2011: Year of the tablet PC

The Apple iPad 2.

If the emergence of iPads, like a plague upon the land, through the latter half of 2010 wasn’t warning enough, the slew of devices released at the CES expo in Las Vegas should leave you with no doubt that 2011 will be the year of the tablet PC.

While the devices have been around for a number of years, and have been taken up by the health sector, it was the emergence of the iPad — dubbed by some as the first PC even a CEO could use — that caught the imagination of both executive and consumer.

The result was a squeeze on IT: Employees at the bottom of the rung pushing for their workplaces to support their consumer devices, and executives at the top dictating that IT must allow them to access business apps and corporate data.

This phenomenon has put IT departments in a tough position and facing a dilemma: Do they bow to populism and standardise on iPad as the ‘It’ gadget of the moment, or do they look to the longer term and implement an IT strategy that allows the independent delivery of data and applications on any device? Senior IT management, analysts and industry pundits are pointing to the latter option as the only sensible way to go.

“Any strategy around tablet PCs has to be device agnostic,” CA Technologies A/NZ director solution sales, Peter Sharples, says.

“The iPad is the coolest gadget on the market right now but like any device it has a life cycle and there will be another, greater gadget next year which is higher in the coolness stakes and organisations will have to support that.”

It’s a view echoed by Curtin University’s CIO, Peter Nikoletatos, who warns against being too prescriptive when it comes to tablet PCs.

“Today the iPad is quite mature and works well in this form factor, but we know we are only minutes away from the Dell Streak and the other devices [which will come out],” he says.

“The thing I learnt… was to not be prescriptive with the technology as your customer base wants to be BYO in the future and if you are too prescriptive, they will opt out.”

For its part, Curtin has been a major user of the iPad with some three to four hundred staff currently using them for work. The university is also assessing ways in which it can incorporate iPads as learning platforms into courses, especially for international fee-paying students.

With content and application delivery across multiple devices in mind, Curtin has made major use of application and desktop virtualization.

“We see this [tablet PCs] as being no different from a server and we have virtualized it,” Nikoletatos says. “I can bring up a Windows 7 session on it — you can run any platform you want on it.

"If you want extra compute power, you can access a virtual thin client. What we really want is that lightweight, instant-on, accessing information in seconds.

“The trend is toward browsers and [tablet PCs] are great at delivering a thin browser as a conduit to any application. We are moving away from fat client applications. Browser will be king in five years… and that is what you will be delivering your services to and accessing your content with.

"[Tablet PCs are] a broker, a conduit to the Cloud. Either your enterprise or someone else’s being delivered to you.”

Next: How Corporate Express is using the iPad

Page Break

Corporate Express CIO, Gary Whatley, couldn’t agree more. His organisation is trialling iPads for its mobile salesforce in customer presentations, and for its executives. He sees virtualization as being essential in any tablet PC strategy.

“The virtualized environment is an important one because for us, one of our concerns is people running their own hardware we aren’t able to control that environment,” he says.

“With virtualized environment, you can run a corporate virtualized environment machine and have total control over it. So, virtualization makes these kind of devices much more controllable.”

It's this control that is at the heart of much of the angst IT departments feel over the invasion of tablet PCs. For one thing, it is a massive cultural change, IBRS advisor Kevin McIssac says.

“In the past, IT has controlled [devices] and said what you can have, even down to the chip level sometimes. They then put an OS on it, lock it down and try to manage it and they deliver it, mostly for cost and security reasons.”

Now IT departments have to adopt a different model, or at least another option in conjunction with the locked-down model, in their provision of computing services.

“For those BYO devices IT needs a second stream where they say ,‘Yes, you can bring those [devices] but we won’t buy them, we won’t manage them, we won’t fix them when they break, and the only way you can access corporate data is through running some kind of thin client software’,” he says.

For IDC senior analyst, Trevor Clarke, client virtualization solutions are probably the best option for securely supporting tablet PCs in the workplace and in enabling a BYO device policy.

“The application and desktop virtualization solutions on the market at the moment are mature enough to support almost any kind of user,” he says.

“In any case, for [tablet PCs] it is unlikely a user will be a heavy multimedia producer — think 3D modelling — which was one of the historical complaints with client virtualization solutions.

“Making sure your backend infrastructure is set up appropriately — in particular storage, servers and networking — is also key, and the cost of doing this is often underestimated, as is the user acceptance of such solutions.”

For IBRS’s McIsaac, the leading argument for virtualization is that there is just no way that most organisations (unless they standardise completely on iPad's, for example) can afford to have the tech support resources to manage the whole gamut of BYO devices.

“The old days of locked-down desktops are gone — you can no longer say it’s Blackberry or nothing,” he says.

“What you can say is, 'Corporate device — we’ll supply it, if it breaks we’ll fix it, we’ll minimise the cost and maximise the service as that’s our baby. But, if you want something else ... (an iPhone or a Linux laptop), we don’t care, but it’s your problem.' We will, however, provide [apps and data] through a network-based protocol.”

According to McIsaac, Citrix is probably the major choice for facilitating this, and the vendor’s software has a number of advantages today.

“That’s at the top of my list, but if you are already running Windows Terminal Services you can use a terminal services approach, too,” he says. “VMware has its View stuff on the PC and they will also do something on the iPad at some stage.”

Next: Tablet PCs and security

Page Break

Security

Another major argument in favour of virtualization is that it can improve the security of tablet PCs. As Gartner analyst Nick Jones tells it, security issues can arise as the enthusiasm for deployment often runs ahead of the ability of IT to manage the devices.

“I look at a lot of the iPad deployments around — people using email on an iPad with no management tools, no additional security — that is a level of management you wouldn’t ordinarily accept within an organisation,” he says. “But the pressure to allow choice has become so great that people are deploying [devices] with much lighter management than they would normally do so."

And it’s not just the iPad that IT management should worry about, Jones says. There’s Android as well, which he characterises as the ultimate IT nightmare as it is “fragmented, it is immature and popular — how much worse can it get?”

“So people like the CEO are going around with an iPad with presumably highly sensitive information on it but not controlled in any particularly heavy way,” he says.

“I do have a horrible feeling that we are going to see interesting and terribly embarrassing data loss incidents with some of these devices which will push people to manage them more like traditional devices over the next year or so.”

CA’s Sharples says this scenario means organisations will need to use technologies such as desktop virtualization, VPNs and data loss prevention (DLP) if employees are to securely access the corporate environment from any device.

“Using virtual desktop on a portable device such as an iPad or smartphone or any of a number of devices that are going to come out in the next 12 months is a really smart plan,” he says.

“Firstly, it takes care of the authentication question — understanding who the person is, what device they are on and where they are. You need to know where they are as there may be different levels of access to data for a staff member. A senior financial controller will have different access if they’re connected on the office LAN with a PC or laptop versus an iPad in a Qantas lounge.”

Most virtual desktop solutions also come with inbuilt encryption, which is critical when managing what is available in the air, or in transit, through wireless-enabled devices, Sharples says.

“Next is the data leakage prevention layer: not just going down to what documents or what file systems people have access to but what is the content of the artefact they are examining or removing from the environment,” he says. “For example, does the document contain dollar signs or credit card numbers?”

Sharples says an iPad is less of an issue when it comes to data leakage as it doesn’t have much in the way of “smart local” file storage; however, the ability to block information being shared with apps such as Dropbox, DLP is critical.

“Users will find a way to make it easy for themselves, be it IT guys can consume Amazon cloud using their AmEx or an iPad user putting a stack of corporate documents in Dropbox so he can access them at home,” Sharples says.

Curtin’s Nikoletatos says he feels that security on tablet PCs is mature enough at the moment, but you still have to be mindful that you don’t put all your organisations data on the devices.

“We have gone through an information classification process about what types of data are likely to be used – which can be put into Dropbox; more transient environments,” he says. “For us moving toward cloud base content makes more sense – you just have to secure the two end points.”

Corporate Express’ Whatley says security is one of the organisation’s concerns, but using the right tools has the ability to “remote kill” tablet and other personal devices.

“We run a VPN, we do other things, but it comes down to how much risk you’re willing to wear and different organisations will have different risk profile,” he says. “We have had our security guys look at it and they are comfortable with what we do in those areas.”

Follow Tim Lohman on Twitter: @tlohman

Follow Computerworld Australia on Twitter: @ComputerworldAU