Bring Your Own Devices (or BYOD) is one of those hot topics this year that seems to have every IT department worried. What does BYOD mean for the future of IT?
People have already begun to lump it in with the consumerization of IT and IT professionals everywhere are terrified that the traditional role of IT is ending. BYOD, they’re concerned, is shifting all control into the hands of the end users.
Is this really the case? In a world where security and control of data are becoming increasingly regulated and exposed – and as the public focuses on how companies are securing their data – it’s safe to assume that the movement in IT department is not going to be toward a loss of control.
In fact, in my experience, BYOD means exactly the opposite.
There is no ignoring the fact that BYOD signals many changes and demands IT departments rethink traditional approaches. But is that such a bad thing?
The old model was one of a network castle. The firewalls were the moat and all of our devices from servers to desktops sat huddled together inside the castle courtyard, talking freely one to another. A great fears was that one of those desktops would become "compromised" and unleash a fifth column attack from within the castle – where defenses were weak at best.
The old model created a quagmire of issues and required complicated workarounds in order to accommodate modern changes in computing environments. When businesses existed in only a single location (or when businesses purchase leased lines connecting all their offices) the model worked rather well.
But once workers began to need to work remotely, whether at home or on the road, the model became difficult to support. The concept of VPNs was introduced in order to extend the castle wherever it was needed. VPNs changed how companies could physically exist. But they did so without addressing some fundamental issues within traditional IT infrastructure.
The solution to this infrastructure reinvention has been coming for a long time now. Examples of this coming change are the movement toward web applications, "cloud services," hosted applications, Software as a Service and other new ways people are accessing applications.
Slowly we started exposing applications to the "outside." We started simply with email, then basic web applications. Slowly more and more components of business infrastructure started to be exposed externally without requiring the use of a VPN.
The advent of smartphones accelerated this process as certain applications – email and calendaring being the biggest drivers – absolutely demanded extension to these mobile devices. For the most part, IT departments did not even see a significant shift occurring.
Instead it was little pinholes, small changes as more and more of the tools used in the business were available without connecting to the VPN, without sitting inside the office.
Today a new business might legitimately ask its CIO: "Why do we even need a LAN? What benefit do we get from everyone sitting on a single, physical network?"
Sure, there are still plenty of good reasons why a LAN might be needed. But it is a valuable question to ask and the answer might surprise you. I was asked this myself and the answer was that we didn't need a LAN. Every app is available through its own, secure channel, without a need for VPNs or a local network.
BYOD: Secret Weapon of the IT Department
Where LANs continue to shine brightest is in desktop management. If you need to lock down and control the actual end user equipment, then LANs work their best here – currently. This too will change in time. But this is where BYOD becomes the secret weapon of the IT department.
BYOD, while creating its own raft of obvious complications (especially around end user support expected after decades of total IT control of end user devices), offers the opportunity to eliminate the LAN. To pull back the walls of the castle to surround only the core infrastructure where no end user ever need venture – and to drop the support of end users devices solidly into the lap of the end users themselves.
With modern LAN-less application publishing strategies (this includes web apps, remote desktop technologies and others) end user devices are effectively thin clients. These devices often provide no more processing capacity than is necessary to display the application. They are a window into the infrastructure, not a gateway. They look at the servers – they aren't sitting inside the castle with them.
Thinking of end user devices as view panels or windows rather than computing devices is the key to making BYOD an advantage to the IT department rather than its bane.
Of course, this plays into the usual ebb and flow of fat and thin clients over the history of computing. The tide will change again, but for now, this is our current opportunity. End users want the illusion of control and the reality of picking the device that is best suited to their needs – which are almost strictly physical needs whether of fashion or function.
IT departments want the reality of control and should be happy to allow end users to pick their own devices. Everyone can win.
The key, of course, is eliminating legacy applications or finding workarounds. Technological approaches such as VDI, terminal servers or even racks of datacenter-housed desktops potentially provide fallback strategies. These resources can be accessed from nearly any device. Simultaneously, "view" layer technologies like HTML 5 look to provide elegant, modern options for exposing applications, shifting display-related processing to the end user device and standardizing on a protocol that is likely to exist ubiquitously in the very near future. The technologies are there today.
With the corporate network shrunk down to being only the infrastructure servers and associated networking gear, suddenly IT departments have the potential for greater control and more flexibility while giving up little. End users are happy, IT is happy.
BYOD is an opportunity for IT to exert greater control, tighter security all while giving the impression of being approachable and flexible.