Access everything via a web browser.
Pretty much every device that anybody might want can run a web browser.
So just make sure everything can be accessed via a web browser.
Desktop budget wrangles: Whose device is it anyway?
“Giving away budget never felt so good." Those were the words of an IT manager attending one of our roundtables recently. But why was he so happy about losing control of a chunk of his IT funding? The topic of the roundtable was end user computing, and he was explaining how the annual budget negotiations around desktop …
-
-
Wednesday 12th October 2016 10:15 GMT nematoad
Re: Access everything via a web browser.
"Pretty much every device that anybody might want can run a web browser."
I used to work in the financial industry with a lot of stuff running on mainframes.
I've been out of loop for a while now so I don't know if running security dependant transactions would work using just a browser. Office stuff, sure but for other applications like process control, specialised engineering applications, finance and anything dealing with systems larger than the norm I reckon a browser would be underpowered and prone to security lapses.
I may be wrong of course but reckon it's still a case of "Horses for courses."
-
Wednesday 12th October 2016 11:10 GMT Bill M
Re: Access everything via a web browser.
There are plenty of things running via web browsers with huge backends, Facebook is an example that many may have used. The web browser merely displays what you have selected via html and quite likely exploits things like javascript to do things more fancy.
For security a web app needs to be designed securely just the same as traditional apps and underlying databases need to be designed securely.
The most basic security is if it only needs to be accessed from an internal LAN then do not allow access from the web.
-
-
-
Wednesday 12th October 2016 09:16 GMT Ragarath
And so it goes around
This has been going on for so long. End users always want to run X in Y way because they have used X and Y elsewhere and it is so much better than everything else. This even when it does not work well with other stuff.
As said by Bill M above. Put as much as you can in a browser interface as it is the only true universal language that I have seen appear over my years in IT.
There will still be use cases for other more niche software and it will always be thus unless you can get the big software makers (AKA the makers of the OS's) to make a universal run time.
-
Wednesday 12th October 2016 10:33 GMT TRT
In research...
It's certainly the case that researchers come in, with their own budgets for their own IT expenses. To have an End User Services dictatorial about standardised this that and the other is damaging. IT services exist to service, not dictate. If another service provider started dictating what you could spend your budget on, you'd sack them and get someone else. On top of that, there's the value added to a researcher's career by having IT skills - if they need to create MATLAB scripts to deconvolve photographs from instruments in a new way, then they should be able to install MATLAB, not have to phone someone in central IT to come and do it for them because they don't have the password. Just this week I've had microscope engineers sat in a room at £500 an hour whilst I reinstall Windows 7 because the anti-virus clashes with their install and even the anti-virus uninstall has been locked with a password by the previous IT control freaks in a foreign university that aren't there at that time of the day... My policy is everyone is an administrator, you can turn your own anti-virus on and off if you wish, you can install whatever you want and if it breaks, then you're the one that's going to suffer, but I am there to fix it if you can't. You don't get on the network without my say so, and I'll check your machine over before you can. You can shape your own tools. I'm open for discussion on things like everyone having the same model of printer for the sake of consumable compatibility.
So please, PLEASE. Virtualise that which needs to be, leave the users free to splash the cash on whatever they feel they need and we all have the right (not necessarily the ability) to learn from our own mistakes.
-
Wednesday 12th October 2016 11:31 GMT Anonymous Coward
Not aways a wise choice
Been there but there is also the flip side, in the past I've had to get expensive engineers in to re-install instrument and software exactly because the end user has installed what they wanted (software, drivers, or even fooled into installing malware) and in doing so borked the machine.
Not only is that the monetary cost of the call out, but also the lost time that the rest of the department who could not use the kit through no fault of their own, being the time from when it broke to the time we could get someone in and the install redone.
There's also the times in the past when a service engineer does a routine service and offers to upgrade the software/ firmware (or even just does it without asking), the user says yes to get some new widget, creating all sorts of validation, licensing and compatibility issues they have not considered in the desire to get the latest version.
There a risk/reward balance judgement to be made by the business, Allowing total freedom may work for some organisations but not for others, only the organisation can decide its risk attitude and the level of control end users have.
-
Wednesday 12th October 2016 11:56 GMT TRT
Re: Not aways a wise choice
And the decision I made was to allow our people to do what they will. They deserve trust and respect - they are the elite with tens or even hundreds of thousands of pounds invested in their education. Even if they can't manage to put only glass in the glass recycling bin. But anyway, yes, so that's what works for me. I do capture disk images of equipment machines once the techs are satisfied that it's all installed and calibrated and ready to be handed over. But I don't tell anyone that because if they thought they had a get out of jail free card...
-
Wednesday 12th October 2016 12:26 GMT Anonymous Coward
Re: Not aways a wise choice
they are the elite? are they really, what a condescending thing to say to us poor sods who have to support them. We hear this occasionally, actually not so much now, but did in the past. We got the " your here to serve and you wouldn't be here without us, etc" they might be the elite at their particular science but do you know what I don't go telling them how to do their science, I don't go in and fiddle with an HPLC just because I did a bit of Chemistry on my degree, or tell them how to do their science better, because funny enough its not my job and I don't know much about it. So have a bit of respect for what WE do in IT and leave your stuff alone, as you (in the main) know feck all about it!
So anyway good luck winning that grant from working from your bedroom on your home PC without all the services we provide you with, and work bleedy hard to support on VERY limited budgets.
-
-
-
-
Wednesday 12th October 2016 12:01 GMT TRT
Re: In research...
I'm genuinely surprised. Perhaps I didn't make it clear that we are a postgraduate research facility where people come and work usually for many years, even the bulk of their career. I'd take a different tack for undergraduates or places with a high throughput of casuals who have no ownership or investment in the department. I certainly insisted on fully locked down machines in the FE college I worked at previously.
-
Thursday 13th October 2016 10:15 GMT nematoad
Re: In research...
We used to have people with very high academic qualifications working at the refinery where I used to work. Usually their speciality was not IT related but we used to say that if they wanted to use something not in the SLA that was their lookout. Any breakages on stuff they installed was always given the same answer "Sorry, it's not in scope."
-
-
-
Wednesday 12th October 2016 12:42 GMT TRT
Re: In research...
Might surprise you to learn that I don't have to run around firefighting, that we do keep a lid on unlicensed software and we are very productive. I prefer educating users than locking them out. Manage the people, not the machines.
Like I said, it works for us. I understand that there are different approaches, but it's horses for courses.
EDIT
If it's your view that your end users are "lunatics", it's no wonder that a 'them and us' attitude develops. I'm finding the level of disrespect here quite upsetting. It's one thing to poke a bit of fun along the 'have you tried turning it off and on again' lines, but I'm sensing genuine contempt for what I would consider as colleagues though some refer to them as customers or end users.
-
Wednesday 12th October 2016 13:40 GMT Anonymous Coward
Re: In research...
@TRT You sound like it would actually be reasonable to work in your area.
In comparison, as a software developer I've been assigned systems that cannot meet the minimum requirements of the software I use, and our workaround was that only my manager needed to approve a separate system for every project I was involved in, instead of needing two levels of VPs who never had enough time, to approve something non-standard. So our lab stored 4 stripped machines, so my actual machine could have sufficient memory and storage.
My current environment is more moderate - they allow us to purchase additional memory, but it was easier to use a leftover small SSD from upgrading my children's system, than to actually purchase something reasonable. This was to reduce my build time from over an hour to 15 minutes. Before the replies, yes, there are servers available (not enough, and not local), and there are real reasons, including legal, to not do this there. As a life-long professional developer, I do find it frustrating to use lower end equipment than what my children were required to obtain for school.
Apparently I am the lunatic for wanting to compile and test more than once a day.
-
Wednesday 12th October 2016 14:15 GMT Anonymous Coward
Re: In research...
you sound fairly level headed and fair enough if you want some a little different to the norm. Where I work everyone gets the same (workstations for those that NEED them to do their job, modllers, dev's, etc 20%) a decent desktop for those users 60% of the workforce who just use email and Word, and a decent laptop of for the ones who NEED a laptop, the remaining 20%. If you can prove a business case otherwise you get what you're given. I want to spend £2k on a MacBook because I prefer Mac's isn't a business case. The trouble lies when people who actually don't NEED something think they can go out and spend cash because they would LIKE something. There is a difference
-
Wednesday 12th October 2016 14:23 GMT Prst. V.Jeltz
Re: all admins
all users are admins! bet that got a few commentards hackles up....
but think about it - if BYOD ever gets going thats the situation - I.T have zero authourity on the desktop , and everyone is admin of whatever piece o shit they've dragged in .
I guess the only time tha'tll work is if everything is virtualised. Then its only crappy hardware to worry about - so The I.T dept will disown (not that they owned) all the crap that was brought in saying "its your crap , you fix it" . And so each department will have roger the IT guy , some poor bastard who has a job to do but people just say "can you have a look at this..." you know - like in the old days
-
Wednesday 12th October 2016 14:39 GMT TRT
Re: all admins
The IT guy in the other department *is* actually called Roger. I didn't realise it was a requirement.
But, yes, we do have a mix of BYOD, grants coming in at different times (there's no luxury of suiting a standard spec), people coming from overseas who want different keyboard layouts that they are used to... I've got people here writing their own device drivers for piezo-electric focussing devices used in their home-brew microscopes. We've got HPC clusters running fMRI data through experimental algorithms that make my eyes try to crawl out of my head to escape my melting brain...
I was agreeing with the article really. What does need to be standardised and supported wide scale, roll out as virtualised device/OS agnostic - keep it in your walled garden and if worse comes to worse you can't be blamed for the problems of a small group of users who have rigs so diverse and bizarre that even that doesn't work for them. What doesn't need to be standardised, controlled, safeguarded and supported, don't worry about - let someone else do that.
-
Thursday 13th October 2016 00:45 GMT ecofeco
Re: all admins
so The I.T dept will disown (not that they owned) all the crap that was brought in saying "its your crap , you fix it" .
This has been policy at every place I've worked for the last 5 years. We DO NOT support your personal hardware or software. Mostly due to Federal security and privacy regulations. We can guarantee with high confidence the security of your company issued device, we cannot and will not guarantee your personal stuff. Nor do we have to.
-
-
-
-
-
-
-
Wednesday 12th October 2016 12:19 GMT Anonymous Coward
Re: In research...
I work in a lab, and it used to be a total free for all, loads of stuff installed (mainly total crap) standards not being adhered to, data going missing, unlicensed software being installed, etc. NO ONE gets admin, not even us in IT you should NEVER run stuff as an admin, you're a fool if you think otherwise, just to make life easy in the short term. And I'll bet my bolloxs that your users will screw things up just at the time they need to get that grant proposal in (that they've left to the last possible moment because boffins always do!) Its not just the users machine that might get knackered its your business that's put at risk. Plus its costing you (the business) money as you're having to go round fixing things and fire fighting everything all the time, but if you're happy to do that that's up to you.
-
Wednesday 12th October 2016 12:41 GMT Anonymous Coward
Re: In research...
also if you leave things up to budget holders you get massive inequality. You'll have the manager with some all singing all dancing spec PC that he doesn't need and he's only at his desk for a few hours a week, then his staff who actually do the work and sit at a PC all day will have some total bit of shite. You'll have certain departments that might have more budget but not be that big an IT user, with nice kit and others that might use IT a lot but with little budget having total crap.
Been there and seen it! Don't let the lunatics run the asylum
-
-
-
Wednesday 12th October 2016 12:21 GMT Mayhem
The biggest challenge I've noticed these days is the concept that there might not be an internet connection at the user end. Too many vendors presume that the Internet is like air, and always there. That applies to both software upgrades and solution providers - for example the new version of a number of software packages our clients use insist on speaking to a centralised server a lot.
So a number of our customers are engineering firms, generally working in and around building sites and basements. If you are lucky there might be a 3G connection available in the project office. In the basement plant areas, no. So making sure they have the resources to run anything they need offline is crucial.
-
Wednesday 12th October 2016 14:14 GMT Prst. V.Jeltz
ipads and laptops? uurrghg.
I've noticed all desks these days have 2 giant screens on a custom mount. AND a lot of people have little tablets.
so which is it? seems obvious to me if you need TWO giant screens to be "productive" your going to accomplish F all on an 8" screen.
ideall you dock your little toy to the big screens , but the little screen still seems pointless to me
-
Wednesday 12th October 2016 14:40 GMT Neil Alexander
I guess I can appreciate that somewhat, but not because I expect to get any real work done on such a device. Sometimes it'd be nice to have a little 8" screen to carry over to a colleagues desk when I just need a quick opinion on something or to flick through minutes from a previous meeting when sat around a table.
-
-
Sunday 23rd October 2016 17:05 GMT eionmac
different security levels
When "The Company" about 4000 desktops/laptops uses a specified intranet with email to internet and internet capability via a 'closed firewall' with many different company sites; then company is excluded from 'sensitive' 'defence' jobs as it is insecure as they (GOV sensitive) want air gaped working cells with all IT equipment totally isolated from the internet. Not possible with a 'company control IT/Internet via only the intranet LAN, where IT service is controlled from an offshore (read cheap) location by non nationals. Result no government contracts.
Biting the hand that feeds IT
