We set you a challenge to join our expert panel and answer questions from our readers on how to deal with your desktop, and mobile desktop, environment. This week we've got the first of what promises to be regular installments on this topic. We welcome the first contribution from our resident reader experts, Adam Salisbury and …
Why over complicate the issue????
Cloud is the way forward........waits for deafining sound of disagreement from IT personnel scared of losing their jobs paying over inflated wages.
The cloud poses its own problems. The biggest of the issues is the lack of control over your own data. I agree with you that many of the applications becoming available from "utility computing" vendors will eventually find business uses. What is remote computing except tapping into the "corporate cloud" to accomplish work?
The issue at hand is one not only of information control, but of legal liability. At current, cloud vendors disclaim all legal liability for loss or theft of data, security breeches, and downtime. While you may feel that us regular IT Joes have "over inflated wages" (as compared to who?) the reality is that we exist to support corporate infrastructure that itself exists for legitimate business reasons. Like it or not, business owners, managers, and other people who (in theory) have to accept the responsibility for failures do very much so enjoy having "someone to flog" when the excreta meets the rotating air circulation mechanism.
If you control your infrastructure and your geeks, then you have a much better chance of controlling the information you want kept private, and of ensuring those systems are available and operational when you need them.
The third-party cloud will remain a non-core component of business computing until vendors can meet two qualifications. The first, and most important is that vendors must become legally liable (for downtime, data loss, security breeches, theft etc.) They must also offer a method by which customers can reach out and taser a geek when thing go boom. (“No new information” posts, or sitting on hold for hours at a time is something most businesses would view as unacceptable for mission-critical computing.)
So until that day arrives, I guess you, and the rest of the world is stuck with us “over inflated wage” numpties. (Really? Over inflated? John Q Random couldn’t do my job, and I sure as heck don’t take in the Corporate American Executive Screw-The-Little-Guy remuneration package. Please do detail your issues with the pathetic wages we IT folk get paid, and why you feel it is unjust.)
Great idea, have the data hosted somewhere where internet access is required at all time (no offline working), reliant on a 3rd party (security, downtime...?) and then pay for it too. Google and Danger/Microsoft both showed that the cloud has it's place, but not for day-to-day business work as the main source.
Locked down hardware and websites that can be accessed (as well as a few other restrictions) via LOCAL Group Policy. Machine runs Vista with auto updates turned on, AV gets DAT's from the internet at 3pm daily and is encrypted with TrueCrypt.
Had Word, PowerPoint and Excel installed locally.
Juniper SA series device for SSL VPN. However we don't use the VPN side of it, just use it as a Citrix, WebDAV and web proxy. Authenticates users with RSA tokens against AD and checks for keylogging viruses, scans to ensure AV DAT's are up to date and has recent Windows patches.
Once logged in, if the user is running the site from our company hardware (check's AV and a reg key) then they can download files/folders via WebDAV, access internal and external websites (via a proxy of course!) and can fire up a full Citrix desktop (or just the odd app). Provides ability to download files for offline working (only if it's our laptop though) and end users can even print to their local printer from Citrix. No VPN used and it's all over SSL.
Once a user is in Citrix we can shadow, but if they can't get that far we use a "Secure Meeting" (think WebEx but hosted on the Juniper SA appliance) and the users have a shortcut to the URL from their desktop.
All done via SSL. We lock down the hardware that can be plugged into the laptop, and disabled CD/DVD burning too via GPO's. AV updates daily, and Windows Updates are automatic. Full drive encryption. Gateway requires RSA token for authentication. We block all sites other than a couple for testing, the gateway and the big-name wifi-providers that have a payment page by putting in a fake proxy in IE and lock it down. Users can only download data to the local machine if they have the right registry keys and are using our AV. Gateway check for AV version, independantly checks for keyloggers and also has a cache cleaner too.
Users can access the remote site from any Windows PC that has either Java or they have admin rights too. Therefore should they have a problem with their PC they can use any other internet enabled Windows PC to get to a full Citrix session. Can also print to any local printer...!
Users also have encrypted work mobile phone that has push-email enabled.
@Trev P & Steve
"I guess you, and the rest of the world is stuck with us “over inflated wage” numpties" - I'm not! My business is entirely in the cloud :o) I didn't say you was a numpty...I didn't express my point well I fear....not that your over paid as such certainly not compared to many others...just that going to the cloud eliminates 2 of the biggest costs of IT....the staff and/or support needed to keep everything running ok.
"Great idea, have the data hosted somewhere where internet access is required at all time (no offline working)" - Many SaaS applications are available with some kind of 'offline' functionality but besides that how oftern are you without internet access.....myself I have access to the web pretty much all the time I need it...if my business burns down, I don't need to worry about back-ups, sourcing new servers, reinstalling networks etc etc etc ...I just get staff to connect from home, starbucks or my fav. my local pub.....
Yes I run a small business which is a different world from corporate enterprise but cloud fits both...as long as you taske the blinkers away and realise that IT admins no longer have any power.
Opps I'm winding the IT folk up again...I really should stop...they'll be out of jobs in a few years time. :o(
Lolz.. Clouds .. Auto updates .. AV
How about "ssh -X"? Not much that can't handle. Oh, and if the user really has to work offline, then there's "scp" too :-P
@The Original Steve
I envy your setup. I think your mobile/security budget is probably bugger than my entire operations budget. Probably with a power of ten stuck in there somewhere. Sounds pretty well thought out, however.
@AC - Stop feeding the trolls
I don't disagree with you that most current IT staff will be out of jobs in a few years time. Perhaps for different reasons than you, but the fundamental attitude you are expressing is most definitely the reason. Like anything in the real world, employment in IT is very cyclical. Right now we are once more going through a phase where many people involved in business honestly believe that there is no use in employing IT personnel in-house.
For some businesses, this is quite possibly true. (If you employ a total of 10 people, and your business is making bagels, you probably don’t require a sysadmin, and I’m certain Google Docs will meet your needs.) For most businesses of any real size (say, 50+ people), they will discover much to their chagrin that outsourcing their IT was one of the worst business decisions they ever made. This story has been repeated over and over again with not only IT, but any real service-based “cost center” in business.
As an example, the company that currently employs me has 4 locations in 4 different cities here in Canada. Somewhere, a few years back, someone had the brilliant idea that the Maintenance and Utilities guy (a true handyman) was an unnecessary expense, and figured we’d be better off paying for repairs, renos, and what-have-you on a per-incident basis by calling in contractors. That lasted about a year. Dumbest decision made around in here in years. Now we have a handyman again, and trust you me, that man is never idle.
This is very similar to what is about to happen to the entire IT industry. Short-sighted “businessmen” will trust in “the cloud” and in outsourced service providers. Just like all industries, the “cloud computing” sector of IT will eventually collapse into a handful of absolutely enormous, powerful, and completely incompatible vendors who will do their darndest to lock you in and then nickel-and-dime you to death. The costs associated with “cloud” services will inevitably raise over time as the well planned out lock-in schemes take their hold, and the reliability won’t really improve over what is seen today. Unfortunately, most people are unable to admit their mistakes, and so will cling to these services for the better part of a decade, enough to time to utterly decimate the IT industry.
In that time people like me will probably have moved on, either re-educated or retired. The cry will come from all of those businesses that had outsourced “please, we are sorry and see the error of our ways, we want our data and services in house and managed by staff we control.” The few IT folks left will be working for companies that have proven their commitment to in-house IT. Having watched their industry be gutted for the past decade, they won’t be feeling particularly like decamping to the short-sighted cheapskates. Everyone else will have left the industry a long time ago, and their skills will no longer be relevant. Thus will the cost of qualified IT staff be driven into the stratosphere, forcing all those short-sighted cheapskates to live with the utility computing model they chose.
And that is how (apparently) you “increase shareholder value.”
Returning to the topic of the article, however, your belief in the inevitable supremacy of "Cloud Computing" as The Dominant Computing Model does pose some interesting questions as relates to remote computing. Specifically it does offer up questions about information security, backups, and cloud interoperability. Are there cloud providers that specialise in meeting these requirements? (Encrypted storage of sensitive documents both online, and in a locally-cached form, perhaps with a time-bomb on the local copy?) If not, there is quite possibly an opening in the market for providing enterprise-level cloud-services. What is the legal framework surrounding such service, both as regards the providers of cloud services, and companies that store sensitive data with a cloud provider?
I smile because the first lawyer to realise that the business collecting an individual’s data is legally liable to ensure it is stored securely will cause have a distinct impact on shareholder value.
Let this be a lesson to commenttards...
Your carefully considered semi-witty counter-troll is completely reduced in effect if you futz up your last sentence. Proof reading is a useful (critically important?) habit that seems to be automatically disabled by the presence of a browser. Must learn to use the "preview comment" button!