No more corporate PC’s… wouldn’t it be nice?

I recently bumped into a new idea that is “Employee Owned PC”. Brian Madden made a very good article on the concept here:

I like the idea. I have been working on this SBC (Server Based Computing) thing for so long and recently I have been looking into this VDI (Virtual Desktop Infrastructure)…. and, other than all the technologies involved, I must admit I have always been very intrigued by this thin client concept that most organization could benefit from. This was a “skin thing” and I could never rationalize why I was and I am so keen to this thin client concept. I guess I am leading to think now that the cool thing about thin clients ….. are not the thin clients per se …. but the fact that you don’t have to manage desktops anymore!

In fact I was involved in a few discussions lately about “what sort of end-user device a VDI (or SBC for what it matters) end-user should have” and I have always said that it depends on who “owns” this end-user device. If it is managed by the “organization” (i.e. the employer) then it should be as thin as possible, while if it is managed by (and maybe property of) the end-user then it could be “whatever”. So if an end-user works from home and connects to the company network to access applications and/or published business desktops he/she can use either a thin client or his/her own PC or MAC or whatever …… as long as:

  • it’s their thing
  • they don’t call the company if it breaks (both from a hardware or software perspective)
  • they can access the “business stuff” from it

The whole idea is that the “organization” should no longer bother with managing IT objects that are outside the Datacenter! Well we are of course not talking about things like networking, printers etc etc ….. you get what I mean.

I know very well this would not be something one can implement tomorrow as this does not just have a technology implication but it rather has a completely different approach to how we handle the matter today: most organizations provide desktops/laptops to end-users for their job and it would take some time before they can afford to tell employees “you are on-board, you can start tomorrow and … remember to bring your access device with you…”.

But it would make sense. Wouldn’t it? In all these VDI discussions most people argue that, since many people now get a laptop instead of a desktop it doesn’t make much sense to have a hosted (virtual) desktop image in my datacenter ….. This is true but what about if that laptop is not a “company laptop” but it’s rather the “end-user’s owned laptop” with all his/her stuff on it (I don’t care) while the company is providing the “very controlled business desktop/applications” to him/her? Why wouldn’t the business organization bother about his/her stuff on the laptop while I bother about the business desktop to be “very controlled”? Simply because he/she is going to manage his/her stuff while the business (i.e. the company) is going to manage the business virtual images/applications.

Today my current employer gives me a laptop with a standard software image. I have never used the standard software image because I’d rather use my own software stack (usually with the latest OS, latest utilities etc etc) but yet with the standard company applications. I can also say I have thought about buying my own Mac and I’m sure I’ll do that at some point in time. I am not a visionary (I think). I know very well that I am not a “standard end-user” so I don’t expect everybody that uses a PC/laptop to be as “extreme” as I am. However I have two sisters and none of them is doing anything related to the IT business… but yet they both have their own laptops (they bought them). And I am pretty sure they not only would not be upset if an employer asked them to bring “their own device” for their new office job…. but they would actually be happy to have their own stuff with them while working for their company. It clearly goes without saying that there is a need for a certain level of trust between the employer and the employee (i.e. otherwise the employee would spend 80% of the time editing their own pictures). However I would say that it’s not by denying them access to their pictures during the day that a company could force a person that is not committed to his/her job to be productive. After all we are currently now being measured by near/long term objectives rather than by “how many pieces you have produced over the day”.

Computers are becoming such a big part of our own life that it’s like buying a suite or a new car/motor-bike. And I have never heard about someone asking his employer to refund a suite he/she bought nor asking the company to refund the car/motor-bike that he bought and that he/she uses to go from home to the office most of the time. There will certainly be issues around “downtime” but these could be easily addressed in many ways. So if your laptop (or desktop at home if you work from home) breaks (or for some reasons it becomes not usable all of a sudden) you either have your backup strategy or you could go to the office where your employer has a number of spare thin clients available that will allow you to access the business desktop/applications (of course these thin clients would be available even for those employees that do not want to bring their own access device for some reason). After all, to make a comparison, when you car (i.e. laptop) breaks and you don’t know what to do … you just take the bus (i.e. the shared device) to go to the office, don’t you?

Again this is not just my view on how things should evolve over time … Credit for this idea goes to Brian and the other people (Citrix CEO Mark Templeton etc) that first started to talk about this. I have just taken the concept and commented: it does make sense.

We’ll see what happens.

Massimo.

4 comments to No more corporate PC’s… wouldn’t it be nice?

  • Daniel Henry

    Hello Massimo,

    i’m writing my thesis about VDI. one of the chapters of my thesis is “bring your own device”. As i discovered your article “No more corporate PCs.” i was thinking: thats stupid! but your example with the business suit points the problem and i have to say: i agree with you.

    You are right with your statement that a laptop/pc/mac is part of our daily life but there are some problems that should be discussed when you bring your own device: What about security (viruses, trojans, etc)? What about support from the it department of your company? What about business licenses on a private laptop? Is is better to have a “secure” remote desktop client installed on a potentially unsecure portable device?
    Please let me know what you think about it.

    Regards
    Daniel

    • Massimo

      Hi Daniel. The BYOD was an old moniker that was on the press many years ago (this post itself is 5 years old). It went then under the radars and it has now resurrected. I believe the premises now is very different than 5 years ago. We used to talk (usually) about a personally owned laptop that would be used as a “terminal” for business provided VDI image. I believe the discussion today is more about a personally owned device (laptop yes but more often smart phones, iPads, etc) that would be used as a VDI terminal yes, but we are now talking also about installing (in a controlled way) biz applications on a non-biz device as well as different forms of virtualizations (VMware Horizon Mobile for example) which are not strictly speaking VDI sessions.

      All to say this is a market in huge ferment and the future is currently being shaped (assuming the future won’t be what we have today – which is always an option when there are to many futuristic choices). You pose very interesting questions re technical and licensing issues. There are lots of discussions around them and also new technologies that are meant to address them. As far as licensing… big problem…. ironically the most difficult to solve (lots of politics).

      Thanks. Massimo.

      • Daniel is right on the money. If only more CIO’s thought like him..

        1. Security: You’re absolutely right. The main issue with VDI is that it’s primarily implemented in a hybrid approach either by design or by user behavior. As such there’s an opportunity for the attack surface to increase as it now includes both the VDI desktop and the end-user’s physical device. The primary benefit of VDI in such a scenario is that theoretically the data stays in the datacenter and is never stored on the device, such that in the event of physical end-point theft there is a small chance of data loss. However, the challenge I pose to that claim is that while the end-point may have some enhanced information protection benefits, it comes at a cost of shifting the desktop to the datacenter – such that if a VDI desktop VM gets compromised then the attacker is now one layer closer on the OSI stack to sensitive data assets.

        2. Support: A hybrid scenario also means that for every user who has such a scenario IT has a minimum of two support points as opposed to one – for example, if I use my own laptop to access the corporate VDI desktop, and my laptop breaks – is the onus not on IT to repair my laptop so that I can connect to the VDI desktop? I, personally don’t buy the “lower opex” value proposition because I think less than 2% of VDI deployments are “all-in” such that the only end-points through which VDI desktops get accessed are zero clients and therefor have a lower support overhead.

        3. Licensing: Licensing is a mess. I don’t know if that’s a good enough reason to avoid VDI.. I believe Microsoft will eventually come to its senses – there’s plenty of evidence that, when engaged, Microsoft will create custom licenses based on specific VDI implementations. I think the first two points are better considerations on whether VDI is right for an org.

        4. CHVD – The jury’s still out on client hosted virtual desktops (offline VDI, etc.). I think the use case is even more niche than “online” VDI.

        Good luck with your thesis!
        -Tal

  • I agree with what you have written, it’s great that it was 5 years ago too! As IT evolves and matures, as users better understand it, and as vendors step up to deliver reliable endpoints with support plans just like a car warranty I think we’ll see ownership transfer.

    Wrote a bit about the new role of Governance and BYOD here http://blog.danbrinkmann.com/2012/02/27/governance-vs-control-in-it-and-how-it-relates-to-byod/

Leave a Reply