Analysis: BYOC and the democratization of knowledge work

Last week, Citrix announced it would give its workers a stipend to buy their own laptops for both work and personal use. As a chapter in the story of IT consumerization, the news was significant. But as a step toward empowering the most productive users, it was tiny.<BR><BR>Read More

 

[Tekzel]

So they want the employees to buy their own notebook to use for work, one that they don't own so they will have no control over it at all? Doesn't sound like a good idea for them to me.

 

[digraph]

Good article, etc. I have one nit tho': <BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">The most productive users are the ones who select and optimize the layers of the software stack to fit their workflow... </div></BLOCKQUOTE> <BR><BR>Is this just common knowledge, or is there empirical evidence you could point to, to support this idea?

 

[J. May]

I support some people who do contract work for my company. They work from home and use their machines for work and personal activities.<BR><BR>Every week or two, I get a call wondering why there are random popup ads, even when no browser is open. Or, why Internet Explorer is so slow (when it has every toolbar you can think of installed). Don't even get me started on what children do to these machines!<BR><BR>I agree with the idea that people are using information tools better than they were a decade ago. I completely disagree with the notion that generic users are ready to meld work and personal activities into one machine without some hard division.<BR><BR>And that's assuming the whole ownership/privacy thing doesn't become an issue. Personally, I'd never use a work laptop to store any personal files on because I feel it's a given that the company can snatch the machine back and pick it apart if they want to - it is their machine.<BR><BR>Citrix may be in a good position to let users pick their hardware and virtualize the rest, but for my company the division remains in hardware wherever I can help it.

 

[b-ape]

The idea of thinking of users in terms of their tasks/roles is *not* new in any way. It's been in academic literature for at *least* 10 years (and probably longer). It's not like awareness of the way users work is does not exist at most software vendors. If they haven't taken any steps by this point, I'd say they are probably inept.

 

[Aelix]

Well if you're Citrix I bet the Citrix client licenses come cheap. <BR><BR>I agree with the assessment this doesn't really change much. I assume the employees can already access their Citrix applications from home. Citrix is just exposing that layer in the workplace.<BR><BR>Their users can now enjoy all of the laggy, non-native, pseudo applications on their own laptop instead of a boring Dell provided by Citrix. <BR><BR>It's a win for Citrix, they are no longer supporting all the software on the laptops, nor the service contracts. It's a great cost-saving measure.<BR><BR>If Citrix has any sanity, these laptops will be thrown in a strict DMZ. All it takes is one laptop with GoToMyPC installed to expose the Citrix application layer to the internet.. but they already have that problem with home machines already so no biggy.

 

[pwrstick]

Working in IT, my first concerns with this idea are:<BR> <UL TYPE=SQUARE><BR> <LI> Viruses and updates - How do you make sure the users are keeping themselves patched?<BR> <LI> Standards - How do you ensure employees can talk to each other? e.g. Microsoft Office vs. Apple iWork<BR> <LI> Support - Who is going to support troubleshooting the virus-laden free screen saver that blew up the laptop, now preventing the employee from working? And the multitude of applications and OSs?<BR> </UL><BR>I suppose if you're huge enough you just give the people an outsourced 800 number... but we're a small company of ~650 computer users, and I get to field the calls!<BR><BR>Currently we're on Vista, completely locked down, with no user having admin privs. It's bliss - gone are the calls of "I installed this free screen saver and now I can't use my computer". Though people don't get to use what they want, their machines work.

 

[swhx7]

Blurring the line of ownership of the computer is a bad idea, because it poses security and privacy problems for at least one of the parties.<BR><BR>If the employer owns it, the employee should not expect privacy or security for anything of his own on the computer, but the employer can assure security from its point of view by restricting software and privileges. Conversely, if it's the employee's computer, the employer is setting up a conflict if it needs to make requirements about its condition in order to let it on the network safely.<BR><BR>I don't mind using my personal pc for work (remote sessions for software development), but this works only because my employer is lenient about it. If the employer required specific closed-source softare, or any sort of root-privileged access, it would be unacceptable by my own security policy, and they'd have to either give up the demand or provide a computer if they want to control it.

 

[whquaint]

Sounds like a great experiment to me. Interesting how the IT control freaks come out of the woodwork against it. I've been a power user for 15 years, and thank God all my companies have given me admin rights on my company-owned computer. I rarely let a corporate IT guy touch my corporate computer. They screw it up.<BR><BR>By the way, MS Office for Mac was invented how long ago???? This ignorance shows how corporate IT people are anti-Apple for completely baseless reasons.

 

[Michaelz]

I think the article and the comments missed one of the most important aspects of the Citrix policy. While the issues raised are valid, Citrix just created a team of 100+ people who have a vested interest in solving those problems.<BR><BR>The workplace is becoming global, so remote computing is becoming more importannt, Citrix clearly has an interest in that arena, and they've just started an informal R&D program to solve those problems.<BR><BR>Michael

 

[Morbius665]

<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content"> Not only are those days of widespread user cluelessness definitively over, but the competent use of computers as information tools has now become extremely widespread in the general populace. </div></BLOCKQUOTE><BR><BR>Considering the number of calls I field every week related to someone who couldn't resist browsing a bad website or clicking on a pop-up that installed some malware on their machine, I beg to differ. <BR><BR>As much as I'd like to believe this is possilbe, how does a company wash its hands of this once, say, 50% of the machines are non-functionally slow to completely down?

 

[DarcSaint]

I have to take issue with a couple of the theories in this analysis. <BR><BR>1) The work/life division that is created by requiring the usage of a Citrix remote desktop is not a bad thing in itself. The remote desktop allows for a standardized, relatively secure, and easily-maintained (from a corporate perspective) environment that the users can use as a baseline for their work, while still allowing them the freedom to choose their software stack/tools. <BR><BR>Developers can code whatever toys they want, however they want, with whatever tools they want, but in the end those applications <I>must</I> work in a baseline environment. As an aside, this can encourage the use of tools with wide cross-platform support. <BR><BR>2) It's the job of software vendors to create tools that allow for application creation. App developers are the ones who must think in terms of how users will use an application. The app devs are the ones who must bridge between the knowledge of the backend software stacks (incl. the development stacks involved) and how the users will best work with the information they need.

 

[Enki42]

<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Nowadays, the IT department is where you go to find last year's tech, while the Apple Store is where you go to find tomorrow's. <BR> </div></BLOCKQUOTE><BR>And some say Ars is a bit Apple biased... <BR><BR>Actually to get the latest tech hardware it would seem like you'd have to go to a PC as it can be awhile before Apple comes out with the hardware refresh to bring those new parts to their products. But really you could have just said "an electronic store" and left it at that.

 

[ThousandStars5]

<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">In other words, the kinds of productive, "knowledge work" activities that once typically took place only at an office desk now happen in restaurants, parking garages, airports, cars, homes, and grade schools, and in this sense "knowledge work" has followed the semiconductor out of the office and into the pockets, purses, and backpacks of the general public. </div></BLOCKQUOTE><BR><BR>I find this hard to believe: restaurants, parking garages, and the like are so distracting that it seems improbable to me that the most important kinds of knowledge breakthroughs that fuel economies actually happen in them. Or, if such breakthroughs do happen, the hard work needed to take an epiphany to a product occurs elsewhere.<BR><BR>Nerds build caves for a reason, and the Atlantic asked whether Google is making us Stupid to challenge just the kinds of thinking displayed in this article. Paul Graham says we should disconnect distraction. The kinds of "work" people do in airports sounds to me suspiciously like busy work or make-work. <BR><BR>Now, this isn't to say that having multiple office locations or that keeping all of one's data in one place is a bad thing, because it isn't. But I would hesitate to assert that constant, relatively low levels of engagement are what companies really need from employees.

 

[kingtj]

It seems to me like companies seriously interested in investing in the concept of employees working from home, via an Internet connection, and running remotely served apps, would do best to issue people "dumb terminals" for the task?<BR><BR>As soon as you give someone a full-blown Windows PC, they're going to be tempted to make changes to its configuration. Microsoft themselves encourage it, by pushing out "critical updates" on a regular basis. You have to go out of your way to STOP a Windows-based PC from downloading and auto-intstalling them! (And yes, on more than one occasion, a Windows update broke some functionality in one of our company's applications, and we had to wait days for a fix.)<BR><BR>But even MS updates aside, a standard Windows operating-system on a PC is designed around the idea of being a "Swiss army knife". Businesses providing remote access to the workplace are only interested in one "blade" of that knife. Why go to great lengths trying to prevent people from using the other attachments on that "Swiss army knife", perhaps even trying to "glue them down" - when you could issue a cheaper knife with one blade instead?<BR><BR>I'm talking about thin client computing here. Doesn't even have to be a higher-priced commercial solution though. It could be old PC mini-towers you take out of service and simply reformat with a basic Linux install that auto-launches the required VPN software and a Citrix ICA client in X. I even did it with MS-DOS and a DOS-based client, some years ago, and it was pretty usable.

 

[Hap]

I work at a 140,000+ employee company and we're moving to a much more locked down configuration every year. We're moving away from IT consumerization, not toward it.<BR><BR>The latest information I've received is that they're are planning on some type of netboot type configuration (given the state of our network - this is going to fail spectacularly).

 

[DarcSaint]

<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by kingtj:<BR>It seems to me like companies seriously interested in investing in the concept of employees working from home, via an Internet connection, and running remotely served apps, would do best to issue people "dumb terminals" for the task?<BR> </div></BLOCKQUOTE><BR><BR>I don't think it's so much that they want employees to be able to work from home, but rather that they want employees to be able to work <I>anywhere</I>. And right now there's no answer to thin-client PCs that have the mobility of laptops. Netbooks come close, but they're not really practical enough to do work on.<BR><BR>As for the rest, that's simple: the idea is to give the users maximal freedom as far as their development environment.

 

[kindakrazy]

Gee. Everybody must love this solution, except for the guy who has to pay for it.<BR><BR>Citrix is pushing a strategy that was rejected 15 years ago, namely the central service, with a bunch of dumb terminals attached to it (which is all Citrix is).<BR><BR>The only difference, you have a much more powerful computer on your desk, except it's just wasting it's multi-core, multi-gigahertz CPU being a dumb terminal.

 

[aeberbach]

IT people worried about this idea, don't be. It doesn't have to be more dangerous than the current situation. You define the corporate image complete with virus checkers, VPN, bigfix or whatever you use to push out patches. You still maintain your compliance checks and standards. The only difference is that your image runs as a virtual machine which for all intents and purposes is no difference at all. If you're worried about losing the HD password protection you may be using then required the VM to be a Truecrypt (or similar) volume. <BR><BR>It could even make your life easier; when a user deletes, corrupts or otherwise destroys their corporate VM there is no more re-imaging, just give them another copy of the VM.<BR><BR>Users love it. Slow, restricted work takes place in the corporate sandbox. Fast and unrestricted tools of personal choice and personal content are available all the time and the two don't mix.<BR><BR>whquaint mentioned:<BR><BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">MS Office for Mac </div></BLOCKQUOTE><BR><BR>What a bloated mess that is - could they have made it any slower if they had tried? Could even be a strategic decision, if you're into conspiracy theories. I'd rather work on the Windows version in a VM!

 

[RagingDragon]

<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by Hap:<BR>I work at a 140,000+ employee company and we're moving to a much more locked down configuration every year. We're moving away from IT consumerization, not toward it. </div></BLOCKQUOTE><BR><BR>Much the same here. The article overlooks one major corporate concerns - the company can be sued for sexual harassment if one employee is offended by anothers "adult content" screen saver or background image. There are also intellectual property issues:<BR><UL TYPE=SQUARE><BR><LI>If the line between work and personal computing is blurred, so is intellectual property ownership. What happens when your primary employer claims ownership of a personal project, or the contract work you did on the side for another company?<BR><LI>How about shareware that is "free" for personal use, but requires a license for commercial use? Many users don't understand the difference and/or don't read the licensing conditions. If a user installs such software on their "personal" laptop, then uses that software doing work for their employer, is the employer liable for copyright infringement? Is the employee? Does the employer want to expose their employees to such potential liability?<BR><LI>Is the employer liable if the user installs pirated software, and then uses it for work? What are the PR consequences if such an incident is widely publicized by media? Would such an incident lead to frequent, expensive and disruptive "audits" by the BSA and various software vendors?<BR><LI>What the employee uses patented sofware and thus the products of their work require a patent license (and their employer doesn't know about this at all)?<BR></UL><BR>So even if corporate IT like the idea of users providing their own hardware + OS, the legal department should be very worried. Then there are the support, security and privacy issues discussed by others (virtual machines can a atleast partially offset this, but then the corporate standard VM environment will restrict the OS and hardware employees can use).<BR><BR>Also the point about the most productive users having tons of scripts and customizations? Outside of developers I don't see that, and about half the people I've seen with such customized environments don't understand the consequences of their tweaking (i.e. malware infested "free" software, and software licensing issues(see above)) and are prime examples of "a little a knowledge is dangerous". For the other half it would work rather well; however, those people also tend to be fairly adaptable, able to learn new (i.e. corporate standard) tools anyway, and productive in any reasonable environment. But in a large organization rules have to be applied fairly, so it's difficult/impossible to give some people the power to customize their environment but not others.<BR><BR><BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content"><BR>The latest information I've received is that they're are planning on some type of netboot type configuration (given the state of our network - this is going to fail spectacularly).<BR> </div></BLOCKQUOTE><BR><BR>Ugh. I hope they'll at least use replicated per-location boot servers, so you're booting over LAN rather than WAN. Fortunately nothing quite that nasty coming my way yet.

 

[Matt Wallis]

I'm happy that you guys are locking down your corporate environments.. The more you lock them down, the more outside contractors like me get called in, and paid ridiculous rates because "We can't get anything done on the internal network."<BR><BR>I love EDS, takes 6 months to deploy a new application. That's 6 months of productivity down the drain.<BR><BR>So please, keep strangling your companies IT, keep trying to save people from themselves, you're making me happier.

 

[RagingDragon]

<blockquote class="ip-ubbcode-quote">
<div class="ip-ubbcode-quote-title">quote:</div>
<div class="ip-ubbcode-quote-content">Originally posted by Matt Wallis:<br>I'm happy that you guys are locking down your corporate environments.. The more you lock them down, the more outside contractors like me get called in, and paid ridiculous rates because "We can't get anything done on the internal network."<br><br>I love EDS, takes 6 months to deploy a new application. That's 6 months of productivity down the drain.<br><br>So please, keep strangling your companies IT, keep trying to save people from themselves, you're making me happier. </div>
</blockquote>
<br><br>It's not about saving people from themselves, it's more about protecting them from each other's mistakes. And also about protecting the company from legal liability - in a world where employers expect to be sued if some dumb ass uses an "adult" background image (and a company with 100,000+ employees will have at least a few such idiots), lockdown is almost a regulatory requirement. Considering the liability and regulatory risks, an argument could be made that it is cheaper to hire an expensive but legally separate enitity (i.e. you), rather than reducing user lock down. Personally, I don't agree with that argument, but hopefully you can find lots of clients who do -- View image here: http://episteme.meincmagazine.com/groupee_common/emoticons/icon_smile.gif --.<br><br>That said, I've seen people get carried away with lockdown; however, if A) the lock down is moderate and B) exceptions are possible (but require approval) it doesn't work out so bad. At my workplace, the only people I've seen significantly impaired by lock down are those who: stubbornly refuse to justify why they need an exception and/or fixate on specific tool and refuse to consider any alternatives. Mostly people get really frustrated when they want to use an unapproved free/cheap product because their pet project has no return on investment - of course, due to the lack of ROI their exception requests are also pretty much guaranteed to be rejected. Despite the frustration, killing such projects is good for the business (as it prevents wasting time and money).<br><br>In my experience, the productive people the article refers to are the same people the IT folks trust, and thus they can usually get local admin rights without too much difficulty, and generally get away with bending the rules. Getting a Mac or Linux desktop approved would be petty difficult, though I haven't seen anyone seriously attempt it.

 

[Black_Obsidian]

<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by Matt Wallis:<BR>I love EDS, takes 6 months to deploy a new application. That's 6 months of productivity down the drain.<BR> </div></BLOCKQUOTE><BR>In some environments this is necessary. It can take a long time to test a new piece of software with every permutation of currently-tested software deployed in the enterprise. Sure, you could just throw it out there and see what happens... if your business doesn't do anything important, and doesn't in any way involve, oh, public safety or critical health systems.<BR><BR>My main gripe with the BYOC idea, as interesting as seems, is support. Dealing with these things when they break (which will happen, especially when people go buy the cheap Acers and Dells so they can pocket the rest of the cash) is doubtless going to fall on the shoulders of ITS. The lack of platform homogeneity will mean a huge increase in resources necessary to maintain the systems, never mind having to deal with the consumer-grade support offered by the manufacturers. I shudder to even think of such a thing. Fortunately, this sort of initiative will never come to my workplace, where security reigns supreme, and we actually have modern hardware (Lenovo T61 and X61 notebooks, with the new X200s currently undergoing testing).