There’s another phrase that has recently crept into more common parlance amongst IT vendors -  `employee-owned IT’. This is a concept that has the potential to be one of the better two-edged swords the business has ever come up with, but it is also a model that is the most likely to move everyone, ever faster, towards using remote infrastructure models based around The Cloud. 

From the point of view of any business it is something to be welcomed, for it moves the cost of end-user client systems from the business and onto the employees. The possible downside, of course, is that it may also end up as a tax, imposed by, and paid to, the employer, for the privilege of having a job. In the end, employers will need to pay bigger salaries as compensation, particularly for PAYE staff. And they will need to claim this stuff against tax, of course. 

While the coalface users might like the option of choosing their own client systems – be it on price or fashion consciousness, this opens up all sorts of problems for the employers. These things need to be standardised and controlled. Allowing staff to use what they want as a client can only cause endless grief for the IT department unless very strict controls are applied to what is bought. This can mean buying clients from the `company store’, which can look even more like a tax on having a job. 

But worst of all the employee-owned IT model has real security problems attached to it, not least being the standard ones of users either losing their clients, or having them stolen – and for every lost MOD laptop that makes the news, there a bound to be many more from private companies that hushed up (and probably more damaging). Superglueing the thing to users’ hands only shows the bad guys that this is a laptop worth stealing. 

The only sensible way of exploiting employee-owned IT is to not let them near the data. And the only way to do that is with portable, personal, thin clients that are only portals through to the corporate data back at the datacentre. But the data never leaves there and is never stored on the device itself. Once the connection is severed there is nothing worth stealing except a bunch of bits. 

And there are several ways the connection between portal and datacentre can be quickly severed in an emergency – a large red panic button, for example, or perhaps a thin, weak, chord to a wrist strap worn when the device is in use – and it won’t work without the strap fitted. Pulling the client from the user when in use breaks the chord, and the connection. 

Meanwhile the data is safe, and that is the primary role of any infrastructure. It also means that, even if the business has and onsite datacentre, it is effectively running it as an end-to-end, integrated service delivery utility. It will be the only way the employee-owned IT model can work securely. From there, it will become a much shorter step to decide just how much of an existing onsite infrastructure is actually needed next time there is a major upgrade and how much can be moved to a Cloud-based remote infrastructure provided by specialists.