In With the New
High-Tech
By Eric Gardiner   
Friday, 15 September 2006
venture-smc
According to a recent study, without a clear picture of the state of their software and hardware resources, North American businesses are losing valuable productivity, wasting money and exposing themselves to unnecessary security risks.

Organizations may spend heavily on IT equipment, software and support, but most are dropping the ball when it comes to ensuring these investments deliver on their intended value. According to a recent study, without a clear picture of the state of their software and hardware resources, North American businesses are losing valuable productivity, wasting money and exposing themselves to unnecessary security risks.

Collected over a two-year period, the study compares the stated policies and IT inventory data from more than 200 North American organizations and 90,000 desktops to make its case. In a nutshell, the study compares what companies think their IT infrastructure should look like to what's really happening in the environment itself. The result? Surprisingly, despite significant spending, companies are failing to protect themselves against security threats and are losing money by supporting old PCs that are simply more trouble than they're worth.

Ignorance is not bliss
The difference between what a company thinks and what it actually knows about its IT functioning can be very costly. It turns out that one-off issues - such as missing antivirus protection and aging equipment - are quietly adding up to big problems, not just in terms of ratcheting up IT budgets but also in their impact on the general effectiveness of workers. This is especially troubling at a time when North American businesses are under the gun to improve productivity in the face of stiff overseas competition.

Consider the following basic problems the study uncovered: Thirty-nine percent of PCs were beyond their stated system retirement age, fueling high IT help-desk costs and slowing productivity.

One in 16 corporate PCs surveyed was missing antivirus software entirely, exposing companies to huge security risks and unnecessary downtime. Almost half (49 percent) of all PCs showed moderate to severe infestations of "malware" - a malicious code that slows down systems, often resulting in computer reboots that take up to 15 minutes vs. the standard 1 to 2 minutes. Twenty-three percent of PCs were missing major operating system service packs, another critical line of defense against hackers and viruses. Nearly two-thirds of all organizations were found to be violating their own operating system deployment policies and didn't even know it.

Helpful service
More than 200 organizations from a wide range of industries were asked to complete a short survey detailing their stated IT policies and standards. Data was then analyzed from each organization's inventory of what software is deployed and the age and number of PCs on a network. The two information sources were compared in an effort to highlight the gaps between stated IT policies and practices and the realities of the desktop environment itself. The aggregated statistics formed the basis of the study.

"What we see is a breakdown on the part of IT departments when it comes to verifying that their systems look and perform like they are supposed to," says Edwin Jansen, services manager of Softchoice Corp., which conducted the study. "It's a bit like sending your children to an expensive private school and then never asking to look at their report cards. Companies are throwing money away, squandering opportunities to increase productivity and exposing themselves to real security risks simply because they are not checking up on the basics."

So why the lackluster performance? The report highlights two reasons: Organizations either do not see the importance of establishing effective IT management practices, or they believe there just isn't much to worry about. The findings around security certainly reflect this. Most organizations believed themselves well-protected in terms of an antivirus solution, the most fundamental building block of IT security. Yet of the 90,000 PCs represented in the study, 6 percent were found to be missing antivirus software entirely and five percent were found to be missing the most current antivirus updates.

Moreover, 23 percent of PCs were missing major operating system service packs, another critical line of defense, especially in a day and age when a PC's survival time in the face of a virus outbreak is measured in minutes.

"There's a definite gap between the perceived and actual success of antivirus software deployment," says Dean Williams, the author of the study. "What we see here are too many organizations viewing antivirus policy as something you just set and forget, when this is an area that clearly demands a well-defined and ongoing management process."

The malware infestations and missing antivirus patches point to more than just significant security risks. While not immediately obvious to the end-user, the presence of malware slowly degrades a system's performance over time, leading to longer start-up times and increases in the rate of system crashes. The effects of a virus outbreak are well-known and ultimately cut from the same cloth: lost productivity and more help desk calls.

Additionally, the study found that 39 percent of the PCs inventoried were beyond the organization's stated lifecycle or PC retirement age. PCs typically pay for themselves many times over, at least during the first few years. At around the 36-month mark, costs begin to increase and often surpass the outlays made in the initial 12-month period. The shift is caused by a rise in the man-hours and break/fix costs needed to support aging equipment.

Case study
For WatchGuard Technologies, a Seattle-based manufacturer of security products, getting a handle on the state of its IT environment translated into immediate returns. Marc Dorn, WatchGuard's IT operations manager, discovered a number of PCs were missing antivirus coverage along with several laptops that had been infected by malware. What was especially surprising was the revelation that some 20 percent of its PCs were beyond their stated three-year retirement age. For a business that relies on processing power to develop the latest security solutions, aging equipment presents an additional burden over and above the usual drain on support staff resources.

"We clearly see a return on our efforts," Dorn said. "From fewer help desk calls and a reduced threat from malware-infected machines to a newly enforced PC refresh cycle, we expect to save a lot of money over time."   VTR_US

Eric Gardiner is communications manager for Softchoice, Toronto. Reach him at This e-mail address is being protected from spam bots, you need JavaScript enabled to view it .

 
< Previous Story   Next Story >