CIO gets busy as Qantas embraces BYO

[harvyk]

There would be some irony if this got implemented before the fix the wifi in the QPs......:evil:

It would be from a different pot of money (and a different project), so I wouldn't be holding my breath about wifi in the QP's being fixed prior to a BYO IT rollout.


An iPad has it's place, but it's not a laptop replacement for anything other than the most trivial of tasks. (eg general web surfing).
A good use of an iPad is as a replacement for large number of documents, or as a "fill in form" \ quick database access for people who do offsite work. It is with these tasks that an iPad can excel, but using it inplace of a laptop, not a chance (unless you don't mind big productivity hits)...

For the record I have an iPad supplied by work, I love it, but it's not a computer replacement.

 

[simongr]

For the record I have an iPad supplied by work, I love it, but it's not a computer replacement.

For the record I have an iPad not supplied by work and it has been a laptop replacement for non trivial tasks: presenting/attending Board meetings, drafting notes of planning meetings, reviewing reports, commenting on changes to [insert jurisdiction and industry] Audit Committee requirements... It has in fact replaced my laptop in the UK, India, Melbourne and NZ due to better ability to connect whilst out of the office. It replaced my office conferencing calling service when our network died in the office and we had a conference call with Miami.

Should I go on?

The problem I have now is that IT have changed settings in OWA that prevent opening attachments on the iPad via webmail (I can do it on ANY other computer including QPs and internet cafe's but not with a device that never leaves my sight...)

This is the problem I have - someone in IT telling me what the device I am familiar with can and can't do...

 

[Mal]

For the record I have an iPad not supplied by work and it has been a laptop replacement for non trivial tasks: presenting/attending Board meetings, drafting notes of planning meetings, reviewing reports, commenting on changes to [insert jurisdiction and industry] Audit Committee requirements... It has in fact replaced my laptop in the UK, India, Melbourne and NZ due to better ability to connect whilst out of the office. It replaced my office conferencing calling service when our network died in the office and we had a conference call with Miami.

I find it interesting that IT has restricted the download of attachments over OWA just for ipads. I didn't think that was possible (and I'm not an Exchange expert, so will defer to others who are).

We currently support people working with BYO ipads using Citrix, but this is not acceptable to clients who don't want to log on, don't want to use tokens for authentication, want the native ipad mail working etc etc etc. (See that battles I face in a corporate environment?). Yet, they are ok with using the same technology from their home computer. This indicates to me that the ipad's keyboard is very cludgy (and it is), and usability is severly affected compared to other devices.

The new technology that has been rolled out to some of our super VIP users lands them directly into our network, and the ipad becomes a native device. Extremely messy, and the cause of half of our implementation issues (if they Citrix'd in they wouldn't face half the issues).

IT can never win. Users can never win. But guess who has to answer IT audits that show the network as vulnerable????

 

[simongr]

I find it interesting that IT has restricted the download of attachments over OWA just for ipads. I didn't think that was possible (and I'm not an Exchange expert, so will defer to others who are).

Definitely possible (although the resriction might be mobile safari rather than the device itself) as I use my home iMacs to access web mail with no problem.

We currently support people working with BYO ipads using Citrix, but this is not acceptable to clients who don't want to log on, don't want to use tokens for authentication, want the native ipad mail working etc etc etc. (See that battles I face in a corporate environment?).

I have major issues with Citrix simply from a performance perspective - we were directed to use Citrix on our corporate laptops initially but managed to get a build using a VPN client which works much more effectively (2 factor authentication). If speed wise Citrix worked like a native app (from a speed perspective rather than a operation perspective) I would have no issue using Citrix. Two factor authentication is an issue though as the iPad seems to drop connection when moving around the office so you would have to log in frequently...

Yet, they are ok with using the same technology from their home computer. This indicates to me that the ipad's keyboard is very cludgy (and it is), and usability is severly affected compared to other devices.

The new technology that has been rolled out to some of our super VIP users lands them directly into our network, and the ipad becomes a native device. Extremely messy, and the cause of half of our implementation issues (if they Citrix'd in they wouldn't face half the issues).

I dont find the keyboard that cludgy unless citrix is impacting the performance as above...

IT can never win. Users can never win. But guess who has to answer IT audits that show the network as vulnerable????

I guarantee that in any IT audit my team do they wont pick up on iPads connecting to the network as an issue But seriously I approach that from a risk perspective - a lot of IT auditors say "The manual says you shouldnt have this port open so close it" rather than looking at the broader picture. I don't think the risk is proportionate to the control and in other areas of the business we wouldn't get away with making some of the recommendations for controls that IT say we need...

 

[harvyk]

A lot of IT auditors say "The manual says you shouldnt have this port open so close it" rather than looking at the broader picture. I don't think the risk is proportionate to the control and in other areas of the business we wouldn't get away with making some of the recommendations for controls that IT say we need...

Actually most IT security auditors don't approach things as a "the manual says" but rather ask the question why is this port open, what are the attack vectors, what is the likelihood of those attack vectors being exploited, and what is the potential damage which can be done.

Basically it comes down to a risk vs useability argument, and that takes quite a bit to weigh up appropriately. I remember talking with another security engineer, he made a very interesting comment, the most secure system he could think of, would be a computer, without internet access, locked in a safe, and then no one knows where the safe is. Of course whilst it was secure, it wouldn't be very useable.

The problem is that most non-IT people don't really understand the true nature of the risks to corporate IT (for the record I'm happy to sit down with non-IT people and show them the risks with non-secured IT). It ranges from "script kiddies" who have little technical ability, and yet they have downloaded "hacking programs" which simply looks for networks which can be attacked via certain methods, to an actual concerted effort to breach security on a network. In a previous life I used to be a security engineer, I remember one place where I was brought in to look after a network where the previous administrator had no idea how to secure a network. As a result the network had been successfully hacked, twice.

It was not a major target, it was just one where "everything open and easy" had been adopted. As a result certain people had no problems at all getting in and causing major havoc. Of course the network needed to be seriously locked down to prevent it from happening again.

Now I'm not going to stand here and defend the actions of all IT people. There are absolutely IT guys out there who get a thrill from denying access to things (they are the ones who call themselves "God") but most IT policies have been developed as a direct response to a very real threat.

 

[simongr]

Interesting related article - I don't think this supports any one view or proves anything but just shows that the dynamic is changing and we need to work out how we deal with it...

How employees are driving an iPad revolution, and what IT’s doing about it | VentureBeat

 

[harvyk]

Interesting related article - I don't think this supports any one view or proves anything but just shows that the dynamic is changing and we need to work out how we deal with it...

How employees are driving an iPad revolution, and what IT’s doing about it | VentureBeat

It's an interesting article, the idea of "If we hadn’t learned to trust our users and trust the iPad, I don’t think it would have been successful." certainly works now, but just wait for the first iPad virus, or the first iPad major bug (yes both will happen, Apple can no longer hide behind irrelevance to the hacking community) and I wouldn't want to the be the technician of a large company who has to roll out an upgrade (or setting change) to 500 iPads.

Of course we may well find that Apple will stop being a hindrence for company rollouts (they certainly put up a lot of hoops for a company) and starts becoming a help. Of course that will mean that they need to loosen up control of the iPad, and thus make their app store a little less controlling.

 

[simongr]

I am not sure company control of iPads is what Apple is considering - ask the users - do you want to carry around a corporate iPad and your own iPad - I think the answer will be no.

I am not sure on the irrelevance point regarding OSX security and Apple not being a target - Apple is the largest company in the world by market Cap now - it is a target.