Digital Workspace For Dummies Guide 262321

These materials are © 2019 John Wiley & Sons, Inc.
Any dissemination, distribution, or unauthorized use is strictly prohibited.

Digital
Workspace
VMware 2nd Special Edition
by Lawrence Miller,
Kevin Strohmeyer, and
Mark Margevicius
These materials are © 2019 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.
Digital Workspace For Dummies®, VMware 2nd Special Edition
Published by
John Wiley & Sons, Inc.
111 River St.
Hoboken, NJ 07030-5774
www.wiley.com
Copyright © 2019 by John Wiley & Sons, Inc., Hoboken, New Jersey
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form
or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as
permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without the prior written
permission of the Publisher. Requests to the Publisher for permission should be addressed to the
Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011,
fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Trademarks: Wiley, For Dummies, the Dummies Man logo, The Dummies Way, Dummies.com, Making
Everything Easier, and related trade dress are trademarks or registered trademarks of John Wiley & Sons,
Inc. and/or its affiliates in the United States and other countries, and may not be used without written
permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc., is
not associated with any product or vendor mentioned in this book.
LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO

REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF
THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING
WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY
MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE
AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS
WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN
RENDERING LEGAL, ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL
ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE
SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING
HEREFROM. THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK
AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN
THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION
OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS
SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR
DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.
ISBN 978-1-119-54938-3 (pbk); ISBN 978-1-119-54939-0 (ebk)
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
For general information on our other products and services, or how to create a custom For Dummies book
for your business or organization, please contact our Business Development Department in the U.S. at
877-409-4177, contact info@dummies.biz, or visit www.wiley.com/go/custompub. For information about
licensing the For Dummies brand for products or services, contact BrandedRights&Licenses@Wiley.com.
Publisher’s Acknowledgments
Some of the people who helped bring this book to market include the following:
Development Editor: Elizabeth Kuball Business Development
Representative: Karen Hattan
Copy Editor: Elizabeth Kuball
Production Editor: Magesh Elangovan
Acquisitions Editor: Katie Mohr
Editorial Manager: Rev Mengle
Table of Contents
INTRODUCTION................................................................................................ 1
About This Book.................................................................................... 1
Foolish Assumptions............................................................................. 2
Icons Used in This Book........................................................................ 2
Beyond the Book................................................................................... 3
Where to Go from Here........................................................................ 3
CHAPTER 1: Recognizing the Drivers of the

Digital Workspace........................................................................ 5
Exploring Current Trends..................................................................... 5
Looking at the Benefits of the Digital Workspace............................. 6
Understanding the Requirements for a Digital Workspace............. 7
CHAPTER 2: Creating a Digital Workspace Strategy....................... 9

Assessing Current State........................................................................ 9
Prioritizing Goals................................................................................. 10
Building Consensus............................................................................. 11
Starting with the Right Platform........................................................ 11
Taking a Project-Based Approach..................................................... 11
Embracing Change, Diversity, and Velocity as New Enablers........ 12
CHAPTER 3: Simplifying Identity Management................................ 13

Transforming Identity and Access Management
for Employee Experience................................................................... 13
Recognizing the Impact of Identity and Access
Management........................................................................................ 17
CHAPTER 4: Building a Self-Service Application

Delivery Model.............................................................................. 19
Transforming Application Delivery.................................................... 19
Recognizing the Implications of Self-Service Application
Delivery................................................................................................. 20
Preparing for Self-Service Application Delivery............................... 23
Table of Contents iii
CHAPTER 5: Unifying Device Management.......................................... 25
Shifting to Modern Management...................................................... 25
Changing Endpoint and User Security Strategies............................ 27
Recognizing the Benefits of Modern Management........................ 28
CHAPTER 6: Transforming Windows Application Delivery...... 31

Rethinking Windows Application Delivery........................................ 31
Virtualizing Desktops and Applications............................................ 33
Exploring Application Delivery Approaches..................................... 35
CHAPTER 7: Building a Mobile-First Application

Framework...................................................................................... 37
Recognizing the Growth of Mobile.................................................... 37
Transforming to a Mobile-First Capability........................................ 38
CHAPTER 8: Ten Benefits of a Digital Workspace........................... 43
iv Digital Workspace For Dummies, VMware 2nd Special Edition
Introduction
T
he digital workspace is transforming entire industries,
enabling new ways for businesses to connect to employees
and information. Now, the digital workspace is evolving
further to take advantage of machine learning and other advanced
technologies, to effectively secure information, handle increas-
ingly sophisticated threats, and leverage next-generation pro-
ductivity tools.
Planning for the changes necessary to make the digital workspace

a reality is challenging for many IT leaders today. Many of the IT
skills, tools, and processes still used today are based on legacy
PC-based technology that was used at the end of the last century.
In this book, you’ll learn about a new approach to creating a suc-
cessful digital workspace strategy for your organization.
About This Book

Digital Workspace For Dummies consists of eight chapters that
explore
»» Current trends driving the digital workspace, its benefits, and

requirements (Chapter 1)
»» How to get started with a digital workspace strategy
(Chapter 2)
»» Managing identity and access in the digital workspace
(Chapter 3)
»» Empowering end users with a self-service application
delivery model (Chapter 4)
»» Simplifying and centralizing device management (Chapter 5)
»» Enabling modern desktop management with Windows 10
(Chapter 6)
»» Creating a mobile-first capability (Chapter 7)
»» Key benefits of a digital workspace (Chapter 8)
Introduction 1
Foolish Assumptions
It’s been said that most assumptions have outlived their useless-
ness, but we assume a few things nonetheless!
Mainly, we assume that you are an IT executive, director, man-

ager, architect, engineer, or administrator responsible for
securely and efficiently managing and supporting your organiza-
tion’s end users and their devices and applications. As such, this
book is written primarily for technical readers with at least a basic
understanding of IT operations, networking, and application and
desktop management.
If any of these assumptions describes you, then this book is for

you! If none of these assumptions describes you, keep reading
anyway. It’s a great book and when you finish reading it, you’ll
know a few things about the modern digital workspace!
Icons Used in This Book

Throughout this book, we occasionally use special icons to call
attention to important information. Here’s what to expect:
This icon points out information you should commit to your gray
matter — along with anniversaries and birthdays!
Tips are appreciated, never expected — and we sure hope you’ll

appreciate these useful nuggets of information.
These alerts point out the stuff your mother warned you about
(well, probably not), but they do offer practical advice.
2 Digital Workspace For Dummies, VMware 2nd Special Edition
Beyond the Book
There’s only so much we can cover in 48 short pages, so if you
find yourself at the end of this book, thinking, “Where can I learn
more?,” just go to www.vmware.com/digitalworkspace.
Where to Go from Here

If you don’t know where you’re going, any chapter will get you
there — but Chapter 1 might be a good place to start! However,
if you see a particular topic that piques your interest, feel free to
jump ahead to that chapter. Each chapter is written to stand on its
own, so you can read this book in any order that suits you (though
we don’t recommend upside down or backward).
Introduction 3
IN THIS CHAPTER
»» Looking at current trends
»» Realizing the benefits of the digital

workspace
»» Defining the requirements of the digital

workspace
Chapter 1
Recognizing the Drivers
of the Digital Workspace
I
n this chapter, you get started by learning about some important
trends driving the digital workspace, the business benefits of the
digital workspace, and the key requirements that every organiza-
tion must address to successfully implement the digital workspace.
Exploring Current Trends

Creating an employee-focused digital workspace is critical to sup-
porting new business initiatives and fostering better ways to con-
nect people with data. IT leaders need to lead the charge toward
a more efficient, user-friendly, and secure digital environment.
IT can help create a more effective and competitive business or

organization by putting employees first and investing in employee
experience to foster employee engagement and help attract and
retain the best talent.
Some trends driving the digital workspace include
»» Digital transformation and employee engagement: Digital

transformation initiatives are delivering new capabilities and
CHAPTER 1 Recognizing the Drivers of the Digital Workspace 5
creating new business models across entire industries.
Employee engagement is the key to successful adoption,
and the digital workspace is the employee interface and
tool for many of these digital transformation initiatives.
»» Heterogeneous computing environments: Today’s
computing environment is a mix of systems and applications
deployed on-premises, in enterprise data centers, and in the
cloud. Employees access these applications, systems, and
data on a variety of devices (including PCs, laptops, tablets,
and smartphones) running different operating systems
(including Windows, Mac, Linux, iOS, and Android).
»» Growth of Software as a Service (SaaS) apps and mobility:
SaaS and mobile applications are everywhere. Users love
them because they’re easy to use, they’re convenient, and
they can be accessed from anywhere.
»» Disappearing network perimeters: As cloud and mobile
trends have grown, traditional network perimeters have all
but disappeared. Users access applications and data from
anywhere, on any device, and at any time.
»» Desire for self-service and choice: Users today not only
want self-service delivery of applications based on their
personal preferences — they expect it. Organizations must
increasingly adapt to this new user-driven model to maxi-
mize productivity and employee engagement.
Looking at the Benefits

of the Digital Workspace
The digital workspace has the potential to deliver many tangible
benefits to businesses, including
»» Focusing on user needs to increase productivity and

improve customer service: Ensuring employees have the
right tools that they prefer helps maximize productivity and
improve customer service. A better employee experience
fosters greater employee engagement, which, in turn, drives
better business outcomes — it’s a win–win scenario all around!
»» Simplifying management to support device/platform
diversity: The digital workspace centralizes and unifies
many IT management operations to enable more simplified
and efficient management of devices and platforms.
»» Enabling application portability and “bring your own
device” (BYOD) environments: The digital workspace
enables applications to be delivered when and where
they’re needed, on any device.
»» Improving security and compliance everywhere:
Information security and regulatory compliance are top
priorities for every modern business today. The digital
workspace enhances security and compliance with greater
control and visibility of the digital workspace — without
overly burdening your employees.
»» Empowering employees on day one: Using modern
applications and devices that are familiar to users ensures
they can be productive on their first day. This is particularly
true of millennial and Gen Z workers who were practically
born with mobile devices in their hands!
Understanding the Requirements

for a Digital Workspace
The increase in teleworking and accessing company data using per-
sonal devices has led to a set of requirements that will help com-
panies plan and implement their digital workspaces. The details
underlying each requirement will be unique to your business or
organization, but each of the following requirements must be met:
»» Focusing on building employee experiences: This is not

just a simple wink and a nod to keeping employees in mind
as you go about the business of delivering IT. Instead,
building a strong design culture around the employee
experience is critical to meet the demands of the business,
as well as the ability to secure corporate data. If lines of
business, teams, and individuals believe that IT gets in the
way and slows them down, employees will avoid adopting
the tools and services designed to protect them.
»» Delivering any application: The next critical requirement is
the ability to deliver any application through the digital work-
space experience. “Any application” is a big ask. It doesn’t just
mean the latest mobile app on an Android or Apple device, but
CHAPTER 1 Recognizing the Drivers of the Digital Workspace 7
also 12-year-old Windows apps, internally developed Java-based
apps that no longer have internal owners, and old spreadsheets
with macros that don’t work in more recent versions of
Microsoft Excel. It also means web apps delivered internally
through complex and ever-changing virtual private network
(VPN) tools, or SaaS apps accessible from anywhere, but with
passwords no one can remember.
»» Embracing modern management: Modern management is
based on the now-universal trend that modern operating
systems need to be updated on demand, anywhere, from the
cloud, in an effort to manage billions of devices at scale and
ensure application compatibility for developers. To allow
enterprise organizations to effectively manage the experience
and security policies of devices, modern management applica-
tion programming interfaces (APIs), that potentially expose
hundreds of policy options and context data for each operating
system, have been exposed through mobile device manage-
ment (MDM) tools. Modern management has been extended to
every modern device operating system: Windows, Mac, Chrome,
Android, iOS, and various flavors of embedded Linux.
»» Managing through insights: IT can’t proactively drive
successful experiences if they can’t measure the adoption
of those experiences. However, IT has never been in an
ideal position to track the adoption and usage of applications
across devices. Sure, you can run reports and try to look back
through historical data, but these tend to be one-off efforts
that look at the past with a hit-or-miss approach based on
what information is available across disparate platforms. True
insights from data are gained from the ability to spot patterns
and trends, identify potential gaps in experience or security,
and make recommendations for change.
»» Automating everything: To handle the scale of a digital
workspace, automation is critical, whether onboarding a
new employee or device, deploying apps, installing patches
and updates, or automating remediation steps to ensure an
employee’s device is compliant with policy. These tasks
must all be achieved without generating tickets that require
administrators or application owners to take manual actions.
In this way, operational costs are minimized, and gaps are
eliminated, for example, due to human error in the applica-
tion of inconsistent security policies, or devices left in non-
compliant states due to the inability to resolve an issue in a
timely manner.
IN THIS CHAPTER
»» Knowing where you are and where you’re
going
»» Establishing measurable goals
»» Getting buy-in from stakeholders
»» Getting started with the right platform
»» Managing a set of projects
»» Embracing challenges
Chapter 2
Creating a Digital
Workspace Strategy
I n this chapter, we explain how to get started with a digital

workspace strategy for your organization.
Assessing Current State

As you get started with the digital workspace, it’s important to
understand your organization’s current state with regard to tech-
nology, policies and processes, workstyles, and people. After all,
you can’t figure out how to get there from here if you have no idea
where “here” is!
Assessing your organization’s current technology state includes

determining what systems — such as identity management sys-
tems (see Chapter 3) — are already in place; what applications
are being used, how they’re being used, and by whom; and what
CHAPTER 2 Creating a Digital Workspace Strategy 9
endpoints and devices are being used and are supported by the
organization.
Your existing policies and processes also need to be inventoried

and reviewed to determine if they’re still relevant and effective,
and if new policies and processes or updates are needed. Examples
might include “bring your own device” (BYOD) policies, mobile
and remote working policies, security policies, user account pro-
visioning, application delivery processes, and desktop deploy-
ment and patch management processes.
Similarly, various workstyles throughout the organization need to

be identified. These may be in the form of user personas, such as
office employees, power users, and remote workers. Each persona
will have different application, access, and device requirements
that need to be assessed.
Finally, you need to assess the readiness of your organization

for the change to a digital workspace. What training is required?
Are new skills and job positions needed? Can certain job roles be
redesigned to take advantage of new efficiencies in the digital
workspace?
Prioritizing Goals
Planning the digital workspace is a collaborative effort among
business leaders, stakeholders, and end users. An effective strat-
egy is a “design in progress” that is always changing to reflect
new business drivers, technological advances, and, most impor-
tant, end-user dynamics.
Plans must be flexible enough to continually evolve as priorities

shift and new technologies are introduced.
When planning the digital workspace, aligning with the goals and
objectives of your business is crucial. Not only does this approach
take the goals of the entire organization into account, but it also
serves as the basis for measuring success. Business and IT leaders
must work together to prioritize goals and establish performance
metrics.
Building Consensus
Building consensus with key stakeholders throughout the proj-
ect is another key to success. Stakeholders include representa-
tive cross-functional business leaders; IT systems, applications,
desktop, and user support teams; and, most important, end users.
Understanding how your users work with technology and their

requirements will also help to build consensus throughout
the organization. Create small user groups from across the
organization — representing your different user personas — to
validate assumptions, test use cases, and verify configurations,
and actively provide feedback throughout the project. Finally, it’s
critical to “communicate, communicate, communicate” with your
stakeholders and end users throughout the entire project.
Starting with the Right Platform

The digital workspace is not a single device or system. It is com-
posed of numerous systems, devices, applications, services, and
management processes necessary to deliver a secure and effective
employee experience. These components include
»» Identity and access management (see Chapter 3)

»» Application delivery (see Chapter 4)
»» Device management (see Chapter 5)
»» Windows delivery (see Chapter 6)
»» Mobile applications (see Chapter 7)
Taking a Project-Based Approach

There are many moving parts in an enterprise digital workspace
initiative. Successful implementation requires a project-based
approach with project sponsors, stakeholders, project managers,
and project team members.
CHAPTER 2 Creating a Digital Workspace Strategy 11
It may be necessary to plan and implement each of the different
platform components (discussed in the previous section) as indi-
vidual projects. In some cases, there will be project dependencies
(for example, identity and access management is an important
foundation for each of the other platform components) that must
be addressed.
Allocating appropriate project resources, including budget and

technical resources is also critical to a successful digital work-
space implementation.
Embracing Change, Diversity,

and Velocity as New Enablers
When implementing the digital workspace, it’s important to “be
the change you want to see.” As a change agent in your orga-
nization, you have an opportunity to guide your organization in
deploying transformational end-user technologies to solve spe-
cific challenges related to data security, user mobility, desktop
performance, and IT management, among others. In this way, the
digital workspace becomes a business enabler that promotes agil-
ity and flexibility throughout the organization.
IN THIS CHAPTER
»» Delivering identity and access
management transformation
»» Realizing the benefits of federated access

management
Chapter 3
Simplifying Identity
Management
I
n this chapter, we describe identity and access management
(IAM) deployment scenarios, how existing solutions provide
value, and how simplified access management can deliver the
user experience that organizations aspire to and that their
employees increasingly expect.
Transforming Identity and Access

Management for Employee Experience
Your users access applications today in far more complex ways
than ever before. They access enterprise and productivity appli-
cations through a variety of mobile devices, desktop and laptop
PCs, and thin clients. These applications may be installed on the
devices themselves or in the data center, in the cloud, or perhaps
in multiple locations. Finally, not all these applications are nec-
essarily managed by IT; an increasing number of applications are
installed and maintained by the users themselves or managed by
line of business (LOB) or non-IT operational teams.
CHAPTER 3 Simplifying Identity Management 13
To support this environment, most organizations have embraced
a multi-modal style of end-user computing that enables any user
to potentially work with any application, any devices, and any
infrastructure. Although this approach is beneficial in terms of
productivity and user engagement, it introduces other challenges
including gaps in employee experience, complexity in access pro-
cedures, and exposure to new risks and issues.
Threats associated with malware, phishing, digital hijacking,

information and identity theft, and data loss have increased sig-
nificantly due to “any-to-any” multi-modal end-user computing.
IAM technology is a key means of supporting this “any-to-any”

approach. IAM simplifies the employee experience and enables
users to access the applications they need in a way that is secure,
reliable, and easy to use. IAM is the system that an organization
uses to manage access to its applications and content. Federa-
tion enables two or more organizations (or their IAM solutions)
to trust each other and thereby enable their users to easily access
resources in the other organizations’ security domain or identity
system.
IAM includes the policies and technologies that enable an organi-

zation to manage the digital identity and access permissions of its
users. IAM provides the following functions:
»» Identity management: The creation, management, and

deletion of identities associated with users
»» User credentials: User ID and password or credentialed
access to applications, devices, and services
»» Unified access: A system that allows a user to authenticate
once to a range of applications and services without necessar-
ily knowing their login credentials for each application or
service similar to single sign-on (SSO)
However, most organizations have deployed IAM solutions in a

piecemeal fashion, with different products and technologies man-
aging access from different types of devices or to different types
of applications such as Office 365, Salesforce, Active Directory for
Windows login, and others. Integration between these solutions
can require significant additional effort in application packaging
and delivery, so many organizations either integrate partially or
not at all. The result tends to be different access approaches for
different types of devices, with many applications still residing
outside of any IAM system. For the user, this means multiple sets
of credentials are required to access the applications they need.
Complexity, support issues, frustration (“Which username and
password do I use?”) and lost productivity are the result.
Simplified access management overcomes these issues and

enhances IAM to provide additional digital workspace function-
ality with a single sign-on approach that provides access to all
applications by leveraging the systems already in place. Federat-
ing multiple IAM solutions with simplified access management
enables organizations to leverage their existing IAM investments
while increasing ease of use, security, and adoption.
Simplified access management offers added value in the follow-

ing areas:
»» IAM integration: Simplified access management is key to

IAM integration and is analogous to grease on the gears of an
engine — it makes parts that touch each other work together
more smoothly. IAM systems are typically targeted at certain
types of workloads, infrastructures, or applications (such as
on-premises and cloud directories), so these systems are
optimized to manage access within a specific context (for
example, certain applications, infrastructures, and devices),
but incomplete in terms of their ability to work with other
applications. Simplified access management systems broker
to multiple unique IAM systems, so that all applications,
infrastructures, and devices can be equally serviced.
»» Conditional access: Conditional access protects content by
requiring that certain criteria be met before granting access
to the content (see Figure 3-1). Content can be data or
applications that reside on the device or in the data center
or delivered as a cloud-based service. The key to conditional
access is the ability to determine the security posture of
the device (typically a PC, tablet, or smartphone) so that IT
administrators can either apply policy to the device based on
context — for example, user location, remote network access,
impossible travel (that is, is it physically possible for the user
to have traveled from where they last signed on to where
they are now?) or block access to the resources that are being
requested (or require an additional authentication step, such
as multi-factor authentication).
FIGURE 3-1: Conditional access.
»» Ease of use: Providing users with a simple, secure, and

reliable way to access applications is a critical success factor
for any simplified access management or IAM system. Most
users are burdened with multiple methods of application
access, login IDs, and password requirements. This overload
gives rise to “sticky note” access — writing down user IDs and
passwords on paper. Such risky user behaviors increase the
likelihood of a threat or an attack succeeding. Recent surveys
indicate that nearly one in three users has been hacked or
compromised. Simplified access management helps
consolidate access by streamlining where and how applica-
tions are managed so that the ID and password memoriza-
tion burden is, at worst, greatly simplified for the user and, at
best, eliminated completely.
»» Enhanced policy management: Simplified access manage-
ment introduces policy enhancements such as the ability to
apply policy-based rules to specific scenarios. For example,
IT administrators may disable access to some applications
and data (for instance, sales data) from unknown devices or
networks. Another common scenario is to apply policy so
that access is only granted to “known” or “good” networks
and devices, while all other networks and devices are
prohibited. Some organizations find that having the ability to
apply management policy based on scenarios and context
offers more granular control, better reliability, and increased
protection of IT applications and data.
Recognizing the Impact of Identity

and Access Management
Simplified access management will help organizations realize real
benefits, including the following:
»» Seamless user login experience: It is not uncommon for

nearly 40 percent of all calls to an organization’s help desk
or service desk to involve password resets. In fact, many
VMware customers claim to deal with between 4 and 12
credential-management support issues per employee per year.
Consolidating access with simplified access management
enables automation of all credential m anagement through
dedicated tools. Done correctly, simplified access management
will lead to fewer calls for password resets, resulting in better
customer service levels, lower cost, and more user productiv-
ity. Employees also report significant improvements in their
ability to seamlessly and efficiently access the apps and data
they require.
»» Greater IT operations efficiency: With application access,
policy, and verification all consolidated, IT administrators will
be able to create policies, perform management, and gather
intelligence on deployment and use from a single source.
This means a simpler IT environment, a significant reduction
in management overhead, and less time to deploy new
applications and devices.
»» Direct cost savings: The reduction or elimination of help
desk tickets related to credential management alone will
deliver significant savings. Industry analysts estimate that
each help desk ticket costs around $15 to process. As a
result, help desk, IT administrators, and security teams will
be able to perform more value-added work for the business.
Simplified access management also leverages and consoli-
dates existing IAM systems and infrastructure.
»» Indirect cost savings: Other indirect cost savings resulting
from simplified access management adoption include
• Greater user productivity and uptime due to fewer

password reset issues and more consistent access to
applications
• Rapid deployment and configuration of application

access, which improves availability and allows users to
commence or resume job functions following workforce
adds, moves, and changes
• Deep insights gleaned from application access, which

enables better operational planning
• Accelerated deployment schedules for new applications

and devices
IN THIS CHAPTER
»» Living in a self-service world
»» Recognizing the implications and

benefits of self-service application
delivery
»» Getting ready for self-service application

delivery
Chapter 4
Building a Self-Service
Application Delivery
Model
W
e’ve all grown accustomed to self-service today: We
pump our own gas, skip the bank tellers with ATMs,
book our own flight and hotel reservations, and scan
and bag our own groceries. With YouTube videos available on how
to fix practically anything, many of us even venture into minor
home improvement projects (sometimes with mixed results!).
So, why should IT application delivery be any different? In this

chapter, you learn how to enable self-service application delivery
in your organization.
Transforming Application Delivery

Today, technology-savvy users prefer to be self-reliant and expect
virtually all their technology needs to be fulfilled via a self-service
channel.
CHAPTER 4 Building a Self-Service Application Delivery Model 19
Empowering users with self-service access to applications is an
increasingly important component of a fully integrated employee
and/or customer experience. Self-service enables organizations
to focus on higher-value human-to-human interactions that
increase productivity and efficiency, improve user experiences,
and create business agility.
A growing number of businesses are recognizing the benefits of

reliable and dedicated self-service approaches for reducing oper-
ational costs, increasing customer satisfaction, and improving
overall brand image.
To stay ahead of their competitors, businesses need to adapt

to the new ways of interacting with users, instead of following
the traditional rules that have defined user experiences in the
past. Providing users with instant access to information enables
immediacy and personalization, while saving valuable time and
organizational resources.
Similarly, the availability of applications as a self-service func-

tion is equally relevant today. Sophisticated users typically pre-
fer downloading applications on their devices, searching for
web-based access to applications, or running applications from
a self-service portal.
Recognizing the Implications

of Self-Service Application Delivery
The transformation in modern application consumption is noth-
ing short of amazing. Employees today know how to determine
their individual application needs, where to get those needs met,
and how to find, acquire, and use the applications they need and
want.
By and large, users are savvy in the use of technology and have
few qualms when it comes to being their own IT providers. They
inherently know their own requirements, devices, and application
sources (such as app stores, websites, and portals). Plus, if they
lack information, they know how to research and find the solu-
tions they need.
Several key factors have contributed to the rise of self-service
applications delivery, including the following:
»» The world has gone mobile. Over the past few years, we’ve
reached a mobile tipping point. Thanks to the rollout of 4G,
Wi-Fi, and inexpensive devices, smartphones have over-
taken PCs as the most popular way to browse the Internet.
Smartphone users look at their devices somewhere between
150 and 200 times a day, according to Forrester Research, and
mobile phones are now the de facto communications method
for most people. For many workers (especially millennials) the
preferred device is a smartphone rather than a PC.
»» There are fewer resources and touchpoints to manage.
Despite best intentions, hierarchical organizational structures
designed to help users and provide customer service often
fail. Good help that can quickly and easily provide answers
and value is hard to find. Building processes so that users
can acquire applications themselves dramatically reduces the
number of touchpoints (and subsequent possible points of
failure) and reduces the time to productivity, while also
reducing the number of people needed to deliver applications
to users.
»» Self-service shifts much of the mundane administrative
work from centralized IT to the user. Online self-service
application delivery means that most of the application
delivery process is completed by users — the ones who
already know their requirements. They do the work of
finding the applications they need, selecting how and where
the applications get delivered, and configuring key applica-
tion information. The need to hire or manage IT staff for
these tasks is significantly reduced, if not eliminated
altogether.
»» Processes are streamlined. Along the same lines of
resource allocation is the benefit of automation — that
wonderful invention for handling repetitive tasks so people
don’t have to. Self-service applications allow users to
circumvent arduous and complex application delivery
structures that are often flawed and frail. For example,
the traditional way to deliver a Windows application often
requires a multistep process involving emails, authorization
approvals, written justifications, licensing acquisitions,
procurement approvals, and so on. In some organizations,
this process can take weeks and, in some extreme cases,
several months to complete. Streamlining processes
associated with self-service application delivery is less
expensive to support, improves user perception, helps
eliminate phone tag, and is often simpler and more viable
than traditional methods.
»» There is 24-hour availability. By embracing self-service
application access and delivery, users can initiate access at
their convenience. With self-service access, they’re free to
access their applications on weekends, in the wee hours of
the morning, after work on the commuter train, or at any
other time.
With modern management (discussed in Chapter 5), users can

either opt-in or be configured for self-service application deliv-
ery. This approach is a good way for you to save time and money
as an IT group and is highly recommended as part of a modern
applications deployment. Unlike the past, self-service application
delivery is available across all device types and operating system
(OS) platforms that are commonplace today.
With self-service, you can
»» Empower users to have control in how, when, and where

applications are delivered
»» Streamline legacy software delivery processes
»» Decrease cost while improving customer perception
associated with application access
»» Let users self-discover applications from an application
portal
»» Add users to a preconfigured group so you can see who has
requested access, remove access, and manage the roles
assigned to them
»» Allow business unit approval to authorize application access
requests
»» Specify which users and groups are granted self-service
management capability
»» Assign self-service users to specific applications
»» Enable self-service application access to allow users to find
their own applications
Provisioning self-service application access is a great way to allow
users to self-discover applications and allow the business units to
approve access to those applications. You can also allow the busi-
ness units to manage the credentials assigned to those users for
unified access through single sign-on (SSO).
Preparing for Self-Service

Designing self-service application availability with the user in
mind is a great way to get started on your digital transformation
journey. Here are some tips to successfully transforming applica-
tion delivery in your organization:
»» Remember that it’s all about the user! Users appreciate

an organization that values their time, makes tedious tasks
easier, and creates a smoother experience for them. Offering
self-service applications shows that your trust them, you value
their time, and you’re willing to be flexible in addressing their
application needs.
»» Don’t make assumptions about what users need (or
want) with applications. Users won’t hesitate to find or
manage applications on their own. Being flexible in applica-
tion choice and delivery offers distinct advantages over
prescriptive application delivery managed by a central IT
organization.
»» Understand the risks. Self-service applications can expose
your business to new risks, and access to some applications
can place organizational data at risk. Leverage user profile
data, the applicability of context, and communications with
business units to reduce your risk exposure.
»» Provide multiple methods of application access. For some
individuals, self-service can be intimidating. They may prefer
more traditional means of access that are delivered in a more
conventional way. A recent Forrester study found that 72 percent
of customers prefer to use self-service rather than conventional
access. However, that leaves 28 percent of customers that still
prefer more traditional “full-service” access. Making applications
available through different channels provides value for both
traditional and modern users and use cases.
There’s no “one-size-fits-all” approach to self-service appli-
cation delivery. Every organization’s readiness, willingness,
and aversion to risk varies. However, the benefits of self-service
application delivery far outweigh most disadvantages and can be a
catalyst for change: offering self-service applications often forces
organizations to optimize application delivery (and management)
processes. Perhaps the greatest advantage is that automation and
self-service make operations a shared responsibility between
users and IT, which reduces costs and increases customer satis-
faction. Customers are not just ready for self-service applications;
they prefer it to other forms of application delivery.
IN THIS CHAPTER
»» Leveraging Windows 10 and modern
management
»» Shifting from detection to prevention
»» Calculating the operational and financial

benefits of modern management
Chapter 5
Unifying Device
Management
T
he way organizations provision, manage, and secure end-
user computing (EUC) devices is changing under modern
management as the next generation of operating systems
are deployed on new PCs, Macs, and mobile devices. In this
chapter, you learn how modern management unifies device
management and benefits organizations.
Shifting to Modern Management

Organizations have long managed and secured their PC environ-
ments by “locking down” their device configurations. When each
configuration is “known,” updates, changes, and the delivery of
new applications can be made more efficient, predictable, and
secure. As this approach became best practice, the goal of many
IT departments was image standardization, which positively
impacted how devices were procured, managed, and secured —
but often at the expense of employee experience. After all, the fact
that your PC is faster, more reliable, and secure matters little to
your users if they can’t change their desktop background pictures
or download applications.
CHAPTER 5 Unifying Device Management 25
As the complexity of devices and applications has grown, so too
have operational costs. In best-practice organizations today, PC
operational costs are usually at least four times more than capital
costs, and the user-to-IT staff ratio is typically 250:1. Thus, it
often takes hours — and often days — to provision devices or
update them when users change roles.
Today, the way that EUC is delivered and experienced is all about
the employee experience. The emergence of modern manage-
ment, as well as the availability of low-cost devices, pervasive
online access to new applications, and tech-savvy user expecta-
tions of self-sufficiency are driving this new focus.
Windows 10 supports modern management functionality so that

Windows can be configured and delivered based on user policies
rather than the underlying hardware configuration. With modern
management, organizations can establish policies based on user
requirements, such as job functions, organizational units, and
application needs, rather than device type, manufacturer, and
basic input/output system (BIOS) revision — and these policies
can follow the user to any device.
Instead of building images, establishing staging servers, relying on

complex and heavy PC life-cycle management (PCLM) infrastruc-
tures, and being limited to preconfigured standards, organizations
can now securely and reliably deliver applications, data, and per-
sonalization settings to any Windows 10 PC. This new lightweight
modern management approach can be applied to any device.
By using modern management for Windows 10 deployment and

management, the nature of how employees view and use their
Windows 10 PCs changes. Instead of the “take it or leave it” (actu-
ally, there really isn’t much of a “leave it” option!) approach com-
mon in many organizations today for imaged PCs, organizations
can provision based on a user’s specific needs and requirements.
An individual’s profile rather than a device’s profile determines
which applications and services are delivered. As a result, orga-
nizations can fit technology to user workflows and requirements
in a more dynamic, responsive, and agile way. Leveraging mod-
ern management for Windows 10 means IT is getting out of the
way of user effectiveness and empowering users to make more of
their own technology decisions. The repercussions of this change
can also positively impact costs and productivity because dynamic
operating systems and the associated applications are generally
more reliable than static configurations.
Windows 10 is a transformational opportunity for IT and busi-
ness. It’s not just a new version of Windows. Instead, it’s a next-
generation platform explicitly designed to manage and secure
using modern management techniques. This progressive make-
over allows IT organizations to bring together mobile device and
Windows PC management under a single management pane.
Organizations that have taken the modern management approach
are seeing positive outcomes for IT and the businesses they serve.
According to Forrester Research, the typical cost savings can be as
high as 75 percent when leveraging modern management.
Changing Endpoint and User

Security Strategies
Traditional approaches to PC security are typically based on reac-
tive tools, such as malware detection. Virtual private networks
(VPNs), encryption, and group policies provide additional layers
of protection for users and devices. Under modern management,
the security focus can shift to prevention. The ability to proac-
tively prevent, detect, remediate, and react to new and existing
threats is faster because the device communicates with IT in real
time. To achieve this, security teams need to embrace a holis-
tic security approach that links to all the components in use —
device, operating system (OS), network, user, application, and
context — at any given time.
From a process perspective, security decisions move from select-

ing a tool for deployment to a zero-trust posture. Zero-trust
assumes the following:
»» A cohesive security strategy governs the totality of environ-

mental use instead of relying on piecemeal agent-based
approaches.
»» Every device is unsecured rather than trusted.
»» Access and availability are governed by user permissions,
profiles, and entitlements, not device type or ownership.
»» Context-aware access — device locality, time, security
posture — is a joint process between IT security and IT
administrators.
»» Granular levels of security controls are applied via context
and per-app VPNs.
»» Device validation and identification are performed indepen-
dent of ownership.
Implementing zero-trust security requires that security adminis-

trators rethink how security rules and policies are defined, estab-
lished, deployed, and managed. Security teams must be closely
aligned with IT administrators who manage devices, users, appli-
cations, and networks.
Recognizing the Benefits of

Modern Management
With modern management, organizations and users can reap sig-
nificant benefits compared to a device-based style of PC lifecycle
management. Modern management offers the following:
»» More choice of device for employees

»» Support both “bring your own” (BYO) and corporate-owned
devices from the same infrastructure
»» Simple, out-of-box enrollment
»» Employee productivity with all their apps from day one
»» Real-time, over-the-air management, ideal for cloud
deployment
»» Faster setup
»» Flexible application delivery
»» Management based on user profiles instead of just the device
»» Separation of user management from device management
»» Policy and rule-based administration based on context
»» New levels and types of security, such as remote-wipe,
per-app VPN
»» Dynamic delivery of applications, patches, updates, and
rollbacks
»» Real-time analytics on usage, consumption, and uptime
»» On- and off-domain management
»» Significantly lower management costs and overhead
»» Real-time support for off-network and off-domain devices
Modern management can also help organizations reduce both
direct and indirect costs normally associated with PC manage-
ment. Most organizations spend $718 per user per year on ongo-
ing management using PCLM, which is an unappreciated expense
that is continually scrutinized. Modern management offers sig-
nificant cost reductions, as high as 62 percent, spread across
operating expenditures (OpEx) and capital expenditures (CapEx),
as shown in Figure 5-1.
FIGURE 5-1: Traditional and modern PC management cost comparison.
Direct costs affected by modern management include the

following:
»» Asset procurement: “Bring your own device” (BYOD) costs

less and encourages faster refresh cycles.
»» Hardware budget: BYOD (with a stipend) shifts CapEx to OpEx.
»» Support staff: Help desk, IT administrators, and security
teams are more efficient, reducing the staff needed for the
same number of employees.
Indirect benefits of modern management include the following:
»» More user uptime and productivity based on active device

and profile management that accompanies modern
management
»» Users assuming the burden of first line of support for
such things as resetting passwords and installing software,
reducing the number of incidents that reach various support
teams
»» Users opting in for self-enrollment, reducing the overhead
associated with traditional PC procurement functions
»» Flexible application deployment that improves quality with
fewer incidents and outages
»» Rapid deployment and configuration of the user environ-
ment, allowing users to quickly resume job functions
IN THIS CHAPTER
»» Centralizing application delivery
»» Understanding desktop and application

virtualization techniques
»» Weighing different application delivery

approaches and scenarios
Chapter 6
Transforming Windows
I
n this chapter, you get an overview of different delivery meth-
ods (we’re not talking about couriers and drones here!) for
Windows applications, learn the pros and cons of each, and
examine common scenarios for their use.
Rethinking Windows Application Delivery

The need to work with diverse and untrusted devices, multiple
operating systems (OSs), and consumer-oriented applications in
what has historically been a highly standardized and controlled
IT environment is creating chaotic end-user computing (EUC)
estates for many organizations. At the same time, more demand-
ing business users, increasing focus on security issues, and the
pace of change in EUC are reducing the ability of IT to ensure and
demonstrate compliance with corporate policy. The pressure on
IT organizations to change the way they approach and manage
the delivery of EUC applications is significant.
Despite this growing diversity of device and application types,

most organizations also need to continue making Windows
applications available to their workforce. In many cases, these
CHAPTER 6 Transforming Windows Application Delivery 31
applications are business-critical and offer no easy route to
replacement with a more device-independent application type —
such as web-based, Software as a Service (SaaS), or modern
native applications. Making these applications available from
unknown or untrusted devices and from a range of OSs is a func-
tional necessity. As the lines continue to blur between corporate-
owned and personally owned devices and between work offices
and home offices, today’s mobile and global workforce requires
and expects access to Windows applications anywhere, at any
time, and through any device.
Even when IT organizations had relatively homogeneous Windows

environments, managing their corporate-owned desktop PCs and
laptops was a challenge that obliged many IT administrators to
rely on manual processes and disparate endpoint management
tools for provisioning, configuring, securing, and maintaining
PCs. Now this challenge has become significantly more complex.
The highest priority for many organizations looking to meet the

current and future EUC needs of both users and the business is
to change how they deliver Windows applications. This means
rethinking Windows application delivery, management, provi-
sioning, and enablement.
Running Windows applications solely on Windows PCs is now

a limiting factor for many organizations. Tying applications to
the OS on a physical device can ensure the best performance and
allows the tightest control of integration with other local func-
tions, but these are diminishing requirements: Few EUC appli-
cations are now performance-constrained by hardware, and the
“plane of integration” with other functions has shifted from
devices to the cloud. With these requirements disappearing,
other aspects of distributed computing have become more visible:
inherent complexity in security, multiple points of failure, and
reactive management.
Modern web and cloud delivery models avoid these distributed

issues by pushing application execution and integration back to
the data center (cloud), where applications and data are centrally
managed and maintained. Dependencies on device and OS type
are removed from the management equation.
This centralized approach is now the preferred app/dev architec-

ture for almost every organization. The move to the cloud and
data center has happened for very good reasons, including the
following:
»» Improved security and risk management

»» Easier administration
»» Faster delivery times
»» Easier deployments
»» Scale
»» Lower operational costs
By removing the desktop operating system and applications from
the endpoint, disaggregating them, and delivering them to the
end-user device from the data center, application and desktop
virtualization offer the promise of improved security, manage-
ment, operations, and cost. With this flexibility, IT organizations
can use a modern approach to centrally deliver applications that
depend on data (such as system of record applications), while
running other applications locally (such as individual productiv-
ity applications) to best meet the needs of individual workstyles.
Virtualizing Desktops and Applications

Two forms of desktop centralization are commonly used today:
virtual desktop infrastructure (VDI) and Remote Desktop Ser-
vices (RDS) application publishing. The most common approach
to centralizing a full desktop environment is VDI. VDI leverages
server virtualization so that instances of client Windows operat-
ing systems (Windows 10, Windows 7) can be launched and run in
their own virtual machines and then remotely delivered to users
(see Figure 6-1).
With RDS, applications are installed and configured on Windows

Server OS (instead of the client OS) in a multiuser environment,
so that many users can simultaneously access the application
remotely. Like VDI, RDS is a remote solution that alleviates the
need for local execution of applications on a PC. RDS is a shared
environment, meaning that the delivery, access, and manage-
ment of applications is simpler and easier as compared to distrib-
uted PCs (see Figure 6-2).
FIGURE 6-1: VDI architecture.
FIGURE 6-2: VDI and RDS comparison.
Both VDI and RDS are used by organizations for application deliv-
ery. VDI is most commonly used for those users that require the
full fidelity of Windows, so that users can install, configure, and
use their desktop just as they would a normal PC. RDS is common
for applications that are targeted to many simultaneous users (for
example, those working in a call center). It is not uncommon for
organizations to use both VDI and RDS, depending on user needs
and application requirements.
A clear advantage of remote delivery is that it enables IT organiza-

tions to centralize their applications in a corporate data center or
managed as cloud-based services. As a result, IT staff can more
efficiently provision new applications or environments, simplify
and standardize a broad range of desktop management tasks, and
provide more robust endpoint security. Virtual desktops and appli-
cations also provide IT organizations with greater consistency
across system settings and policies, meaning they can rationalize
and streamline the targets of their management processes.
Virtualization has enabled IT administrators to deliver a more con-
sistent and seamless desktop application experience to the rapidly
expanding population of employees who use multiple devices for
their work. Users can access the same desktop instance or appli-
cation from each new session, as well as securely access corporate
data and applications anytime and anywhere, through a single set
of policies and log-in credentials. All of this takes place regardless
of the device type, operating system, or location of the user.
Exploring Application Delivery

Approaches
The way organizations provision, manage, and secure EUC devices
is changing as the next generation of OSs is deployed on new
PCs, Macs, and mobile devices. These next-generation OSs are
designed to be managed as mobile devices, through simpler and
more frequent updates. The impact promises to be transforma-
tional in terms of both ongoing management costs and the speed
of dealing with moves, adds, and changes in the enterprise. How-
ever, to achieve this transformation, organizations will need to do
more than just deploy the next generation of technology; they’ll
also need to adapt current management and security processes,
requiring changes in working practices.
Despite rapid adoption of mobile applications, smartphones, and

other “as-a-service” offerings by users, native Windows appli-
cations are not going away any time soon. In many cases, these
applications were developed or modified in-house for specific
requirements and perform business-critical functions: Had it been
easy to swap them for a web-based or SaaS alternative, IT would
have done so during a previous Windows migration. As organiza-
tions embark on their journeys toward a digital workspace, they
need to take these applications with them, which means they still
need to provision and manage Windows-based applications as
part of their overall EUC strategy. However, that does not mean
no change: As organizations adopt and deploy Windows 10, they
have opportunities to simplify and improve how they manage and
deploy their Windows applications.
Windows-based applications can now be made available and
delivered to users in a number of ways:
»» Deploying VDI: VDI offers users the full fidelity of traditional

Windows PCs, with the same look, feel, execution, and
customization as running applications natively on a PC. VDI
runs on servers (rather than PCs), so the operation and
administration are centralized and standardized, meaning
they can be simplified and optimized. IT administrators can
quickly and easily refresh, update, reboot, secure, and
manage Windows and Windows applications. VDI is popular
with organizations that have high degrees of similar users
but can be used just as effectively for users who are unique.
VDI is also the preferred choice when applications require
direct access to Windows OS capabilities and resources.
»» Publishing Windows applications via RDS: RDS is used by
organizations wanting to make just applications (and not the
underlying Windows desktop) available to users. RDS is also
multiuser, which means that many individuals can access the
same application simultaneously. (It is not uncommon to
have single application instances available to several
hundred concurrent users.) Like VDI, the benefits of RDS
include faster rollouts for updates and the ability to access
corporate apps and desktops remotely from any device.
»» Applying modern management techniques using
enterprise mobility management (EMM): EMM offers
organizations deploying Windows 10 a more effective way to
manage applications and Windows as compared to PC
life-cycle management (PCLM), discussed in Chapter 5.
Instead of the “take-it-or-leave-it” approach that is common
in many organizations today for imaged PCs, organizations
can provision based on the users’ specific needs and
requirements. EMM offers organizations a way to provision,
manage, and secure EUC devices.
»» Subscribing to any of the above via a cloud-based service:
Cloud-based services for desktops and published applications
also offer high degrees of flexibility with the delivery and
management of Windows applications. For a fixed per-user
fee, organizations can subscribe to desktop services from
cloud providers as a monthly or annual service. This approach
frees the customer from the time, expense, and infrastructure
necessary for deploying Windows (via VDI or RDS) internally.
IN THIS CHAPTER
»» Looking at the exponential growth of
mobile
»» Developing a mobile-first capability
Chapter 7
Building a Mobile-First
Application Framework
I
n this chapter, we describe the attributes of a mobile-first
strategy, why it’s important to understand, and the impact it
can have on your organization.
Recognizing the Growth of Mobile

Simply stated, the growth in mobile device use over recent years
is nothing short of phenomenal. Consider the following:
»» More than five billion people are now using mobile phones,
and there are nearly one billion more smartphones in use
than PCs. That’s pretty amazing considering the total world
population is 7.5 billion!
»» Sixty-two percent of mobile users access the Internet with
their mobile device and 50 percent of e-commerce traffic
comes from mobile devices.
»» More than 60 percent of digital content is consumed on a
mobile device.
CHAPTER 7 Building a Mobile-First Application Framework 37
Plus, mobile use within the organization has changed how, where,
and what employees are doing:
»» Sixty percent use mobile applications for work-related

activities.
»» Seventy-one percent spend more than two hours per week
accessing company information on a mobile device.
»» More than 90 percent claim that mobile apps have changed
work behavior or processes.
»» Thirty-four percent read emails on their mobile phones
exclusively.
»» Fifty-nine percent believe IT has been too slow in delivering
mobile apps needed for work.
This rate of mobile growth has real impact for organizations

and users. The implications touch nearly every aspect of orga-
nizational activity today. Mobile-first opportunities change how
work gets done, how transactions are completed, how workflows
develop, and how users expect to conduct work.
Almost every work process today is accessed through one or more

applications. Increasingly, these applications are designed to be
used from any location and any device. New applications must
now be designed with the mobile user in mind: They’re designed
for a “mobile-first” world. IT organizations looking to deliver
applications can no longer focus exclusively on a single platform
for delivery but must instead accommodate all potential types of
access to applications, data, and services. They must prioritize a
mobile-first approach.
Mobile apps do just one or a few things well and can be used in the
moment — when it’s convenient for the user.
Transforming to a Mobile-First Capability

Devising and implementing a mobile-first strategy is a key step
in digital workspace transformation. For companies striving to
remain connected and competitive, it is now essential that they
untether users from their desks, offices, and homes. A mobile-
first strategy does this, by enabling users to access applications
and data in ways that are unconstrained by network, device, or
location. The resulting flexibilities have quickly become expec-
tations in many environments, with users now demanding an
“anywhere, anytime, any device” approach to work.
A mobile-first approach creates workplace flexibility and a

dynamic user experience that adjusts as the need dictates. Such
an approach leverages the enormous power and technological
capabilities that are packed into mobile devices today — including
sensors, cameras, accelerometers, global positioning system
(GPS), and so on — to transform business processes. A mobile-
first capability creates ad hoc workflows that meet the immediate
needs of users, translating into better experiences, lower costs,
higher return on investment (ROI), and improved service-level
agreements (SLAs).
Many enterprises have barely scratched the surface of value in

a mobile-first strategy beyond enabling email access. Successful
organizations think about transformation through incremental
changes: It may seem like just a convenience, but something as
simple as being able to search for a colleague’s office location,
pulling up a map to a meeting room, or submitting an expense
report using a smartphone camera to capture receipts makes a big
impact on individual employee experience and productivity. Noti-
fications and simple approval actions can also have a dramatic
impact on workflows that can add up to significant efficiencies
throughout the organization.
Mobile first does not mean “mobile only.” It’s important to rec-
ognize that a mobile-first approach does not eliminate the need
for other application platforms (for example, Windows or web).
The ongoing delivery of applications on those platforms will likely
persist for many more years.
Nearly every company today ensures their customer-facing web

presence is optimized for mobile users (alongside their traditional
desktop website experience). This is in direct response to the
explosion of mobile devices over the last decade. Organizations
that built customer-facing mobile applications quickly realized
that they improve customer engagement, offer additional com-
munication channels, are perceived as adding value, and create
customer stickiness.
Many organizations have now established a posture in which
mobile first is not just a method for keeping mobile web brows-
ers satisfied, but an overall strategy for their business. The use
of mobile apps is often preferred by employees because mobile
apps are so quick to use, making work processes and functions
instantly available. Mobile apps can be easily optimized for spe-
cific tasks, enabling work to be done faster than with a Windows
application or website. Most mobile apps are also easily updated
and available offline. In the (increasingly rare) scenario that
devices do not have network connections, users can still perform
certain tasks in a disconnected state.
Being mobile first means designing products and services for the
most limited computing devices first. For most organizations,
the most limited device would be a mobile phone. Development
then continues to deliver versions of those applications for larger
and more advanced devices with larger screens and more com-
puting power — tablets, laptops, and desktops, respectively —
that incorporate additional functionality. With the core functions
present from the beginning in the most stripped-down mobile
devices they were originally designed for, there’s no loss of the
most crucial functionality.
However, the mobile landscape is limited by things like power

usage, tools, and screen size. Despite these constraints, innova-
tion continues at a rapid pace, and the limitations of the mobile
platform encourage creative problem-solving among developers.
In the right scenario these limitations can be advantages. Limited
device performance and screen size force designers to focus on
the most relevant and helpful functions first. The limited screen
size of a smartphone or tablet means that web designers and app
developers have no choice but to eliminate irrelevant and dis-
tracting aspects of their sites.
Mobile application development is not as mature as Windows

development, but there are a variety of proven best practices that
should be considered:
»» Keep it simple: Mobile app users want quick and easy

access to desired functions, and developers should make
this their highest design priority. Small screens with limited
real estate make simplicity a challenge. Using navigation bars
and tab bars is a great way to allow users to jump between
pages within the app.
»» Look mom, no hands (well, one hand): Nearly 50 percent
of users use their phones with one hand. For app designers,
keeping the most used functions easily accessible via one
hand provides significant ergonomic benefits to the user.
Keeping navigation options within thumbs’ reach is key.
»» Intuitiveness: Many mobile app developers abide by the
mantra of “one screen, one task” in their design. Each page
within the app should have a discretely defined function that
is easy to learn, use, and expand for subsequent versions.
»» Crisp and clear presentation: For mobile apps, less is
more. Overloading users with too much information or
details is a deterrent to use, regardless of the value of the
data. Good apps allow for white spaces to exist between
various elements on a page. Clarity of message is a top
priority.
»» Keeping it snappy: Mobile users are often impatient with
their devices. Having apps that are fast and responsive
greatly enhances their chances of adoption. Developers can
do this by pre-executing tasks as background tasks.
»» Leveraging context: Users find great value in apps that
apply context (specific scenarios that consider location, day,
time, and other specific characteristics that are currently
present). For example, the use of location services as part of
an in-app experience creates app stickiness. Knowing the
location of the nearest ATM, parking lot, or restaurant as
part of a retail or shopping apps provides additional value to
the user.
Some experts predict that a mobile-first strategy will be just

the first step in the post-PC era and that we may be moving to
a mobile-only environment in the not-too-distant future. The
number of users who rely exclusively on smartphones and tablets
to perform their work is steadily increasing.
Business leaders can no longer put off considering whether they

need to institute a mobile-first strategy. Further delays increase
exposure to competition and dramatically increase the risk of
obsolescence. People don’t use their mobile devices to just do
things like check their email or update social media; they’re
accessing content-rich sites to deliver restaurant reviews, trans-
act business, and perform a growing range of mobile-specific
workflows necessary for their jobs.
IN THIS CHAPTER
»» Driving employee engagement,
productivity, recruiting, and retention
»» Supporting any device
»» Enabling agility throughout the business

with mobile capabilities
»» Delivering a better customer experience
»» Enhancing security and simplifying

management
Chapter 8
Ten Benefits of a Digital
Workspace
H ere are ten key benefits of a digital workspace for your

organization:
»» Improve employee experience and productivity by

delivering not just what employees need, but also what they
want and value. This might mean giving them choices in the
devices they use, by making working from home or from
alternative locations easier, or by delivering simple conve-
nience apps that show that the company cares about their
experience. The little things can go a long way!
»» Attract and retain employees to drive better innovation
and competition by supporting them with the tools they
need and want to do their jobs better.
»» Support choice of devices and ownership models with
either corporate-owned or “bring your own device” (BYOD)
options.
»» Speed deployment of new applications by developing a
mobile-first capability and empowering your developers with
the tools they need.
CHAPTER 8 Ten Benefits of a Digital Workspace 43
»» Support rapid changes in business such as growth, new
facilities, mergers and acquisitions, and so on.
»» Deliver new mobile workflows that enhance productivity
with anywhere, anytime, any device access.
»» Improve customer experience through more informed
employee interactions.
»» Enable visibility and insights over applications and
devices, on or off the corporate network.
»» Embrace risk while improving IT and security operations
to reduce internal and external security threats.
»» Eliminate manual and mundane management tasks by
reducing the cost and complexity of multiple tools.
WILEY END USER LICENSE AGREEMENT
Go to www.wiley.com/go/eula to access Wiley’s ebook EULA.

Digital Workspace For Dummies Guide 262321

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Digital Workspace For Dummies Guide 262321

Uploaded by

Copyright:

Available Formats

These materials are © 2019 John Wiley & Sons, Inc.

Any dissemination, distribution, or unauthorized use is strictly prohibited.

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO

ISBN 978-1-119-54938-3 (pbk); ISBN 978-1-119-54939-0 (ebk)

Manufactured in the United States of America

CHAPTER 1: Recognizing the Drivers of the

CHAPTER 2: Creating a Digital Workspace Strategy....................... 9

CHAPTER 3: Simplifying Identity Management................................ 13

CHAPTER 4: Building a Self-Service Application

Table of Contents iii

CHAPTER 6: Transforming Windows Application Delivery...... 31

CHAPTER 7: Building a Mobile-First Application

CHAPTER 8: Ten Benefits of a Digital Workspace........................... 43

iv Digital Workspace For Dummies, VMware 2nd Special Edition

Planning for the changes necessary to make the digital workspace

About This Book

»» Current trends driving the digital workspace, its benefits, and

Mainly, we assume that you are an IT executive, director, man-

If any of these assumptions describes you, then this book is for

Icons Used in This Book

Tips are appreciated, never expected — and we sure hope you’ll

2 Digital Workspace For Dummies, VMware 2nd Special Edition

Where to Go from Here

»» Realizing the benefits of the digital

»» Defining the requirements of the digital

Exploring Current Trends

IT can help create a more effective and competitive business or

Some trends driving the digital workspace include

»» Digital transformation and employee engagement: Digital

CHAPTER 1 Recognizing the Drivers of the Digital Workspace 5

Looking at the Benefits

»» Focusing on user needs to increase productivity and

6 Digital Workspace For Dummies, VMware 2nd Special Edition

Understanding the Requirements

»» Focusing on building employee experiences: This is not

CHAPTER 1 Recognizing the Drivers of the Digital Workspace 7

8 Digital Workspace For Dummies, VMware 2nd Special Edition

»» Establishing measurable goals

»» Getting buy-in from stakeholders

»» Getting started with the right platform

»» Managing a set of projects

I n this chapter, we explain how to get started with a digital

Assessing Current State

Assessing your organization’s current technology state includes

CHAPTER 2 Creating a Digital Workspace Strategy 9

Your existing policies and processes also need to be inventoried

Similarly, various workstyles throughout the organization need to

Finally, you need to assess the readiness of your organization

Plans must be flexible enough to continually evolve as priorities

10 Digital Workspace For Dummies, VMware 2nd Special Edition

Understanding how your users work with technology and their

Starting with the Right Platform

»» Identity and access management (see Chapter 3)

Taking a Project-Based Approach

CHAPTER 2 Creating a Digital Workspace Strategy 11

Allocating appropriate project resources, including budget and

Embracing Change, Diversity,

12 Digital Workspace For Dummies, VMware 2nd Special Edition

»» Realizing the benefits of federated access

Transforming Identity and Access

CHAPTER 3 Simplifying Identity Management 13

Threats associated with malware, phishing, digital hijacking,

IAM technology is a key means of supporting this “any-to-any”