Blog Post

Forrester to your IT dept: Let them use Macs

Forrester made some waves in the IT world Thursday morning when it released a report strongly urging large enterprise companies to let their employees use Macs (s aapl) at work, or as they phrased it “it’s time to repeal prohibition.” That’s kind of a big deal since the analyst firm has for years recommended the exact opposite. So why the sudden change?

Employees are not only asking IT departments for Macs at work, they’re bringing their own into the office. The Forrester report finds that 22 percent of enterprise businesses foresee the use of Macs owned by employees “increasing significantly.” But at the same time 41 percent of those same companies don’t allow those employees to access e-mail or the company network on those machines, either at the office or from home. As analyst David Johnson writes, that just encourages people to spend their own time figuring out how to bypass these rules:

That leaves a lot of employees to find their own ways to get around corporate prohibition. Companies Forrester spoke with for this document described a gray market emerging internally, where employees share tips and strategies to use their Macs at work and bypass corporate roadblocks.

Forrester says you may as well let Mac users have them out in the open and accessible to the network at work since their study shows that people who want to work on MacBooks, for instance, classify as a “power notebook user.” To them that means those employees are the ones that work longer and are more productive. Another reason for the change of heart: Forrester says Macs “have developed a reputation for reliability and low maintenance.” What IT person in charge of the budget doesn’t want to hear that?

But while the guys managing desktop and laptop deployment may still need to get with the program, the teams managing mobile IT have already seen the light on letting employees have input on their devices. Since the arrival of the iPhone and Android (s goog) smartphones, this same phenomenon has been taking place. A group of mobile IT specialists talked about it at GigaOM Mobilize in San Francisco last month.

Julie Palen, SVP of Tangoe, says that a great percentage of employees are not asking their employers for a corporate phone. They don’t mind paying for a device or the plan as long as they can use a device of their choice and access the company network, she said.

“It’s irrelevant who owns the device or who pays for the plan,” said Palen. “It’s all about the device, as long as the data is secure and controlled … then that’s the big change and the answer becomes yes.”

Because the tools are there to secure those networks, companies are basically silly not to let tech-savvy employees use their own devices. And mobile IT guys finally figured it out this year, the Mobilize panel agreed:

“2011 was the year mobile IT was born,” said Bob Tinker, CEO of MobileIron. “It was the year the IT industry figured out mobile, and it’s the year that mobile figured out IT … Every small, medium and large enterprise around the world is going to be deploying smartphones and tablets at scale over the next 12 to 18 months.”

It’ll be interesting to see what kind of effect Forrester’s exhortation has over the next year or so. Will IT managers take it to heart, or just continue business as usual? We can guess which option employees would want.

18 Responses to “Forrester to your IT dept: Let them use Macs”

  1. I would like to also add, Until Microsoft and/or Apple have an outlined step-by-step solution, its going to be a hard sell. You really have to make a GREAT! argument on how you will be more productive using Mac instead of the supplied Windows PC. Really, it would sound silly if I told my manager, “Look, I just can’t write on white paper, it would flow so much better if I had yellow paper” or “I can’t use that green hammer”. These are apples and oranges compared to PC’s and Mac’s. Most people don’t really plan out what they are going to say when they ask for anything on the network, so they usually walk out defeated.

    If you can’t answer the question as to why you need it, thoroughly, thoughtfully and with good reasoning and very well rounded logic (your dealing with geeks, don’t forget that). Your going to lose. Period. Don’t feel bad, I have seen high ranking executives stumble to find the right words to open a pathway for devices and fail. Lack of really good reasons, the “its easy for me to use” is not a good reason. That’s why we hire people who can do the job. Not, hire people then change the job to suit their likes and dislikes. You must suit your position.

    If we want to see Mac’s officially supported in IT departments Apple or Microsoft would have to usher a road-map and integration guide for full support. Also, where’s the Apple equivalent to a MCSE for Mac’s? I never heard of one. Running a huge network with thousands of users is not about pretty buttons and nice computers. Security and network reliability are the factors that sway every decision I have ever made regarding my networks.

    Microsoft Certified Systems Engineer (MCSE)

    Lucky for Apple we are in a tech revolution were leaders are standing through settled dust. If Apple will stand upon enterprise it better integrate itself not just to Linux but also to Windows Server. But, we all know that Apple wants to have their own enterprise server infrastructure and possibly would like to incorporate it with iCloud.


      Ive said it before and ill say it again take out a piece of paper make the largest circle possible and then place a dot in it. In the overall computing universe UNIX is the giant and Microsoft is that dot. OSX Lion 100% POSIX compliant Windows 2008 not so much.

      Apple doesnt want to have anything to do with the enterprise they dont even sell servers anymore. iCloud runs on Oracle/Solaris.

    • I would not recommend Mac hardware to anyone. In our company they need twice as many repairs as other hardware. And the repairs are twice as costly…
      Software wise its a different question…

  2. Macs might be a viable corporate option the day they support Group Policy or play nice with windows file servers. Until then they are only suitable for home users.

    • I agree 100% with you. Having run a Windows network with 200 workstations, they are all controlled with Group policies. You can add Mac’s to a Windows domain, but you are limited in what you can control from the Mac OS standpoint.

      Another problem is lack of Internet Explorer on Mac’s. There are hundreds of fine tuned settings in which to control IE which are not present for Safari or even FireFox.

      I myself run a Mac with Lion and Office for Mac is lovely, to say the least. I have it connected to an Exchange 2010 server and it runs without a hitch. As far as stablilty and reliability, I have yet to “fix” anything on my Mac related to drivers or the OS.


        Well there is citrix xen, vmware thinapp for crap that only works with IE. I think its IT that fears stuff it doesnt understand. Those that are affraid of the command line. We run vmware basically a linux hypervisor our disk subsystem equallogic NetBSD, our network Juniper BSD our laptops MBPro OSX Lion BSD. Eveything that supports Microsoft garbage has some form UNIX underneath it keeping it stable.

    • Jorge Escala

      Macs provide MCX settings which is analogous to GPO. There are many ways to deliver these settings to Mac clients. You can apply them locally (like poledit). You can use Apple’s Open Directory. Or you can use Active Directory by extending the schema or by using an AD client for the Mac that leverages existing schema in AD (Centrify or ADmitMac). Or if you prefer, you can manage MCX settings without touching your directory and instead using a third-party management tool such as (JAMF Casper Suite, Absolute Manage, KACE, etc). These will do much more than just configuration management. They typically provide inventory, software distribution, patch management, imaging, etc. People don’t realize that Macs are just about as manageable as Windows clients. You just need do a Google search to find the solutions you need. Here is a good place to start:

      And if you prefer to let someone do it who has done it before you can find a qualified, enterprise-level Mac consultant here:

      • Ummmm yeah try makign all of tha work right. We have OD/AD linked with Leopard server, we have been trying to get a new Lion server linked, and even after 10.7.2 its not working. Do a search and this is not just us, its a big problem.

        Snow Leopard clients have tons of issues with SMB shares and we had to dumb down our Windows 2008 R2 security because Mac’s cant connect to it.

        We used to be able to get help from Apple, but the department we worked with is gone. Apple does not care about the Enterprise at all.

  3. I’ve managed an environment with 50 Macs and there was no noticeable difference in support. We still had users who struggled to do things and occasionally a device failed and needed repair. The caveat in this article is the assumption that the mac users are a higher tech level than normal. This will be less the case as they grow in popularity and is already starting to happen. I think the argument for is really weak here given how difficult a mixed mode environment is in a big enterprise. Not many infrastructures can easily accommodate this securely.

  4. Forrester says Macs “have developed a reputation for reliability and low maintenance.” What IT person in charge of the budget doesn’t want to hear that?


    The one that will lose his job b/c he’s no longer needed.

    • El Barto

      true….but you will always need someone to support your devices…who makes an IT guy in charge of the budget? their own budget maybe? I’m sick and tired of IT guys saying “we need and enterprise solution” we don’t…is just a waste of money. I think IT decisions must be made in collaboration with the users, not the IT managers cause they will buy the most expensive and loaded piece of crap they can get.