Since its release on July 20, Apple's newest version of OS X, known as Lion, has been bought, downloaded and installed by more than a million users. As an operating system, it represents a new paradigm: Apple's desktop platform is becoming more iOS-like. To date, most of the focus has been on new features like gestures, Mission Control, the new download-based install process, and user interface tweaks that are the biggest since the OS X public beta was introduced in 2000.

But what about Lion in the workplace? Certainly, it should appeal to small firms. But a growing number of companies have a large-scale installed base of Macs.

Here's a look at how Lion will affect the existing processes at those organizations and what companies considering a big Mac investment should keep in mind.

Mass-deploying Lion

The first question any new technology poses in larger environments is how to roll it out effectively and efficiently. Most organizations have long-entrenched deployment processes for things like operating systems, applications and software updates that are network-based.

Like Windows PCs, Macs and Mac software are often deployed using mass imaging tools and/or programs that install/update OS components, individual apps and any other files that need to be changed. As with past OS X releases, Apple provides applications such Apple Software Restore with every Lion install as well as more specialized network tools like NetInstall and NetRestore with Lion Server for accomplishing these goals. Third-party options such as the open-source Deploy Studio are also available to roll out Lion -- and they also support Windows deployment.

The actual deployment of Lion is no different than Snow Leopard or earlier Mac OS X versions, except Lion must be purchased and downloaded using the Mac App Store. Once the Install Mac OS X app is downloaded, IT shops can use it to configure systems that can be captured in a disk image snapshot and rolled out with an image-based deployment. Or IT staffers can use the app as the source for a NetInstall image using Apple's Lion Server to create a generic install process. Obviously, companies must purchase an appropriate number of licenses for Lion from Apple.

Note: Apple will make Lion available on a flash drive for $69 later this month, which offers another way for companies to get the OS. But that option wouldn't scale for a large-scale Mac deployments, given the cost.

Troubleshooting and redeploying

Deploying Lion may not be that much different, but what about dealing with problems? Apple has designed Lion with a lot of self-recovery capabilities, with the big one being that Lion creates a recovery partition during the installation process that a Mac can boot from if there is a serious OS failure and from which Lion can be reinstalled. This is good news for consumers, but systems administrators and techs are likely to have some trepidation about it.

There appears to be no way to prevent the installation of the recovery partition. That in itself isn't a bad thing (and the recovery partition is needed for Apple's File Vault 2 whole disk encryption -- more details below. But having a Mac boot disk built in could confuse casual users and might even prompt them to try their own reinstallation before calling the help desk. User education is key if this is a concern. And for remote users, having the Recovery HD partition might even be helpful if sending support staff isn't an option.

Desktop support techs may find the recovery partition helpful, since it contains a number of basic troubleshooting options, but they should still keep their own set of troubleshooting and recovery tools. If Lion needs to be reinstalled, the better approach is likely to be to redeploy it using the same methods used initially. Redeployment (wiping and re-imaging a disk and/or reinstalling software packages) from a known good source offers uniformity with other systems for future troubleshooting and will likely be quicker than extensive troubleshooting.

Overall, as with deployment, this isn't an area where Lion has really changed the game.

AirDrop for sharing and collaboration?

AirDrop, on the other hand, has game-changing potential, with an emphasis on the word potential. One task that systems administrators often get saddled with is helping workers share data. This can mean anything from creating and managing permissions on network shares to configuring internal or external cloud solutions to supporting email/chat services to trying to lock down flash drives -- or at least prevent malware from coming in on them.

AirDrop makes it easy for users to share files wirelessly -- over a TSL-encrypted, firewalled peer-to-peer connection -- without any back-end support. That means more user empowerment, less IT involvement and better data security than that offered by flash drives or public cloud services like Dropbox.

The problem is that AirDrop's overall usefulness breaks down quickly in most environments. First off, Macs are typically a minority population at most companies -- and Lion may not be supported or deployed to that already small group. That makes it a novel solution usable for a handful of staff and/or departments at best.

A second limitation is that AirDrop functions on a completely ad-hoc basis with Lion-equipped AirDrop-capable Macs locating each other by proximity rather than over a corporate network. As long as two Macs are within range of each other's Wi-Fi hardware, they can establish an AirDrop connection, regardless of what, if any, network they're using. This makes AirDrop suitable only for short-range file-sharing -- a tool that's limited when compared to network file shares, cloud storage, and even email.

A final concern is that AirDrop is completely beyond the control of any network or systems administrator. While it may be an overall secure solution, its use could violate internal security policies or government-mandated privacy and security regulations.

As much as I'd like to call AirDrop a major advance for OS X in the enterprise, it really isn't at this point. In small business and education, I think it has a lot of potential, but unless Apple opens it to other platforms and/or offers to scale it up (perhaps by integration with other technologies like Active Directory or Windows DFS) its real use in the enterprise is likely to be limited.