ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Computing option with "no funds"

    Scheduled Pinned Locked Moved IT Discussion
    69 Posts 9 Posters 19.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @Dashrender
      last edited by

      @Dashrender said:

      @g.jacobse said:

      It might be a topic for another thread... but why would you go 'unmanaged' in a large office? How do you allocate security on network shares as easy as (at least I understand) you can with having a Domain and AD?

      The same way Sharepoint online does, or Google Docs does. It's all done on the hosting solution. The local account doesn't matter. Web account does.

      Exactly

      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @Dashrender
        last edited by

        @Dashrender said:

        @Carnival-Boy said:

        A lot of AD and group policy exists to prevent users harming themselves and/or the company. If I could stop working with dangerous idiots I'd be much more comfortable with getting rid of AD.

        If you can provide all the required services via web pages or VDI or TS, and segregate the BOYDs from your production network, why do you need to care about the end device, the interfaces to the remote systems are what are protecting your data.

        Well, in that case, the VDI or RDS are the end point and would "need" AD for management still.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @Carnival Boy
          last edited by

          @Carnival-Boy said:

          Not sure @Dashrender. I've worked with AD for so long I can't imagine life without it. I don't use VDI or TS and all my web services use AD credentials, so I don't know how the alternative would work. Would be interested to hear from people who actually do this.

          That's a common feeling and if you've never seen a shop without AD it can be surprising how little it is needed. At NTG we have AD but everyone always asks "what is it for?" It manages logins to the machines, but really nothing else. We can reset passwords for people, but we have to maintain a complex network for that one benefit. It's handy, but it is really easy to see that the value is nominal for us and a lot of places that I have been.

          AD is great for certain use cases and very poor for others.

          Lots of shops are using Google Chromebooks which don't use AD but have their own thing, tons of shops use an AD alternative (OpenLDAP, for example) and many don't worry about controlling end point devices because while there is value to that, there is also huge cost and overhead and the reality is that you don't often actually need to control them. It's one of those areas where IT tends to have more of a desire to be in control than a business actually has a business need to have control.

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @coliver
            last edited by

            @coliver said:

            Not only that but you could also look at other authentication options. Something like OpenID or even an open source LDAP server could provide that mechanism.

            As NTG looks to more web apps for internal stuff, we aren't even considering using AD as the central authentication system. Just doesn't make sense. Locks you into too much infrastructure without real benefit. Something like OpenID moves the authentication management off to someone else and lets you focus on the apps, not the logins.

            1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @Carnival Boy
              last edited by

              @Carnival-Boy said:

              Hosted AD is still AD though, right? Are we just talking about BYOD here? I'm not a fan of BYOD and have managed to resist it so far, though I'm sure it's only a matter of time. What happens when someone's personal device breaks and they can't use it to do any work?

              Can't get hosted AD. That's one of the killers that makes it far less valuable than it should be. AD is legally barred from being hosted in any manner other than a managed colo (you have to own all of the servers and licenses, someone else can just manage them on your behalf.)

              BYOD is awesome. I don't know any downside to it, really. It's super secure and flexible. What concerns you about it? Enforced BYOD I don't like. But optional BYOD... I don't know any Fortune 1000 that doesn't do that!

              1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @gjacobse
                last edited by

                @g.jacobse said:

                If you don't have AD, how do you assigned policies on login? simple management of network shares and other resources such as networked printers and such?

                You are digging into AD and AD related services and asking how to do them without AD. Step back and ask...

                • Why do you need to assign network shares?
                • Why do you need logon policies?

                Maybe you do, but don't start with the assumption that you do. Challenge those assumptions. It's been a while since I worked someplace that needed any of those things. Some places do, definitely. But they are anything but foregone conclusions.

                1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @Dashrender
                  last edited by

                  @Dashrender said:

                  Agreed, going BYOD means completely rethinking your end user technology policies. You/your company has to decide how they want to handle users who's devices don't work, etc.

                  But the answers can be as simple as "we don't support that." Optional BYOD normally means that you support your own devices. There is no reason for the company to provide any support. That's not at all common. I know almost no large company without BYOD and know none that support them.

                  DashrenderD 1 Reply Last reply Reply Quote 0
                  • DashrenderD
                    Dashrender @scottalanmiller
                    last edited by

                    @scottalanmiller said:

                    @Dashrender said:

                    Agreed, going BYOD means completely rethinking your end user technology policies. You/your company has to decide how they want to handle users who's devices don't work, etc.

                    But the answers can be as simple as "we don't support that." Optional BYOD normally means that you support your own devices. There is no reason for the company to provide any support. That's not at all common. I know almost no large company without BYOD and know none that support them.

                    Come on, they offer at least a little support - hey I can't get on the wifi in the office, you're telling me that the helpdeskk tells them, I'm sorry your on BYOD, that's your problem?

                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @Dashrender
                      last edited by

                      @Dashrender said:

                      Come on, they offer at least a little support - hey I can't get on the wifi in the office, you're telling me that the helpdeskk tells them, I'm sorry your on BYOD, that's your problem?

                      Most places that I know... absolutely. Other than providing you with a password, you are on your own. That's the price you pay for BYOD.

                      1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller
                        last edited by

                        I don't know anyplace that provides helpdesk support at all for BYOD. I've never seen that. I've heard rumours of a few places that would provide light support, but never seen it first hand.

                        1 Reply Last reply Reply Quote 0
                        • C
                          Carnival Boy
                          last edited by

                          So.......what happens when someone's personal device breaks and they can't use it to do any work?

                          coliverC scottalanmillerS 2 Replies Last reply Reply Quote 0
                          • coliverC
                            coliver @Carnival Boy
                            last edited by

                            @Carnival-Boy said:

                            So.......what happens when someone's personal device breaks and they can't use it to do any work?

                            Again, what do your policies state? Most people now a days have two or three devices that they can do work on. My fiance has a tablet, her computer, and a phone that she uses to do her job (granted all of them were provided by her company).

                            Actually part of me feels like this will be better, as a person who is responsible for replacing their own device will be much more careful with it, at least that is the hope.

                            C 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @Carnival Boy
                              last edited by

                              @Carnival-Boy said:

                              So.......what happens when someone's personal device breaks and they can't use it to do any work?

                              Then they don't use a device that they brought. Seems pretty obvious. Why would that be a concern?

                              It's not like they don't still have devices in the office.

                              C 1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller
                                last edited by

                                I think that everyone is associating BYOD (the ability to bring your own device) with not providing computing resources for employees. Those are two different things. Sure, you could combine them, but I've never heard even a rumour of a company doing so. BYOD means things like "I brought by own laptop, I'd like to use it too." Or, "I have a tablet that would be useful for me to get to use."

                                Nothing about BYOD suggests or implies that all of the normal compute capacity is not provided nor does it suggest or imply that the devices are inside "the castle" connected to an AD domain or anything like that. Most enterprise BYOD is outside the firewall in a guest or semi-guest area. It's the same infrastructure used for remote access.

                                How do you deal with someone whose equipment at home does not work? You tell them to come into the office and sit at their desk.

                                1 Reply Last reply Reply Quote 0
                                • C
                                  Carnival Boy @scottalanmiller
                                  last edited by

                                  @scottalanmiller said:

                                  It's not like they don't still have devices in the office.

                                  Do they?

                                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                                  • C
                                    Carnival Boy @coliver
                                    last edited by

                                    @coliver said:

                                    Again, what do your policies state?

                                    I have no policies because I don't allow BYOD. I was just wondering what everyone else does.

                                    scottalanmillerS coliverC 2 Replies Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @Carnival Boy
                                      last edited by

                                      @Carnival-Boy said:

                                      @scottalanmiller said:

                                      It's not like they don't still have devices in the office.

                                      Do they?

                                      Of course. BYOD is an allowance, not a mandate. There is no association between being allowed to use some of your own gear inside the office and not providing a basic, functioning work environment. Most companies allow you to bring your own chair, for example, but just because they have BYOC doesn't meant that they don't supply chairs when you need them. This goes without saying. Computing is the same. Just because I am allowed to use my iPad for work doesn't mean I no longer get a desktop, that would not work. The iPad is just for checking email during a meeting, for example, not to replace my desktop.

                                      C 1 Reply Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @Carnival Boy
                                        last edited by

                                        @Carnival-Boy said:

                                        I have no policies because I don't allow BYOD. I was just wondering what everyone else does.

                                        No remote work at all? BYOD and remote work policies are normally one and the same. Most companies implemented BYOD long ago via their remote access policies before the term BYOD existed.

                                        1 Reply Last reply Reply Quote 0
                                        • coliverC
                                          coliver @Carnival Boy
                                          last edited by

                                          @Carnival-Boy said:

                                          @coliver said:

                                          Again, what do your policies state?

                                          I have no policies because I don't allow BYOD. I was just wondering what everyone else does.

                                          This was a hypothetical. If you were deploying BYOD then it would be useful to have this type of thing spelled out. This is where our support begins and ends for BYOD anything beyond that is the employee's concern.

                                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @coliver
                                            last edited by

                                            @coliver said:

                                            This was a hypothetical. If you were deploying BYOD then it would be useful to have this type of thing spelled out. This is where our support begins and ends for BYOD anything beyond that is the employee's concern.

                                            Exactly. And nearly every company I have ever seen provides a list of things that are known to work "Windows XP and 7 have been tested. Mac OSX 10.9." And beyond providing a basic list, all support is up to the end user.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 4 / 4
                                            • First post
                                              Last post