Mac IT Guy: What Lion means for businesses
Ever since Mac OS X Lion was announced, many of us have been wondering what it will mean for businesses and IT departments. So far, that discussion has focused largely on distribution: How will Apple’s Mac-App-Store-only approach work when you’re installing and managing the new OS on dozens, if not hundreds, of machines? But while that is indeed a big question (to which we know some, but not all, of the answer), it’s not the only one worth asking. Mac OS X Lion has more than 250 new features; a few of them will really matter to businesses and IT. What will they mean? Here’s what I think.
Moving files, especially large ones between people has always been a pain-point for any network. Email is one option, but attachments can get out of control, you have to deal with email retention policies, and you have to manage huge mailstores. You can also use instant messaging services like iChat server or traditional file services like FTP/AFP. But if the file(s) don’t actually need to be on a server, or if the user needs to transfer files with someone outside of your network, then those options can be unwieldy—and they assume your company already has a server infrastructure.
AirDrop has the potential to simplify all of that. It finds local computers—without any kind of networking set-up—and lets you shoot files back and forth among them. The connection and transfers are secured with Transport Layer Security (TLS). And it integrates with Address Book, so if the sender is in your list of contacts, you see a picture of him or her with the file transfer. For small- or medium-sized companies that want a simple way to shoot files around, AirDrop could be a big help without a lot of hassle.
When we heard about this one, everyone in my department did the happy dance. I can not tell you how many times I’ve had the following exchange: “John, [fill in the application] locked up. Will I lose all of my work?” “When was the last time you saved?” “Hours ago.” “Then you will lose the work you’ve done since then.” Auto Save and Versions are huge for businesses and IT. Yes, they’ll require more storage space. But I don’t care. I could look through every panicked call and help-desk ticket I’ve received in the last year: A massive chunk of them would not be there if we’d had this feature. From my perspective, Auto Save is a major reason to upgrade to Lion as soon as you can.
Full Disk Encryption does a number of things. First, it makes your system more secure; either you have the passphrase or you have no access to the data. Second, it makes possible a Mac OS X version of the remote wipes you can do on iOS devices. If the drive is encrypted, and if you can remotely destroy the encryption key, then bang: the data is inaccessible. You can then actually erase the data at your leisure. Without that first part, it could take hours to fully wipe a large hard drive; if a thief is even slightly smart, he or she could yank out the drive well before the wipe is done. For companies that have sensitive data traveling around, built-in Full Disk Encryption is not a minor thing.
iChat & Mail
One new trick—the ability to add new services to iChat via plug-ins—could be really handy, especially if such a plugin could connect to such internal corporate messaging systems as Microsoft Lync, Lotus SameTime, and others. Mail’s improved support for Exchange 2010, including out-of-office messages, is similar: not huge but quite welcome.
Windows DFS Support
This one is probably more for the enterprise end of the market, but it’s something that a lot of people have wanted for a while. The quick version: With DFS (Distributed File System), you can have multiple file servers and stores that together act like one big share. So if one or more of your servers go down, the share stays up as long as there at least one server is available.) If your network has a lot of Windows Servers, the IT department has probably either implemented or is seriously thinking about implementing DFS. Prior to Mac OS X Lion, the only way Macs could talk to DFS shares was either via third-party software such as Thursby Software’s ADmit Mac or by running Windows in a virtual machine or Boot Camp. Native OS support for DFS does not suck.
Per-User Screen Sharing
While Mac OS X Screen Sharing or Apple Remote Desktop are cool tools, they’ve always had one limitation compared to things like Microsoft’s Remote Desktop Client: you couldn’t have multiple separate logins. That is, you couldn’t have multiple users log into one Mac, and have their own login with their own desktop, sessions, etc. at the same time. To get that on a Mac, you had to use a product like Aqua Connect’s Terminal Server, or log in with SSH and use the command line. (Yes, I know, you could also use X11. But X11’s integration with Mac OS X has always been limited and—frankly—kind of weird.)
With Mac OS X Lion, multiple separate full logins are possible. That has some interesting possibilities. Being able to set up Macs as Terminal Servers could be a great way to get more use out of Mac OS X Server. Have a custom application that people only need to use occasionally? Put it on a single server and let your users run it remotely. Have a high-end application that allows for per-user or per-server licensing? Terminal Services like this allow you to take advantage of those options in ways that the Mac OS just didn’t support before. Now, keep in mind, I’m speculating a bit here. I don’t know that this will end up being a “proper” terminal services implementation. But it is a realistic possibility.
There’s more in Lion that businesses will like—including free Xsan File System support, proper push support in Mac OS X Server Mail and iCal servers, iOS device management. And keep in mind that most of what I’ve noted above doesn’t require Mac OS X Lion Server; it’s what you get in the generic client version. But perhaps the best thing about Lion for businesses is this:
Apple is not an “enterprise” company. That’s good because, if it were, we wouldn’t be getting an OS with this many new features and updates for $29 or the Server version for $49. We’d be paying hundreds or thousands of dollars instead. We’d have labyrinthine tiers of service, with insanely complicated licensing and “assurance” plans. If the total OS cost for a server is less than a hundred bucks, you don’t care about stuff like “assurance”: The price is so low, you don’t need multi-year discount plans. Want to add a server to the mix? You can do it dirt cheap.
A lot of people say that Apple is commoditizing servers. They say that like it’s a bad thing. I completely disagree. I think that by continuously adding business- or enterprise-friendly features to the base operating system, and by not charging gobs of money for the server version, Apple is making it far easier for their target business markets—namely education and the SMB crowd— to implement Apple hardware and operating systems.
John Welch is IT Director for The Zimmerman Agency, and a long-time Mac IT pundit.
Have a question about managing networked Macs, at work or at home? Write us at macitguy (at) macworld.com.