More on the Consumerization of IT

Nic, points out in a comment on this post titled The decline of enterprise influence over IT that CSC Research Services have recently published a report on Consumerization, which I have just read and must say makes very good reading, especially the first few pages.  One of the authors is currently thinking through some of the related personal responsibility issues.  This topic has sparked my interest and I have been talking through some of the implications with network, storage and infrastructure services architects.  It took a while for them to get it until I used the Internet Access analogy which we all lived through:

1.      When the internet was first established enterprises saw individual Internet access it as an activity of little interest, undertaken by enthusiasts only, with niche needs.

2.      Then they saw it as a threat as they noticed people with networked PC’s who also had active modem connections to the internet, they started to create policies to control it

3.      Then they saw it as a need, but only to be provided to the select few and only then in very controlled conditions

4.      Then the saw it as obvious and could not understand what all the fuss was about.

Of course between steps 1 and 4 lots of things happened that allowed the more laid back attitude we have at stage 4 to develop:

1.      The marginal cost of giving another person access became essentially zero

2.      The security and acceptable use compliance management tools were much improved and largely automated

3.      Human Resources policies matured and people became familiar with acceptable use concepts.  In fact the rules reduced with more emphasis on compliance will broadly defined principles

4.      The need for training reduced as people self trained at home or peer to peer

5.      The demand increased because of home use and peer to peer evangelism

6.      The client tools became ubiquitous

It’s likely that all/most of these steps will be similar in other areas.  It was at this point that my daughter, (just started high school), gave me her computer use policy to look at, and I repeat it here as a perfect example of the process at its early stages of Consumerization:

Computer code of conduct

1.      You may only use School Computer facilities if a teacher is present to supervise you. (6th Form are the only exception!)

2.      If you are sent to use computer facilities during a lesson, you MUST have a blue slip signed by the teacher.

3.      Always follow the teacher’s instructions; only use the programs that your teacher has asked you to use.

4.      If there is any problem with your computer or you think anything is broken or missing, report it to the teacher immediately.

5.      At the end of the lesson, leave the computer as it was when you arrived; if you open any program, close it properly before you leave.

6.      Never eat or drink in any room with computers in, at any time.

7.      Never send messages to other computers.

8.      Never go into File Manager.

9.      Never play games on School Computers.

10.  Never load any new program or interfere or change anything already in use on the computer. If you do make changes, your actions will be regarded as VANDALISM and will result in serious trouble.


1.      You may only use the INTERNET if a teacher is present to supervise you. There are no exceptions.

2.      You cannot be sent to use the INTERNET with a blue slip. You may only use the Internet if your teacher is with you.

3.      Always follow the teacher’s instructions; only search for what you have been told to look for. The INTERNET is to be used for academic purposes only. Never download any programs from the Internet.

4.      There is an amazing amount of useful information to be found on the INTERNET that can help you with your work. There are also many unpleasant and nasty sites to be avoided. Search carefully. If you find any inappropriate material or anything you find disturbing, inform the teacher at once.

5.      You do not use the INTERNET for personal email.

6.      You do not use chat rooms.

7.      Anyone caught deliberately accessing anything unsuitable will be immediately banned from further use of the INTERNET

Steve Richards

I'm retired from work as a business and IT strategist. now I'm travelling, hiking, cycling, swimming, reading, gardening, learning, writing this blog and generally enjoying good times with friends and family

1 Response

  1. Anonymous says:

    Graham, in his blog talks about some of the responsibility issues And makes a point I am tending to agree with as well:

    The concept of the Human Firewall is also an interesting one. Technical Controls have traditionally been placed at the perimeter of the company. Perhaps we are moving to the situation where the controls are also at the perimeter of each device and each data centre. In order to allow users to take responsibility of their own device we would need that kind of control. Open access is a thing of the past controlled access on every level, everywhere.

Leave a Reply

Your email address will not be published. Required fields are marked *