Last week I met Michael Grey, Supply Chain Evangelist for Dell. We were chatting about future technologies given the incredible leaps that have occurred in computing over the last 30 years, with significant waves of change including:

• widespread use of mainframe computing
• proliferation of desktop computers
• ubiquitous internet
• Web 2.0 / mashups versus SOA - to allow the connection of web based software to share data in a secure manner

With all this change I was interested in what was next.

One of the points he raised was the issue of people becoming far more attached to their own computer than wanting to use a company one (which typically would be inferior to their own personal machine).

It raises a whole heap of issues:

• Ability to provide support for multiple machine types (various manufacturers and editions of software)
• How to maintain a Standard Operating Environment - an SOE reduces risk and cost in support
• How to limit the company from risk should someone’s computer have pirate software or songs, or illicit material
• Does setting up VMWare cut it? (VMWare is virtual machine software - basically like running a clean install of all software and documents. You then have two versions of an operating system on one machine. Also really great if you want to run two operating environments eg Mac OSX and Vista).
  If a company turns a blind eye to other information on a computer, is the company at risk?
• Is the individual at greater risk as a result of connecting to a company environment?

In some respects, putting an appropriate policy in place can work provided it is audited regularly for compliance. And automated tools can validate the legitimacy of information held on a laptop, and most likely companies will stipulate that the individual warrants that everything they hold is legal.

Without automated tools to validate the legitimacy of information held on a laptop, it is unlikely that a policy will be enough. Most likely companies will stipulate that the individual warrants that everything they hold is legal - but active checking on the compliance with policy, and records that indicate as such, are likely to be mandatory. The only other alternative is a blanket no - not something that today’s breed of knowledge workers from all generations like to hear.

Either way it is new ground.

So, what should you do?

1. Define where the highest levels of demand for connecting personal machines are
2. Identify and develop a policy and get explicit signoff
3. Put in place auditing measures
4. Trial and monitor

If you have been through something like this or are about to, please post a comment and let me know your views.