Enterprise architects have been given the imperative to solve app delivery to any device. There are a host of potential solutions but, the fact is, we’re doing it wrong. I spent six years at Citrix working as the general manager and VP of products for its XenApp and XenDesktop products. During that period, I worked with about 250,000 companies – including 95 percent of the Fortune 100s – as they all tried to solve the same problem. Essentially: How do you enable end users to securely access any app from any device in a way that doesn’t make users hate IT or drive the IT team crazy?
Those years at Citrix taught me a lot. My biggest takeaway? The current approach to the application delivery problem is in silos and complex for both end users and IT. As an industry, we failed to deliver a solution that met some of our customers’ biggest pain points because we built “point” solutions that each only fixed a limited set of problems.
As a result, IT departments are stuck using a suite of products: Virtual Desktop Infrastructure (VDI), PC Lifecycle Management (PCLM), Mobile Device Management (MDM), Mobile Content Management (MCM), Mobile App Management (MAM), Mobile Information Management (MIM) and Enterprise Mobility Management (EMM). Basically, alphabet soup. And they must manage each of these products separately, with each one requiring management, upgrades and more. The biggest problem with this approach is that whenever there’s a problem, you have to choke many vendors’ necks to – hopefully – get a resolution. If you’re lucky.
And so all this boils down to the fact that – years after we should have solved this problem – we are still trying to figure out how to securely deliver applications to any device. No matter how many times you’ve stabbed this beast, it just won’t die.
The first stab was VDI
IT was excited to use Virtual Desktop Infrastructure (VDI) to solve this problem. What could be simpler? Deploy the corporate desktop as a virtual machine in the data center and enable access using a remoting protocol. IT was already very good at running complex server workloads as virtual machines. Running a desktop would be easy!
Turns out it was anything but easy to run desktops in the data center. First, there were 10, maybe 100 times more desktops than servers in a typical organization. Second, desktop workloads are write intensive compared to most server workloads, which are read intensive. This led to all kinds of deployment challenges with VDI. And even when IT was able to overcome some of these challenges, end users were not happy. The user experience was poor.
The second stab was with MDM
So when VDI did not solve the problem, IT went back to a familiar paradigm: manage the device. Just like they managed PCs. Here’s how the logic went. When you’re trying to deliver apps to a wide variety of devices, you have two main problems you need to solve:
- You must manage devices because you believe that will make them more secure.
- Mobile devices are different and, because each device has its own needs, you must buy specific software that manages the process of installing, deploying, patching, upgrading and monitoring these devices.
It’s easy to see why this approach is problematic. For starters, there is a veritable tsunami of new devices introduced every year. This creates a big question: How should IT deal with the variety of devices, OS versions (iOS 8 vs. 9 or Android Lollipop vs. Marshmallow), installed patches and app compatibility?
Then you have to tackle the issue of tools and policies. What happens when a company’s network policy or IT tools don’t extend to Macs, and then the CEO brings in his personal Mac? How much time does IT have to spend getting it onto the network? Joining a Mac to a domain isn’t simple. Ditto for Android, iPhone, etc. Then you have to factor in the company’s adoption rate for BYOD ….
Another slew of issues arises from IT’s habit of looking at the device and its needs, rather than at the person who owns the device. This attitude causes IT to buy “point” software that addresses just one type of device. What happens next is inevitable – you have multiple workflow or teams managing the same person based on if he is using a PC, Mac or mobile device. Does that sound complicated for IT? You bet. And what’s more, that complexity of multiple solutions impacts the user experience. Follow steps 1-5 to access with a Mac. Follow steps A-E to access with an iPad. That doesn’t bode well for adoption and will increase calls to the helpdesk.
Start from the destination
How then do you solve the problem? After witnessing the pitfalls of the first two approaches, several of my colleagues and I began talking about how it might be done differently. What if we flipped the thinking? Instead of thinking devices and management first, what if we started with the end user?
This is where we started:
- End users do not want IT to manage devices.
- And, anyway, IT cannot manage all the devices their end users use (for example, the home PC for an employee, or a personal phone of an executive or a Mac that your contractor wants to use).
- You must look at the user, rather than at their devices. Forget about what devices they use. Focus on what they need to access. What do they need? Desktops? Applications? Data?
- If you had a blank slate and designed a future-proof solution, make it simple for both end users and IT.
When you focus on enabling access for a user rather than managing devices, IT focuses on directly improving end-user productivity. This makes users happy and creates a simpler, better user experience. We believe the right user experience is a workspace on any device that enables end users to access their desktop, or any application or data. So if a user is using a Mac? Follow the same steps as iOS. And, of course, IT should be able to deploy the workspace to devices that they don’t manage. (Ah, can you hear it? The beast is finally dying.)
Leverage the cloud
In order to optimize the delivery of workspaces for IT, leverage the cloud. The key to a cloud architecture is to separate the data from the control plane. This is the software-defined data center. It needs to secure the data and keep it under the purview of IT at all times. But control and management signals can flow from the cloud. This enables IT to simply provision access for any user on any device from any location – and without being required to maintain any of the traditional plumbing. Bonus points: the up-front CapEx of building infrastructure is significantly reduced with this model, and without all that extra labor the OpEx also drops considerably.
Basically, you’re providing Workspace as a Service to deliver your desktops, apps and data. So users can access desktops, applications and data from anywhere on any device. This single solution ensures that both mobile and desktops provide the same, simplified user experience. And this means employees are less resistant, which drives adoption of IT’s secured solutions. With Workspace as a Service, the beast is dead.
Amitabh Sinha is co-founder and CEO of Workspot. He has more than 20 years’ experience across enterprise software, end user computing, mobile, and database software. Prior to Workspot, Amitabh was general manager for enterprise desktops and apps at Citrix Systems. In his five years at Citrix, Amitabh was VP Product Management for XenDesktop and VP Engineering for the Advanced Solutions Group. Amitabh spends his waking hours trying to simplify the complex. Follow him on Twitter and LinkedIn.