The challenges of desktop configuration
Firing at moving targets
Desktop For businesses, many of the problems with PCs come from the 'personal' part of personal computer. If every system is set up differently, with different applications, updates, security settings, power management and interface options, the individual user might be happier.
They might even be more productive, although it’s equally possible that they end up slowing down their PC by customising it with the tools they find useful and the settings they like. And the life of the IT team is definitely harder; a badly configured desktop is more expensive to run, harder to fix or replace (and more likely to need fixing) and far less likely to be secure.
Downtime is the most obvious way a poorly-setup PC will cost you time and money, whether it’s someone who can’t get on with their job while you’re replacing a failed hard drive or the business opportunity they can’t reply to while you’re cleaning a virus off their system.
If you configure roaming profiles, user groups in Active Directory, network file storage and custom installation images that let you deploy the operating systems and standard apps together (ideally remotely), you can shift them onto a replacement PC far more quickly while you repair or reconfigure their machine.
It’s difficult to put hard numbers on the cost of the time it takes to deal with problems individually and manually; how do you factor in the hidden costs of employees trying to fix problems before they call the help desk, the time advanced users take away from their real job to give ‘shadow support’ to colleagues or the neighbouring user who asks for help as you’re on the way to sort out something else?
IT labour costs take the lion’s share of TCO costs (up to 70 per cent by some estimates, which Gartner breaks it down as nine per cent administration, 11 per cent technical support and 49 per cent end user management – and two per cent the ever-useful ‘other’). Resetting a PC to a standardised configuration can take around 20 minutes, reinstalling Windows 7 from a unified image takes around half an hour; a manual installation and setup is more like three to four hours.
But even if a PC is still running, that doesn’t mean it’s running efficiently. Old versions of applications, links to file shares that can be deleted by accidents, warning messages that users have to click through every time they run a tool that’s not set up properly, or PC settings that they change by accident, or while trying to fix another problem, can all waste plenty of time.
And pushing out updates to Windows and an increasing number of desktop apps is becoming a vital part of IT security, avoiding both the average £1.7 million cost of a data breach and user downtime while you deal with infections on their PC.
Again, doing configuration management and applying profiles through Group Policy or third party tools lets you push out fixes, credentials, drive mappings and or setup changes faster (and without writing complex scripts).
Pushing out a configuration change to all the users in a group after you get the first helpdesk call about a setting that’s confusing saves your time on the phone – and theirs. Gartner estimates that, in 2008, TCO costs for a locked and well-managed desktop were $3,413 – far lower than the $5,867 you’d be spending on a completely unmanaged PC.
Unless you’ve gone through a desktop refresh recently, there’s one way a PC that isn’t being actively managed is costing your business money: power management. Turning PCs off overnight and putting them to sleep over lunch can save you anything from £30 per PC per year up (depending on how much you pay for electricity, the wattage of the power supply in the PCs, what hours users work and how good they are at turning screens and desktops off).
Windows Vista and Windows 7 make it easier to configure power management remotely via Group Policy, given that visiting every PC individually to configure it would take a big chunk out of the money you’re saving. There are ways to get the same remote power configuration for XP too, including Group Policy preferences, if you run Windows Server 2008, and commercial third party tools that you can also use for reporting, asset management and waking PCs remotely to apply patches.
Invest in configuring desktops better and you can improve productivity and save money, although it’s important not to be too heavy-handed. Just as most internal security problems are caused by users having to work around systems that don’t allow them to get their job done, locking down desktops too rigidly will drive users to Web apps, smartphones and other options that you can’t manage or secure. ®
Sponsored: Today’s most dangerous security threats