[welldonemark]

Bypasses for this sort of technique seem too obvious to have escaped the research team. I could be wrong as it's happened before. The article describes limiting functionality of the device based on location. Perhaps a few of the more obvious bypasses could be mitigated this way?

The wording strikes me as backwards, though. The device ought to be largely disabled outside of the facility, nearly useless. Proximity to certain areas of the facility would enable the device with additional functions (hardware and software), as well as accessibility to data.

I see this benefitting a negligent user more than deterring a malicious one.