Yeah, sued seems hyperbolic. From my perspective if a staff person was capable of cloning their HDD and putting in an SSD by their self, I'd be quite happy for them to go ahead.
But, we have an MSP that should and _will_ do this for you so I'd rather it was organised on your behalf and we took the necessary backups in case you borked it. Plus we could take ownership of destroying the original HDD would also be quite important.
IT Dir, can you explain why you'd react the way you would? Perhaps I'm missing some risk here but ensuring BitLocker (assuming they and you are running Windows) is running and other compliance controls are running like Intune or equivalent. I don't see any many risks here:
1) Data loss during the clone transfer 2) Need to ensure the original HDD is destroyed and certified as such.
All they'd need to do is tell me, and I'd get them a laptop with an SSD.
I cannot have lone wolves like that hanging around. They have the potential to do far more damage than someone from the outside.
