Consumerisation and client computing
More than just executive desktop bling?
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
Workshop The Apple Mac is an appropriate candidate for the ‘I want one of those because he’s got one’ poster child. However, the creep of consumerism and its impact on the range of computing devices which find themselves inside organisations goes beyond mere executive envy.
The consumerisation phenomenon is a little tricky to pin down, but may slowly be driving the evolution of client computing in the business. Lots of reasons exist as to why people are inspired to go against the flow and do their own thing when it comes to the kit they use in their jobs.
There is the consumer in all of us, the jackdaw attracted by the glint of a shiny new toy, the rebel who just wants to use his or her own stuff regardless, the show off, the digital native used to having it all technology/connectivity wise, and being frustrated with what’s on offer at work, and so on and so on. None of these individual examples explain the gradual creep of consumerisation around business computing devices outright, but all of them contribute to it.
So what’s the impact of this at work? Firstly, experiences gained in our consumer lives can highlight how far short the experience of using corporate tools often falls against those in use outside work. For many, expectations may not be satisfied. We should not ignore the services that people access on their devices either. iTunes, Amazon, Facebook etc do not rely on ‘consumer kit’ to deliver the user experience, but they do drive ‘consumery behaviour’ - ie out of work behaviour.
Hence, what do we do about it? We could think about this in several ways. We could ask people to "grow up because its work and we’re about getting the job done not providing fun experiences". But we could also consider how employee performance might be enhanced by incorporating elements of commonly used consumer services or devices into applications or processes, whether that's simple things like instant messaging or more complex stuff like touch screen technologies.
Whether we’re talking about physical kit or services accessed from it, the perception of control in the corporate environment is usually the biggest influencer of acceptance or prohibition. As often as not, the knee-jerk reaction is to impose blanket bans, backed up with inflexible policies. However, this may simply push users into the realm of insecure, unmanaged and risky practices if and when they do bring their own kit and preferred services into the working environment.
The bottom line is that there is no use sticking heads in sand. If ‘consumer behaviour’ is starting to emerge, then companies need to be prepared to secure and manage non-standard devices, be they iPads, Macs or other such things. How many companies today stick their fingers in their ears, go “La, la, la, I can’t hear you...” and think ignoring the problem or making life a bit difficult for consumers will be sufficient strategy?
With that in mind, we’d expect to find differences between organisations which engage with the broader consumery IT user base versus those which ignore it or try to suppress it, in terms of how consumerisation is driving or influencing client computing. We may also expect differences to manifest themselves through the way software applications and business processes are designed and developed in the future. All in all, this topic is much deeper and broader than board level bling envy, and of course, as usual, we’re keen to hear about your own experiences in this area. ®
COMMENTS
D*mned if you do, Scr*wed if you don't
Many large corporates have the typical enterprise wide license agreement from Microsoft that lets Windows be installed ONLY on company-owned desktops that arrive WITH an OEM license. Let alone all the other cruft from third parties that you need like a supported AV/AS system, etc.
Does IT turn a blind eye to legal compliance (those personal Macbooks really aren't allowed to run that corporate Windows SOE you know, not even virtualized) or turn a blind eye to operational safety (letting those %^*& execs run that infrequently patched Windows petri dish) or put their jobs at risk by insisting said high flying users of personal devices go out and personally purchase the bits license compliance and good security practice would demand ?
Liability questions abound.
An interesting question, especially considering the points raised in the first post. The issues of liability go both ways. Apart from the issues already raised, what about the issue of letting “personal use” (or as I refer to them “uncontrolled”) devices inside your network? What if that person has a peer-to-peer application that is seeding torrents for copyrighted materiel? A virus or three? What if that person decided that the copy of office the company installed for them was grand, but they really wanted Visio. Work wouldn’t provide it for them, so they pirate it? When it’s a “personal use” (or “uncontrolled”) device then IT is in deep ka ka poo poo.
To this end our latest and greatest network upgrade is actually going to be running parallel networks. Thanks to all the above issues, as well as the need (*sigh*) to provide internet connectivity to our clients we are setting up blanket wifi access here. This wifi access will actually have its own subnet, physically wired separately from the rest of the network and by necessity it’s own external IP. We’ll do best effort to log traffic on/off that network however it is mostly an exercise in legal ass covering. We can point to this network and say “all individuals who use this network agreed to be liable for the traffic of their own systems, blah blah blah. We are merely providing connectivity; everything you do is logged, and these logs will be turned over to the relevant authorities if requested.”
If a corporate user wants to use an iPhad, personal laptop or any other device not officially sanctioned and network nazied by the IT department they will have to do it via Wifi. They will also be taking full responsibility for their own systems; if caught doing Bad Things the will get their collars felt. Being an executive, manager or prole will make no difference; IT in this company simply refuses to be liable for the obstinacy and stupidity of others.
Those who blame their legacy are prone to become paret of someone else's legacy
In the short term it may become a moot point.
The old approaches to locking down client machines on the network either don't allow for - or don't need to allow for - the fact that many users now carry telephones which offer a superior Web browsing experience to that of the machines you've locked down. People don't want computers, they want what computers can do - and these days you can do so many of the things, a computer can do, without having to use a computer.
If your aim, in locking down the company network, is to secure it, then the fact that your users carry a superior network in their pocket or bag, is irrelevant (if your aim is to lock-down user behaviour, of course, you may have more of a problem).
In the longer term, I think the simple approach of partying like it's still 1999 will mean that you end up waiting for someone faster and more agile to eat your business (they may even promise not to be evil, while they do it). But if your users can already get done, the things they want to get done, with far less computer, than your company bought for them, then perhaps you bought them too much computer, to get done, the things you want them to do?
In the 1970s, everyone worked in an office with an IN tray, an OUT tray, and an ash tray: some may miss the ash trays, but I don't think there are many who pine for a return of the other two. Similarly, my first computer programs either came back to me, from execution, on reams of fan-fold paper, or with their syntax errors burried nine-edge-up. We somehow managed without email, back then, too (don't ask me how; I don't have a passport, that will allow me entry, to that particular country).
There's a lot of cloudy talk at the moment, and it's really all about a return to Big Computing, but as someone who has seen big computing in action, I'm more encouraged by the sight of a lot of small computing solutions being deployed in some business that think laterally.
Rather than struggling to get each member of staff in some outlying office into the corporate network - through endless firewalls and proxies - it is often easier to provide them with their own small area network, using utiliy servers (often literally flash-ROM devices) and then treat those as gateways to the main network.
In some offices I can think of, the server infrastructure cost around half the price, of any of the PCs it caters for - and yet does as much, for the members of staff in that office, as a bank of whirring air-conditioned boxes, back in central (for far less expense, in terms of maintenance, or power consumption).
Now, many will argue that there will still be the need for some big steamy mainfranme, in a concrete room, somewhere to store all your backups - after all, if you're in the buseness of keeping eggs, why not just buy one really huge basket? But it has habitually been the way of 'edge' servers to seep inwards, toward the centre of the businesses they serve - and how much traction they gain, is often determined by how much of the edge, they originally grab, rather than how suited they may initially be, to their eventual destination (the rate of seepage is largely controlled by the rate of redundancy and retirement, amongst those with a vested interest in last decade's metal, of course).
This is as much a threat to your old-world 'big computing' solutions (your Exchange servers, and so on) as the 'cloud' might prove to be; maybe more so, because - although your servers are often so small you can pick them up with one hand, the approach they use, is really a utilitised version of the old big computing solution they replaced, or obviated. They have few moving parts, require little power or cooling, and may cost less than £200, and yet they are running software that was once written for... well... for a maiframe.
IT infrastructure monitoring strategies
What you need to know about cloud backup
Enabling efficient data center monitoring
Agentless Backup is Not a Myth
Top 10 SIEM Implementer’s Checklist
