Feeds

The Hardware mid-life crisis

Upgrade or refresh?

  • alert
  • submit to reddit

SANS - Survey on application security programs

Workshop The good old PC, along with the phone, is today the main, if not only, interface that users have to IT systems and services. The experience that people have of their personal system often colours their perception of how well IT does its job, regardless of how well run the rest of IT is.

Most PCs get to have a long life in business, with laptops and performance desktops typically being refreshed after three or four years. For users that are less demanding on performance, the lifespan commonly runs to five or even six years.

This is a long time in the life of IT, and raises the question of how best to deal with unexpected developments mid way through the life-cycle. Is it best to soldier on and attempt to upgrade what is already in place? Or is it time to bring forward investment in new PCs?

A good example of an unanticipated change is the move to whole disk encryption, where compliance and security concerns can mean a rapid adoption of the technology, regardless of the state of PC performance. There is already significant adoption on enterprise laptops due to their susceptibility to loss or theft, and increasing use on desktops now too, as security managers realise the importance of holistic security.

While it may be possible to soldier on without changing the hardware when rolling out encryption, the impact on user satisfaction and productivity may be so great that the objectives of the project are put at risk. For example, if performance drops too much with an encryption rollout, users may be inclined to try other mechanisms behind the back of IT to bypass the protections, such as emailing sensitive files to personal email accounts. Upgrading the hardware, either through upgrades or complete replacement, may be the best solution to raising the performance back to, or at least approaching, acceptable levels. Choosing which way is right may prove difficult, and will depend on how extensive the changes need to be, coupled with the cost of the required upgrades plus the support needed to implement them when compared with the cost of moving to new hardware.

Upgrades may well be the preferred route where the fundamentals of the PC, and in particular the CPU and graphics capabilities, are still capable of delivering the goods. This leaves two upgrades to concentrate on: RAM and the hard disk.

Upgrading RAM can be an effective method of increasing performance, particularly as multi-core processors encourage the move to multi-threaded applications and running more applications simultaneously. Equally, modern applications use more memory as they become richer in their use of media, and seek to deliver ever-expanding functionality directly to the user. The benefit will be felt most keenly on those machines where memory is most severely limited, such as upgrading from 512MB to 2GB, rather than 2GB to 4GB, especially as many desktop operating systems commonly in use cannot utilise large memory pools.

The price at which the memory can be obtained will vary significantly depending on the machine type, and may end up being cost-prohibitive. It is also worth bearing in mind the expected support lifetime of the PC, and the operational cost involved in physically installing it. Memory upgrades may be best implemented when other upgrades are due for installation, especially in scenarios where considerable travel to isolated desktop populations is involved.

Upgrading the hard disk may be the best option, particularly if the PC performance is otherwise good. Solid State Disks (SSDs) can help when the traditional spinning disk struggles. This is particularly true for when whole disk encryption is required, but can also give a welcome boost where memory is marginal and disk use is high. SSDs are expensive, but mainstream drives are now a lot less costly than a new PC – and capacity increases mean they could be suitable for use as the main drive of a business PC where large files such as video files are less prevalent. The costs of purchase and installation may even be able to be offset by the boost in initial encryption time, which can take many hours to complete.

If the age or specification of the PC is such that replacement is the preferred option, the performance impact of encryption may be such that upgrading the hard disk to an SSD may still be the best approach. A difficulty is that many PC vendors charge large premiums for SSD options. Purchasing third party drives, either via a reseller for pre-integration, or separately to be installed at build time, may be more cost effective but does add to the complexity of the solution, especially to ongoing support. ®

SANS - Survey on application security programs

More from The Register

next story
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
True optical zoom coming to HTC smartphone cameras
Time to ditch that heavy DSLR? Maybe in a year, year and a half
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
Leaked photos may indicate slimmer next-generation iPad
Will iPad Air evolve into iPad Helium?
Feast your PUNY eyes on highest resolution phone display EVER
Too much pixel dust for your strained eyeballs to handle
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.