The Post-BlackBerry Era

A great article has been posted on the VMware CTO Office’s blog site by VMware’s Srinivas Krishnamurti.

http://cto.vmware.com/the-post-blackberry-era/

Personally I still think Horizon Mobile is the way to go for mobile devices. Yes, Mobile Device Management tools could help enterprises a lot but is that the way to go? Would you allow enterprise management tools on your own personal mobile device? Even if you use that device for your work related activities?

Personally, I wouldn’t accept that. However, a corporate phone, pushed on top of my own phone as a virtual machine..yes…I could deal with that. Assuming my employer doesn’t have access to the “personal side” of my phone..my phone, my Facebook ( oh wait, I don’t use FB), my Twitter, my private email, Google+ etc. With Horizon Mobile, that’s the case.

Again, (people keep asking this), will Horizon Mobile move to iPhone, iPad and other Tablets? I really can’t tell. My wish: yes..now. please. In fact, I would prefer Horizon Mobile to become available on tablets more than on phones… but that’s a very personal opinion.

Before I forget this (and I have had several discussions about this before) I see Horizon Mobile as a great solution to separate work and private activities on one single device. I’m not discussing mobile devices as an access point to access Virtual Machines and push corporate apps etc…That’s a whole different story.

 

 

“The Dark Side of BYO”; Spot on! Solutions please!

Today I have been reading an interesting article about Bring Your Own Device. I loved the title; The Dark Side of BYOD and it covered Privacy, Personal Data Loss and Device seizure. Do read it for the complete story. It is spot on!!

The article covered what could happen to your personal device, like a phone or tablet when you also use it for work related activities. Companies will enforce ActiveSync policies like use of a password, remote wipe and lock. What happens when a relative doesn’t know the password and used the wrong password 3 times? Your phone could get wiped because of company policies. Your company data is sensitive so I do understand the policy. Most likely company data can be restored but what about your personal data like music and pictures?

Also, think about privacy. What when an investigation is going on at your company and they require your device? What about your personal data, bookmarks, music (legal/illegal), pictures of your family and also data around location tracking? Do you really want your company to know/see all that?

So, how do you handle “the dark side”? I have to say, this is keeping me busy. Is there a perfect way of handling BYOD and can you use this for all different devices? Perfect might not be the right word. User freedom/usability and security/privacy are competing and how strictly do you want to separate the personal and corporate side?

Let’s start with mobile devices; phones and tablets. I wrote and article about VMware Horizon Mobile a while ago. Still in beta but I do believe this is the solution for mobile devices. VMware Horizon Mobile is basically putting a corporate virtual Android phone on someone’s private Android phone.  IT only controls the vPhone and can only monitor what’s happening on there. Also, wiping the vPhone is the only wiping they can do. Privacy shouldn’t be an issue as well. Personal data and corporate data are separated and it should be possible to have separate billing of voice and data. Even without separate billing of voice and data, privacy should be covered in my opinion. The company being able to find out where you have been isn’t that big of a deal to me.

VMware Horizon Mobile is about Android but what about iPhones? I don’t have a answer on that. Maybe Horizon Mobile will become available for IOS as well. Maybe companies can provide specific, more intelligent applications, which they can manage individually instead of just wiping the complete phone. But then again, what about privacy? Just accept that part?

Another challenge are BYO-laptops. What solutions are there today to separate personal and corporate identity and secure privacy?

Of course, email is most likely accessible with an application and you can generate data when you want locally. You probably won’t have the remote wiping issue because I can’t see my company wiping my MacBook. But, it isn’t secure and also privacy can be an issue.  IT can’t set policies on my personal device. Also, there are applications, which for example don’t run on Mac OSX.

VMware Fusion and Workstation could be used. Everything will be separated perfectly but is that the way to go? I have to say, from a user perspective it works, at least for me. I have a MacBook Pro, which I use personally. I ran VMware Fusion and on Fusion I have my corporate vDesktop. The only downside it, that I use Windows as my corporate VM. It isn’t about Windows specifically but I can’t use the OS I’d prefer when I want complete separation. From a company perspective I can imagine this isn’t what they want. Companies give employees an amount of money for them to buy a personal device and on top of that companies need to develop, roll out and maintain vDesktops to remote devices. I can see a win for companies but is it significant enough?

What solutions are there when you leave Tier 2 solutions like Workstation and Fusion out of the picture? Yes, of course, VDI!! Complete separation, secure and privacy secure. But also in this case, Windows might not be the OS users want to use. Also, connectivity might be an issue. Offline desktop/Local Mode isn’t available for Mac devices.

Anything else, that might help? Well, Horizon App Manager might be the solution for BYO-laptops.  “Might be” because in-depth details are still unknown or not publically available. Also not all planned features are currently in Horizon App Manager. Horizon App Manager is a central user portal with strong identity management, which has different techniques to bring applications to end points. VDI might be a technique but also, ThinApp, XenApp, Terminal Service etc. On top of that policies can be set; which application will be available, when, on which devices, from which location. Integrate Octopus for data and this could be a secure solution for BYO.

It’s interesting to see, in my opinion that the security/privacy and data loss risk with BYO-mobile devices, currently is high for the user and not for the company but this is vice versa when you talk about BYO-laptops. Today, secure BYO is difficult to realize on mobile devices and laptops. It’s either, take that risk of wait for a complete solution.  I will try to be careful, separate as much as possible and use Cloud services as much as possible. Now it is time to stop thinking about it and wait patiently. Now, that’s a challenge.

 

User Virtualization in the Post PC-era?

Today I ran into an article which had an interesting quote;

 Persona Management isn’t mature enough yet, and VMware knows it, Dunkin’s Brennan said. The company probably added it just to “check the box”, but he speculated that VMware would get profile management up to speed by making an acquisition

We can have a discussion about the the first part in another article but especially the acquisition part caught my attention.

So, will VMware acquire another company to speed up its profile management? I think that is an interesting question. A different question but related to the first 1 could be; how important will User Virtualization be in, let’s say, 5 years? Yet another question; will you still need User Virtualization in 5 years?

First, let’s take 1 step back for a minute; Once upon a time, there were Windows PC’s and in Windows NT the profiling scheme was introduced. Then there were roaming profiles, mandatory profiles, default user profiles and Group Policies; all mechanisms to control the user, control and save their settings like printers/wallpaper, their permissions to shares and folders, what they are or aren’t allowed to do like accessing Control Panel. Also, store profiles centrally and users will have the same look and feel from any Windows PC. Separate the user from the Operating System.

Third party vendors like RTO, Appsense, RES and LiquidWare got into this space as well to fill gaps and add new features, moving on where standard Microsoft profiles and GPO’s stopped.

But, all the tools have 1 thing in common; Windows. That’s not a bad thing but it isn’t the only platform anymore to run applications. IOS/Android phones/tablets and Macs are out there in the enterprise, even privately owned ones. The world is changing and I believe it is the Post PC-era already.

Management will change. It has to change. Applications and data will be delivered to different devices in different ways; you access ThinApp apps via VMware View from your private Android Tab 1 moment. Next, you access a SaaS app on your corporate iPhone.

Instead of managing most things on a Windows level/device level, you have to take that management up a couple of levels. To me, that’s the user level. It will become more important who is allowed to access which application/data from what device and place. The underlying Operating System and device will become less important. Horizon App Manager will be that Universal Broker where you set those user based rules.

Don’t get me wrong, I believe Windows will be around for a long time as a platform to execute specific applications. But will that platform be considered to be big enough for VMware to invest in a Windows profile management tool? Again, interesting questions.

Fling; VMware Zimbra for Android

VMware Zimbra for Android (VZA) has been around for a while but it’s not known that well.  It is an email client for Android devices which supports Zimbra backends. At this moment the VZA is a “fling”; a client to test drive, officially not supported.

I have been using the VZA for a while now and I can say it’s a decent client. I find it easy to install and use. It gives me my work email, calendar, tasks and Briefcase. I have my corporate email and files available in 1 app. On top of that, I run the VZA on my Samsung Galaxy SII  and Galaxy Tab 10.1.

The VZA runs on Android 2.1 and above and the current version is 1.28. The app does require an ActiveSync enabled email client on your Android device (on most devices that’s the case). Also, because the VZA is available outside the Android Marketplace, you will need to enable your device to install applications from “unknown sources”.

You can download the client on http://labs.vmware.com/flings/vza More information is available on that site like comments and a video.

If your email environment is Zimbra and you have an Android device, go ahead, download the app and test it.

Do I eat my own dog food?

Customers and partners do ask me what I use on a daily base. Do I use ThinApp, Socialcast, Sliderocket, View etc etc? In other words, do I eat our own dog food?

Well, first of all, the base. My laptop is a personal Mac Book Pro. For the geeks (just like myself); a 2.66Ghz Core i7, 8GB Ram and a 256GB SSD and Snow Leopard. Yeah baby, I love my MBP. It’s quick!

On top of Snow Leopard I have installed VMware Fusion 4. I installed Windows 7 Enterprise inside Fusion. This VM is my VMware Workspace. So my VMware Workspace is completely separated from my personal Mac environment. This way you can apply the “Bring Your Own Device” concept securely.

I don’t have a corporate vDesktop yet. Basically the only reason is I’m offline too much of the time and the current View Client for Mac doesn’t support Local Mode. I do have a vDesktop on our European demo environment though. I can connect to it from my personal Mac side with the Mac View Client and from inside my Windows VM with the Windows View Client.

So, what am I using inside my VM? Of course email. My email resides on a Zimbra backend and I either use Google Chrome (my default browser) or the Zimbra Desktop Client Application to connect to Zimbra. Because there is hardly no difference between the browser and application way of connecting, I use Chrome to connect to Zimbra basically all the time. I can use my email independent of an OS and App and have the same experience every time by using a browser.

For my presentations I do use Sliderocket. I converted my most important PPT’s into Sliderocket and threw away all my presentations. All new presentation I create from scratch in Sliderocket.  Give yourself a bit of time with creating presentations and converting PPT’s. Not everything will go smoothly from the start but I love Sliderocket now. I’m still not a guru but I wasn’t a guru with Powerpoint either. I tried to create a small story here. Just in case I don’t have a connection, I have cached all my presentations into my Sliderocket Player application. You can download it for Windows, Mac and iPad.

Everyday I also use VMware App Manager. Via App Manager I can easily connect to several SaaS applications VMware provides me, like for example VMware Socialcast.  I intensely use Socialcast to collaborate with my colleagues. You can read about my Socialcast experience here. To connect to Socialcast I do use a browser but I have to say the Socialcast App is looking pretty good.

For my data I use Mozy Stash. Stash is in beta at this moment. This new technology keeps my data synced across all my devices. You can compare it with Dropbox. I will elaborate on Stash soon.

Lastly, I use a couple of ThinApp-ed applications, like Google Chrome and Adobe Reader.

I try to use as much VMware End User Computing technology as possible. When new technologies arrive I will continue to try to use them as quickly as possible. I can’t wait to use Horizon Mobile, Appblast and Octopus.

 

BYOD and the Nirvana phone

It’s has been a long time since I heard about the Nirvana phone for the first time. After that, it became very quiet around it. Last week I heard about it again. In this article I want to share my thoughts about BYOD and the Nirvana phone. I used some information from Brian Madden’s article from the beginning of this year.

What is the Nirvana phone? Basically the Nirvana phone is a 1; regular mobile phone with all the common capabilities, and it isn’t tied to a specific vendor and 2; a device which can handle a USB/Bluetooth keyboard/mouse and where you can connect a monitor to and change it into a thin client/PC. With the appropriate app (Citrix Receiver/VMware View Client) you can connect to a corporate desktop. Citrix’s Chris Fleck has been writing about this concept for while now. Click here to see a demo video.

When I first heard about it I wanted to have “it”. Without thinking about it I was thrilled about the concept. Combine it with Bring Your Own Device, and the concept became even better; get your favorite mobile phone, one you like and can operate and also use it to access your corporate desktop. That’s sweet!

Then I started to think about the concept and quickly I became less cheerful.

My first concern is the docking, cabling, keyboard, mouse and monitor issue; do I need to carry all that around myself? The cables, adapters, mouse and keyboard are small and could fit in my bag but a monitor? Never. I visit customers and partners a lot and I’m pretty sure of 1 thing; I’m not going to ask for a monitor before I go into a meeting. Same with hotels though. Yes there is a TV but I don’t want to use that as my monitor. I prefer to work and listen to the TV, switch channels etc. I haven’t seen a separate monitor in many hotel rooms. Besides the monitor, wouldn’t it be a lot easier to grab a laptop or even a tablet in stead of setting up everything so you can work on your phone?

So what if I don’t have a monitor, too much hassle to setup everything or you can’t connect to your vDesktop? I could just work on my mobile phone. But that is a very small screen and basically not usable (that’s the reason for that monitor!). Let’s assume you have very small fingers and it’s very easy for you to type for an hour on your 4” screen during a meeting. Remember I combined the Nirvana phone and BYOD concept. So basically, this is your personal phone and because you can’t connect to a remote desktop you want to use your phone for work. This means you will use local apps for work. Local apps you normally use for private things. Private and corporate data will mix. IT doesn’t have control over you personal device and can’t set policies. With the Nirvana concept, I’m missing something to fill this gap. I believe that when it comes to BYOD, VMware Horizon Mobile is a must have, essential, can’t live without it. Think about it; when you open a confidential corporate document, do you want it to be cached inside a corporate vPhone or just on your private phone? You can read more about Horizon Mobile here. Again, VMware Horizon Mobile comes into play with BYOD and not specifically the Nirvana concept but I combined the 2 because I think BYO will get huge!

Also, when you do have all the gear in place to hook up your phone, how would you make phone calls. Well it is possible to be connected and make calls at the same time. However, you need to put it on speaker or use a headset. Putting it on speaker isn’t an option in many cases. People around you, noise, the nature (confidential/private) of your conversation will stop you from putting it on speaker. A headset will solve the issue but again, another gadget I need to carry around and keep charged battery wise. I don’t use a headset otherwise.

Users who don’t need local horse power and don’t need offline capabilities don’t need a laptop and a mobile phone, provided by the company. That is very true. I personally would give those users a Thin Client (more robust than a mobile phone, static setup, no hassle) and access to a VMware View Desktop with a soft phone installed inside it. Unified Communications is supported inside a VMware View 5 environment with Avaya, Cisco and Mittel. So you need 1 devices; a thin client with a headset.

Undocking and docking your phone because of whatever reason shouldn’t be an issue. Time out settings inside your vDesktop can easily handle that. Also, current mobile devices can output a high quality resolution so that shouldn’t be a issue as well.

At this moment my feeling is we have passed this Nirvana phone station. Too much hassle with gear and it isn’t a solution when, for example a monitor or vDesktop isn’t available and you need to work offline; your screen is way too small. New device like tablets are common now and will take care of tasks more easily/efficiently that could/couldn’t have been done by the Nirvana phone. It must be said that VMware Horizon Mobile for tablets needs to be available before the BYOTablet concept can happen big time though. Also on a tablet you want a secure corporate space to access/read/modify data and access apps.

The small screen will be an issue with app remoting techniques as well. Right now, Connecting to a vDesktops is part of the Nirvana phone concept. The thing is that a vDesktop won’t be the only technique to access corporate resources/application. For example, VMware also announced Project Appblast during VMworld 2011. Appblast is a application remoting technique. So basically you remote apps via HTML5 to a browser. Great stuff!! But what about my Nirvana phone? Again, without a monitor the phone screen is too small. Same as with remoting a vDesktop. Displaying a vDesktop or an app is so much easier on a tablet.

Because of all previously said I believe most people will end up with 3 devices; smart phone, tablet and laptop. This could be 2 depending on how tablets will evolve. Maybe the laptop will be replaced by the tablet eventually, who knows.