The issue I see is that for years we have moved towards SOE/MOE's and standardisation so that less staff could manage more devices. We aimed for consistency which greatly aided in adds, moves and changes as well as fault finding.
Now we are saying that any device can be used and that is all ok as we will just wall off everything except for the required access to Citrix etc. This sounds great but it assumes that we won't be supporting the clients device. We will just maintain the server environment. In reality, regardless of policy, this just won't happen. We will have to support these devices of which we have very little control over. Central administration will largely go out the window. Some organisations might be able to say it is the users issue if there is something wrong with their device but that wouldn't fly for any organisation I've worked for. Stranger still is standardising on a different OS (osx for example) to then deliver the required apps using Windows. Why pay for more expensive hardware when your licensing costs are the same if not more expensive? A bank here has done exactly this as they believe Mac's will attract and help retain staff? In a time when many countries are struggling and unemployment is on the rise why are we allowing employees to call the shots? What's wrong with this is the job and this is the tools you will use and we will pay you this much. No you can't bring in your personal computer, your fridge, your microwave and yes you need to wear closed in shoes! From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, 18 October 2011 6:07 PM To: NT System Admin Issues Subject: Re: Macs and vunerabilities It's all about the delivery of your corporate apps to any device, not necessarily Windows ones. Citrix have a big investment with the Receiver, which can deliver your corporate apps just about anywhere, but VMWare's AppBlast is another beast altogether - delivering any corporate application to a browser over an HTML5 stream. I'm assuming it must be leveraging some kind of virtual desktop on the back end, but the idea of being able to deliver these apps to vast amounts of different devices without even the need to install one piece of software such as the Receiver is quite novel. It all means that users can work in a familiar environment and still have their apps for work. It's not all about delivering a full Windows desktop - I assume a lot of them will just run individual apps from a Citrix Web Interface or the like and maintain their connection to their own desktop for familiarity. But there are a huge amount of different configurations that can be delivered in this way. There's also the whole scene of federated access and being able to log into all of your apps - whether on the Internet, at work, or local - from one place. Personally I'm looking forward to the "BYO" initiative taking off a bit - it certainly looks interesting. On 18 October 2011 05:12, James Hill <james.h...@coffeeclub.com.au<mailto:james.h...@coffeeclub.com.au>> wrote: Let's come back in a year or two and see what they think of their decision then. I can't get my head around making a change like this only to run Windows(via Citrix or whatever) on it anyway. -----Original Message----- From: Ken Schaefer [mailto:k...@adopenstatic.com<mailto:k...@adopenstatic.com>] Sent: Tuesday, 18 October 2011 12:53 PM To: NT System Admin Issues Subject: RE: Macs and vunerabilities When I said "it doesn't matter", I'm speaking to the technical points - not the commercials, legals, occupational health and safety etc. concerns. FWIW, this bank is already offering this in Aus: http://www.theaustralian.com.au/australian-it/suncorp-goes-byo-in-hardware-as-staff-are-encouraged-to-plug-in-their-devices/story-e6frgakx-1226029655986 Given their size (16,000 employees), I'm sure they've done their due diligence. Cheers Ken -----Original Message----- From: Alan Davies [mailto:adav...@cls-services.com<mailto:adav...@cls-services.com>] Sent: Monday, 17 October 2011 11:30 PM To: NT System Admin Issues Subject: RE: Macs and vunerabilities Not true - you take on liability as an employer. You may protect the rest of your network to some extent with the example below, but it doesn't change your liability. And I'd still want a VPN in front of RDS/Citrix rather than direct access - you wouldn't put your Citrix servers direct on the Internet ... a -----Original Message----- From: Ken Schaefer [mailto:k...@adopenstatic.com<mailto:k...@adopenstatic.com>] Sent: 17 October 2011 16:28 To: NT System Admin Issues Subject: RE: Macs and vunerabilities You could provide all corporate services via VDI (RDS or Citrix). With other isolation techniques, it doesn't really matter what the end users bring in. Also have some policies for end-users to follow (e.g. installing AV - that can be managed centrally without them having to be part of a domain). There's at least one mid-tier bank in Aus doing this very thing (Suncorp-Metway) Cheers Ken ************************************************************************************ WARNING: The information in this email and any attachments is confidential and may be legally privileged. If you are not the named addressee, you must not use, copy or disclose this email (including any attachments) or the information in it save to the named addressee nor take any action in reliance on it. If you receive this email or any attachments in error, please notify the sender immediately and then delete the same and any copies. "CLS Services Ltd × Registered in England No 4132704 × Registered Office: Exchange Tower × One Harbour Exchange Square × London E14 9GE" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ***** IMPORTANT INFORMATION/DISCLAIMER ***** This document should be read only by those persons to whom it is addressed. If you have received this message it was obviously addressed to you and therefore you can read it, even it we didn't mean to send it to you. However, if the contents of this email make no sense whatsoever then you probably were not the intended recipient, or, alternatively, you are a mindless cretin; either way, you should immediately kill yourself and destroy your computer (not necessarily in that order). Once you have taken this action, please contact us.. no, sorry, you can't use your computer, because you just destroyed it, and possibly also committed suicide afterwards, but I am starting to digress...... The originator of this email is not liable for the transmission of the information contained in this communication. Or are they? Either way it's a pretty dull legal query and frankly one I'm not going to dwell on. But should you have nothing better to do, please feel free to ruminate on it, and please pass on any concrete conclusions should you find them. However, if you pass them on via email, be sure to include a disclaimer regarding liability for transmission. In the event that the originator did not send this email to you, then please return it to us and attach a scanned-in picture of your mother's brother's wife wearing nothing but a kangaroo suit, and we will immediately refund you exactly half of what you paid for the can of Whiskas you bought when you went to Pets At Home yesterday. We take no responsibility for non-receipt of this email because we are running Exchange 5.5 and everyone knows how glitchy that can be. In the event that you do get this message then please note that we take no responsibility for that either. Nor will we accept any liability, tacit or implied, for any damage you may or may not incur as a result of receiving, or not, as the case may be, from time to time, notwithstanding all liabilities implied or otherwise, ummm, hell, where was I...umm, no matter what happens, it is NOT, and NEVER WILL BE, OUR FAULT! The comments and opinions expressed herein are my own and NOT those of my employer, who, if he knew I was sending emails and surfing the seamier side of the Internet, would cut off my manhood and feed it to me for afternoon tea. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
