Governance, it’s not a new term but it is one I’m seeing pop up more and more in meetings with IT management.
Businesses don’t dictate whether you buy a SUV, 4 door sedan, hybrid, or diesel vehicle, yet it’s a requirement that you be able to get to work. Why then does IT dictate standards and control about what devices, OS’s, locations, etc that you be allowed? Ok, so it’s not a completely valid comparison but let me run with it. The “Consumerization of IT” needs governance, not control. We don’t have all of the tools yet for effective IT governance as it relates to people bringing any device they want or working on any data from anywhere, but many of the beginning pieces are in place for IT departments to begin fitting them together and enable their companies to transition to a user-focused IT organization based on governance not control.
Governance in IT as it relates to End-User-Computing EUC (to me) means creating policies within which users can be free to use whichever device they feel comfortable with and have access to their applications and data. Systems, applications, data will fit in to these frameworks to enforce the policies in the organization while allowing freedom of device, location, ownership. I’m not predicting the end of the IT provided device, but I do think the probability that IT will provide all devices for their users in the future is 0%. It’s already starting with smartphone and tablets. Most organization I speak with don’t provide these devices yet they are expected to provide services to them. IT departments when confronted with this reality go one of two roads…they either say no and cite security or resources to support them or they write policy (governance) on what can be used on them, where, etc. I believe in the next few years we will see products go from controlling devices to instead governing applications, data, and rights.
Mobile Device Management (MDM) is short-sighted and destined for failure. It’s more of the same from IT…control and it is focused on controlling the wrong thing. It’s not about device management, it’s about application and ultimately data management. MDM simply is focused a layer too high in the stack and I suspect most of them realize that and will branch out into data and application management and entitlement. Do businesses care about the device? No, it’s simply the only means available for controlling access to applications and data. That’s not the future though. Consider Follow-me-data (Enterprise Dropbox), this is a solution which is based entirely focused on data. VMware View client and Citrix Receiver applications aren’t worth locking down or controlling, it’s what they provide access to that people want to control, applications.
I know many a person in IT who feels their users are idiots and can’t be trusted to have a functioning device, let alone know how to use it. This is not a future I’m worried about. Have you seen 5 year olds today on an iPad? High school students? College students? They all know how to use these devices. Our future is this workforce. Focus on the future, not the present. The problems you’re predicating your stubbornness on will not exist in the future…in fact perhaps you’re the inhibitor of inovation in your company.
Stop trusting endpoints, stop trying to control endpoints. Our future is one where we govern the data and applications which run businesses and enable users to choose the endpoint they want.