Shiny new mobile gizmos are driving the consumerisation of IT. As a systems administrator, I am naturally wary. Sure, it makes end-users happier, but they aren’t the ones who end up in front of the firing squad when security gets breached. Users don’t care about security. They never have and they never will; it is an …
Why care about media streaming?
Maybe I've not quite read it right... But if its a consumer grade device being used out and about (4G or wireless) and you're worried about the load on your internet links, why are you streaming media through your corporate connection?
I'm assuming you're worried about folks, on their iPads, watching youtube, sky, etc?
If thats the case why not let them use whatever connection they are on, only route business traffic via on-off vpn to your core?
Good question. The answer boils down to "most sysadmins don't get to make that choice." The days of sysadmins with enough authority to set corporate IT policy are gone. That sort of traffic management is now a business decision handled by bean counters, PR and upper management. IT is thanked for their input, then ignored.
The best you can do is lodge a formal protest. You job is not only to do the impossible on a budget, it's to keep employees - especially powerful ones - happy. Management doesn't want to hear that the bad IT people blocked the internets or stopped someone from seeing that "training video" that was vitally important.
That's obviously Empire Building by IT and won't be tolerated.
No, the modern sysadmin has to provide it all, and they likely won't be given a choice in the matter. If you still have an IT job where you can set policy based on best practices (rather than the squeakiest wheel,) treasure it.
Soon enough, it too will be gone.
Then pray tell...
... who makes IT policy in your company? Seems to me you need a connection to the board, say a, er, CTO of some sort. It makes no sense that beancounters do more than keep tabs on the money, say. Then again, in such a situation I feel free to do whatever the fsck I like as long as the users don't notice. Shunt their non-business traffic out a cheapo DSL? Add QoS (and squeeze it to hell)? Why not. Shove in a proxy and keep logs, only to produce long lists of visited pr0n sites when someone complains? You have to be able to document what the problem was in the first place anyway. And so on.
Not that this situation is unique or anything, mind. But strategy is for someone who understands strategy to decide, and so IT strategy needs either to have its own proponent or a solid connection to the board. Which should not be the CFO, since his focus is guaranteed to be orthogonal to IT effectiveness. Wanna hire me, eh? (Yes, I'm posting anonymously. Deal with it.) Seriously though, I've been in that bind and it never ends well. You can either go up, or go out. I'd prepare for both.
As with most organisations I have encountered recently...
...a CTO exists, but said CTO is not a techie. (In the best cases, the CTO *was* a techie, 25 years ago, but has forgotten almost everything.)
CTOs tend to be business, accounting, or HR specialists that exist to serve as lightning rod for the varying complaints of middle and upper managers. They exist to push orders DOWN to IT, rarely to consider IT's input.
IT has less and less pull in the modern company. The mantra is that "IT exists to serve the business, not to dictate terms to it." This isn't unique to my experience, I've done my homework on this and it is a generalised trend.
IT policy decisions are made now by accounting, HR and business units. IT is to implement those policies and otherwise be ignored. If you are still Emperor Nerd of your little domain, congrats. Enjoy t while it lasts.
Eventually, someone will figure out that we’ve just exited one recession only to start another. They’ll look at the millions in the US without jobs, realise many are nerds, and ditch their noisesome alpha geek for a more compliant model.
Welcome to 2011.
Remember the 2 rules
Rule 1 The boss is always right
Rule 2 If in doubt refer to rule 1
When the big bosses (CEO CFO etc) demand that their devices are allowed in (and those of their staff as it "improves" their work) then you are on a hiding to nothing. The best that you can do is to make a written representation against it and keep a copy for when the shit hits the fan. It may get you better pay off terms if you get a P45.
Not the simplest to set up, but prevents you from having to have a 2nd set of APs (and their corresponding infrastructure and costs).