Users are taking control, and there's no stopping them from bringing their own network-connected devices to the office. Today, every phone, every e-book reader, every tablet is a gateway to a world of networked computing. Even if you tried to prevent your employees from bringing them into the building, only military-grade security could stop them.
The BYOD (bring your own device) trend is variously viewed as "a world of pain for IT," a security challenge that's solvable, and something to be tolerated with grim resignation. And there's a growing industry of companies who want to help you stop it, cripple it, or control it.
[ Subscribe to InfoWorld's Consumerization of IT newsletter today, then join our #CoIT discussion group at LinkedIn. | Get expert advice about planning and implementing your BYOD strategy with InfoWorld's 29-page "Mobile and BYOD Deep Dive" PDF special report. ]
But my experiences at Sun Microsystems suggest BYOD is an opportunity waiting to be grasped for enterprise IT executives -- a move to management by standards rather than centrally purchased company desktops. It means selecting a basket of server-supported standard capabilities (IMAP, LDAP, PDF, HTML5, ODF, and so on) and telling people that anything that works securely with those standards is acceptable. It also offers the prospect of letting people use open source software that works with those standards, rather than having to buy everyone the same expensive proprietary software and instantly depreciating hardware, then manage them expensively until they are legacy systems.
That's not just a guess; I've seen it work. After a foray into a mandatory managed desktop at Sun for all staff (which instead forced people to break the rules and work around it to get their job done), we had a dual-path strategy for most of the time I was there. We had managed desktops accessed through low-cost screens for general staff; we obviously used Sunray, but contemporary options range from a bolted-down Secure Global Desktop from Oracle to the shiny delights of Google's Chromebooks.
We had what today would be called BYOD for the many outliers, with optional support packages available charged to the employee's department if used. In the middle ground was a company-purchased laptop with a default configuration that became BYOD on delivery.
I think this sort of arrangement is the obvious and inevitable destination for corporate IT today. By taking a dual path, it's possible to offer a fully screwed-down desktop for people who have no tech skills at all, thus reducing support costs by eliminating all choice. Meanwhile, those with tech skills could look after themselves in a world of server-supported standards, again at reduced cost. If they couldn't look after themselves, they were switched to the managed remote desktop.
Switching to standards
The key is to get away from thinking about controlling the applications and instead to controlling the standards, both protocol and file format. The cost of any desktop activity follows the maintenance and protection of the desktop state. When you have to manage statefulness at the PC desktop, you must have arms that reach to every desk and eyes that watch every screen. Attempting to do this results in the total surveillance mind-set that rules many enterprise IT policies. It also results in potentially enormous expenses, which can lead to a loss of quality and service to the end-user if budgets are cut.