*>>In my opinion, the wild-and-wooly days of BYOD are already past. IT is going to make you sign something that says IT can wipe your device if you leave the company. And if they aren't yet, they will be darn soon.*
I don't think that's going to happen in most places. I do think, however, that before we need to get to that showdown, the vendors will figure out how to segregate corporate data from personal data such that the necessary clearing of sensitive data can occur without adverse impact to the employee's private data. Plus, it is kind of unfair to put the onus of this security on the mobile device when data leaves corporate networks by so many other means that are less well regulated (home machines for smaller firms, web access, cloud storage, etc) It's not like some organizations don't want to take advantage of BYOD themselves -- significantly reducing their expenses for phone communications and getting rid of a gazillion service contracts. So, I think we'll find some good middle ground. * * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Wed, Jun 20, 2012 at 5:15 PM, Michael B. Smith <[email protected]>wrote: > Whether you call it "identity federation", "network access control", > "domain join" or whatever - IT will require control of the devices > consuming corporate content. > > In my opinion, the wild-and-wooly days of BYOD are already past. IT is > going to make you sign something that says IT can wipe your device if you > leave the company. And if they aren't yet, they will be darn soon. > > You put an SCCM agent (or an InTune agent) on a non-domain-joined machine, > and except for authentication, it might as well be domain-joined. > Authorization and access to many corporate resources can be controlled from > that agent. > > And the comment that "those fancy Mac laptops" aren't on the domain -- > that's completely wrong. They call it "binding to the domain" instead of > "joining the domain", but at my MORG and LORG customers, the Macs are on > the domain just like the PCs. > > Long story short - I'm certainly not as famous as he is, but I disagree > with him. > > -----Original Message----- > From: Rankin, James R [mailto:[email protected]] > Sent: Wednesday, June 20, 2012 4:56 PM > To: NT System Admin Issues > Subject: Re: How many in your company can join systems to domain > > Think this was what I was referring to > > > http://www.brianmadden.com/blogs/brianmadden/archive/2012/04/30/the-real-reason-microsoft-windows-rt-devices-won-t-be-able-to-join-ad-domains-hint-ad-is-not-about-systems-management-anymore.aspx > > The issue is the session the user uses is domain-joined, not the device > itself > > I am on holiday so haven't had time to read it properly and ensure it said > what I was thinking about > > ---Blackberried > > -----Original Message----- > From: "Michael B. Smith" <[email protected]> > Date: Wed, 20 Jun 2012 20:22:04 > To: NT System Admin Issues<[email protected]> > Reply-To: "NT System Admin Issues" > <[email protected]>Subject: > RE: How many in your company can join systems to domain > > I'm running way behind here, and some people may have already responded, > but if he said that - well, I think it's just a crock. > > Domain membership provides a plethora of functionality. > > -----Original Message----- > From: David Lum [mailto:[email protected]] > Sent: Wednesday, June 20, 2012 3:39 PM > To: NT System Admin Issues > Subject: RE: How many in your company can join systems to domain > > Kind of makes it hard to use a GPO then, doesn't it? > > -----Original Message----- > From: Rankin, James R [mailto:[email protected]] > Sent: Wednesday, June 20, 2012 12:10 PM > To: NT System Admin Issues > Subject: Re: How many in your company can join systems to domain > > Wasn't there a good piece posted a while back (maybe from Brian Madden) > about how having domain-joined computers is no longer strictly necessary? > > ---Blackberried > > -----Original Message----- > From: "Kennedy, Jim" <[email protected]> > Date: Wed, 20 Jun 2012 17:31:42 > To: NT System Admin Issues<[email protected]> > Reply-To: "NT System Admin Issues" > <[email protected]>Subject: > RE: How many in your company can join systems to domain > > I have thought about this before...so I am going to toss it out there and > see how it gets swatted down. > > If a staff member brings in a home laptop and joins it to the domain is it > more of a threat or less of a threat than not being in the domain and just > plugged into the network. I ask because here after they reboot they will > get all the patches, up to date AV software and no-one except IT Staff will > be a local admin. Most won't even be able to get to a command prompt. > > -----Original Message----- > From: Kurt Buff [mailto:[email protected]] > Sent: Wednesday, June 20, 2012 1:17 PM > To: NT System Admin Issues > Subject: Re: How many in your company can join systems to domain > > By default yes, unless you turn it off, which, IMHO, is the sane thing to > do... > > On Wed, Jun 20, 2012 at 8:30 AM, Webster <[email protected]> wrote: > > I haven't had to deal with this in a long time but IIRC anyone who is > > in Domain Users can join up to 10 computers to your domain. > > > > http://support.microsoft.com/kb/243327 > > > > > > Carl Webster > > > > Consultant and Citrix Technology Professional > > > > http://www.CarlWebster.com > > > > > > From: David Lum <[email protected]> > > Reply-To: NT Issues <[email protected]> > > Date: Wednesday, June 20, 2012 8:19 AM > > To: NT Issues <[email protected]> > > Subject: How many in your company can join systems to domain > > > > Subject line pretty much says it. We have 600 employees and an IT > > staff of 50-ish (including developers) and I swear all 50 can join > > systems to the domain. Certainly 10 of them can and that seems like a > lot. > > > > > > > > Brought up because these guys drive me crazy by loosely following > > naming standards, not moving to the appropriate OU, and not putting > > descriptions in AD. > > > > David Lum > > Systems Engineer // > > NWEATM > > Office 503.548.5229//Cell (voice/text) 503.267.9764 > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
