I also think its a horrible idea to let people bring in their own. This will be an IT nightmare.
Again, I'm already doing this. Those who aren't comfortable configuring their own computers are not likely those who would consider replacing their company-issued machine in the first place.
I bought a Mac Mini for the office. It sits on my desk. It accesses the Exchange server. I run Parallels for those few Windows-only applications I need. I use NeoOffice for 99% of the files I receive from co-workers (for those 1% that aren't properly opened in NeoOffice, I have both Office 2007 and Office 2008; I rarely need either of them). For my own self-created documents, I use iWork.
When I work from home, I use my own MacBook Pro. My company does not provide a VPN client for the Mac, but that's just fine - I prefer to run my VPN inside of a VM, so when I'm remote I am 90% working with Windows XP. I still use iWork for editing a lot of documents, but Parallels supports that fairly seamlessly. One huge advantage of running the VPN inside my VM is that I still have access to the entire Internet outside of the VM, since the Mac isn't pushing bits through the corporate proxy server. It's a fantastic setup, and I love it.
The only time I've ever had to call IT is to reset my password on the proxy server when my password manager got out of sync.
I don't think this is going to be a nightmare for IT. If it does become one, this is probably a pilot program that will ultimately be pulled.
Those are great links Onhka. The citrix case study adds more detail to a potential workable implementation. Computers running a thin client firewalled off from the company network makes sense. Company data would reside on the companies servers not on the thin client machines themselves so in theory if there were an issue with the computer another could be issued with minimal data loss. I'm starting to warm up to this. Thanks for the links.
Oh, using Citrix adds a whole new (primarily wonderful) dimension. We've been doing this in my office for years as well - not (specifically) for isolating mission critical applications from the outside, but for speed and ease of (centralised) administration.
When the thick client needs to be upgraded, it's done so on the Citrix servers--users don't have to worry about a thing. Our mission critical applications also reside on a production network that is heavily firewalled from the end-user network. For many of our applications, there's a lot of data pushed between client and server. If the thick client resides on the end-user network, that's a lot of traffic going through the firewall (often gigabytes) which degrades the user experience. When the thick client is on the same network as the servers, the data moves very quickly. It's much faster to update the 'display' over the firewall than it is to push gigabytes of data.
It is not geared for people sitting in the office at work. It is geared towards those that travel and work from home.
And it won't be an IT nightmare because about the only thing the IT department will have to worry about is getting onto the company network and even then, only from the network side. They will provide the settings you use but it's up to you to configure your own computer to work.
I think there may be a disconnect here between what companies are doing and what it is perceived that they are doing. I'm guilty of this myself, my initial reaction was, "are they crazy". I've changed my mind. I think you are correct. I would just include one additional item. I don't think it will be necessary for people to perform much configuration on their own computer to do work, if they are using a product like Citrix. The configuration of the applications would be done on the server and the application would be delivered for use on the remote computer. Configuration by the end user would be minimal.
If Kraft is implementing this like Citrix is, people aren't just bringing in their home computers and hooking them up into the companies trusted corporate network. They aren't downloading random software to execute on the trusted corporate network (viruses/spyware/etc).
If they are doing this like Citrix, they are authenticating to vpn software and gaining network access into a firewalled DMZ where the damage they can do if they become compromised is reduced. They aren't installing corporate applications on their computers. The applications are being delivered from a server and are actually executed there. The data for the applications wouldn't reside on the computer they brought from home where it could be lost/stolen/rendered inaccessible. The data would reside on the server where it could be secured/backed up/replicated for access in the event of a disaster. Doing this the citrix way makes sense to me, the non-citrix way sounds like a nightmare from an IT support perspective to me (*it has been debated that if such a deployment were only limited to a group of trusted individuals it could reduce costs and foster innovation* though I agree in principal, I've seen issues with this kind of implementation and I wouldn't recommend it. I like the citrix solution though. I should buy their stock.)
Oh, using Citrix adds a whole new (primarily wonderful) dimension. We've been doing this in my office for years as well - not (specifically) for isolating mission critical applications from the outside, but for speed and ease of (centralised) administration.
When the thick client needs to be upgraded, it's done so on the Citrix servers--users don't have to worry about a thing. Our mission critical applications also reside on a production network that is heavily firewalled from the end-user network. For many of our applications, there's a lot of data pushed between client and server. If the thick client resides on the end-user network, that's a lot of traffic going through the firewall (often gigabytes) which degrades the user experience. When the thick client is on the same network as the servers, the data moves very quickly. It's much faster to update the 'display' over the firewall than it is to push gigabytes of data.
'course if you work for the federal govt., you watch porn on company computers during work hours... and make twice as much as the non-govt. Workers paying your salary!
.
That happens in all offices, not just the Federal government. My wife works in a hospital and porn is all over the place, despite management forbidding it.
If you think government employees makes so much, and have it so good, apply for a job with the government. Do you have the qualifications to apply?
When I work from home, I use my own MacBook Pro. My company does not provide a VPN client for the Mac, but that's just fine - I prefer to run my VPN inside of a VM, so when I'm remote I am 90% working with Windows XP. I still use iWork for editing a lot of documents, but Parallels supports that fairly seamlessly. One huge advantage of running the VPN inside my VM is that I still have access to the entire Internet outside of the VM, since the Mac isn't pushing bits through the corporate proxy server. It's a fantastic setup, and I love it.
Have you looked at the logmein application? My company doesn't provide VPN access from my Mac either. However, I could access my work computer from my home MacBook/iPad and iPhone using logmein. It looks like it creates a tcpip socket connection from my work computer running a vnc server app to logmein's servers. It keeps this connection active. Logmein then allows me to authenticate to their servers through a web browser, or one of their vnc clients (one of which is an iPad app) and run their vnc client to remotely control my work desktop. The vnc client app is the best I have used on the iPad, very intuitive. I also use it to remotely control my MacBook at home from work. I did end up uninstalling it on my work computer until I can get clearance from our security team, because it goes right around the protections they've setup (firewall). Figured I'd mention it though because it would take running windows out of the equation for you.
I see it as an option. Do you not already have your own Mac notebook computer? If you do, the extra marginal expense is likely almost nothing if you choose to use it. And the flier says they will pay for expenses, so it could be to your advantage.
There are other good reasons to not do it though. I would suggest that people not do it, so they can keep their personal and work resources clearly divided, particularly with your data files.
Look at it this way: As long as you're willing to use your own, why would the company be willing to fork over money to buy the employees one? You see where this goes? Just a couple of employees willing to use their own Macs start a trend, where the employer now expects everyone to use their own home computers and not have to buy any. This effectively gives you a pay cut, just like as if you had a company car that gets taken away and you're now required to use your own. Sure, you already owned a car, but now have to pay more for your own maintenance, etc. for the extra use, not to mention buy a newer one sooner from the additional mileage. Many people who own company cars would rather drive their own cars, because the company cars tend to be very basic. But in doing so, they would throw away a perk.
If the company was willing to shell out similar money that they would spend for a laptop and the IT services to support it, much in the same way that some people get their company cars by having an allowance they get to spend, that would be different. But, they're not. It sounds like a good idea, but in the end, you lose.
That happens in all offices, not just the Federal government. My wife works in a hospital and porn is all over the place, despite management forbidding it.
That's a pretty broad statement... I can show you lots of banks, realtors, etc. where they don't sit around accessing porn on company computers on company time.
But, some local idiot was just arrested for accessing kiddy-porn on a public library computer.
Quote:
If you think government employees makes so much, and have it so good, apply for a job with the government. Do you have the qualifications to apply?
It's not what I think!. Here's an article that Fed. Govt. employees average 2 x the pay and 4 x the benefits than those paying their salaries.
As for qualifications... here's just 1: I held a Top Secret "Q" Clearance (though never worked for the govt). It has expired, tho, as I am 70 years old.
Look at it this way: As long as you're willing to use your own, why would the company be willing to fork over money to buy the employees one? You see where this goes? Just a couple of employees willing to use their own Macs start a trend, where the employer now expects everyone to use their own home computers and not have to buy any. This effectively gives you a pay cut, just like as if you had a company car that gets taken away and you're now required to use your own. Sure, you already owned a car, but now have to pay more for your own maintenance, etc. for the extra use, not to mention buy a newer one sooner from the additional mileage. Many people who own company cars would rather drive their own cars, because the company cars tend to be very basic. But in doing so, they would throw away a perk.
If the company was willing to shell out similar money that they would spend for a laptop and the IT services to support it, much in the same way that some people get their company cars by having an allowance they get to spend, that would be different. But, they're not. It sounds like a good idea, but in the end, you lose.
Great, a vehicular comparison?
I see what you're getting at, but there's too little real information here, such as the amount of the stipend, which could turn into a perk instead of a cost to you, because it subsidizes your personal computer.
No kidding. From a security perspective this is assinine.
Actually, if you follow some of the posts (above) on Citrix, it appears that it can be a very secure system.
The BYOC can operate as a thin-client where everything is stored and executed on servers behind secure firewalls. All communications between the servers and thin clients are encrypted, and no data or apps are stored on the client.
Comments
I also think its a horrible idea to let people bring in their own. This will be an IT nightmare.
Again, I'm already doing this. Those who aren't comfortable configuring their own computers are not likely those who would consider replacing their company-issued machine in the first place.
I bought a Mac Mini for the office. It sits on my desk. It accesses the Exchange server. I run Parallels for those few Windows-only applications I need. I use NeoOffice for 99% of the files I receive from co-workers (for those 1% that aren't properly opened in NeoOffice, I have both Office 2007 and Office 2008; I rarely need either of them). For my own self-created documents, I use iWork.
When I work from home, I use my own MacBook Pro. My company does not provide a VPN client for the Mac, but that's just fine - I prefer to run my VPN inside of a VM, so when I'm remote I am 90% working with Windows XP. I still use iWork for editing a lot of documents, but Parallels supports that fairly seamlessly. One huge advantage of running the VPN inside my VM is that I still have access to the entire Internet outside of the VM, since the Mac isn't pushing bits through the corporate proxy server. It's a fantastic setup, and I love it.
The only time I've ever had to call IT is to reset my password on the proxy server when my password manager got out of sync.
I don't think this is going to be a nightmare for IT. If it does become one, this is probably a pilot program that will ultimately be pulled.
Those are great links Onhka. The citrix case study adds more detail to a potential workable implementation. Computers running a thin client firewalled off from the company network makes sense. Company data would reside on the companies servers not on the thin client machines themselves so in theory if there were an issue with the computer another could be issued with minimal data loss. I'm starting to warm up to this. Thanks for the links.
Oh, using Citrix adds a whole new (primarily wonderful) dimension. We've been doing this in my office for years as well - not (specifically) for isolating mission critical applications from the outside, but for speed and ease of (centralised) administration.
When the thick client needs to be upgraded, it's done so on the Citrix servers--users don't have to worry about a thing. Our mission critical applications also reside on a production network that is heavily firewalled from the end-user network. For many of our applications, there's a lot of data pushed between client and server. If the thick client resides on the end-user network, that's a lot of traffic going through the firewall (often gigabytes) which degrades the user experience. When the thick client is on the same network as the servers, the data moves very quickly. It's much faster to update the 'display' over the firewall than it is to push gigabytes of data.
It is not geared for people sitting in the office at work. It is geared towards those that travel and work from home.
And it won't be an IT nightmare because about the only thing the IT department will have to worry about is getting onto the company network and even then, only from the network side. They will provide the settings you use but it's up to you to configure your own computer to work.
I think there may be a disconnect here between what companies are doing and what it is perceived that they are doing. I'm guilty of this myself, my initial reaction was, "are they crazy". I've changed my mind. I think you are correct. I would just include one additional item. I don't think it will be necessary for people to perform much configuration on their own computer to do work, if they are using a product like Citrix. The configuration of the applications would be done on the server and the application would be delivered for use on the remote computer. Configuration by the end user would be minimal.
If Kraft is implementing this like Citrix is, people aren't just bringing in their home computers and hooking them up into the companies trusted corporate network. They aren't downloading random software to execute on the trusted corporate network (viruses/spyware/etc).
If they are doing this like Citrix, they are authenticating to vpn software and gaining network access into a firewalled DMZ where the damage they can do if they become compromised is reduced. They aren't installing corporate applications on their computers. The applications are being delivered from a server and are actually executed there. The data for the applications wouldn't reside on the computer they brought from home where it could be lost/stolen/rendered inaccessible. The data would reside on the server where it could be secured/backed up/replicated for access in the event of a disaster. Doing this the citrix way makes sense to me, the non-citrix way sounds like a nightmare from an IT support perspective to me (*it has been debated that if such a deployment were only limited to a group of trusted individuals it could reduce costs and foster innovation* though I agree in principal, I've seen issues with this kind of implementation and I wouldn't recommend it. I like the citrix solution though. I should buy their stock.)
Oh, using Citrix adds a whole new (primarily wonderful) dimension. We've been doing this in my office for years as well - not (specifically) for isolating mission critical applications from the outside, but for speed and ease of (centralised) administration.
When the thick client needs to be upgraded, it's done so on the Citrix servers--users don't have to worry about a thing. Our mission critical applications also reside on a production network that is heavily firewalled from the end-user network. For many of our applications, there's a lot of data pushed between client and server. If the thick client resides on the end-user network, that's a lot of traffic going through the firewall (often gigabytes) which degrades the user experience. When the thick client is on the same network as the servers, the data moves very quickly. It's much faster to update the 'display' over the firewall than it is to push gigabytes of data.
great follow up. love the explanation.
'course if you work for the federal govt., you watch porn on company computers during work hours... and make twice as much as the non-govt. Workers paying your salary!
.
That happens in all offices, not just the Federal government. My wife works in a hospital and porn is all over the place, despite management forbidding it.
If you think government employees makes so much, and have it so good, apply for a job with the government. Do you have the qualifications to apply?
When I work from home, I use my own MacBook Pro. My company does not provide a VPN client for the Mac, but that's just fine - I prefer to run my VPN inside of a VM, so when I'm remote I am 90% working with Windows XP. I still use iWork for editing a lot of documents, but Parallels supports that fairly seamlessly. One huge advantage of running the VPN inside my VM is that I still have access to the entire Internet outside of the VM, since the Mac isn't pushing bits through the corporate proxy server. It's a fantastic setup, and I love it.
https://secure.logmein.com/welcome/a...ess/freedom/3/
Have you looked at the logmein application? My company doesn't provide VPN access from my Mac either. However, I could access my work computer from my home MacBook/iPad and iPhone using logmein. It looks like it creates a tcpip socket connection from my work computer running a vnc server app to logmein's servers. It keeps this connection active. Logmein then allows me to authenticate to their servers through a web browser, or one of their vnc clients (one of which is an iPad app) and run their vnc client to remotely control my work desktop. The vnc client app is the best I have used on the iPad, very intuitive. I also use it to remotely control my MacBook at home from work. I did end up uninstalling it on my work computer until I can get clearance from our security team, because it goes right around the protections they've setup (firewall). Figured I'd mention it though because it would take running windows out of the equation for you.
Louey
Ultimate Privacy
I see it as an option. Do you not already have your own Mac notebook computer? If you do, the extra marginal expense is likely almost nothing if you choose to use it. And the flier says they will pay for expenses, so it could be to your advantage.
There are other good reasons to not do it though. I would suggest that people not do it, so they can keep their personal and work resources clearly divided, particularly with your data files.
Look at it this way: As long as you're willing to use your own, why would the company be willing to fork over money to buy the employees one? You see where this goes? Just a couple of employees willing to use their own Macs start a trend, where the employer now expects everyone to use their own home computers and not have to buy any. This effectively gives you a pay cut, just like as if you had a company car that gets taken away and you're now required to use your own. Sure, you already owned a car, but now have to pay more for your own maintenance, etc. for the extra use, not to mention buy a newer one sooner from the additional mileage. Many people who own company cars would rather drive their own cars, because the company cars tend to be very basic. But in doing so, they would throw away a perk.
If the company was willing to shell out similar money that they would spend for a laptop and the IT services to support it, much in the same way that some people get their company cars by having an allowance they get to spend, that would be different. But, they're not. It sounds like a good idea, but in the end, you lose.
That happens in all offices, not just the Federal government. My wife works in a hospital and porn is all over the place, despite management forbidding it.
That's a pretty broad statement... I can show you lots of banks, realtors, etc. where they don't sit around accessing porn on company computers on company time.
But, some local idiot was just arrested for accessing kiddy-porn on a public library computer.
If you think government employees makes so much, and have it so good, apply for a job with the government. Do you have the qualifications to apply?
It's not what I think!. Here's an article that Fed. Govt. employees average 2 x the pay and 4 x the benefits than those paying their salaries.
http://www.washingtonexaminer.com/op...-92316619.html
As for qualifications... here's just 1: I held a Top Secret "Q" Clearance (though never worked for the govt). It has expired, tho, as I am 70 years old.
.
One Post above writes ...
" ... to say that PCs do nothing useful is immature idiocy."
Is not that PC's (Windoze) do not do anything, useful or otherwise
Is that what they do is not done well
And that's only when they're working properly, which can be rarely
Simple and Elegant - Microsoft Ain't
.
Another Post above ...
Uses the words "computers" and "decades" in the same sentence
Careful
When you write about "computers" and "decades"
Be sure to bring your Punch Cards
And those 2" Magnetic Tape Reels the size of Wheels
Simple and Elegant - Them Days Ain't
.
I had an IT manager tell me Macs were not supported because "they were too hard to administer and didn't network properly".
I think that means Microsoft's TCP/IP implementation was non-standard since OS/X is a recognized flavour of Unix.
Look at it this way: As long as you're willing to use your own, why would the company be willing to fork over money to buy the employees one? You see where this goes? Just a couple of employees willing to use their own Macs start a trend, where the employer now expects everyone to use their own home computers and not have to buy any. This effectively gives you a pay cut, just like as if you had a company car that gets taken away and you're now required to use your own. Sure, you already owned a car, but now have to pay more for your own maintenance, etc. for the extra use, not to mention buy a newer one sooner from the additional mileage. Many people who own company cars would rather drive their own cars, because the company cars tend to be very basic. But in doing so, they would throw away a perk.
If the company was willing to shell out similar money that they would spend for a laptop and the IT services to support it, much in the same way that some people get their company cars by having an allowance they get to spend, that would be different. But, they're not. It sounds like a good idea, but in the end, you lose.
Great, a vehicular comparison?
I see what you're getting at, but there's too little real information here, such as the amount of the stipend, which could turn into a perk instead of a cost to you, because it subsidizes your personal computer.
Citrix offered a $2100 stipend:
http://www.msnbc.msn.com/id/26889537/
This site suggests a 1500 euro stipend:
http://myceolife.com/2009/01/bring-y...puter-to-work/
We'll just have to see details on the program before describing it as a slippery slope.
That would certainly keep the IT department busy...
Big challenges ahead!
No kidding. From a security perspective this is assinine.
No kidding. From a security perspective this is assinine.
Actually, if you follow some of the posts (above) on Citrix, it appears that it can be a very secure system.
The BYOC can operate as a thin-client where everything is stored and executed on servers behind secure firewalls. All communications between the servers and thin clients are encrypted, and no data or apps are stored on the client.
.
This is interesting news for the 0.00163% of the world that works for Kraft Foods.
...and for those of us who understand that when one major corporation starts, others often follow...
...and for those of us who understand that when one major corporation starts, others often follow...
2 years ago a German newspaper started to migrate to Mac. Not Mac only, as they also have a vacancy for a Flash Developer. Tss.
http://tech.fortune.cnn.com/2008/07/...tching-to-mac/
Cheers,
Phil
Based on the article each employee who decide to use his own Mac must do his own support. I think the IT people couldn't be much happier.
They will still need IT. I can only imagine how many people asking "how do I print" even though we know how easy Apple makes it to add a printer.
Reminds me of the book "Zen and the Art of Motorcycle Maintenance." Some want to fix their own bike and others do not.