You can't buy this sort of marketing.
What next? Calls for Coca-cola to be the official government soft drink?
The man in charge of the government's IT efficiency drive has told MPs that Whitehall should use more Apple Macs while castigating the previous government for trying to sex-up IT projects. Ian Watmore, COO of the Efficiency and Reform Group, told the public administration committee that Labour had poured cash into computer …
Government has clearly wasted huge amounts on prooly-specified, poorly-delivered IT projects. No argument there.
But there aren't many hard-nosed businesses that have adopted Apple products for their corporate IT. There are good reasons for this, and they amount to more than prejudice and inertia.
"It's all down to a lack of attention to detail, which leads to prooly spilled wurds and hyphens where-there shouldn't be any!"
Seriously? You are going to criticize someone based on a typo ("prooly" is obviously a typo, not a genuine error) and not knowing that there is no hyphen in adverb-adjective combinations? I have seen very few people (and these include journalists, authors, etc.) who accurately hyphenate, and this excludes me.
In my defence, poorly could be an adjective as well as an adverb, especially where Government projects are concerned. Making clear that it qualifies the following adjective doesn't seem so unreasonable to me. So 'tis a grammatical slip to be sure, but from the best of motives, and without introducing additional ambiguity (which is, surely, the point of grammar).
This post has been deleted by its author
And what about sense, not many business applications run natively in OSX.
Not talking Word, Excel thats easy, I'm talking SAP, Dynamics and any other BI or ERP.
And tried a few Macs (for display) to test for Terminal Services too, way too much hassle and whats the point after connecting to a server you have lost the point.
Then perhaps the answer is to run cheap little low powered end-points (Linux?) with centrally served apps for the majority and VMs for those that are outside of the norm. Government is one area where I'd imagine a standardised centrally administered and secured desktop would be a bonus given their propensity to lose data.
"Watmore told the committee that in his personal view, the government should use more Apple products, just like the ones he uses at home."
Could have guessed the "because it works at home" angle. Last I checked, a Windows Domain was a lot easier to manage and lock down. Of course, the this says just how much he knows about Apple or IT:
"which is all about smaller, more agile, more efficient projects with a bigger emphasis on open source."
While Open Source does make projects perhaps more agile, it definitely doesn't always lead to "more efficient" nor "smaller." Likely can save some money if a current staffer is already familiar with the FOSS in question....And no, Apple is not "Open Source," they just built a GUI on BSD.
One of the key issues with mobile government data assets is that they have to be encrypted with a Government Encryption algorithm while data is at rest, this means that you need a full disk encryption product installed within all laptops and any desktops that might be kept or transported through locations of low physical security.
At the present time, there is no software based full disk encryption solution (supporting these algorithms) that works with Mac's and there is no Hardware based encrypted disk that supports the EFI bootstrap process that Mac's use to launch OSX.
This is the first hurdle that needs to be cleared, without it, if you put protectively marked data obove a certain confidentiality level on to a Mac, then that machine has to be kept in a physically secure location, or shipped around with an armed guard! Even with data at the lowest level it would need to be stored in a locked box that was bolted in to a vehicle if you shipped it around anywhere.
The reason that Mac's aren't used much in government is because there is no way to get around this one simple fact and until there is a company that can put a government algorithm in to an encryption product that supports Mac's, this isn't going to change.
Firstly, PGP Full Disk Encryption fully complies with Home Office requirement.s I should know, we use it on all our computers, to comply with such requirements!
Secondly, said software is fully Mac compatible. Again, I should know, we've been installing it on MacBook Pro, MacBook Airs, and the like for the last year.
As for AD integration with Macs, with all appropriate access control, easy - we've got our Macs bound into AD right now. Failing that, there's OD - which manages Macs natively.
We have around 4:6 in favour of Mac in our estate, and while we do get plenty of calls from mac users, they tend to be either that the hardware has failed, or a windows based service isnt working properly. Most of the real head scratchers are Windows machines that aren't doing what they should do properly.
Oh, and we manage our Macs very well with jamf Casper suite - which is superior to many PC based solutions like Landesk for auditing, policy control and deployment.
The real problem is that most IT systems managers havent got the first idea what they are talking about when it comes to Mac, they just sniff and turn up their nose bcause they see them as expensive toys, and not for Real Men.
This thread has demonstrated exactly that.
That said, it doesn't help that Apple hasn't the slightest interest in Enterprise level software and hardware - they only want to sell laptops and desktops along with iPads and iPhones.
That doesnt mean that integrating into enterprise is difficult or impossible!
http://www.cesg.gov.uk/find_a/caps/index.cfm?menuSelected=11&displayPage=1111&id=139
As clearly stated in the above link the only OS's that have CAPS approval for baseline are Windows OS variants . Mac is not mentioned on the CESG website which supercedes any BS you have been spun by the manufacturer. As long as your accreditor is aware it will be fine though as he/she may have accepted the risk based on its approval for Windows.
Actually, your wrong... and I can tell you this because I regularly ask within Industry for solutions that support Macs and when they will be available, believe it or not, I am not a Windows zealot and I am a Mac user (I'm writing this on my own MBP in fact), I've been using and supporting Mac's since 93 and I think I have a pretty good grasp of their capabilities by now, having also worked in Government for the last 7 years I think I also know in which environments I can use them and which I cant. However, unlike some I am more concerned with selecting an appropriate tool to meet requirements, rather than trying to shoehorn something I like in to a function it's not suitable for.
As has been pointed out by another poster, the target of evaluation for PGP full disk encryption does not cover the Mac version, if your accreditor is allowing you to use it, thats up to him if he wants to accept that risk, it probably means that your system has a pretty low risk profile attached and your data is probably mostly ILO-IL2 with only small amounts of IL3 data (if any). Either that, or the accreditor simply doesn't know the TOE for the product and he's mistaken in thinking that it's approved... it wouldn't surprise me.
A good architect will read the TOE for any security enforcing products he or she selects and will document how that product's configuration meets or contravenes the TOE so that the accreditor is informed. If you haven't read the TOE for products you utilise and your an architect in government, then you haven't done your job properly.
Even when used in an evaluated configuration, PGP Full disk encryption is only good enough for _Baseline_ level encryption, not Enhanced Grade or High Grade, which means you can only use it on RESTRICTED (IL3) systems... you don't even need a government disk encryption product for a RESTRICTED system, you can use Vista or Windows 7's Bitlocker feature and be compliant with a tiny piece of configuration... it's hardly much of a bar to reach these days, yet the Mac has nothing that fits the bill and Apple are not concerned about addressing that issue, why should they be? It's not a core market for them.
Well, no actually. LDAPS is easier to secure, and especialyl in government where there are both legacy novel systems, RACF on mainframes, and a littany of Linux and UNIX servers, AD is rarely the top level authentication system.
All you Windows trolls always assume that just because the PCs use AD that means everything else does too.
macs are in fact AD native. they have few OU and GPO settings, but that's because they don;t need many. They natively talk to Exchange 2007/2010, connect to SMB shares, use MS Office, and are very easy to centrally manage and secure through Apple's enterprise tools and super cheap server OS.
The TCO of individual workstations is also less for Mac than Windows, even counting as much as a $400 premium for the hardware (which is much less in corporate circles since companies don;t buy $400 laptops and desktops, macs are typically within $100 of business system cost for the same performance and size class, and in some cases are cheaper). Winn Schwartzau (probably spelled that wrong) did a great TCO analysis a few years ago for a large firm, and Macs were clear across the board cheaper, mostly because of greatly reduced IT and helpdeks hands-on support time with each machine. They also resell well vs the $50 you can sometimes get for a 4 year old Dell ,and that factors into IT finance too.
Why?
Is it better that they go with cash in hand straight to Microsoft without evaluating the competition?
Anyone doing a deal should always have a plan B to use as a bargaining chip. Microsoft office for instance is vastly overpriced for what it actually provides. It may have been an essential tool back when documents were laid out, printed and read. But these days you're more likely to read a website.
@AC: "And the guy wants to put in Mac's? He's obviously an idiot when it comes to IT"
I've seen reports on ROI and support costs that rated Apple gear pretty highly. Perhaps thats no longer true, but I'd be reluctant to call someone "an idiot" for exploring that option. I don't need external data to know that Apple equipment is typically very long-lived. As with most things, you get what you pay for.
Otherwise, it's entirely possible the suggestion stacks up. There's a good case to be made for buying quality equipment, even (or particularly) in times of austerity, bearing in mind that the initial capital cost of equipment is a small fraction of overall IT costs. I've never seen a study that showed Apple equipment to significantly raise IT costs, but please link to such a report if you've seen one.
He didn't call for the option to be explored. He called for Macs to be issued, because they work for him at home. That is an idiotic thing to say.
Moreover, I'm glad you don't need external data to know all about Apple reliability. Shame you're wrong, really:
http://www.engadget.com/2009/11/17/laptop-reliability-survey-asus-and-toshiba-win-hp-fails/
GJC
The beeb article also has some mentions around open source:
He insisted the government was committed to using more "open source" software to save cash - but had to balance this with concerns about how easily it could be "hacked".
I'm confused as to the logic of that statement - if they'd said something about useability concerns sure, there's an argument to be made there (not saying I necessarily agree with it, but there is contention), however to say that we can't use open source because it's easily hacked is ridiculous...
So you would think but more Linux boxes are hacked than Windows boxes. This is often because the sys-admins do not know what they are doing with Linux / Unix but it is way cooler saying you are a Linux guru compared to, say, a Windows Nerd even when you're not
Stats (zone-h 2008- 2010)
Linux 352.468 378.744 256.648
W2003 117.978 127.128 81.785
W2000 21.929 12.529 2.805
What you're completely failing to take into account there is that those are Defacement statistics for websites. Since Apache on Linux is massively more widely used than IIS on Windows, those stats are hardly surprising. But if you look at computers being subverted and becoming part of a botnet, that's almost exclusively a windows problem. Using those figures to say that 'more linux boxes are hacked than windows boxes' is misleading, to say the least.
Where are the Windows XP, Vista, 7, and Server 2008 boxes on this list of yours? Oh, nowhere, because your list only counts defaced websites, not hacked systems. The government doesn't store all (or even a significant* portion) of its data on web servers, and the potential for open source doesn't begin or end at web servers.
So you've picked the one major market where Linux is much more prevalent than Windows to begin with (thus increasing the odds that a hack will hit a Linux box. Indeed if you normalized those numbers as a percentage of systems out there [i.e, the at least slightly relevant statistic in a decision of this type], I bet you'd find that the percentage of Linux-based boxes hacked would come out looking pretty good), and you're using that to justify your FUD about hackability of open source software? That's like saying that women are better drivers than men because more men crash in NASCAR races than do women (i.e, it's based on non-normalized data from a non-representative sample set -- and the data doesn't even relate directly to the question being asked anyway.)
*Significant as in volume, not as in impact. A single piece of data stored on a public server may have a significant impact.
the mistake you are making in seeking logic here is to assume the man who was put in charge of huge white elephants in early 2000's, then leaves to run some football organisation, and then comes back to clean up the I.T. mess actually knows what he is talking about when it comes to I.T.
Previously he worked for one of the big 5 firms and has adopted a classic consultancy ethos.
Come in on the premise you are fixing something, break it, get out before the blame lands, come back and fix it again at a higher day rate...
that is all!
Is this clown for real? Now I don’t doubt that new Labour tried to Billy bullshit IT projects, as they did with everything else, but what is he going on about!? On one hand wanting more open source and a move from MS products and on the other wanting more Apple toys to be used, Apple being the most insular and proprietary IT (gadget) company going.
Our CEO is a bit of a MAC fanboi so we recently priced up a lease agreement for some MAC’s it worked out at £300 PER UNIT more expensive than the DELL Optiplex’s we normally lease and still £180 per unit more expensive than an equivalent spec DELL, as the lowest spec MAC’s were over spec for our normal requirements. And this doesn’t take in to account duplicating our software estate, extra staff training, support costs, loads more extra work integrating the bleedy things and the fact that the support is shite, back to base rather than one site and only 1yr access to their support services.
I think Mr Wantmore YOU were part of the problem and STILL are!
...we have a user at work who has a laptop, when he had some issues with it he said "we should use Macs, they never go wrong". Sure we COULD use Macs, but then we'd never get the software to run natively on OSX, so we'd still have to bung Windows on them and have the same issues.
Luckily this guy doesn't have any say in what hardware is purchased.
(As it happens, I have a Mac at home, an old iMac G3, makes a great door stop, maybe one day I'll turn it into a fish tank).
They should "use more Apple products" during an "efficiency drive"?!
We recently had a similar experience. One of our higher-ups decided that, for the upgraded systems we were putting in place, he wanted Macs.
Not only did they cost more than twice the price of the faster hardware we specced for him, the software *wouldn't even run natively* on Mac OSX. We would have had to either boot them into RHEL or run RHEL in a VM to make it work.
He just wanted Macs.
In the end we managed to slap him with a wet kipper (well, go over his head explaining the massive waste of resources he wanted to engage in) and he got a bunch of generic very fast workstations (the sort that starts tingly feelings in unmentionable areas) for half the cost, but he wasn't happy (I WANT A MAC WAH WAH WAH!!)
My other half works in one of the new-fangled (or are they just fangled) academies. As I've been working nearby recently I often go in with her and kill time there before going to my job. Over the days I've managed to have a look at almost evey room. I noticed that there were more than the average number of imacs in the place - particularly in the offices and admin places. Most of the classroom have 25 or so HP CPUs with CTX screens. I also noticed that with the exception of the imacs in the music room, most ofd the iMacs were running Windows 7. The staff are provided with Laptops - mostly Toshibas, but a fair number of teachers appear to have provided their own and they are using Macbooks.
This Monday morning I met one of the IT techs in the academy coffee shop (yes - and it's good coffee too!) and asked him why they had the imacs in the admin and HR departments when they appeared to be booted into Windows. He said that it was a suprise to him when he arrived and they even had them in the IT support unit. But, he said, in all honesty, Windows 7 and all our windows apps run much better and more reliably on the Macs than they do on the HPs.
Perhaps that's the efficiency he's talking about.
How to spot an idiotic politician:
1) Blaming previous people in power - check
2) Not actually a trained professional in the field - check (An accountant by trade)
3) Blaming corporate entities, when he was the managing director of a corporate entity in the field - check
4) Despite what little understand they could glean from their background, in the end fall back on an idiotic conclusion which is quite frankly akin to what a child could infer - "Use what I use at home." - check
I say get rid of the number cruncher and appoint someone that can form a coherent argument based on valid information.
And I've worked on nothing but government IT for 8 years. IT Companies knew how bad project management was, and took advantage. Even the systems that worked cost much more than they should have done.
All we need now is for Whitehall to set up a central development organisation, pay industry rates, and give good training. They'll save a packet. An absolute packet.