Managing desktops and laptops more complex than ever

* More capabilities needed for desktop and laptop management

In the past, desktop management usually involved taking an inventory of hardware and software, deploying software and updates, and fixing problems using remote control capabilities. Today, the list is expanding.

Today desktop management includes spam filtering, security patch updating, virus scanning, detecting and eliminating spyware, IM security, wireless security and more. For remote workers, add to the list firewall configuration and VPN management.

The problem today is that IT managers must put together their own approach to client management, using point products that may or may not be combined with product suites. No one vendor does it all today.

Here are some of the more recent issues affecting clients and desktops that are or are not being dealt with from an overall client management perspective.

Spam is a big problem for large and small companies alike. The network bandwidth, storage space and employee time wasted due to spam e-mail is obscene. There are server-based and client-based products available, as well as service provider offerings. I receive a lot of spam and had been using an inexpensive client-based product called Inboxer. There is no need to continually download updates to find spam. It learns to filter it out based on what you identify as spam. I found it to be reliable. With the “block” and “allow” buttons in Outlook, it’s easy to identify spam and non-spam e-mail.

We recently outsourced our spam filtering to a company called MXLogic after testing several spam-filtering services. We progressed from everyone using whatever spam-filtering product they wanted to a companywide approach. The advantage is that the spam doesn’t choke up the storage on your e-mail server. You don’t have to maintain the software or manage the software, and it’s cost-effective. It’s also been reliable and easy to use.

Spyware detection and elimination is another area. Malicious attacks are starting to use pop-ups and spyware as an entry point. Many companies are not yet dealing directly with this issue, but there are free spyware-detection products such as Adaware and Spysweeper. But be careful to check out any software before downloading it. There are some sites that are promoting products that look rather suspect.

Instant messaging is great for keeping in contact with colleagues. It’s easy to install IM software on your desktop. But are you opening up potential vulnerabilities through IM?  If you’re using IM, you should also install security software that protects you from IM vulnerabilities. If employees in your company are using IM, then IT must be sure that the proper security is in place to manage it.

IT departments have to make sure that they have a strategy and approach to managing the different environments that users have on desktops and laptops. The more difficult piece of this puzzle is enforcement - always has and always will be. This has always been an issue of desktop management; users feel that their desktops are “theirs,” and they do not want limitations imposed on them by IT.

However, with the vulnerabilities that desktops can introduce to the corporate IT infrastructure in today’s world, in some cases from the back door, IT departments must take a stricter stance on desktop management than they have in the past. In most cases, the PC/laptop is a corporate asset, and users do not “own” their PC - the company does.

For users, work with your IT staffs to ensure that your desktops and laptops are secured and protected from external attacks. And if you think of complaining to IT because they won’t let you download your own software, just think about how painful it will be if they have to totally rebuild your system from scratch because a malicious attack got a foothold - all because you wanted to “own” your PC and download whatever you wanted to.

Your desktop is no longer “your” PC; it is so interconnected with the rest of your IT infrastructure that it sort of operates like the Borg in Star Trek (for non-Trekkies: The Borg is a collective of interconnected individual entities that operate with a single, whole consciousness). An infection or breach into the collective Borg will affect all its other parts. In a like manner, if not well managed, your PC could adversely affect other parts of your company’s IT infrastructure.  It’s a trade-off: your freedom vs. your having reliable and secure access to corporate applications. I’d say it’s worth it - just ask someone who hasn’t had access to their PC for days in the aftermath of an attack.

Learn more about this topic

Review: LANsurveyor 8.5 for Windows

Network World, 07/12/04

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT