I just left a meeting, and in the post-meeting discussions, I was talking with a colleague about computer security. I wanted to write this down, as I’m getting more passionate about limited functionality, walled garden devices.

I wear the hat (among many others) of managing the UNCG information security office, and I’ve seen the challenges we’ve had coping with the deluge of new threats and system problems of the last couple of months. It’s not just here, but a part of a larger phenomenon. I am much less sanguine, day by day, that we can protect the “organizational” (corporate, university, etc.) general purpose computing device at scale. Sure, you can do a decent job protecting some, but it’s very labor intensive and takes a lot of user education. I talked with my colleague about thin-client solutions being our likely future, and I think that this is true. Now, on to some more radical thinking. I believe we’re seeing the beginning of the end of the general purpose device as the standard end-user tool. As I walked back to my office, I was reflecting on my recent iPad order, and I believe that such devices (the iPad won’t be perfect, but it’s a great example of the class of device I’m describing) are what we’ll be using. Reasonably extensible via easy-to-install applications, and applications vetted by a central entity. Reasonably flexible in what you can do, but very hard to shoot yourself in the metaphorical foot. I believe in net neutrality, and I believe in the need for general purpose devices, but not for everyone. They are complicated, a lot of work to maintain and patch, and far too easy to compromise.

The future is with thin client/tightly managed desktops in business, where it harkens back to my old mainframe terminal days, and for personal computing, cloud-based services accessed via a walled garden appliance. Think about it. It’s coming…