Laptops and Logistics

Purpose

This page displays different pieces of information surrounding GitLab laptop procurement and management.

Scope

At GitLab, we use centralized laptop management for company-issued laptops. If you are in possession of a company-issued laptop, the details below apply to you. However, not all endpoint management technologies GitLab deploys will be required for Apple, Linux, and Windows laptops. Some technologies may be specific to the hardware platform or operating system.

Roles & Responsibilities

Role Responsibility
GitLab Team Members Responsible for following the requirements in this procedure
Corporate Security Responsible for implementing and executing this procedure
Corporate Security Management (Code Owners) Responsible for approving significant changes and exceptions to this procedure

Guides

Policies

New Laptops

Laptop Replacement and Repairs

Old Laptops

If the team member is under an active Legal Hold or possesses material related to an active Company investigation, they must comply with the notice requirements. Failure to comply with an active Legal Hold may expose the team member or the Company to adverse consequences, including civil or criminal penalties and sanctions. Their obligation to follow the procedures outlined in the notice continues until the hold is lifted, even if they depart the Company. If the team member departs the Company, all Company devices and any material they’re holding in accordance with any active Legal Hold Notice or active Company investigation should be turned over upon their departure.

Laptop Asset Management
This is a placeholder page. Please see the links below for any child pages that exist.
Laptop Buyback
Overview If the team member has not completed 1 calendar year at the time of offboarding or has received a laptop refresh within the past year, they have the option to purchase their laptop for current market value from GitLab. If the laptop has been used by the team member for more than one year, they can opt to keep their laptop at no cost, subject to promptly working with the IT Analyst team during the offboarding process to wipe the laptop and removed from management system, when required by applicable legal obligations, imaged for preservation purposes.
Laptop Donations
Overview Donating hardware/laptops will help people in disadvantaged areas and/or from underrepresented groups with their ability to learn about technology. Therefore GitLab offers the possibility to donate hardware devices to vendors on a curated list after 3 years of use. This curated list has been a result of the Upstream Diversity Working Group. The vendors on the list have been meeting the following criteria: Their focus group should be people in disadvantaged areas and/or underrepresented groups They should be non-profit Their values have to align with GitLab’s CREDIT values They should pass a “negative-press” check (first 2 pages of Google) If you, as a GitLab team member, would like to add a vendor aligned with the criteria, please comment in the Vendor sheet.
Laptop Hardware Models and Specs
Overview Laptops are purchased by Corporate Security during a team member’s onboarding process. The team-member will be sent a form to fill out for ordering. GitLab approves and supports the use of macOS as the OS for employee laptops. We also approve Linux for employee laptops, however team members will be self-supporting. For security concerns and support efficiency reasons, Windows is not supported as a hardware laptop OS for team members unless it is for specific product development and testing use cases.
Laptop Operating Systems
This is a placeholder page. Please see the links below for any child pages that exist.
Laptop Procurement for New Team Members
Overview The laptop ordering process for new hires starts as soon as an offer is accepted by a candidate and the initial Welcome email is sent by the Candidate Experience Specialist. This email will include a link to the Laptop Order Form where the new team member will state their intent for obtaining or ordering hardware. Please review the Macbook Model Eligibility to choose the appropriate model. Important: If your job title includes the word Engineer and your team is not approved for a performance model, it may be an oversight or typo.
Laptop Procurement Processes
Shipping Timelines KPI: 90% of laptops will arrive prior to start date or 21 days from the date of order. Once Corporate Security receives your laptop order, we will start working on purchasing your laptop. We leverage business relationships with several different vendors across the globe to accomplish this remotely. Please note delivery times will vary depending on location, hardware supply, vendor selection, and shipping method. In some instances, we may be able to work out priority or overnight delivery.
Laptop Recycling and Refurbishing
Overview We use SIPI Asset Recovery for devices that need to be recycled/returned. At GitLab Corporate Security’s discretion, laptops may also be sent to an Corporate Security team member for repurposing. Either way, GitLab Corporate Security will provide a shipping label and box upon request at no cost to yourself. If the Corporate Security department has record of a current litigation hold for the offboarded employee, IT will consult with Legal before proceeding.
Laptop Refresh Age Replacement
Overview Team members can choose to refresh their laptop, no questions asked, after 3 years of use (not necessarily 3 years of employment if a used laptop was issued at the time of onboarding). If the laptop is sufficient for your needs, you may opt to continue using a laptop until it no longer receives the latest macOS version from Apple (approximately 5 years). The old laptop must be wiped or returned within 2 weeks of receiving the replacement laptop, so please prioritize transferring information between laptops within this timeframe.
Laptop Repairs and Replacements
GitLab Laptop Replacement Program We get it, sometimes things happen! If your laptop is broken or not sufficient for your role you can request a replacement laptop if you do not qualify for the 3 year refresh yet. Replacement laptops for broken GitLab laptops can be requested as needed by creating an issue. Please describe the reason for your replacement in the issue. (i.e., my screen and battery are damaged) also, please note replacements will require your manager’s approval in the issue.
Laptop Security Configuration Standards
New laptops should be configured with security in mind. See the linked configuration guides and policies below. Using iOS or Android? See the Mobile Devices (Phones and Tablets) page. Using Linux? See the Linux Desktop Security Standards page.
Laptop Software Configuration Standards
Overview Security Policy Do not install software with many known security vulnerabilities. Follow the Third Party Risk Management Procedure for review of services individually deployed on endpoint devices. After a decision regarding deployment of an endpoint management solution is made the process will be redesigned accordingly and services, where applicable, will be retroactively reviewed. Please ensure you continue to follow the requirements defined in the acceptable use policy.
Laptop Wipe (Factory Reset) Process
Overview Laptop wipes must be performed via scheduling an appointment with an IT analyst to wipe the machine and re-install the base operating system, and remove any and all software and configurations that were supplied by GitLab. Laptops must be wiped with Jamf for macOS, and DriveStrike for Linux. Using these tools ensures a clean disk wipe is performed and GitLab can retain evidence of the disk wipe. Under no circumstance should you perform your own disk wipe unless you are doing so at the request of IT to troubleshoot a technical problem with the laptop.
Last modified July 1, 2024: Add Corporate Security handbook pages (b684cdaf)
View page source - Edit this page - please contribute. Creative Commons License