Skip to comments.Forrester Report says 'power users' have Macs at office
Posted on 11/02/2011 4:19:29 PM PDT by Swordmaker
The folks at Forrester Research reversed themselves last week with the recommendation that corporate IT departments need to make it easier for workers to use Mac computers and devices. The tech research firm had long told the same IT departments not to bother accommodating devices from Apple Inc.
Why the change of mind?
Forrester says it is because the most productive employees, what it dubs "power users," are already using Macs, anyways.
Analyst David Johnson wrote in the report, "It's time to repeal prohibition and take decisive action. Mac users are your HEROes and you should enable them not hinder them."
Forrester uses the acronym HERO for Highly Empowered and Resourceful Operatives, what it finds are "the 17% of information workers who use new technologies and find innovative ways to be more productive and serve customers more effectively." The report could be a troubling sign for Microsoft (NYSE: MSFT), which continues to rely on sales of its signature Windows operating system -- including placement on PCs in offices worldwide -- for a huge part of its revenue base.
Johnson said that a new survey found "most of the Macs today are being freewheeled into the office by executives, top sales reps, and other workaholics. Forrester believes this is the same demographic that we're now calling the "power laptop user."
Forrester found that such "power laptop users" work more hours and make more money.
Many of them are already buying MacBook Pros with their own money because their company only supplies Windows-based laptops, the report says.
But Forrester says it found 41 percent of businesses it surveyed are now blocking access to their networks with employee-owned Macs, a situation it says must end.
"Stand in the way and you will eventually get run over," Forrester says.
The report offers six steps for IT departments to do to help Mac users access their enterprises and gives three case studies of companies that have done it.
If you want on or off the Mac Ping List, Freepmail me.
My IT staff prefers ‘em....
Any company that handles privileged customer information that could be used for identity theft and lets employee owned compters onto it's network is eventually going to pay dearly for it.
Bah hah ahah
Gee most M$ users want to be free to do all the power stuff, yet you would bind them down. How Steve of you.
How about a compromise - I'll let them do all the "power stuff", but they can only do it with your personal information.
This really about the VPs that bring thier employee owned iPads into work and create all sorts of new attack vectors for hackers. Truth - Mac OWNERS are more susceptible to social engineering attacks because they falsly think that Mac’s are safer than PCs ... ducking for cover now that I made myself a target for the Apple hit squad!
As a rule I would say that employee-owned computers -- OF ANY TYPE -- do not belong on a corporate network. I've maintained that rule on the corporate network I administer and it has worked out well.
The cases where an employee has taken their company-issued (Windows) computer home and let their kids play on it (against the rules) have been awful -- they bring it back in and it's filthy (software-wise) and causes problems.
I think Macs can be just as productive in general, sometimes more so and sometimes less so, than Windows PCs. Depends on what you have to do with the computer. But there's no justification or excuse for letting uncontrolled machines on a corporate network, regardless of operating system.
REAL TRUTH: You can't name a single piece of hackware that can run on a Mac -- and then infect a PC.
MY Brother works as a regional director for the Big X corp.They started accommodating macs about 7 years ago.He came to us for a crash course on them...we told him double or single click....LOL
You would be wrong about that but don’t let facts get in the way of your fantasy....
“Stand in the way and you will eventually get run over,” Forrester says.
It was that way for PCs in the early years. I designed and coded for mainframes and some of the managers would sneak PCs into their departments and start doing their own thing. The IT dept was livid when they found these, but the managers would not be suppressed - it was just too easy for the users to get what they needed with the PCs.
My own company has both Macs and PCs, and we are starting to incorporate iPads into the workflow for those who are often on the road.
“Any company that handles privileged customer information that could be used for identity theft and lets employee owned compters onto it’s network is eventually going to pay dearly for it.”
A better approach is:
“Any company that handles privileged customer information that doesn’t properly segregate it at the network level is eventually going to pay dearly for it.”
USB drives are far more ubiquitous than Macs. Also, the vast majority of positions at almost all companies requires no access to such information.
Active Directory Group Policy can disable the use of USB drives on domain-joined Windows computers, and prevent network access by non-domain joined computers. Macs cannot be joined to an Active Directory network, or be controlled by AD Group Policy.
As far as whether a "position" requires access to the information, once non-secured computers are allowed onto the network then you're faced with trying to control who can and cannot use those computers.
If you have that kind of information on your network, there is no rationializing allowing employees to access that data from a non-corporate computer as being anything but very bad practice.
“Active Directory Group Policy can disable the use of USB drives on domain-joined Windows computers, and prevent network access by non-domain joined computers. Macs cannot be joined to an Active Directory network, or be controlled by AD Group Policy.”
Sure, and then (as usual) the question becomes: “How much do I want to restrict my users productivity in the name of security?”
So now you’ve locked down USB drives, have you also locked down email? Access to SSL enabled websites? Disabled writing optical media? Perhaps you should just get rid of those pesky computers altogether.
“As far as whether a “position” requires access to the information, once non-secured computers are allowed onto the network then you’re faced with trying to control who can and cannot use those computers.”
You’re referring to the “network” as a monolithic entity, which it is not. There are devices called “routers” that can efficiently and extremely securely control which devices have access to given network resources. Making sure “employee owned computers” can’t access sensitive information is trivial.
“If you have that kind of information on your network, there is no rationializing allowing employees to access that data from a non-corporate computer as being anything but very bad practice.”
Nor have I said anything that disagrees with that stance. Company provided Macs (perhaps running Windows in a VM) are a different issue.
No, it doesn't. We don't hire people who can't be productive using the computers we provide for them. If they can be productive on a Mac, they can be productive on a Windows based computer if they want to.
We're not going to re-architect the infrastructure to accomodate a handful of whining hardware snobs.
"No, it doesn't. We don't hire people who can't be productive using the computers we provide for them. If they can be productive on a Mac, they can be productive on a Windows based computer if they want to."
Great job missing the point entirely... Try reading it again.
"We're not going to re-architect the infrastructure to accomodate a handful of whining hardware snobs."
I bet the turnover rate among your best people is plenty high. You epitomize why many folks hate IT/network admins.
BTW, the best attributes of Macs involve software, not hardware.
You epitomize the people the term "Macbot" was invented for.
Now, do you want to keep throwning insults and see if you can turn it into a full-blown flame war?
LOL! Not at all, though I do like to use and support the best available tech. After all, Macs do run more software titles than any other PC.
"Now, do you want to keep throwning insults and see if you can turn it into a full-blown flame war?"
Let's see who was first to use incendiary language...oh yeah it was you with your immortal "We're not going to re-architect the infrastructure to accomodate a handful of whining hardware snobs." Also, by the way, it's "accommodate".
Now, be a good PHB/BOFH and run along... We'll somehow make do without your "wisdom".
You just stay there in your little Mac "ecosystem", and I'll stay here in the real world.
We're an IBM mainframe shop, and I've been at least as accomodating to Apple as they've been to us, historically. They'll get exactly the consideration they deserve from me, and their syncopants can come along for the ride.
‘You just stay there in your little Mac “ecosystem”, and I’ll stay here in the real world.’
It’s hilarious that you’d say that, given that Apple has almost twice the market cap of IBM at the moment. It seems it’s doing a lot of things right, no?
I’ll let you have the last word since you seem to feel compelled to do so.
They're not doing anything I need, despite your apparent belief that you know what I need, how my organization and infrastructure works, and who's accessing what kind of data on my network better than I do.
Where did you get the idea that because they're making a lot of money everybody needs to buy what they're selling?
The only information that remains personal in this life, is something you just thought up. Little can be concealed today, especially if you use a computer.
Soon all your medical information including DNA will be controlled by the IRS, and unlike ICE, they will find you anywhere.