Imagine being CIO for Intel. You'd serve over 90,000 employees scattered around the globe, many of them hardcore technologists happy to second-guess any decision you make.
Intel CIO Diane Bryant doesn't seem to be buckling under the pressure. In a recent interview with InfoWorld Executive Editor Doug Dineley and me, Bryant - who joined Intel in 1985 and worked her way up through the ranks - clearly laid out her vision for making desktop virtualisation a key part of Intel's long-term plans to serve its internal users.
Desktop virtualisation, as you may know, is one of Techworld sister site InfoWorld's favourite topics. In our interview, Bryant immediately dove into the practical challenges and benefits of what she terms "client virtualisation" - where a VM (virtual machine) runs on every one of her users' devices, from notebooks to iPhones, providing a secure, portable business computing environment. At Intel this ambition is already in the pilot phase, which puts Bryant at the forefront of one of the most compelling trends in IT.
Doug Dineley: What caused you to consider virtualisation on the client side?
Diane Bryant: The big change I've seen in even just the two years since I've been CIO is the plethora of devices. Intel calls it the "compute continuum." It used to be you would come to Intel and get a desktop, and in '97 you got a notebook, and then smartphones. Now there are all kinds of devices that people are looking to bring into the environment: netbooks and tablets and all kinds of things.
Eric Knorr: Do you have a breakdown of BlackBerry vs. iPhone?
Bryant: If you're an Intel employee and you have a business need (which is about 10 percent of the population), you get a smartphone device which in general is a BlackBerry, because it's an enterprise-secured device. Here's what we did as part of this whole trend I'm talking about. The employee demand was so great, they were saying "I have a smartphone; just let me use it." So what we did in January is we opened it up and we said: "If you have a smartphone, and you're willing to sign a waiver that you're going to have Intel-confidential information on your personal device, we will push contact, calendar, and email onto your smartphone."
Knorr: Can I ask you what the waiver says?
Bryant: I'm not a lawyer, so I'll paraphrase. In general it says: "If you lose your iPhone you have to immediately call Intel and we will wipe the phone, which means we will wipe the Intel information and we will wipe your information."
Knorr: That capability has to be enabled before somebody can use it?
Knorr: Yes. We put a password on the device and we have remote wipe capability. This is where client virtualisation comes in...
Dineley: So you're an Exchange shop and you're using ActiveSync?
Bryant: Yes, so it's very low cost for us. And to your point, how many iPhones: In January when we launched we had 8,000 BlackBerrys; we now have 9,000 employee-owned devices in the environment. The vast majority are iPhones. And we all know how often we use our handheld devices to stay connected - those hot emails that you need to reply to. Now we have that many more employees who are that much more productive. The survey feedback says that they save 30 minutes a day because they have that information on their devices. When they walk down the hallway trying to find a conference room, they don't have to open their notebook, they just look [at their handheld device]. It was a huge productivity gain, but from a client virtualisation perspective, the employee had to sign up and say: "You can wipe my device." Where we want to get to is a secure, virtual partition on your smartphone device [so]when you lose the device I can wipe my VM and your personal data remains intact.
Knorr: You can't do that with an iPhone.
Bryant: You can't do that today on anything. That is what we're actively working on today. That's one example of why client virtualisation is so key and why we're enabling it not just for your desktop or your notebook, but to be able to support secure partitions across a full range of devices that you may have or that I may want to buy for you.
Dineley: So you're a big believer in the client hypervisor?
Bryant: I am. I'm a big fan of it. But also I think what's more important is that virtualisation technology is a foundational technology that enables many different use models.
Dineley: So not all Intel employees are going to have the same thin client?
Bryant: No, because all Intel employees are not the same. That's the same in any large corporation. In the old days you ignored that fact and you gave everybody the same device. Today you don't have to do that anymore. You can say: "You're a factory worker, here's the best device for you to be productive. You're a sales guy, you're on the road, you're always mobile, here's the best device for you. You're an engineer cranking massive computations, here's the best device for you." We've definitely gone to a segmented population, giving the best device to the employee based on their needs or multiple devices based on their needs.
In most cases we want the VM on the device, because you're not always connected. If the virtual machine is off in the cloud, there's an assumption that you're connected in order to be productive. That's just not a reality, so in general we want a rich client with the VM on the device.
There are cases where that isn't the best solution, though. For instance, our training rooms. We have large training rooms around Intel worldwide - [with all] those desktop machines, how nice it would be if you didn't have to send IT guys out to maintain and update those machines. You just hold a virtual container out in the cloud, a virtual hosted desktop. It's a static solution, it's not used very frequently, but when it's used you want it to work. You don't want the employees coming in to be trained and the silly desktop doesn't run. So that's a great example of hosting out in the cloud. We have a proof of concept going on that demonstrates the lower total cost of ownership for IT.
Knorr: So client hypervisor is the model you're really going for. You've decided that VDI with a constant connection is not practical, except in these training-room type environments.