A few months ago there was an interesting conversation on Slashdot about how IT departments are starting to fear their users. The conversation is based around an editorial by Ben Worthen in CIO magazine. The jist of Worthen's editorial was that for years CIOs have been in control of their users, but that's starting to change. In fact just last week here in Chicago I went out with a girl who mentioned that she got Trillian running on her corporate PC and got around the blocking mechanisms that her IT department put in place. This wasn't an IT girl--this was just a regular iPod-loving instant messaging user. Regular users like this threaten the control that a CIO can enforce.
This will be a problem for old school CIOs. Enlightened CIOs, according to Worthen, view users as "customers." Citrix CEO Mark Templeton takes this a step further, claiming the "very enlightened CIOs view users as subscribers."
So the evolution is Users --> Customers --> Subscribers. What does this mean in practical terms, and what does it have to do with application delivery?
I've been beating the "IT is just about applications" drum for going on seven years now. Citrix has been talking about "on demand applications" for probably five years. The whole thin client computing vision (which has evolved into "application delivery") removes the application execution dependency from the client device. If these trends continue, we should see employees that are free to choose whatever device they want while allowing CIOs to maintain the needed control over the aspects of IT that they need to control.
Let's break this down:
First, technologies like server-based computing, VDI, application streaming, and web application architectures continue to remove the dependency of a particular client device for an application to be able to be used on that device. Technologies like Citrix's SmartAccess, Microsoft's Network Access Protection, and Cisco's Self-Defending Network technology help to ensure that the corporate IT assets are protected regardless of what virus-infected spyware-laden piece-of-crap a user (or customer or subscriber) hooks up to the network.
Second, CIOs are increasingly recognizing that the only reason they needed control of the complete end-to-end IT infrastructure was that if they didn't control the end user device, that device probably wouldn't be able to run the corporate applications. Therefore it was an "all or nothing" scenario. IT had to be in control of everything. Period. But now that the technologies that can provide corporate Windows applications as a service are real (SBC, streaming, VDI), smart CIOs can take a step back with regards to full control of the end user devices. This can lead to higher employee moral while lowering the scope of what IT has to manage. (And some might argue that it's the only inevitable outcome given a world full of my Trillian-installing friends.)
All of this is slowly building to a trend colloquially known is the "employee-owned PC." The basic idea is a that user can bring just about whatever computing device they want, and IT can provide the applications that are needed for work in a secure and reliable way. There are a few things driving this trend:
- Apple. Like 'em or not, the reality is that Apple is quickly gaining market shares among individual users. Now I know that when you look at the overall numbers, the percentage of Mac computers is tiny.. 6 percent or something like that. But that's including the millions of corporate computers. If you look at the computers that individual people are buying, Mac's share is really increasing fast. (Here's an anecdotal example of this. There are 19 Terminal Server MVPs. 5 of them use a Mac as their primary device. Already that's over 25%, which is really high. Now of those 14 who use Windows laptops, most of them have the laptops issued to them by their employers, and at the MVP summit a few months ago, I heard again and again, "I'd be a Mac user if my company would let me.")
- The evolving workplace. Another reality is that the line between home and work is blurring. More people are doing more work outside of the corporate walls. It used to be that work was a "place," but now work is an "activity." Back when work was a place, it was easy for IT to enforce a standard computing device. But now that employees are working early and late and from home and on the road, they won't tolerate not having iTunes and the photo software and their games on their computers. And they won't tolerate having two separate devices--one for work on one for personal stuff.
- The masses of users are really young. The kids graduating from college entering the workplace today do not remember a world without the Internet. This is the YouTube / MySpace generation. Every year, millions and millions of new AD user accounts are created for these kids, and each new wave is more computer savvy than the previous.
What does this mean for us as IT professionals focused on application delivery?
First of all, this whole "application delivery as a service" couldn't be better timed! Sure we were able to dabble with this in the form of ASPs and offshoring over the past decade, but the next few years will usher the transformation of "applications as a service" from a a niche for a select few into a major strategic direction for all IT departments. There are so many technologies that are coming into their own right now to support this. Virtualization. Modularization. Ubiquitous connectivity.
Of couse everyone is familiar with Citrix, VMware, application streaming, OS streaming, etc. So what's new?
What's new is how people are starting to think about how these various technologies can be used together. Instead of using VMware + ACE to boot a local VM on a client, what if you used Ardence to stream that VM down to the client? Or what if you used Ardence natively on the client to stream down a hypervisor? What if you used Ardence to boot Parallels applications to a Mac desktop? Then within the Windows VM, what if you streamed applications down as needed? You could even let the VM have full access to the corporate network while letting the Mac host connect to a VLAN with pure Internet connectivity.
I'm just putting some ideas out there, but there's one that I want to look at a bit closer. Have you heard of Parallels for Mac? (Remember I'm a Mac user now :) This is what originally got me thinking abut this whole "employee-owned PC" thing. On one level, Parallels is just like Virtual PC or VMware workstation for Intel-based Macs. It's VM software that lets you build and run multiple VMs on a Mac OS host. Nothing new there.
Like all VM software, Parallels lets you view your VMs in either a resizeable window or as full screen. But where Parallels differs is that in addition to the “windowed” and “full screen” view options, Parallels gives you a third option they call “coherence,” and coherence is game changing. Here’s why:
The “coherence” mode of Parallels is a lot like Citrix’s seamless windows, except for a VM. So in my case I have my Mac desktop that's my main interface. I’m also running Windows XP locally in a Parallels VM. When set for “coherence” mode, any application windows on my Windows XP desktop show up as regular seamless application windows on my Mac desktop. I can resize, ALT+TAB, and cut and paste with all the Windows applications as if they were regular Mac apps.
Here’s a screen shot of my Mac desktop with Parallels running in coherence mode. I have the Mac calculator and the Windows calculator running side-by-side.
As you can see, Parallels running in coherence mode puts the Windows taskbar on the Mac desktop, right next to the Mac dock! In my case I have the Windows taskbar (along with the Start button, clock, etc.) along the bottom of the screen, and I have the Mac dock along the left edge of the screen.
This mode of operation is truly a hybrid desktop experience. “Am I running Windows or Mac?” Answer: “Yes!?”
I’ve been using Parallels in coherence mode for about two months, but after only a few hours, I completely forget that different apps were running in different VM sessions.
Do you remember VMware ACE (“Assured Computing Environment”)? It's essentially a VMware player application that packages up a VM, a disk image, and the VMware code into a nice package that lets anyone run the VM with only a few clicks. The ACE can run in a Window or in a full screen environment.
The promise of ACE is that it could provide a standard, corporate-controlled PC “image” for consultants to run while working onsite at company locations. The downside to ACE is that it’s an “either / or” solution—you’re either working in the ACE VM, or you’re working in your local OS. ACE had a lot of potential, but it was ackward to use. Parallels changes that.
Now let’s bring Citrix into the mix. Over the past several years, Citrix has been pushing their “SmartAccess” technology—the set of technologies that can provide a “dimmer switch” style of access instead of an on or off switch. (As I mentioned previously, Microsoft, Cisco, and others offer or will soon offer similar technologies.) The idea with SmartAccess is that Citrix software can analyze your client device to figure out how secure it is, and then give you varying levels of access depending on the security of the client. Did you two-factor authenticate? Great, then you can use the healthcare app. What’s that? You don’t have an up-to-date antivirus package on your laptop? Fine. You can still use the Healthcare app, but you won’t be able to cut and paste or copy files between your local device and the remote application server.
And let's not forget Ardence (which Citrix bought in December). Why not use the Ardence technology to PXE boot the VM and stream the corporate OS to the client?
The bottom line is that there are technologies which make the "employee-owned PC" a reality today. This is just the tip of the iceberg. VoIP and Bluetooth technology could add "employee-owned telephone" to the mix, ultimately driving towards a work environment in which the employee is able to use whatever devices he or she wants, while the corporation can still ensure that the employee is able to work and access everything that's needed.
And to think... Five years ago I was worried that this whole "SBC thing" would fall out of favor and I'd have to learn a "real" product. Well here's to five more years of focusing on applications!