- Forefront Endpoint Protection (FEP) 2012 – Part 2: Deployment and configuration - Wed, Jun 29 2011
- Forefront Endpoint Protection 2012 –Part 1: Installation on Configuration Manager 2012 - Wed, Jun 22 2011
- iPad for business? The consumerisation of enterprise - Fri, Nov 19 2010
One of the big topics doing the rounds amongst IT professionals these days is the increasing influence of consumer technology in enterprise IT and in particular the question whether the iPad is valuable for business and should be supported by IT. End users have access to more and more business-ready devices in their personal lives, and the traditional line between personal computing and work computing is looking blurrier than ever.
There is increasing pressure on businesses and IT professionals to provide (and support) infrastructure which enables users to connect and be productive on a variety of consumer devices, now that these devices can, with relative ease, cross the boundary between home and work. Business-focused platforms like Windows Mobile and Blackberry have had to improve their consumer functionality, while consumer devices like the iPhone have had to beef up their enterprise features.
In many ways, there’s nothing particularly difficult about this trend, despite the fact that the traditional nemesis of the IT professional has been the end user with a better-than-average grasp of technology. Business devices have traditionally been quite dull and functional, and a new paradigm which sees end users more engaged with their tools of the trade is no bad thing.
However, the problem which many of us see out on the coalface is that businesses are often keen to distribute these devices and “empower” their users without considering the implications or even the appropriateness of doing so. In many ways this is unsurprising – business managers and CEOs are consumers too, and anything which excites them tends to get implemented quicker than many IT professionals are comfortable with.
The Problem of Support
The problem with bringing in personal devices is that they also come with outside baggage – support agreements with other vendors, personal data and often investment of personal finance. Most businesses don’t have an internal support model which can cope with personal devices in a cost-effective manner. The usual approach is for the support staff to say something along the lines of “I’m sorry, but we don’t support personal devices” and just wear the inevitable abuse.
This is generally the only sensible approach available, but it’s coming under increasing pressure. After all, if a business “officially” supports users accessing their work mail via a personal smartphone, how can the internal support staff continue to remain disengaged? The problem comes when a user pops up and says, “Hi, since you configured work email on my iPhone, two of the apps I bought have stopped working. Can you fix them please?”. Or even, “Hi, my iPad has stopped working and you were the last person to look at it. I want the business to buy me a new one.”
They’re not massively unreasonable requests on the face of it, but is it really the job of the support staff to troubleshoot personal software? Without clear direction from management, such support calls can quickly dissolve into a nightmare of confusion, resentment and recrimination (especially when there’s a suspicion that the user isn’t telling the whole story). At a previous company I worked for, the support staff were under strict instruction not to even touch any personal device which came their way, simply to avoid those kinds of nasty situations. A tad inflexible, perhaps, but as a risk mitigation strategy it was certainly effective.
The Problem of Management
As an IT professional, do you trust your users? I mean, really trust them to always do the right thing and keep the business’ interests in mind at all times? Of course not. This is not because users are inherently untrustworthy, but because we each are paid to perform a particular function, and only a few people are paid to constantly maintain an overall picture. From the perspective of enterprise technology, that’s ultimately why we have IT professionals – these are the people who are paid to care about aspects of day-to-day operations so that each user doesn’t have to. Also, if each user were required to, they wouldn’t.
The personal approach where users can purchase and bring in whatever equipment they like, and have full rights to their system might create a happy, touchy-feely environment but it certainly doesn’t scale efficiently beyond a few end users. Hence enterprise infrastructure, locked-down desktops, distributed applications and centralised management of devices. But as a general rule, personal devices don’t fit into this management structure. It’s a brave IT department which insists on installing agent software or applying group policy to personal computers.
The Issue of User Disconnect
The ultimate problem is one which is present in many businesses – users are essentially disconnected from business drivers, and the bigger the company, the more pronounced the disconnect. And vice versa, in general the smaller the company the more engaged the users are.
A CEO is paid to care deeply about the direction of the company, and to take an interest in anything which may impact productivity or expose the business to unnecessary risk. The assistant in the mail room isn’t, and yet has that expectation imposed on them. Additionally, if a user can circumvent rules and restrictions to get something done, they will, regardless of who they are and regardless of the outcome.
Consumer devices in the enterprise are inherently risky, to a greater or lesser extent depending on the business’ risk profile. Unfortunately many businesses would have no idea of their risk profile – investing time and resources into generating one has little obvious short-term benefit, and in any environment controlled by quarterly figures and annual budgets, it’s difficult to build a business case to generate and maintain an ongoing and flexible risk mitigation strategy.
But the benefits of having such a strategy in place are huge. When a business clearly understands its workflows and their dependencies, then it’s also well-placed to clearly articulate that understanding to all employees and has a stable base from which to tackle new initiatives with a few to producing beneficial outcomes. Another word for it is “leadership”.
On the flipside, the lack of an in-place risk profile means that each time a new project surfaces, the risks need to be considered from scratch every time. And considering that this would cause each project to take longer and cost more, the usual approach is to avoid the immediate pain and not consider the risks (which is very risky!).
Diluting an enterprise IT environment with consumer technology has the potential to be a really bad idea, but like any IT project it can be implemented successfully as long as due diligence is performed. If users are to have greater access to business systems than before, old support models need to be re-worked, expectations need to be clearly articulated and change management needs to happen. Of course, this has always been the case and some businesses do it better than others, but as consumer technology becomes more prevalent in the workspace, it’s never been more important.
What is your take? Do you think IT should support the IPad for business?