|By Dana Gardner||
|November 15, 2012 10:00 AM EST||
The growing acceptance of bring your own device (BYOD) at enterprises comes with promise and perils.
Our next BriefingsDirect discussion examines why the users’ personal use, ownership and maintenance of the computing and mobile devices of their choosing is making more sense for more organizations. We'll learn about how and why through the example of one company, Quest Software, that has begun supporting BYOD -- even with the full blessing of IT.
We'll see how this has had benefits far beyond just the users’ sense of empowerment, in terms of meaningful IT advancements in centralized applications, control and support, virtual desktop infrastructure (VDI) use, better disaster recovery (DR) practices, better data protection and more. And we'll see how Quest has used a number of tools to manage the risks.
Here to share insights into how BYOD can work well at Quest Software, and even into their new corporate owner Dell, is Carol Fawcett, the CIO of Dell Software and the former long-term CIO of Quest Software. The interview with her is conducted by Dana Gardner, Principal Analyst at Interarbor Solutions. [Disclosure: Quest Software is a sponsor of BriefingsDirect podcasts.]
Here are some excerpts:
Gardner: I'm really intrigued with this BYOD thing. Just a year or two ago, people were saying, "What?" and scratching their heads, saying, "Are you kidding? You're going to let your users choose their device?" But as this has been put into place and some of the implications have been thought through, it seems to be an interesting possible benefit set.
So let me start with where you began. What were the challenges, or what were the forces or trends at work, too, that got you all at Dell Software involved with BYOD?
Fawcett: I don’t think that we actually necessarily started down the path of a BYOD project, because as many listening will know, this started years ago. We started a project where we said we wanted to enable our users to access applications and data on a select set of devices, which for us started with the obvious, the iPad. Then came the Android smartphones, and the list continued on.
This list will continue to grow as time goes on and new devices are brought in. The good news is that there are product offerings now in the marketplace that are helping with that demand and helping IT departments everywhere.
So instead of looking at it as BYOD, it’s now turned into a BYO-x phenomena that the C-level started. And as everyone in an organization saw them bringing different devices into meetings, of course, they all wanted to jump on the bandwagon. Slowly but surely, the wave began, and that's how we got where we are today.
Gardner: This is interesting. There is a sort of direction from the user side, which is to say, they probably like the choice and they had some personal preferences, or they've been able to be more productive in their personal lives using certain technologies.
Then there has also been this direction from the enterprise, which is to say, they like the idea of centralizing, controlling apps and data. And then delivering those out to devices (like with VDI) can be a way of encouraging this control. It’s almost like a confluence of two forces -- VDI and BYOD -- that make a whole greater than the sum of the parts. And we don’t see that very often in IT.
Pull it together
Fawcett: It’s one where you have to pull the needs and the demands of an IT organization together with what the users want to go to, and that’s just what we're seeing out there everywhere in the industry. You definitely have to pull it together, try to satisfy the IT governance and the policies that we set up, and balance that against what the users are saying: "I have to have this in order to get my job done."
Gardner: It sounds as if some of the basic principles and benefits of VDI come to play here. That is to say, the provisioning, the control, the access management. So is there a fortuitous intersection of where VDI was entering into more and more organizations -- particularly those that want to control for security or regulatory purposes or intellectual property (IP) control, that sort of thing -- with this idea of multiple devices, multiple panes of glass, full mobility.
Did that play a role there, too? Were you already going down a VDI track or trajectory and this helped you get to BYOD quicker and better?
Fawcett: We started down the VDI path. In fact, many companies did years ago, when we started to do more with offshore resources. We wanted to have offshore resources, we wanted to give them desktops, but we wanted to make sure they were secure. That was the first introduction of where VDI makes a lot of sense, where you want to secure data, have folks doing coding, but knowing they can’t take code with them. That’s the way it started.
But then you start to find other use cases for VDI that really start to benefit the rest of the user community. VDI is one of those things that started a while back and now has slowly grown into this BYOD solution.
Gardner: Did you know how much BYOD was going on there? How did you find out and how would it become something you could control?
Fawcett: That’s the question of the hour. I'd love to be able to say that we knew exactly how many people were bringing in what kinds of devices, but the reality is, we are a technology company, so some of our policies may be more relaxed than the policies of companies outside our realm.
For example, in a bank or in the government, you can pretty much lock down an environment, and every employee coming in knows it's going to be locked down because of who they are and who they work for.
Our organization is made up of technologists located around the world. You know some of them are looking for ways around the fences. It’s just built into their nature. It's almost like a competition for them, "Can I figure this out?" Now add in the remote and traveling users and you can see how this expands the challenge as time goes on.
Gardner: Was there anything in particular in the Quest Software portfolio that you think gave you an on-ramp, perhaps a better return on investment (ROI), and even overall better control and management, as you move toward this BYOD, support of many panes of glass, centralized IT management direction?
Fawcett: Yes, we are drinking our own champagne, and it all goes back to where you just asked me if I knew how much BYOD was actually in our environment. That's where we started using one of the first phenomenal tools that we have, which is called MessageStats. This is a great tool that reaches out and helps us track the trending within the organization at a macro and micro level. We know which devices and OS versions are being used, by whom, and at what time.
In fact, I asked my team just recently, when we first started talking, "Can you pull a list on all the devices that I use, that are registered to me?" So I saw my own list of the devices and I was shocked to see how they actually are tracked, right down to the level of when was the first time I ever connected the device to the network, last successful sync, last policy update, what kind of device was it.
It was so granular, and quite frankly, it was so very Big Brother-like, it kind of scared me. But again, you can't make a solution for what you don't understand. So assessing with MessageStats is the only way to go.
Then once we understood it, we said, "Now that the process is moving, let's figure out what type of device is right for what type of user." And this is where we turned to vWorkspace, which enabled us to determine which of the users and scenarios are best suited for the virtual desktops in the data center.
In addition, it provided a critical insight as to which virtual desktop technologies provide the best fit for each user, based on their needs. So vWorkspace allows us to not only put a desktop in the data center, but it lets us do things like application streaming and publishing. It really enables us to have that broad spectrum of functionality with just that one tool.
Once we were up and running, we stepped into the management and governance aspect of the project. This can probably be one of the most problematic areas, when you think about the pure nature of BYOD. Multiple devices for a given user, each acting very differently, and if not managed, could destroy any governance policy put in place.
Understanding the individual
This is where we truly must raise the issue up from the device to the individual, understanding that role of that person and understanding what security rights, regardless of the device they need to have in place. And this is where Quest’s One Identity Management came into play.
It gave the IT team the ability to rely on one point of control for an individual and all their devices. This is the product we count on to pass the audits, and most importantly, to ensure that our employees have that right level of access needed to get their job done.
The final key point on this is that it takes IT out of the mix and automates that very cumbersome process of provisioning, moving employees amongst departments, and then finally de-provisioning, when that employee leaves.
This is a very powerful product that makes it so that in our environment, once an employee is entered into the HR system, through automation, it automatically provisions them, gives them the rights to applications, sets them up inside of those applications -- all without IT involved in that process. So no more passing help-desk tickets.
One other piece that I wanted to touch on is a product called Webthority that we have been using, not only for our internal users, but also during the M and A process. This is a great product, because it provides a portal for the employees to come into. Once again, it's secured via that same network log-on that they use when they walk in the door in the morning.
This is anywhere, any device. It's simply a portal. They come in, they use their network log on, and bam, they're shown all the applications that they have visibility into and access to. They can go in, without having to log on again, almost like a single sign-on effect, which allows them to access the applications via two-factor authentication as well. It's a great product that helps out in many ways.
And then that final aspect of an environment is, of course, the support and monitoring. Remember, the key to any IT success is through the happiness and satisfaction of the customers. We recognize that supporting and monitoring their experience and performance is most important, especially when you talk about VDI, which is what you and I have been talking so much about.
Our job is to ensure that the end-users are getting the same type of performance that they would on a standalone PC or if their desktop was in the data center. Because without that consistently great performance, your end-users will fight giving up their desktops every time.
For this, we turned to monitoring that user experience with Foglight for Virtual Desktops. Being able to quickly determine which users are impacted by performance problems helps us to proactively take action for those users, before the users feel the pain.
Understanding the trends in the virtual environment -- how many people are connecting at any given time, what applications are they using, etc. -- helps us determine when we might need to add additional servers to that server farm, and to meet the load. Or we can even look at a desktop or an end-user and say, "You know what? I don't think these folks should be virtualized at all. Perhaps they should go back to being physical" -- for whatever reason.
You can't correct what you don't know and you need that empirical data to make an educated move. Foglight gives us that data, ensuring we are consistently improving the environment for the end-users. It's a great set of products that touch on all three phases of an environment or a team that's trying to solve this BYOD issue.
Gardner: As we learn more about how you've done this there, let’s also explain to our listeners that Dell recently acquired Quest Software, and you were at Quest before that. So tell me a little bit about how the confluence of these two companies also comes to bear on this issue of BYOD?
Fawcett: Let’s start with Quest Software. Where our sweet spot was, and still is, was that we are the IT management software provider that offers a broad selection of software solutions to simplify and solve the most common -- and most challenging -- IT problems for all areas of an IT environment -- from infrastructure, to applications, front-end to back-end, physical or virtual, or even out in the cloud, for that matter.
Dell was looking for a company whose tools could and would complement and expand their own software product offerings in the four strategic areas that they were focused on, which Quest obviously aligned with. Those were systems management, security, business intelligence (BI) and applications.
So you can really see why the partnership between Quest and Dell is such a great partnership and offers so much to the industry.
Gardner: If I were a CIO at another firm and I wanted to learn something from your experience about moving to the support of multiple devices, what’s something that you might offer in terms of what to think about early on?
Fawcett: As you approach the subject you have to really level-set with the team that this is not about devices that an individual will want to use, but instead it's about individuals that are using different devices accessing a set of applications inside your data center or under your control.
This individual, obviously, should have only one set of access rights across all the environments, based on what that person's role is within the company. The different devices that they use should really be an afterthought. Regardless of the device, their access rights need to remain consistent.
If I'm on a desktop, a laptop, or I bring in a tablet, or if I'm using my phone to get email, it shouldn't matter. I should have that same, consistent UI and the same, consistent security rights to get where I need to go to do my job.
Don't get me wrong -- and we know this; we hear it at every conference we go to -- IT will struggle with the management of the many devices, no doubt. The only thing I can really suggest there is something we did.
We took that gigantic list that's out there and we said, "Where are we going to offer different devices?" We're going to pick maybe 10 or 20 different devices, the most common ones that people are bringing in, to support going forward, with the hope that you will be able to satisfy about 80 percent of the employed population.
It does, however, all go to the user experience. You have to keep coming back to that, making sure they have the ability to get to the right data and the right applications, with the correct security rights for their job.
Story of adoption
As I mentioned before, for us, it was not about the devices. We tried to turn that around, and it was kind of handy, because the whole consumerization of IT started to come into the industry more and more. So we started to piggyback on that.
Think about it. A device is simply a means of accessing the apps and the data. Our vision instead turned into trying to figure out a way to provide employees with a world-class overall user experience, from beginning to end, encouraging the culture of openness and innovation.
In the end, our goal is to offer our end-users that ability to use a flexible set of tools and toolsets with a familiar interface that allows for secure access anywhere, anytime. We want them to be comfortable with those tools, as this will make them obviously more productive at doing their jobs.
At Quest, we have some wonderful tools that help us understand this environment and help us recognize who is bringing in devices and how they're being used. We're getting a better sense of what's in our environment so that we can start answering these.
Gardner: Let's look at this through the lens of IT. You decided that you're going to support BYOD with the blessing of IT. What does this get for you? Are there some additional benefits other than empowering the end-user or giving them choice? What’s there for you in terms of better support for your centralized operations, applications, data, and then some of those backup and support functions that we all should be doing regularly?
Fawcett: One thing that really helps out IT is the thing you just mentioned, which is making sure that laptops are being backed up on a regular basis. We know today, and I'm sure many of us on this podcast are thinking, "How many of us actually back up our laptops on a regular basis?"
Those who do it are saying, "Well, doesn’t everyone do that?" But you could guess that inside of a large organization, probably the majority are not responsible enough to do it, because it’s just not in the forefront of their minds.
When you talk about VDI and having a desktop in the data center, it's a guaranteed thing, because it's in the data center. Everything in the data center is backed up. That's one real positive -- making sure that the data is secured. Obviously, when it comes to DR, we could quickly recover an environment. So that's a great thing for IT. And I think that, in general, the end-users would love that as well, as they get into this world more often.
Gardner: Looking a little bit to the future, more organizations are adopting software-as-a-service (SaaS) applications for non-core business type applications. We're seeing more interest in cloud, consuming applications from a public cloud environment or the hybrid environment, whether it's public or private. Is there something about your support of applications as centralized to multiple devices that will enable you to exploit SaaS, cloud and hybrid services to a greater extent?
Fawcett: Most definitely. It goes back to the tools that you're using to assess, manage, and govern and then support the end-users. IT has to make sure they have those tools in order to make sure they're supporting the end-users regardless of where their data lives.
Certainly, the cloud and the SaaS environments are adding extra buzz in the industry. We're very interested in how to capitalize on that. How do we make sure that we're looking at elastic computing, and where can it benefit us? Everybody is scrambling to understand this new technology trend better and how it can help an IT organization.
But it does go back to the tools that an IT organization has in order to match those three things that we should always be doing, which is assessing what the users and the environment need, managing it, making sure it's secure, and then making sure again that we're able to support those end-users to their fullest and the way they expect to be supported.
Gardner: My thinking just a couple of years ago was that BYOD was going to be the exception, not the rule. You would support some sort of a fringe category or two of your workers with this capability, perhaps those out on the road, more often than not.
But now, as I hear you, it sounds that the direction that most IT is going to go in, hybrid services, delivering and consumption and management, and a more centralized control over data, IP, and management of apps and delivering desktops themselves as services, are all going to be making BYOD, or at least the blocking and tackling that you would need to do anyway, something that comes together in such a way that this might become more the norm than the exception. Do you think that’s what’s happening?
Fawcett: Absolutely. It's like when virtualization was first there. There was a wave of “how much could you virtualize inside your data center?” Fast forward, and now it's a given. It's a given that inside your data center you have virtualized as much as possible, so that you can ensure that your data center is being used the most it can be and the most efficiently.
The way it's going
This is the same way this is going to be. Just talk to your kids. Try to find a child walking down the street and isn't texting or who doesn't have a tablet and can probably manage it better than their parents.
I'm not talking about just young children but generations to come. I'm talking about the kids who are coming in now, in their 20s and 30s. it's a given that they want to use whatever device they choose in the corporate world, just like they do at home. It's a right. It's no longer considered a luxury.
From that view, it will be up with the internal IT teams to ensure they have the access to everything they need, with the right security in place to protect them, as well as protect the company. That's why when you think about some of the tools that we've been using here, you really want to make sure you bring in some of those tools, so that you can, in fact, assess, manage and support the end-users to the best of their ability, for not only the end-user, but also for the company.
Gardner: It really strikes me too that this isn't really about devices, but it's about the data center, the tools, the management, the governance, all of which are probably things that are good IT best practices anyway. It almost sounds as if BYOD is forcing discipline, governance, automation; some of the basics of good, advanced and modern IT. Is that sort of what you are seeing, is BYOD a catalyst to better data-center management?
Fawcett: It can definitely be used that way, because it does all go back to how an individual in a given role gets access to the applications they need to get their job done. It shouldn't matter which device they are using. It's all about which application access they should have to get their job done.
Gardner: Of course when you put in the best practices, when you have the backups and you have the scheduling and the automation, this all will end up being an economic benefit as well, because you won't suffer terrible outages, you won't have issues of discovery for data when you need it and how you need it.
Of course, you can start to look at your total cost for your data center and tweak and manage for energy, facilities, capacity and utilization. It sounds as if not only is BYOD a catalyst for better data center practices, but it could be some significant means of reducing your total cost of operation.
Fawcett: Absolutely. We've always looked at containing IT budgets as a means to an end. When you sit back and think about it, the only way to do that is through simplification, standardization and automation.
If you don't have that last piece, that automation piece, and you're simply throwing heads to solve an issue, your IT expenses are going to go through the roof. And you're going to have unhappy customers in the end, because processes are going to be overcomplicated. It's all about containing the IT budget through best practices and automation.
You may also be interested in:
- New Levels of Automation and Precision Needed to Optimize Backup and Recovery in Virtualized Environments
- Data explosion and big data demand new strategies for data management, backup and recovery, say experts
- Ocean Observatories Initiative: Cloud and Big Data come together to give scientists unprecedented access to essential climate insights
- Case Study: Strategic Approach to Disaster Recovery and Data Lifecycle Management Pays Off for Australia's SAI Global
- Virtualization Simplifies Disaster Recovery for Insurance Broker Myron Steves While Delivering Efficiency and Agility Gains Too
Before becoming a developer, I was in the high school band. I played several brass instruments - including French horn and cornet - as well as keyboards in the jazz stage band. A musician and a nerd, what can I say? I even dabbled in writing music for the band. Okay, mostly I wrote arrangements of pop music, so the band could keep the crowd entertained during Friday night football games. What struck me then was that, to write parts for all the instruments - brass, woodwind, percussion, even k...
Jul. 29, 2016 01:30 AM EDT Reads: 2,319
SYS-CON Events announced today that Isomorphic Software will exhibit at DevOps Summit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, cutting-edge enterprise web applications for desktop and mobile. SmartClient combines the productivity and performance of traditional desktop software with the simp...
Jul. 28, 2016 10:15 PM EDT Reads: 1,234
In his session at @DevOpsSummit at 19th Cloud Expo, Yoseph Reuveni, Director of Software Engineering at Jet.com, will discuss Jet.com's journey into containerizing Microsoft-based technologies like C# and F# into Docker. He will talk about lessons learned and challenges faced, the Mono framework tryout and how they deployed everything into Azure cloud. Yoseph Reuveni is a technology leader with unique experience developing and running high throughput (over 1M tps) distributed systems with extre...
Jul. 28, 2016 10:15 PM EDT Reads: 2,225
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
Jul. 28, 2016 09:00 PM EDT Reads: 2,718
Sharding has become a popular means of achieving scalability in application architectures in which read/write data separation is not only possible, but desirable to achieve new heights of concurrency. The premise is that by splitting up read and write duties, it is possible to get better overall performance at the cost of a slight delay in consistency. That is, it takes a bit of time to replicate changes initiated by a "write" to the read-only master database. It's eventually consistent, and it'...
Jul. 28, 2016 08:30 PM EDT Reads: 2,319
Jul. 28, 2016 07:15 PM EDT Reads: 3,939
No matter how well-built your applications are, countless issues can cause performance problems, putting the platforms they are running on under scrutiny. If you've moved to Node.js to power your applications, you may be at risk of these issues calling your choice into question. How do you identify vulnerabilities and mitigate risk to take the focus off troubleshooting the technology and back where it belongs, on innovation? There is no doubt that Node.js is one of today's leading platforms of ...
Jul. 28, 2016 03:45 PM EDT Reads: 542
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
Jul. 28, 2016 11:00 AM EDT Reads: 1,173
Ovum, a leading technology analyst firm, has published an in-depth report, Ovum Decision Matrix: Selecting a DevOps Release Management Solution, 2016–17. The report focuses on the automation aspects of DevOps, Release Management and compares solutions from the leading vendors.
Jul. 28, 2016 11:00 AM EDT Reads: 1,807
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
Jul. 28, 2016 10:45 AM EDT Reads: 1,302
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
Jul. 28, 2016 09:30 AM EDT Reads: 1,432
If you are within a stones throw of the DevOps marketplace you have undoubtably noticed the growing trend in Microservices. Whether you have been staying up to date with the latest articles and blogs or you just read the definition for the first time, these 5 Microservices Resources You Need In Your Life will guide you through the ins and outs of Microservices in today’s world.
Jul. 28, 2016 04:15 AM EDT Reads: 4,153
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
Jul. 28, 2016 03:45 AM EDT Reads: 2,355
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
Jul. 28, 2016 03:15 AM EDT Reads: 2,669
This digest provides an overview of good resources that are well worth reading. We’ll be updating this page as new content becomes available, so I suggest you bookmark it. Also, expect more digests to come on different topics that make all of our IT-hearts go boom!
Jul. 28, 2016 12:30 AM EDT Reads: 3,749
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Jul. 28, 2016 12:15 AM EDT Reads: 2,283
There's a lot of things we do to improve the performance of web and mobile applications. We use caching. We use compression. We offload security (SSL and TLS) to a proxy with greater compute capacity. We apply image optimization and minification to content. We do all that because performance is king. Failure to perform can be, for many businesses, equivalent to an outage with increased abandonment rates and angry customers taking to the Internet to express their extreme displeasure.
Jul. 27, 2016 03:30 PM EDT Reads: 1,643
Right off the bat, Newman advises that we should "think of microservices as a specific approach for SOA in the same way that XP or Scrum are specific approaches for Agile Software development". These analogies are very interesting because my expectation was that microservices is a pattern. So I might infer that microservices is a set of process techniques as opposed to an architectural approach. Yet in the book, Newman clearly includes some elements of concept model and architecture as well as p...
Jul. 27, 2016 02:30 PM EDT Reads: 9,778
Let's just nip the conflation of these terms in the bud, shall we?
"MIcro" is big these days. Both microservices and microsegmentation are having and will continue to have an impact on data center architecture, but not necessarily for the same reasons. There's a growing trend in which folks - particularly those with a network background - conflate the two and use them to mean the same thing.
They are not.
One is about the application. The other, the network. T...
Jul. 27, 2016 04:30 AM EDT Reads: 3,646
This is a no-hype, pragmatic post about why I think you should consider architecting your next project the way SOA and/or microservices suggest. No matter if it’s a greenfield approach or if you’re in dire need of refactoring. Please note: considering still keeps open the option of not taking that approach. After reading this, you will have a better idea about whether building multiple small components instead of a single, large component makes sense for your project. This post assumes that you...
Jul. 27, 2016 03:45 AM EDT Reads: 4,248