Ewen Anderson at Centralis explains how organisations can manage IT consumerisation in an efficient and secure manner, boosting productivity and employee satisfaction while delivering on longer-term strategic objectives.
Much has been made of the wave of consumerisation sweeping across the corporate landscape. New devices and applications are being adopted irrespective of whether they have support from the IT department or the blessing of senior management. Employees are increasingly accessing social media and business applications on the move, often connecting their devices to multiple screens when in the office to access desktop real estate for high-performance graphical or documentary work.
Firms recognise the benefits of boosting productivity and satisfaction by providing employees with the tools to work more flexibly, but also see the inherent conflict between the freedom of enabling them to work where they want versus the IT department’s desire to lock everything down and control it.
IT was acceptable in the 80s
Today, the ‘Echo Generation’ (born between 1980 and 1990) is the primary driver of consumerisation. Someone from this generation will typically have a smart phone, laptop, and possibly a tablet PC, and will be an avid user of social media applications. Upon entering the workplace, they expect this exact same level of ‘service’. Similarly, there is a growing demand from C-level executives, marketing and training professionals for the ability to deliver rich media to staff wherever they are.
The majority of workplaces continue to be predicated on the 1980s concept of computing — i.e. there is a desktop computer, a keyboard, a monitor and telephone—and the employee is expected to sit there and do their job. Employee access to certain types of websites is often restricted and social media is most likely blocked altogether. Furthermore, access to corporate applications and data has remained tethered to the PC. In a survey of more than 2,600 information workers and 550 IT administrators in nine countries earlier this year, IDC found that 76 per cent of IT staff said they had no plans over the next 12 months to modify internal business applications for tablets and smartphones.
Striking a balance
Many firms are responding to the march of consumerisation by implementing security and usage policies designed to allow employees more freedom in moving between devices. Yet significant tensions remain because the level of security demanded by IT teams can often lock down devices (particularly laptops) to the extent they are rendered barely usable. If firms are overly restrictive, employees can react badly, refusing to work flexibly or by finding workarounds.
By its very definition, an element of risk has to be introduced if users are to be given flexible access to information. Consumerisation therefore becomes a question of how organisations configure and manage the interface between the user and the device, as well as how much control it retains over the devices being used and the data being accessed. The solution lies in finding an appropriate way of managing the device to ensure that all data is encrypted, that the device has an anti-virus solution and that there is an acceptable usage policy applied that also makes provisions for a certain amount of personal usage.
Rise of the virtual machines
Desktop transformation using virtual computing in the broadest sense (as opposed to just VDI) provides firms with the flexibility to align their IT delivery model with the corporate strategy. As the name suggests, with virtual computing, a virtual machine can exist in complete isolation to the ‘client desktop’, allowing applications and data to be run locally on the device, centrally in the data centre, or both. Each layer of ‘compute’ is separated—typically via a public, private or hybrid cloud—and then delivered to the device on demand. Once the user is authenticated, their virtual desktop interface comprising the mix of operating system, local and central applications and user personalisation is presented to the device. Application data is then delivered from the cloud on the fly.
Any of these layers (interface, applications, data) can be stored completely separately from the device and all layers can be kept completely independent of each other to ensure that the applications and the data can be delivered from different places and onto different devices without conflicting with each other. In this way, the device can be passed from person to person without their ‘fingerprint’ being left on the device. In addition, any layer can also be stored locally on the device, depending on the type of data the user requires when they are offline. Here, the use of offline virtualisation computing environments will start to become more prevalent, whereby virtual machines run on a device with application data made available locally but then synchronised back to the corporate network when connected. Crucially, all data must be encrypted in this model.
The major advantage with virtual computing is that a firm can create a ‘standard’ build without having to worry about the hardware build of the device itself (i.e. network card, graphics card, etc). This means that the firm can have a small number of builds linked to work types, rather than having a build for each work type and each laptop type, which is where all the complexity otherwise creeps in. Having a virtualised build allows firms to create a single image that can be deployed onto any laptop or other device. It is then possible to test against any application set, manage it centrally and, as soon as that virtualised build connects to the network, updates are applied automatically.
A question of strategy
Virtual computing takes the concept of consumerisation to the level where an organisation is able to provide a new employee with a device and user ID on their first day at the office, and deliver them a complete desktop environment once they have entered their authentication details and password. When the employee hands that device back, there is no trace of their identity or application data left on it. Similarly, if the employee brings their own device into work, they can access corporate systems from that device and have all of their applications presented on it, rather than physically being stored on it. If the device is subsequently lost or stolen, the firm is assured that their corporate information remains safe.
Before embarking on a desktop transformation however, it is crucial that firms understand what it is they want to achieve. They need to take a three to five year view of working patterns and how these might change—e.g. whether they are looking to support an increase in home or flexible working, or enable the use of rich media and hot-desking in the office.
It is crucial to link their application and desktop strategy to their operational and strategic plans to assess what is critical to the organisation from an application, device and a security perspective—i.e. what information has to be controlled and reported on from a compliance perspective and how this aligns with the operational needs of both end users and the business. Regarding the latter, the links between IT strategy and all aspects of business continuity, disaster recovery and the green agenda are becoming more important.
Finally, all of the above must be aligned with a communications strategy that promotes employee understanding and buy-in and ensures their expectations and needs are being met.
Using desktop virtualisation to get the underlying delivery technology right and providing it reliably may not make the IT department popular—but it will serve the changing needs of the organisation and its employees in the years to come.
Ewen Anderson is managing director of Centralis. Prior to founding Centralis, Ewen worked at a senior level in corporate IT and management services within British Gas. He has helped establish Centralis as one of the leading influencers of application and desktop delivery strategy in the UK, winning excellence awards from customers and major software vendors. http://www.centralis.co.uk