Saving money on desktop costs
Building on common ground
You the expert You may recall, we set you a challenge to join our expert panel and answer questions from our readers on how to deal with your desktop, and mobile desktop, environment.
This week we've got the second installment from our resident reader experts, Adam Salisbury and Trevor Pott. They're joined again by Jon Collins from Freeform Dynamics and Steve Cutler from Intel.
The question this week is:
I need to save money from my desktop costs (both capital and operational). What should I do as a priority?
Take it away, team.
Name: Trevor Pott
Job Title: Systems Administrator
If there is a single concept that will reduce the TCO of desktops it is homogenization. Systems with homologous components can be treated not as individual units, but rather as part of a class. Keeping the number of classes deployed to a minimum provides real operational benefits. In my experience, classing systems based upon identical motherboards has made imaging and post-warranty hardware support simpler.
Homogenization of the desktop environment allows for a single prototype per class. This simplifies fit-for -purpose testing and the creation of deployment images. Start from a common 'base' image and make necessary differentiations from there. Buying a group of identical desktops means you can work your suppliers for a discount and it also creates a simple business case for retaining 'cold spare' systems. Once off warranty, a small number of spare components can keep a fleet of deployed systems in service far longer than most people would expect. This is an especially important consideration for SMEs, where every dollar must be stretched to breaking.
This leads us into the operational savings that homogenization brings. Interchangeability is the biggest advantage. If something similar to roaming profiles and server-based home folders are in use - to ensure that no actual important data is ever stored on a desktop - then when desktops are identical and properly managed they should become interchangeable.
When a desktop decides it's time for a lie down, pop a spare system into service and RMA the dead one. This enables the user of that system to continue being productive, as well as offering the opportunity to repair the cranky hardware with minimal time constraints. Upon its return, the repaired system returns to the class pool as a spare. Spare systems also double up for testing. You can remake your images on a spare box periodically, and they come in handy for patch testing.
As a parting thought, consider the total lifespan of desktops. It is a common view that a front-line class of desktops deployed to high demand users should be retired when the warranty expires. When a class is removed from service, refurbish it and increase the percentage kept aside as spares. You can often return the entire class to service in a less demanding role, extending the operational life with little risk. (The larger the company, the less viable this becomes.) When looking at system lifespan as a whole, homogenization of desktop infrastructure can reduce the time and cost to deploy new systems, as well as greatly ease the burden of supporting them in the field.
Turn it on
Name: Steve Cutler
Job Title: Technical Marketing Manager, End User Solutions, Intel® Corporation
Find out if you have any vPro™ systems in your estate. You can do this by foot - walk around and look for vPro™ stickers on your clients. You can do this more automated by checking out the AMTSCAN tool from the vPro™ Expert centre web site.
The capabilities of AMT range from simple features like asset inventory and power control through to more powerful features like Serial over Lan (SOL) and IDE Redirection (IDER). Let me give some examples of how you can use these features to improve your client manageability capability and reduce your manageability costs. If your current policy is to leave desktop systems on over night to allow patching without impacting user productivity - then you are burning a lot of power for no good reason.
With vPro™ systems with AMT you can change your policy to have systems powered off over night and then set your management console to wake systems only when necessary for patching and then turn them of again. Power savings in this case can be very significant. If you are seeing a lot of deskside visits to resolve system problems - then maybe SOL and IDER will help you.
Using SOL you can redirect boot screen and BIOS screens to the management console and change boot settings or other BIOS settings remotely. Using IDER you can have a system boot from a remote local disk image which could be a dedicated remediation image with a full suite of debug tools - or simply to a standard OS image. Even in cases where there is a hardware failure, SOL and IDER will probably allow you to diagnose the problem so only a single visit is required to replace the failed hardware. All these features can be configured to operate in a fully secure manner using TLS encryption, so you can be sure these features can only be accessed by correctly authenticated and authorised support staff.
If you have very few or no vPro™ systems in your estate - are you using an existing management console? If not, it is well worth investigating what these can do for you. There are multiple vendors (Microsoft, Symantec, LanDesk, HP, etc) and they tend to provide a similar core set of features. If you do have management software in place - are you using it as effectively as possible? Are there features in your management software that could have direct cost saving impact if you enable them or start using them?
Look at the commonest causes of desktop issues that your help desk is dealing with. There may be things you can do with your existing software that will improve the efficiency of dealing with some of those issues. Some specific areas to look at: What are the power management capabilities you have between what the OS can do and what your management software can do.
If you can implement better policies on your clients for powering off systems or at least moving them into standby, can your management software wake them up if necessary to install security patches? Are you able to take advantage of existing OS tools like remote desktop? Maybe this will allow your help desk staff to investigate and resolve more issues. Are you able to repartition client disk drives to include a maintenance and recovery partition so that each client has a known good OS available to boot at all times. Then if end user suffers problem on main partition - you can remotely revert back to maintenance partition to investigate and maybe resolve the issue.
'Know what you have'
Name: Jon Collins
Job Title: Managing Director, Freeform Dynamics
The first thing to do is 'know what you have' in terms of desktops - which, if you knew, would already put your organisation in a minority. This is not just a large company issue - as people bring their own computers and netbooks (or just work from home), and as execs insist on the latest kit, it can be very difficult to get a handle on just what it is you are supposed to be supporting - or where the costs are.
It's important to understand not just hardware configurations but also software versions running on each machine. It is possible to do this manually but discovery and asset management tools (such as those from LanDesk and Altiris) can help. In terms of capital savings, then, without changing any of the hardware you can first look at software licensing - what products are no longer used, or are being kept 'just in case' - in which case they may be withdrawn from all but a select number of users? There may also be a place for site or corporate licensing, should it be the case that what you thought was a 'nice to have' for a certain set of users, had become a 'need to have' across the organisation.
From an operational standpoint there is plenty that can be done. For physical machines, if we think about turning them off at night there are benefits in terms of power management, as well as wear and tear on machines - though this needs to be balanced with patch management policy, that is, the machine may well need to be switched on so a patch can be applied. Power saving features can also be enabled so that money is saved even when the machine is switched on - perhaps it's not essential that the machine runs at 'maximum performance' all the time.
By far the most expensive resource you have is people, however. While we don't expect anyone to be put out of a job (there is a skills shortage despite the Credit Crunch), ops staff could nonetheless be put onto more useful tasks if some of the burdens of day to day management were removed. For example through better remote monitoring, diagnosis and resolution, patch management, self service and so on. The costs of deskside and site visits can very quickly be racked up, many of which can be dealt with through remote control of the desktop and a phone call.
Finally, we've written about the importance of keeping hardware and software up to date - both have a 'sell-by' beyond which support costs tend to ramp up, so you need to watch for that as well. The 'masterclass' would suggest keeping a log of support cases by machine and software type, so you can spot what systems/applications are becoming a problem. For the majority, a simple review of what's getting too old to be easily manageable, would do.
'Fire-fighting calls starting to fall away'
Name: Adam Salisbury
Job Title: Infrastructure Support Engineer
In any organisation, securing the budget for internal IT is a painstaking task, which often leaves us a little out of pocket. But such are the needs of the business. Effective spending is of utmost importance especially when new projects and technologies are constantly on the march.
The key to conserving and indeed, reducing IT spend starts with asset management; until you know exactly what you have and exactly what it's doing you cannot leverage the full potential of your systems. Engaging in effective Active Directory maintenance in terms of regularly sanitising machine accounts is best practice and it will give you the widest view of the infrastructure, albeit a fairly basic one.
Dedicated asset management software is obviously highly advantageous, but if you don't have it then try checking out the reporting functionality of any software update management solutions you have deployed. If you've yet to invest in such technology then maybe now is the time. As well as streamlining and standardiseing the desktop updating process, you'll gain a window onto your desktop world too, as many have some kind of reporting functionality too.
Once you've audited the desktop environment, implemented software update management you can begin standardising the software on them, and subsequently your build images, thus increasing efficiency of both system and user. Attaching a knowledge base to call logging software, or even better, using an existing system for this, will improve the efficiency and quality of service desk activities and reduce costs.
With these measures in place you'll see the day-to-day fire-fighting calls starting to fall away. Knowledge base or wiki articles can be reported upon and used for trend analysis and to improve the quality of service management. Coupled this with the data from the call logging system and you really can begin to prioritise where to focus your human and financial resources.
Many solutions are available. You'll almost certainly have come across recommendations to embrace open source software, converting to a Citrix or Terminal Services environment or desktop virtualisation. These may work for you; if your organisation has a formidable server infrastructure then maybe you could build a Terminal Services and run a pilot. If you've already got a little Citrix in the mix you would do well to consider building that out. However, let's assume you've so far followed standard 'thick client' doctrine; in this case how are you going to find the funds for these, initially expensive solutions.
Desktop virtualisation is again a solution that can potentially be expensive to implement although savings can be achieved by deprecating build imaging servers which wouldn't be needed in a virtualised environment, they can then be redeployed as hypervisors. This would be of more benefit to an enterprise than SMB where structured support processes, working practices and the necessary infrastructure capacity already exist.
There are more ways to make savings and cut costs that you'd think, not all of them involve a lot or even any initial investment and once the ball is rolling it's easier to build more momentum. ®