WelcomeWelcome to Admin

Living with Limits in the Post-PC Era

By Ken Hess

With the Personal Computer approaching middle age, industry analysts tell us that we're entering the Post-PC Era. That might be true by the formal definition of a "Personal Computer," but – no matter what we call the end user's device or in whatever form we recognize it – it's still personal computing and that device is the new personal computer.

In ADMIN issue 09's "Welcome" column, I discussed the strained symbiosis between mobile device management in bring your own device (BYOD) programs and users. In this issue, it's all about dealing with the hardware and placing limits on what we want that hardware to do once inside our realm. Sure, there's a user on the other end of that device, but it's the hardware that we have to develop a rapport with first. We have to greet its interface, learn its idiosyncrasies, conquer its faults, control its activities, and then hand it back to its owner, the user. By controlling the hardware, we also control the user and create a more consistent environment.

It all started with the Commodore PET personal computer back in 1977 as the first successfully mass-produced and mass-marketed computer exclusively for desktop computing use. It looks like what we all think of when we imagine a traditional desktop computer. But, when contemporary analysts write and speak about the Post-PC Era, they're talking about desktop computers and standard laptops as well. By my definition, the Post-PC Era generally includes netbooks, ultrabooks, tablets, and mobile phones – essentially any portable personal computing device.

What the so-called Post-PC Era brings to us as system administrators is inconsistency. System administrators hate inconsistency. We spend countless hours perfecting and polishing our "Gold" images so that our users will have an easy startup and smooth daily operating experience. And, we do it to ensure consistency.

The inconsistency arising from the Post-PC Era is a result of the number of possible platforms from which to choose. Not only do we have multiple mobile device types, we also encounter multiple operating system versions, multiple hardware generations and multiple platforms.

Inconsistency is the new consistency.

Fortunately, companies are running to our rescue to provide the control and the consistency that we need. Unfortunately, there are so many of those companies that it's difficult to discern which ones to trust, to adopt, and to use for mobile device management (MDM). Once we've chosen a management suite, our battle is only half over. Most MDM suites provide consistent controls over devices that enter our network perimeters, both physically and virtually.

Like the opening words to the old "Outer Limits" TV series, "We will control the vertical. We will control the horizontal." Once inside the "inner limits" of our network, the device is ours, and it must be so to maintain that required consistency. Consistency equals uniformity, and uniformity equals security. Once we allow an exception, we potentially compromise everyone's security. That's why we administrators like consistency, uniformity, and security. It makes our lives easier. Apply one password policy to everyone. Apply one remote connectivity portal to everyone. Apply a standard set of rules to every device.

Consistent policies are like everything else in technology; they work in theory. In practice, we know that there will be inconsistencies to manage. By incorporating inconsistency into our environments, we also relinquish any ability to maintain a secure perimeter. Once we allow jailbroken, rooted, or other compromised devices, we've disrupted any notion of control. Once we allow simple, short, or blank passwords, we've basically given up our ability to prevent simple attacks. Once we allow any "backdoor" access to our networks, we've provided an entry point for unauthorized access or for criminal activity.

The problem with inconsistency in the Post-PC Era is that we've essentially doubled or tripled the number of devices that we must manage. Inconsistency scales better than any technology. Its negative effects spread both vertically and horizontally.

Educate your users, your managers, and your executives that consistency inside the network is absolutely required. Assure your users that the control is for their own good. Explain to your users that, within the limits of the corporate network, you have control of their devices. There's nothing wrong with the device. Do not attempt to adjust it.

We will control the vertical. We will control the horizontal. Once you disconnect from the network, we will return control of your device to you.

Ken Hess * ADMIN Senior Editor