

    We do review this on an ongoing basis as well.  Now if they want to put up a colorful light at their desk, fantastic as long as it only plugs into to the outlet and not their machine.

     

    Thanks,

     

     
    Kelli Shoup | Technology Support Lead/Information Security Specialist

    Facebook LinkedIn
    The Farmers Bank
    9 East Clinton Street | Frankfort, IN, 46041-0129

    This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.




    Original Message


  • 6.  RE: BYOD - keyboards

    Posted 08-06-2024 09:43 AM

    As a guy in my IT department, there is little risk in this. Our company does order and provide ergonomic keyboards and mice to those who need it, and we have no rules against bringing your own. By themselves, peripherals that can't store information have no risk.

    However, we do have a system in place that blocks unauthorized software downloads without IT approval, so if these peripherals come with their own software, then those downloads are blocked. Keyboards and mice typically function just fine without extra software. Perhaps it's very millennial of me, but I see no reason to not let workers have a little joy in their lives if other risk mitigation is in effect.



    ------------------------------
    Diego Fable
    Enterprise Data Management Admin
    Midsize Mortgage Nonprofit
    ------------------------------

    Original Message


  • 7.  RE: BYOD - keyboards

    Posted 08-15-2024 02:48 PM

    I tend to agree with the others on low risk for peripherals without storage ability.  However, some do require additional drivers to fully function that you may need to restrict access to. The larger concern could be mechanical keyboards with louder 'clicks'.  Many workplaces have banned these as they're just simply too distracting for other works in close proximity.  I personally use one in my home office and prefer it over a membrane keyboard.  However, I don't think I'd enjoy a coworker in the office using one nearby when I'm trying to concentrate or focus.


    Original Message


  • 8.  RE: BYOD - keyboards

    This message was posted by a user wishing to remain anonymous
    Posted 08-16-2024 07:09 AM
    This message was posted by a user wishing to remain anonymous

    Allowing individuals to attach their own peripheral to a company owned device is not permitted in our organization. If you have a special need (ergonomic keyboard, for example), the organization should be providing that. If you like a wireless mouse just because there is no wire, tough, get used to the wired mouse. 


    Original Message