Those who blame their legacy are prone to become paret of someone else's legacy
In the short term it may become a moot point.
The old approaches to locking down client machines on the network either don't allow for - or don't need to allow for - the fact that many users now carry telephones which offer a superior Web browsing experience to that of the machines you've locked down. People don't want computers, they want what computers can do - and these days you can do so many of the things, a computer can do, without having to use a computer.
If your aim, in locking down the company network, is to secure it, then the fact that your users carry a superior network in their pocket or bag, is irrelevant (if your aim is to lock-down user behaviour, of course, you may have more of a problem).
In the longer term, I think the simple approach of partying like it's still 1999 will mean that you end up waiting for someone faster and more agile to eat your business (they may even promise not to be evil, while they do it). But if your users can already get done, the things they want to get done, with far less computer, than your company bought for them, then perhaps you bought them too much computer, to get done, the things you want them to do?
In the 1970s, everyone worked in an office with an IN tray, an OUT tray, and an ash tray: some may miss the ash trays, but I don't think there are many who pine for a return of the other two. Similarly, my first computer programs either came back to me, from execution, on reams of fan-fold paper, or with their syntax errors burried nine-edge-up. We somehow managed without email, back then, too (don't ask me how; I don't have a passport, that will allow me entry, to that particular country).
There's a lot of cloudy talk at the moment, and it's really all about a return to Big Computing, but as someone who has seen big computing in action, I'm more encouraged by the sight of a lot of small computing solutions being deployed in some business that think laterally.
Rather than struggling to get each member of staff in some outlying office into the corporate network - through endless firewalls and proxies - it is often easier to provide them with their own small area network, using utiliy servers (often literally flash-ROM devices) and then treat those as gateways to the main network.
In some offices I can think of, the server infrastructure cost around half the price, of any of the PCs it caters for - and yet does as much, for the members of staff in that office, as a bank of whirring air-conditioned boxes, back in central (for far less expense, in terms of maintenance, or power consumption).
Now, many will argue that there will still be the need for some big steamy mainfranme, in a concrete room, somewhere to store all your backups - after all, if you're in the buseness of keeping eggs, why not just buy one really huge basket? But it has habitually been the way of 'edge' servers to seep inwards, toward the centre of the businesses they serve - and how much traction they gain, is often determined by how much of the edge, they originally grab, rather than how suited they may initially be, to their eventual destination (the rate of seepage is largely controlled by the rate of redundancy and retirement, amongst those with a vested interest in last decade's metal, of course).
This is as much a threat to your old-world 'big computing' solutions (your Exchange servers, and so on) as the 'cloud' might prove to be; maybe more so, because - although your servers are often so small you can pick them up with one hand, the approach they use, is really a utilitised version of the old big computing solution they replaced, or obviated. They have few moving parts, require little power or cooling, and may cost less than £200, and yet they are running software that was once written for... well... for a maiframe.