Creating a ‘gold-standard’ desktop computer to announce
to all staff can mean lower cost, tighter security, and smoother run.
IT department are frequently at the front of organization’s
technology innovation – but it is not always the same. When mentioning
definition of a standard desktop computer – essential installation of all staff
includes operating system, apps, hardware driver, and set of security apps – IT
moves with snail’s speed.
Charles
King, Pund-IT’s
analyzer, said that companies often lived with old software because it worked
quite well for their needs, and because they did not want to bear the cost of
upgrade to the latest version in this regressive era.
After that are politic matters. Core users can resist the
change and it is likely that IT dare not force so as to avoid conflict with
influential staff in this difficult economy time.
But at this time, it seems that the snail is moving more
quickly. Using standard desktop computer has become the best habit. In Gartner’s
2010’s investigation on 300 IT staff at big companies, 50% of attendees said
that they would restrict business computer.
An impulsive influence behind the effort to standardize is
worry of security. IT can cause situation that bag apps can disrupt network, or
old apps have bugs that hackers can exploit.
Another factor is the appearance of virtualization that
helps it more easily be standardized. Many companies are using virtualization
tools to create a ‘gold standard’ – a desktop computer launched to all final
users.
IT managers limiting desktop computer said that the
strategy could lead to lower cost and smoother run. King takes into account the
‘common mix’ in the way to organize software process and operational budget
process. A standard desktop computer forces IT to think of deploy strategy, and
if processed correctly, it will reduce a number of desktop computers that are
accepted to one or two.
However, according to King, some companies struggle with
standardization opinion because they want to give staff the flexibility in
working way. There are many ways allowing flexibility with standardized desktop
computers, including allowing staff to select tools from an app library
approved beforehand, or allowing staff to request new tool from IT.
However, regardless of what you do, some final users will
bend rules, or break rules by downloading specific software.
In that case, King suggested ‘if the app is quite good,
just note that download is not approved, explain reason and let staff remove it
from operating system. In addition, creating a judge mechanism for staff to
submit app to ask for consideration / approval can be a good way for organizations
to learn about new technologies and reward staff for their ideas’.
The following is the way that 3 IT organizations limit
desktop computer while providing some flexibility for staff.
St. Luke’s Health
System: standard with flexibility
Consistency throughout a big organization can be difficult
to get. With ten places throughout Idaho, St. Luke’s Health System is extremely careful of
its standard desktop computers. For infrastructure manager Eric Johnson, an
important objective is give doctors and other staff flexibility around the
hardware they can use – allowing them to select from an approved equipment list
– and places where they can work in the hospital.
While transferring from Novell to Microsoft for supportive program, we have a vacant candidate list,’ said Johnson.
The organization decided to transfer from system-based app downloads to
user-based app downloads. In other words, the final user can select from
approved software library that they download by themselves.
That he said this leads to considerable time saving, so IT
staff are free to focus on controlling library rather than performing
disposable app installation. He said the most considerable challenge is related
to apps that have not been present at store, but a certain department may need;
IT staff have to process this challenge based on every case.
St.
Luke use‘s Beyond Trust app
virtualization software named PowerBroker
Desktops. The mechanism bases on
the rule of uninstalling administrative privilege from user’s desktop computer,
so that this person cannot install app, and it keeps track of erroneous installations
that did not finished in right way. A control panel looks like other data
centre tools of Microsoft.
Johnson said that his team uses PowerBroker to manage
about 8,000 desktop computers in 90 buildings. He said St. Luke used Windows XP SP3, Office 2007, Adobe Flash,
Microsoft Silverlight, Citrix
client app, and Microsoft Live Meeting as the core of its standard desktop computer.
A new staff will be added to many groups if appropriate –
such as advertising, marketing, and general executive groups. With each group,
staff can download many apps from the approved list, and there is file permit
to access network server for these apps, and configure some local options such
as IE tools and Outlook menu.
Another challenge at St. Luke and most companies
processing standard desktop computers is related to versioning. Organizations
use a core image for the original operating system and apps, and it often
attach with a version in a long time. However, Johnson said
that his organization manage about 22 different versions of Java via app
virtualization – and this is against including Java in standard desktop
computer.
By virtualization, St.
Luke’s IT staff can remove
in-appropriation among apps using Java. For example, they can determine that
standard desktop computer for accounting department always needs a special plug-in Java. However, they keep similar key point and provide Java
versions if necessary in addition to standard desktop computer
One of the lessons Johnson has learnt is avoiding changing
standard desktop computer – even for IT staff. ‘Less than 1% of our IT staff
has administrative right. But we give everyone place to wander. We do not say
‘you cannot use that app’. We are happy to provide it, provided that we can
provide it in a virtual way for any staff,’ explained he.
St.
Luke is rather extraordinary in
limiting administrative privilege, even for IT staff. Ed Boyle, a
consultant of SecurityCurve, said this strategy made enterprises safer. In
the long term, it is ‘the amount of money saved thanks to less security matter
in general.’
