Doesn't this seem ridiculously inefficient and wasteful - especially because we now in the "cloud era"?
Turns out there are quite elegant solutions that move us away from this "boat anchor" centric lifestyle where activity revolves around the laptop work hub.
The solutions I have in mind are not always broadly used, or for that matter, broadly known. But they are often quite simple, convenient, and even cost-advantageous.
Let me give you a hypothetical example - but based very much in reality (names have been changed to protect the innocent). And I'll share a very reasonable set of solutions, too.
Act I: The Setup
Let's take a consultant named Margo. She runs a small firm with a handful of large corporate clients. To accomplish her work she needs access to each client's intranet as well as a number of their secure, internal applications. She also needs to share data with co-workers in her firm, as well as share it back to individual contacts within each client.
Each time Margo takes on a new client, they issue her firm a corporate laptop, usually equipped with VPN software and a 2-factor security app with a physical fob. Whenever Margo does remote work with a given client -- accessing the intranet, using internal apps, interacting via collaboration software, or even certain VoiP apps -- she must use the appropriate laptop. And that's about 80% of the time.
To add to this, alongside each laptop, Margo uses a DropBox account with folders dedicated to each client. She shares these folders with her co-workers as well as client contacts within each company (and who are behind each client's firewall) as interactive project-based workspaces.
Act II: The (Troubling) Reality
Fast-forward: We have Margo with an office full of client-provided hardware. Together her firm is holding capital equipment that cost each client between $2k-$4k. It's equipment inventory each of her clients have had to request, allocate, provision, track and maintain (and likely one day, recapture). Besides the cost and efforts to secure, the equipment is still subject to breakage, loss, theft and/or other forms of compromise.
That's wasteful / risk-laden observation #1.Next, we have the "DropBox problem": One day Margo realizes that she's running short of disk space on her own office tower computer. She tracks it back to the fact that her single DropBox account contains files from all of her co-workers representing the work from all of her clients... and it dawns on her that files from client A have been accessible to all other clients via the single DropBox account. She races to modify the access rights to various DropBox folders.
That's risk-laden observation #2Finally, Margo finds herself on a business trip visiting Client A. She gets a call from Client B needing an urgent intervention. But since she isn't carrying the laptop from Client B, she's unable to help.
That's just plain silly observation 3Act III: An Elegant Solution
All of these unfortunate scenarios are a result of a "PC Era" view of the world - where data, access and security are tied to the physical laptop. To be certain, there are absolutely scenarios where this should remain the case. But in Margo's case, the model is antiquated. Let's move to the "Cloud Era" and see how things might be different.
Enter the concepts of "Mobile applications" and "Virtual desktops". In these cases, each of Margo's clients provides a shared (or dedicated) desktop OS behind their firewall. They might also provide a secure application streaming protocol for specific internal applications (think: SAP, accounting, web browsing, email, etc. etc.). Both desktop and/or application gateway are made available as virtual desktops & apps via a web gateway to approved users. All a user needs is a client device (laptop, iPad, smartphone) and a secure authentication mechanism.
So, Margo would simply carry her own personal laptop (or iPad, for example) as well as security fobs from each of her consulting clients.
Any time Margo needs access to work with a client, she connects to a gateway (think: click on an app) hosted by one of her clients, and enters her security credentials. Up pops a secure desktop belonging to one of her clients, just the way she left it the last time she accessed it. All of her data files are there, as well as email and applications. And she'll have complete secure access to her client's corporate intranet. In fact, she could even have multiple secure desktops from each of her clients up-and-running simultaneously on a single machine, with no security issues whatsoever.
But there's one difference: When she closes the session(s), no client data will reside on her laptop - safe and sound for her clients. And, no matter where she is, no matter what device she has (her own, a borrowed iPad, etc.) she can re-access those desktops and/or applications. Pretty elegant.
What if Margo is "untethered"? There's even a scenario for the untethered worker. She could install a virtual machine desktop on her laptop. Within that secure "sandbox" would run the OS belonging to her client, with all access rights etc. Each time the device is connected to the net, the sandboxed OS (and its apps) would synchronize with her client's IT department.
Oh - And what about that "DropBox Problem"? With this model she (and her co-workers) can use a shared drive or service either (a) within the client's firewall, accessible whenever the virtual desktop is active, or (b) a separate shared drive brokered by a client's own gateway service. Never would Margo risk data from one client being co-mingled with data from another.
In my opinion, the "PC era" will begin to ebb, as the concept of mobile apps and virtual workspaces begins to take hold. And as more IT departments become more comfortable with BYOD strategies and mobile work options, the more this trend will accelerate.
Here's saying goodby to the laptop-centric world.