Reply to: Use of client's equipment ie laptop

As was explained seven years ago when this thread started.

Bollacks. Completely normal.

Not restricting BYOD with solid, enforced security policies is probably one of the most stupid things a corporate could do. Apart from the myriad of unnecessary business risks it creates, the corporate is very unlikely to be covered by its insurance policies in the event of loss, however small or (especially) large the loss may be.

As somebody has said in this thread, any manager permitting or condoning such risk should be sacked!

You should read up on IR35 a bit more, understand it and know what to do without having to ask us every time something happened.

Failing that you could do a search as other people who don't understand their own business have asked this.

Original P2Ving suggester here. Sounds like using client's IT kit doesn't make a jot of IR35 difference unless your contract states "contractor supplies own IT kit" and you don't. I cite darrylmg's "bring-own-lav" reductio ad absurdum.

I work with a user-facing solution. Part of the service my company is providing is the ability to deliver within the parameters of the client's (reasonable) policies: IT, change, security, etc. I'd be breaching the "competence" clauses in my contract if I used my own laptop unnecessarily in violation of the client's security policy.

If I were a plumber, and the household I were fixing the leak for required me to use their spanner, I'd use the spanner. It does not make me a disguised member of the household.

I've worked at government ministries where I've used my own laptop which they were happy with as it was running Debian, if it had of been Windows then they would have installed a number of security products. I've worked at software companies where they've provided the kit for both office and home use but also been able to use my own for remote work as long as they could install the VPN client. I've worked at companies where the office kit was supplied by the client but remote was supplied by them or I could use my own. My current one provides everything, office and remote although they're testing BYOD. I have over the years found that it varies from company to company and it always pays to take your own laptop along, just in case...



(I've also worked at one one where the only thing you could take with you were a pen and paper, no laptop, no tablet, no phone but then that was a high security facility for the US Army!)

Oh yes, agreed, but my post was simply to point out that some Clients do ask/require use of won kit. Far removed from spoofing without consent, but...

Indeedy, certainly made it easy to justify the Gigabyte P35K I had been mulling over......that said, another contractor in a nearby part of the office has just started, running a MacBook Pro, and is having all manner of difficulties getting the Clients VM setup running.......seems the onsite IT bods are very Windows-centric, too

Yebbut, there is a subtle difference between a client saying "Use your own kit, please, Mr Freelance" and spoofing your kit on to their network.

Which is rather the point...

Started new gig this week, client gave me a phone, never happened before, I'm worried this puts me in IR35 land, should I hand it back?

I would kill for my client to do this. Would then be able to justify the outlay on a nice shiny top spec MacBook pro

Last couple of gigs, Client supplied laptop, but current gig requires I provide my own equipment. Permies are all supplied with laptops and phones, contractors have to supply their own - in fact, they also specify minimum specs of hardware, for example VT enabled and at least 8GB RAM, 80GB HDD space and i5 CPU....
Happy with this, means I have a VM environment running on my own laptop.

Yes, but you're not running your kit on their network, you're connecting through a management server, a proxy server and a couple of firewalls. I can hook this PC up to the client's secure network through a Juniper VPN linkage, but I can't move files from my PC to their datastore or vice versa.

I've also had my laptop connected to a client network in the past (at a certain major satellite broadcaster) and it was accepted as a native device. Then again, their security and service management regimes were utterly unfit for purpose (how many times have you found a dog end in a server room? Or shadow DR servers and SANs in the same data centre as the primary, off the same power supply?)

As I keep saying, just because you can doesn't mean you should.

I connect my own kit to a network that then allows me to use remote desktop to a server that is shared with the largest bank in the UK.

The client has no problem with this.

I agree with this.

However, to imply that no client will allow you to put your own kit on their network is absolutely false. It may be rare (almost all my previous clients have said no when I asked), but it's not unknown.

My current client allows me to use my own equipment - I had to accept their IT security policy, but I use my own kit. A previous client allowed the same - I only took my laptop with me for something to do in the evenings, and they said "oh good, plug your laptop in and get to work". Thankfully, I'd already installed the development tools on there, when I was playing around with the new machine.

Of course if all you are doing is cutting code and have no access to real data, corporate intranets and other material, and aren't working for a client with any concept of risk management or have nothing higher than IL0, then just perhaps he may be right. There are some awfully dumb clients out there you know.