input from a Pharma IT worker...

I work for a top Pharma (not Pfizer), and It's my job to deal with these things. Some points:

1) It wan't the worker, but the worker's *spouse.* Screwup #1 - letting unauthorized persons use the hardware. You DON'T do that.

2) Installing unauthorized software. Screwup #2 - leaving the system open for untrusted persons (like end-user) able to instal software. Only trusted, authorised persons should be able to install software.

3) Laptops have valid use, even for high-security work. People want better drugs for free. This puts pressure on the company to get increased cost/performance. That means Pharmas must cut costs. That means (among other things) fewer staff (my company is cutting many hundreds IT workers, for instance), and remaining staff working longer hours. Rather than work overtime at the office, they take their work home with them, on laptops. This reduces resentment, and increases retention of remaining staff.

It's not the laptop, it's the lack of security on the laptop, and the security breach by the authorised worker, in allowing an unauthorized user access.