Corporate IT is different than how we approach life. Many of the ‘important things’, in life where there are supposed consequences are not always as horrible as advertised. People can ignore flossing their teeth for decades. They can ignore washing their hands regularly or waxing their cars or washing bed sheets every five days. We can even ignore certain birthdays.
Unfortunately, this rule of life can’t apply to the functionality and security of corporate IT. Yet, because the consequences are not immediate and seemingly ‘virtual’ non-IT figure they can ignore consequences because they can ignore flossing their teeth.
This is one challenge IT executives have to take constantly to finance departments and sometimes board members. It is not easy to discover the largest hidden IT costs, the trends of long term neglect costs and then present this in a short slide show to non-technical people who can give budget increases for real projects. The only concept that is universally understood is that IT costs money, and sometimes a lot of money that look like “runaway” costs.
In order to spend corporate money in a smart manner it will be important to calculate and determine staff participation in IT fixes and updates that were never considered while the business grew. For instance, the staff hours it takes to get a corporate laptop or desktop repaired when employees buy their own machine and insist to get this to work with the enterprise network. This is a problem for several reasons, mostly because machines purchased from a retail store store or from the CONSUMER division of HP, Dell or Lenovo are stuffed with trial applications and marketing beacons. Everyone has come in contact at some point with these machines. Trial-ware and programs advertising FULL version upgrade ‘deals’ will bring these consumer class computers down to a crawl over time, and demand attention every time the user starts the machine.
There is a term in the industry called bitrot:
Bitrot – Bit rot, also known as bit decay, data rot, or data decay, is a colloquial computing term used either to describe gradual decay of storage media or to facetiously describe the spontaneous degradation of a software program over time. (ref: wikipedia)
Are these machines capable of being refreshed and cleaned up and properly protected? Of course in theory. But for huge amounts of wasted staff time and hidden costs. Additionally these machines are designed with low reliability circuitry that has a tendency to break much faster than corporate grade desktops and laptops. These hidden IT staff costs would have been significantly avoided if the employee would have gone through the regular channel of requesting a replacement machine, if upper management buys into a policy to not allow this, and if the IT department has already prepared for these events by keeping stand-by machines available to be imaged just before they are deployed.
Stronger corporate IT policies with considerations like pre-approved system replacements is surprisingly missing from many companies. The episode also could have been prevented by IT maintaining a series of replacement machines (desktops and laptops) in standby, ready to be imaged and given to the employee. (This assumes that the IT department has an imaging process and the IT staff is trained to do this work.)
The IT challenge is mostly to identify and project hidden costs tied to all aspects of IT projects within a corporate infrastructure. From personally purchased machines to old network devices that are being nursed by IT staff hours. From unprotected mobile devices that access sensitive corporate data, to a lack of maintaining error logs and power management auditing.
The amount of time it could take to ‘cleanup’ this unauthorized PC and removing IT staff from other project deadlines are the kinds of things that lead to failing IT departments. The potential for losing important private corporate information (Intellectual Property) should be the motivation of any IT manager. A modern infection will easily fly past old unmaintained firewalls and antivirus systems, as well as older configured and neglected laptop and desktop systems that have not been kept up to date.
While it is difficult to jump into a corporate IT setting and fix immediate problems, it is most essential to have a formal auditing of corporate IT operations, it is also important to update IT policies and procedures.
Discovering the nature of the business and how they expose themselves to current IT threat vectors will be the first step in finding the best solutions. These solutions have to be placed into the IT budget and immediately presented to the budget approval group.
For more information on IT budgets and identifying enterprise failures, contact Menlo Technical Consulting today for a free thirty minute discussion on helping your company meet today’s IT demands.