Feeds

Your PC, our problem

What can users buy?

Secure remote control for conventional and virtual desktops

You can tell the difference between business laptops and consumer laptops pretty easily. Not by the specifications, or the price - as USB 3 and hard drive protection become common, often the only visible difference is whether it comes with a fingerprint scanner.

What really sets them apart is the design; consumer laptops come in a range of colours and look like something you’d want to own rather than an interchangeable black slab indistinguishable from the black slabs we were using five years ago.

With so many more employees mobile or working from home, letting them have the PC they want in exchange for taking the procurement work off your hands sounds like a win-win. This is what the consumerisation of IT is about.

Despite all the worries about productivity lost to Facebook and online shopping from the office, for every hour of personal use at the office we spend another three hours working at home, according to Jeffrey Cole, director of the Center for the Digital Future.

If you’re going to set up your systems so you can stream applications and make data available securely for the computers they use to do that, why spend the time and money managing a second work PC for them as well?

Getting the job done

You’re probably already supporting users who want to connect their smartphone to the company systems, at least for email - and if you're not doing it officially, check whether users aren’t just forwarding messages to webmail they can read on their phones – which is a whole different security and compliance headache.

This works best if you already have, or plan to create, the infrastructure to manage machines remotely and to stream applications virtually; you can’t say ‘your PC, your problem’ if you want employees to be able to get their job done.

Citrix offers employees $2,100 to buy their own laptop, but it obviously has the expertise to virtualise applications and stream data securely; it also insists that employees buy a three-year full service warranty that gets them on-site support and a replacement machine from the manufacturer, because the IT team will only offer basic support.

You’ll also want to set a minimum specification for PCs, especially if you want to run a virtualised environment for security and management. You want processors with hardware virtualisation support - which is rarely enabled by default in the BIOS on consumer laptops, by the way - as well as enough speed to run business apps. Providing an approved list of PCs or manufacturers makes more work for you, but avoids unrealistic expectations.

Going spare

Be prepared to audit purchases and warranties, enforce the no-support policy and answer difficult questions about how much money you’re really saving if that means some crucial work doesn’t get done. Realistically, you’ll have to have some spare systems for real emergencies. You won’t be able to keep spare parts like batteries and docking bases in stock, although memory, hard drives and USB docking systems will work with most laptops.

Streaming virtualised applications gets around the issue of how to revoke expensive software licences when employees leave. Kraft for example mixes that approach with insisting users buy their own copy of Microsoft Office, which also avoids licence issues, but this won’t work for more specialised software.

There are other financial implications, so check with your accountant whether the notebook will count as a taxable employee benefit, and make sure your policies on who qualifies for any company funding don’t count as discrimination.

Consumer and small business PCs come with pre-installed software, a lot of which starts up automatically and can reduce PC performance. Additionally, you end up with different anti-virus software on every PC, all of them updating and scanning and running out of the annual subscription at different times.

Your enterprise anti-virus software might be able to replace some of those automatically, but it tends to be the enterprise versions of security software that can be removed. So Forefront can replace Symantec, MacAfee and Trend - but not the versions that come on consumer notebooks.

Use responsibly

You could secure a virtual environment on BYO PCs but, if the underlying version of Windows is compromised, the user isn’t going to be very productive and duelling anti-virus software can really slow a PC down, so you may need to budget for hands-on time with every machine. And you’ll definitely want to be in charge of managing updates.

Don’t forget to have users sign the policy that says they’re responsible for backing up their personal files, that they understand the files might be visible to the IT team if they ask for remote support, and that they must not put inappropriate files on there. You'll need also to set exclusions for media files if you’re redirecting user document folders, so your server doesn't fill up with large files of unknown origin.

With that many drawbacks - and advantages that accrue mainly to more companies with sophisticated IT setups - it’s not surprising that, despite some high-profile examples, only two per cent of enterprises in Forrester’s recent hardware survey will support employees who bring their own PC to work.

Make sure that BYOPC would really help you - for example by attracting young employees with high expectations of what technology they’ll get to use - or concentrate on making sure you can stay secure and let employees be productive with the smartphones and tablets they’re already bringing to work. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
Forget touchscreen millennials, Microsoft goes for mouse crowd
Microsoft WINDOWS 10: Seven ATE Nine. Or Eight did really
Windows NEIN skipped, tech preview due out on Wednesday
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.