But the Wells Fargo side believed that policy wasn't secure enough.
"It still is a huge deal with Wachovia and Wells Fargo merging, because at Wachovia it was OK to have personal devices attached," Mekjian said. "Now we're going back to all those guys and saying, 'You've got to take them off.'"
For smartphones issued by the corporation, employees can choose among iPhones, Androids and BlackBerrys. Wells Fargo has also issued 200 iPads to employees and connected them to Microsoft Exchange, in a pilot program. All the data on those devices can be erased when they connect to the network.
"If I leave my BlackBerry here in your offices, and I'm back in Charlotte, I'll just call the team and say, 'Wipe it,'" Davis says.
Beyond mobile devices, Wells Fargo and Wachovia also had different policies on social networking sites that had to be merged after the acquisition.
"At Wachovia, we didn't allow access to any [social networking sites] at all," Davis said. "I think Wells Fargo allowed a couple more than we allowed."
Internally, Wells Fargo uses Cisco TelePresence, instant messaging, SharePoint and other tools to collaborate. The company also, of course, has its own Twitter and Facebook pages, so at least some employees can access sites that are blocked for the general population. And Wells Fargo is considering allowing more access.
"We're wrestling with that right now," Mekjian said. "Should you give access, and if you do, how do you get there [securely] as opposed to just turning it on and letting people do it."
Currently, "there are groups of team members who do have access to Twitter and Facebook, as well as other social media sites based on business needs," a Wells Fargo spokeswoman says. "We typically block access to these and other sites due to the potential risk to our environment. Unfortunately we don't have a firm list of sites that are blocked because team members often request access when their business needs change."
While Wells Fargo can control what devices and Web sites its employees use, it still must manage risk from customers accessing their financial information from any device with a browser, whether that's a PC, phone or tablet. Dangers abound from customers who leave devices unguarded after signing into their accounts or fall victim to social engineering attacks.
"We're only going to hold you harmless for a certain amount of dollars," Davis said. "If you lose $2,000 in fraud, we're probably going to make you pay $50. So you've got the keys to our vault."
Sign up for Computerworld eNewsletters.