Escolar Documentos
Profissional Documentos
Cultura Documentos
Disclaimer
The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, the information presented herein should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication.
This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in, or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.
The names of companies and products mentioned herein may be the trademarks of their respective owners.
Page 2
Introduction
We frequently look to investments in technology to help us differentiate our businesses. In many cases, technology is a strong imperative for improved business performance in the modern enterprise. However, technology alone does not hold the key to business success. IT systems will not offer creative insight into new product development, will not seize opportunities for process improvement, and will not develop strong relationships with business partners. Technology plays an important role as an enabler to support every enterprise's most valuable assetits people. Companies today are realizing that there has never been a greater need for IT to become and be seen as a true corporate asset that delivers ongoing business value. This changing agenda is evident in results of the Top 10 Business and Technology Priorities in 2010 survey publish by Gartner EXP in January, 2010 (http://www.gartner.com/it/page.jsp?id=1283413). Mark McDonald, Group Vice President and head of research for Gartner EXP, explains that 2009 was the most challenging year for CIOs in the corporate and public sectors as they faced multiple budget cuts, delayed spending and increased demand for services with reduced resources. This is set to change in 2010, as the economy transitions from recession to recovery and enterprises transition their strategies from cost-cutting efficiency to value-creating productivity.
The economic recovery and transitions that are taking place give the enterprise and IT the opportunity to reposition themselves and exploit the tough corrective actions taken during the recession. CIOs see 2010 as an opportunity to accelerate ITs repositioning from a support function to strategic contributor focused on innovation and competitive advantage. They have aspired to this shift for years, but economic, strategic and technological changes have only recently made it feasible. As CIOs advance their enterprise and IT capabilities and achieve a sustained improvement in their IT infrastructure, they must take a long-term, strategic view of optimization and link these capability and optimization improvements to their business needs and strategy. The goal of Infrastructure Optimization is to help companies realize the full value of their IT infrastructure to drive better business results. Infrastructure Optimization centered on using an organization's IT assets to support and advance the businesshelps companies measure their level of Infrastructure. Microsoft has developed the Core Infrastructure Optimization model and the Business Productivity Infrastructure Optimization model to help organizations obtain a visual and actionable progression
Page 3
through each of the four optimization levelsaiding them in developing a project roadmap to advance within these levels. Each of the models illustrate the strategic value and business benefits of moving from a "basic" stage of Optimization, where the IT infrastructure is generally considered a "cost center," toward a more "dynamic" infrastructure, where the business value of the IT infrastructure is clearly understood and is viewed as a business growth enabler and strategic business asset. Using these models, organizations can gauge the current Optimization level of their infrastructure and platform, establish a technology vision for the future, and build a clear project roadmap to achieving that vision.
Page 4
businesses may not have the luxury of a large IT department. One or two people may be responsible for all IT strategy and management. Additionally, funds for IT development may be tight. Because of these limited resources, it is crucial for midsize businesses to simplify their IT systems and to use technology that automates processes, improves security, and minimizes technology issues that prevent workers from doing their jobs. The Core IO model provides a project roadmap for midsize businesses to optimize their infrastructure at a level that is appropriate without unnecessary complications.
Page 5
Page 6
Basic
Standardized
Rationalized
Dynamic
Your IT infrastructure can be a powerful tool to enable your business, but it may not be optimized toward that goal. Microsoft's Core IO model helps you manage your IT infrastructure, realize dramatic cost savings from your investments, and align your IT infrastructure with the needs of your business. The model has been developed using industry best practices and Microsoft's own experiences with its enterprise customers. The first step is to evaluate the current Optimization level of your infrastructure based on the following continuum: Basic: "We Fight Fires" IT professionals who manage a Basic infrastructure find their environments extremely hard to control. They have very high desktop and server management costs, are generally very reactive to security threats, and have very little positive impact on the ability of the business to benefit from IT. Standardized: "We're Gaining Control" IT professionals who manage infrastructures in a Standardized state have realized the value of having basic standards and policies, but often find themselves reacting to issues. By advancing toward a Rationalized state, IT professionals can gain control over their infrastructure, develop proactive policies and processes, and feel more prepared for what may come. Rationalized: "We Enable Business" IT professionals who manage a Rationalized infrastructure know how to keep desktop and server management costs low. Mature policies and procedures help them support the business. However, by moving the IT infrastructure toward a Dynamic state, additional benefit can be achieved: o Implementing new or alternative technologies becomes a business advantage o Taking on a new business challenge or opportunity provides advantages that far outweigh the incremental IT cost o Business integration becomes easier, faster, and at lower costs. Dynamic: "We're a Strategic Asset" Your IT infrastructure has become a strategic asset to your organization. Congratulations! Your next step is to capture and use your IT systems knowledge to design more manageable systems and automate ongoing operations. We call this process a self-managing Dynamic system, the ideal infrastructure state that reduces costs and gives you more time to focus on business growth and what is most important to your organization.
Page 7
The results show that Penspen's Core Infrastructure has been categorized at a basic level. This is determined by the least optimized level within the four technology capability areas of the Core IO model.
Datacenter Services Penspen was compared in Datacenter Services against 102 respondents in the Professional Services industry, 105 respondents located in Latin America, and 100 respondents with 20-39 PCs. For your Datacenter Services, Penspen scored a Basic level of optimization, while other peer survey respondents scored as follows:
Page 8
Core Infrastructure Optimization Assessment Report Datacenter Services Assessment of Peer Group
% of respondents
Total respondents = 411 in the Professional Services industry, 420 located in Latin America, and 400 with 2039 PCs (all prior respondents to this assessment).
Sto What the Datacenter Services Results Mean to Penspen rag e: Sto rag e is ma nag ed loc all y on ph ysi cal dis ks; dat a los s is a ris k. Dat a bac ku
Page 9
p, rest ora tio n, and arc hiv ing are ma nua l. Us ers can acc ess sha red dat a, and sen siti ve dat a is pro tect ed by pas sw ord s.N
etw orki ng: The re is a sin gle Do mai n Na me
Page 10
Sys tem wit h ma nua l zon es and rec ord s. Dy na mic Ho st Co nfig urat ion Pro toc ol sup port s IPv 4 and is not net wor kaw are. The re is no cac hin g or wid e are a net wor k mo nito ring . Ser
Page 11
ver Sec urit y: The re is no sec urit y or sec urit y is bas ic, wit h un ma nag ed prot ecti on for ser ver s, app lica tion s, and the net wor k; rem ote acc ess is limi ted or non exi ste nt.
Page 12
place. Patch deployment is manual and monitoring of critical servers is limited. Virtualization technologies may be use in test environment.
Mul tiple copie s of dupli cate files are store d separ ately
Data is archi ved auto matic ally base d on stora ge quota s and date of last modif icatio n or acces sCriti cal data is back ed up on a sche dule 26) What best describes your data classification strategy?25) What best describes your sensitive acros information storage strategy?24) What best describes your storage discovery strategy?23) What best s the describes your storage access strategy?Penspen's Responses for Datacenter Services enter prise; back up
Page 13
copie s are store d offsit e28) What best descr ibes your back up and recov ery strate gy for serve rs? Stor age is alloca ted in file share s or logica lly on share d, fixedsize disk volu mes2 7) What best descr ibes your stora ge alloca tion strate gy? Data is classi fied manu ally or base
Page 14
d on locati on in a folder hierar chy2 2) What best descr ibes your stora ge availa bility strate gy? Stor age is mana ged on indivi dual serve rs or disk array s17) What best descr ibes your Dyna mic Host Confi gurati on Proto col infras tructu re strate gy?A Dyna mic Host Confi gurati on Proto
Page 15
col serve r dyna micall y regist ers the client host name IP addre ss; the Dom ain Nam e Syste m prese nts a unifie d view to the name spac e16) What best descr ibes your Dyna mic Host Confi gurati on Proto col mana geme nt strate gy? The Dom ain Nam e Syste m serve
Page 16
r is a single serve r15) What best descr ibes your Dom ain Nam e Syste m resilie nce strate gy? Zone s and recor ds are creat ed manu ally14 ) What best descr ibes your Dom ain Nam e Syste m mana geme nt strate gy? Netw orkin gRe mote acces s is secur e, stand ardiz ed, and
Page 17
availa ble to end users acros s the organ izatio n13) What best descr ibes your secur e remot e acces s strate gy? Multi ple vend or produ cts are used for firew all, IPS, Web secur ity, gate way antivirus, and URL filteri ng12) What best descr ibes your netw ork prote ction strate gy? Appli
Page 18
catio ns are not prote cted, or prote ction is unma nage d11) What best descr ibes your applic ation prote ction strate gy for serve rs? Mal ware prote ction is centr ally mana ged acros s serve r opera ting syste ms, includ ing the host firew all10) What best descr ibes your serve r opera
Page 19
ting syste m prote ction strate gy? Serve r Secur ityTh ere is no highavaila bility strate gy9) What best descr ibes your highavaila bility strate gy?A docu ment ed policy is in place for confi gurati on and comp liance of serve rs and IT syste ms8) What best descr ibes your serve r comp liance
Page 20
policy ?IT syste m (hard ware, hyper visor, OS, and applic ation) awar e monit oring exists for critica l serve rs7) What best descr ibes your serve r monit oring strate gy in data cente rs? No serve r virtua lizatio n or serve r virtua lizatio n used only in test envir onme nts6) What best
Page 21
descr ibes your serve r virtua lizatio n strate gy? Ther e is no capa city plann ing proce ss for serve rs5) What best descr ibes your serve r capa city mana geme nt and cons olidati on strate gy? Hard ware and softw are inven tory tracki ng for serve rs is manu al; no polici es, proce dures ,
Page 22
resou rces, or tools are in place 4) What best descr ibes your asset mana geme nt strate gy for serve rs? Patc h deplo ymen t is manu al for the major ity of serve rs that run Wind ows Serve r3) What best descr ibes your patch and updat e proce ss strate gy for data cente r servic es? Scrip
Page 23
ted proce ss are used to deplo y applic ation s consi stentl y2) What best descr ibes your applic ation and serve r workl oad deplo ymen t strate gy? Ther e is no defin ed set of core stand ard imag es1) What best descr ibes your serve r imag e maint enan ce strate gy? Datac
Page 24
30) What best describes your data de-duplication strategy?29) What best describes your data archiving strategy?Sensitive information is stored
Page 25
in disconnected systems or is manually placed in password-protected locations to prevent unauthorized accessA defined e-discovery policy and manual processes exist for identifying and retrieving electronically stored informationUsers access files and frequently used information from caches on local disks or servers in local offices, even if primary servers are remote; users can access personal files stored on a server from other PCsUsers are notified about data integrity errors, but data loss is possible if a disk or system component fails21) What best describes your storage management strategy?StorageWide area
network health and performance are not monitored or reported20) What best describes your wide area network monitoring strategy?There is no caching technology19) What best describes your network branch optimization strategy?There is simple monitoring of network device outages18) What best describes your network quality of service strategy? Dynamic Host Configuration Protocol servers are aware of sub-networks
Page 26
Page 27
Client Services Penspen was compared in Client Services against 103 respondents in the Professional Services industry, 107 respondents located in Latin America, and 100 respondents with 20-39 PCs. For your Client Services, Penspen scored a Basic level of optimization, while other peer survey respondents scored as follows:
Client Services - Comparison Client Services Assessment of Peer Group
% of respondents
Total respondents = 206 in the Professional Services industry, 214 located in Latin America, and 200 with 2039 PCs (all prior respondents to this assessment).
Cli What the Client Services Results Mean to Penspen ent Sec urit y: Pro tect ion aga inst ma lwa re is un ma
Page 28
nag ed or no nexi ste nt. No enc ryp tio n me cha nis m exi sts for clie nt dev ice s. En d use rs hav e ad mi nist rati ve pri vil ege s.
Client Management and Virtualization: Desktop images and applications are deployed manually with no consistent OS strategy. Desktop systems and assets are managed manually. There is no application or desktop virtualization. Configuration of mobile and non-PC devices is manual.
Page 29
Dis Penspen's Responses for Client Services klevel encr yptio n is in place for selec t lapto ps and devic es that have a high busin ess impa ct20)
What best descr ibes your client encry ption strate gy? All users are deplo yed as stand ard users by defau lt, and admi nistra
Page 30
tive acces s is given as need ed19) What best descr ibes your client lockd own strate gy? All mobil e acces s to intern al syste ms is proxi ed throu gh the mess aging syste m16) What best descr ibes your mobil e softw are mana geme nt strate gy? Mobi le devic es are mana ged by
Page 31
secur ity policy provi sionin g (such as perso nal identi ficatio n numb ers) and remot e deleti on15) What best descr ibes your secur ity policy strate gy for mobil e devic es? Mobi le phon es are used for overtheair synch roniz ation with email, calen dar, and conta cts14 ) What
Page 32
best descr ibes your mobil e usag e strate gy for lineofbusin ess applic ation s? NonPC devic es are confi gured manu ally13 ) What best descr ibes your nonPC devic e provi sionin g strate gy? Mobi le devic es are confi gured and synch roniz ed with deskt op syste ms
Page 33
manu ally12 ) What best descr ibes your mobil e devic e provi sionin g strate gy? Hard ware and softw are inven tory is auto mate d and report ing is centr alized ; infor matio n may not be comp lete or accur ate, and typica lly is not used for decisi onmaki ng; inven tory is
Page 34
recon ciled annu ally11 ) What best descr ibes your asset mana geme nt strate gy for client s? Conf igurat ions are stand ardiz ed; syste ms are asses sed for comp liance , and some settin gs are enfor ced throu gh group polici es10) What best descr ibes your confi gurati on comp liance strate gy for
Page 35
client s? Desk top syste ms and syste m event s are not centr ally monit ored9 ) What best descr ibes your deskt op monit oring strate gy? Ther e is no centr alized patch mana geme nt for deskt op syste ms8) What best descr ibes your patch mana geme nt strate gy for deskt op syste ms? Ther
Page 36
e is no applic ation comp atibilit y testin g soluti on7) What best descr ibes your applic ation comp atibilit y strate gy? Ther e is no use of applic ation virtua lizatio n6) What best descr ibes your applic ation virtua lizatio n strate gy? The major ity of applic ation s is deplo yed manu ally with limite
Page 37
d polici es5) What best descr ibes your applic ation deplo ymen t and contr ol strate gy for client s? User s back up critica l data locall y accor ding to corpo rate policy and by using the tool provi ded; when it is nece ssary , user state can be abstr acted from the opera ting syste m imag
Page 38
e (such as for a sessi on, virtua l deskt op infras tructu re, or roami ng profil e)4) What best descr ibes your client back up and recov ery strate gy?A centr alized store of user profil es enabl es profil es to roam with users 3) What best descr ibes your roami ng user profil es strate gy
Page 39
acros s the organ izatio n? Ther e is no consi stent opera ting syste m deplo ymen t strate gy2) What best descr ibes your opera ting syste m policy strate gy for client s? Stan dard imag es may be prese nt for deskt op deplo ymen t; deplo ymen t is manu al1) What best descr ibes your client
Page 40
imag e mana geme nt and deplo ymen t strate gy? Client Mana geme nt and Virtua lizatio n
Protection against malware is centrally managed for desktop systems and laptops and includes a host
Page 41
firewall; non-PC devices are managed and protected through a separate process18) What best describes your strategy for protecting clients against malware? 17) What best describes your mobile remote access strategy?Client SecurityThere is no software
Page 42
Identity and Security Services Penspen was compared in Identity and Security Services against 102 respondents in the Professional Services industry, 106 respondents located in Latin America, and 100 respondents with 20-39 PCs. For your Identity and Security Services, Penspen scored a Basic level of optimization, while other peer survey respondents scored as follows:
Identity and Security Services - Comparison Identity and Security Services Assessment of Peer Group
% of respondents
Total respondents = 204 in the Professional Services industry, 212 located in Latin America, and 200 with 2039 PCs (all prior respondents to this assessment).
Inf What the Identity and Security Services Results Mean to Penspen or ma tio n Pro tect ion and Co ntr ol: Pro
Page 43
tect ion aga inst ma lwa re is un ma nag ed or no nexi ste nt. No enc ryp tio n me cha nis m exi sts for clie nt dev ice s. En d use rs hav e ad mi nist rati ve pri
Page 44
vil ege s.
Identity and Access: There are no standard policies to control identity and access. Multiple user profiles exist and user accounts are provisioned and deprovisioned manually. There is no federation or password policy for authentication and authorization. Directory services are isolated due to lack of integration and lack of application deployment methods.
Audit Penspen's Responses for Identity and Security Services ing and report ing are manu al proce sses1 2) What best desc ribes your strat egy for infor mati on prote ction repor ting? Basi c infor mati on prote ction is in place with simpl e polici
Page 45
es to restri ct use (suc h as drive and folde r encr yptio n)11) What best desc ribes your infor mati on prote ction polic y? Ther e are tech nolo gies and proc esse s for disco very and prote ction of data that is creat ed and used at selec t endp oints ; indivi dual user s
Page 46
drive data class ificati on10 ) What best desc ribes your strat egy for prote cting data in use? Ther e are tech nolo gies and proc esse s for disco very, userdrive n class ificati on, and prote ction of data at selec t point s and for selec t proto cols in the netw ork (for exam
Page 47
ple, at gate ways or in email) 9) What best desc ribes your strat egy for prote cting data in moti on? Disc over y, class ificati on, and prote ction of data store d on serve rs or in the back offic e is nonexist ent8) What best desc ribes your strat egy for prote cting data at
Page 48
Most appli catio ns and servi ces share a com mon direc tory for authe ntica tion; some point -topoint sync hroni zatio n exist s acros s diffe rent direc torie s, appli catio ns, and repos
Page 49
itorie s7) What best descr ibes your direc tory servi ces strate gy? Mul tiple appli catio n direc tory servi ces exist to supp ort multi ple stand ards6 ) What best descr ibes your appli catio n direc tory servi ce strate gy? The re is
Page 50
a centr alize d acces s polic y for busin ess resou rces, with some stand ardiz ation in the polic y5) What best descr ibes your auth oriza tion strate gy? Pass word polic ies are set withi n the direc tory servi ce to enabl e lifecycle
Page 51
mana geme nt4) What best descr ibes your authe ntica tion strate gy? The re is no feder ation of ident ity3) What best descr ibes your ident ity feder ation strate gy? The re is no enduser selfservi ce for pass word reset s and grou p
Page 52
mana geme nt2) What best descr ibes your pass word and grou p mana geme nt strate gy? Use r acco unt provi sioni ng and deprovi sioni ng are man ual and acces s is contr olled per insta nce1 ) What best descr ibes your
Page 53
ident ity provi sioni ng and acces s mana geme nt strate gy? Ident ity and Acce ss
Page 54
IT Process and Compliance Penspen was compared in IT Process and Compliance against 102 respondents in the Professional Services industry, 106 respondents located in Latin America, and 100 respondents with 20-39 PCs. For your IT Process and Compliance, Penspen scored a level of optimization, while other peer survey respondents scored as follows:
IT Process and Compliance - Comparison IT Process and Compliance Assessment of Peer Group
% of respondents
Page 55
Total respondents = 102 in the Professional Services industry, 106 located in Latin America, and 100 with 2039 PCs (all prior respondents to this assessment).
What the IT Process and Compliance Results Mean to Penspen IT Process and Compliance: There are no standard policies to control identity and access. Multiple user profiles exist and user accounts are provisioned and deprovisioned manually. There is no federation or password policy for authentication and authorization. Directory services are isolated due to lack of integration and lack of application deployment methods.
Risk and vulne rabilit y analy sis of IT servic e confi denti ality, integr ity, and availa bility is not forma lly mana ged; IT comp liance objec tives and activit ies are not defin ed14
) What best descr ibes Penspen's Responses for IT Process and Compliance
Page 56
your IT com plian ce strate gy for IT servi ces? IT servi ce owne rs and acco unta bility are not form ally assig ned1 3) What best descr ibes your IT servi ces team acco unta bility and mana geme nt strate gy? The IT
Page 57
servi ce chan ge and confi gurat ion proc ess is not form ally mana ged1 2) What best descr ibes your chan ge and confi gurat ion mana geme nt strate gy for IT servi ces? IT servi ce probl ems are not form ally mana ged1
Page 58
1) What best descr ibes your probl em mana geme nt strate gy for IT servi ces? Mo nitori ng and repor ting are centr alize d for prote ction again st mal ware, prote ction of infor mati on, and ident ity and acces s techn ologi
Page 59
es10) What best descr ibes your strate gy for moni torin g secur ity and repor ting on IT servi ces? Mo nitori ng, repor ting, and audit ing tools are not form ally mana ged for IT servi ces9) What best descr ibes your servi ce moni
Page 60
torin g strate gy for IT servi ces? IT servi ce incid ents are not form ally mana ged8 ) What best descr ibes your strate gy for IT servi ce incid ent mana geme nt? Serv icelevel or oper ation allevel agree ment s are
Page 61
not form ally mana ged7 ) What best descr ibes your strate gy for IT servi ce oper ation s and servi celevel agree ment s?IT servi ce relea se and depl oym ent proc esses are not form ally mana ged6 ) What best descr ibes
Page 62
your strate gy for IT servi ces depl oym ent? Bug hand ling, desig n chan ges, and testin g are not form ally mana ged for IT servi ces5) What best descr ibes your strate gy for build ing and stabil izing the deliv ery of IT servi
Page 63
ces and testin g proc edur es? IT servi ce proje ct plans and funct ional speci ficati ons are devel oped occa siona lly4) What best descr ibes your proje ct plan ning strate gy for IT servi ces? IT servi ce relia bility is defin
Page 64
ed occa siona lly3) What best descr ibes your strate gy to plan for IT servi ce relia bility ?IT polic ies are devel oped and store d occa siona lly2) What best descr ibes your strate gy to plan for IT servi ce polic ies? Busi ness strate
Page 65
gy and IT strate gy occa siona lly are align ed; meas urem ent of IT servi ce capa city, avail abilit y, conti nuity , and data integ rity is unm anag ed; IT servi ce costs and retur ns are some times reco gnize d1) What best
Page 66
descr ibes your strate gy to plan for align ment of IT servi ces? IT Proc ess and Com plian ce
Page 67
Page 68
Better management of and control over resources, supported by enhanced decision-making capabilities Faster decision-making due to enhanced reporting High availability of services with minimal downtime and higher return on investment Adherence with security and compliance standards and policies Enablement of data governance policies and processes Reduced total cost of ownership and improved manageability due to consolidation of branches Improved organizational control and scalability, time savings, and reduced effort due to faster and more efficient processes Continually available services in a fully protected and compliant infrastructure Uninterrupted business and high return on investment due to continually available services Optimal return on investment due to optimal resource utilization Faster provision of compatible configurations Faster and more efficient deployment of systems Efficient management of server resources High availability of services and lower risk of service outages Faster identification and resolution of issues, including clear documentation Simplified planning process for IT infrastructure across multiple scenarios through network-wide automated discovery and assessments Increased system security, including timely application of security updates Improved manageability and consistency, and decrease in redundant system updates Faster workflow processes with fewer chances for error in problem resolution Improved control of resources due to better management, security, and compliance control Faster and more effective management that includes change management and prediction capabilities Near-immediate resolution of problems due to real-time policy enforcement, supported by standardized documentation Increased organizational scalability due to centralized control and faster deployment of systems Optimal resource utilization with minimal efforts and delay Faster resolution of server problems due to automation Continually available services due to servers that are highly optimized and load balanced Cost-effective and easy monitoring and management of physical and virtual environments by applying cross-platform management capabilities
Server Security Increased employee performance and efficiency due to secure remote access Improved business continuity due to standardized security, protection, and better management tools Improved system security with low risk of vulnerability due to integrated protection against threats and malware Cost and time savings due to unified protection across various services Business connectivity nearly anytime and anywhere, due to secure remote access High business continuity due to more complete protection against threats and automatic resolution of problems Faster business connectivity nearly anytime and anywhere, due to highly secure and fast remote access and compliance policy enforcement Improved protection against threats due to centralized management Improved network security that includes protection against malicious activities Improved capability to identify and resolve problems due to enhanced security Improved protection against threats due to unified management of security applications Faster connectivity due to secure remote access integrated with compliance measures More complete protection of systems and servers due to automated security tools for better management More complete protection against security threats due to a unified security system that provides multiple layers of security More effective management due to automated security processes that include compliance measures and interaction with other tools Proactive IT services and fewer problems to resolve due to secure access that includes remediation
Page 69
for non-compliance Networking Improved business continuity due to better interaction with other services across all sub-networks Better return on investment due to efficient use of resources Improved employee productivity due to faster access to files Faster identification and resolution of problems, which frees IT resources and improves end-user productivity Improved control over technology and a business-enabling range of services due to integrated reporting tools Higher availability and reliability of services and of applications that use services Easier accommodation of increasing business needs and expansion requirements because the business can gain leverage from seamless interaction with virtual networks Improved employee productivity because of the ability to access systems from almost anywhere and at any time, due to secure and fast interaction with the client system High-quality services and optimal use of resources due to allocation without delay or errors Faster services, optimal use of resources, and higher return on investment due to a fully unified system with proper tools and reporting structure Improved management, with standards and consistency in processes, due to centralized and integrated auditing and reporting of branches Fewer errors and improved use of time due to automatic zone creation and record updates Less chance of error due to high availability of Domain Name System information Efficient means of integration and management of Dynamic Host Configuration Protocol services Reduced time, effort, and risk of errors due to automatic data cleanup Efficient means of integration and management of Dynamic Host Configuration Protocol services Reduced effort, fewer errors, and improved quality of service due to intelligent allocation of bandwidth Faster auditing and problem resolution due to centralized monitoring and management tools Easy classification, monitoring, and reporting for different zones Faster and more efficient resolution of issues regarding Domain Name System service Efficient means of integration and management of Dynamic Host Configuration Protocol services On-demand, high-quality services provided across the organization Highly optimized and controlled environment for delivering high-quality services due to a centralized, fully integrated system Storage Enhanced protection for crucial business information Enhanced business continuity due to mobile access and increased availability Organized information due to a well-structured format for data classification Improved productivity due to better performance of backup services that help stabilize the environment Increased business continuity, lower downtime, and higher availability of reliable information sources Enhanced safety of sensitive information due to faster and better security measures Minimal business impact provided by efficient backup windows Savings of time, resources, and efforts, and reduced chance of errors due to automated processes Enhanced decision-making capabilities, due to faster and more reliable process Improved business continuity due to required information being available nearly any time A safer and more productive environment, due to highly secure and reliable connectivity from remote locations Higher business continuity due to standards and policies that help to ensure higher quality and optimization of processes Higher return on investment and reliability due to optimized resource utilization and consistent data across the organization Improved consistency, uniformity, and better decision-making capabilities due to a unified structure across the organization More efficient storage processes and management capabilities within the IT department
Page 70
Ability to recover crucial data even after a system failure due to improved protection Fewer problems transferring data due to availability of data from nearly any location Improved management capabilities due to standard and consistent processes to identify data Elimination of the manual process to define data to archive due to a new data archiving process based on rules Higher availability of information due to reduced chances of a complete service outage Improved standards, consistency, and control over processes due to automatic archival based on policy Time savings, reduced chance of errors, and fewer delays when conducting security checks due to an automated identification process Mission-critical application data is stored on safer, more reliable alternatives Reduced chance of errors and enhanced analysis and planning capabilities due to highly efficient storage systems Higher availability of data and fewer threats of unauthorized or unsafe access to sensitive information More complete protection for sensitive information due to automated encryption that provides an extra layer of protection Higher quality of information and higher availability due to complete management of the data life cycle More consistent storage methods and adherence to compliance standards due to policy enforcement
Page 71
variety of client devices Provide more consistent security and stability of desktop and mobile environments, inside and outside the corporate firewall Improve business continuity and more complete protection against threats because of automatic problem resolution Simplify user access and facilitated tracking of access permissions because of application-based processes Enable faster and better protection of all user data because of automated encryption capabilities Save effort and time to protect against threats because of centralized management Maintain better control over desktop systems Simplify management of a test environment to maximize use of test hardware, improve life cycle management, and increase test coverage Enhance security protection that includes better capabilities to identify and resolve problems Increase consistency and improved management of user access permissions and related issues Save of time and effort to provide end-to-end security protection because of automated tools that enable better management Improve control over the client environment across the organization because problems are resolved proactively Provide more complete protection of sensitive information, which can be controlled and managed more easily within a centralized control system
Page 72
Information Protection and Control Improved security due to standardized protection processes and technologies Saves efforts and brings better standards and performance efficiency Increased productivity because of a consistent reporting structure Increased productivity with well-organized data and enhanced protection for the desktops Saves money and time by providing better and faster services for classification of data Increased security and reliability in data classification and protection mechanism Enhanced decision making capabilities and faster problem resolution saves time and money Secure and productive environment, due to highly secure and reliable data protection mechanism Reduced maintenance cost with better protection across the organization Saves cost and time in policy enforcement, with lesser scope for errors in deployment Better adherence to compliance standards and regulations because of better and faster auditing processes with automated reporting Efficient data protection supported by automated discovery and protection mechanism Improved efficiency and protection with defined process and technologies for data discovery and classification Enhanced security enabling a complete protection for critical information, provides an extra layer of security Faster and effective auditing process enabling proactive solutions to problems Reduced time and efforts due to automated protection for data and its classification across organization Improved and efficient management using automated classification of data Standard and consistent process applied for data identification, providing better management capabilities Policy enforcement ensures a consistent protection, with implementation of high standards and access controls mechanisms Better management and compliance control enables better control over the resources More consistent protection methods and adherence to classification methods due to policy enforcement Enhanced control with a well-defined mechanism for data discovery and protection across the network Saves time and efforts with real-time policy enforcement across client systems outside the organization Proactive IT with efficient identification and problem resolution mechanisms
Page 73
services across the organization Improved consistency and reliability of IT services complying with corporate IT policies Reduced effort, fewer errors, and improved quality of service due to intelligent allocation of IT resources Faster problem resolution due to centralized monitoring and management tools Improved quality of services and comprehensive auditing with well-defined accountability and ownership of services and corresponding issues Improved control of resources due to better management, security, and compliance controls Improved compliance and consistency of results through automated best practices Faster service delivery across physical and virtual environments Faster process of testing and deploying IT services across the organization Faster resolution of IT services-related problems due to automation
Page 74
Dep loy a solu tion that incl ude s serv ereve nt mo nito ring to pro vid e the root cau ses of app lica tion and serv er fail ures . Dep loy a solu tion to deli ver upd ates to spe cifi
Page 75
c serv er targ ets reli abl y. Dep loy tool s wit h buil t-in stor age filte rs that can acti vel y co mp are and eli min ate ide ntic al file s on file shar ing vol um es. Ena ble ad min
Page 76
istr ator s to esta blis h file ma nag eme nt task s to arc hiv e sets of file s aut om atic ally on a sch edu le. Ena ble ad min istr ator s to crea te bac kup s and rec ove r the ope rati
Page 77
ng syst em, app lica tion s, and data to avo id do wnt ime that is due to da ma ged or lost data , har dwa re fail ures , and disa ster s. Mai ntai n and allo cate ded icat ed serv ers
Page 78
for data stor age. For mul ate pro cess es for data clas sifi cati on to org aniz e info rma tion acr oss the org aniz atio n. Dev elo p and imp lem ent usa ge poli cies and acc ess righ ts
Page 79
for all sen siti ve info rma tion . Ens ure that the bac kup vol um es and arc hiv es are wel l ma nag ed, ind exe d, and sear cha ble. Ena ble ad min istr ator s to cent rall y ma
Page 80
nag e file shar es, set per mis sion s, and ma nag e ope n file s and user s wh o are con nect ed to file shar es. Ena ble freq uen t bac kup and rest orat ion to pre ven t data
Page 81
loss in cas e of disk or syst em fail ure. Ma nag e ded icat ed serv ers for data stor age to ens ure that data is qui ckl y rec ove rabl e. Dep loy tool s that ena ble ad min istr ator
Page 82
s to capt ure net wor k traf fic and to vie w and anal yze net wor k usa ge. Incr eas e the resp onsi ven ess of app lica tion s use d on the net wor k by cac hin ga cop y of data
Page 83
acc esse d fro m an intr anet We b site or a file serv er loca lly wit hin the bra nch offi ce. All ow ad min istr ator s to prio ritiz e and ma nag e the sen din g rate for out goi ng
Page 84
net wor k traf fic to hel p ens ure that reso urc es are use d effi cien tly and to pro vid e the req uire d leve l of serv ice. Ena ble Dy na mic Hos t Con figu rati on Prot oco
Page 85
l serv ers to pro vid e Inte rnet Prot oco l add ress es to clie nts that spa n mul tipl e sub net wor ks. Ena ble Dy na mic Hos t Con figu rati on Prot oco l clie nt co mp
Page 86
uter s to req uest and acc ept TC P/I P con figu rati on info rma tion fro m DH CP serv ers to aut om ate the pro cess of con figu ring TC P/I P on DH CP clie nts. Ena ble Dy na
Page 87
mic Hos t Con figu rati on Prot oco l serv ers to cent rall y ma nag e IP add ress es and oth er rela ted con figu rati on par ame ters. Dep loy sec ond ary Do mai n Na me Sys tem
Page 88
serv ers to pro vid e faul t tole ran ce and repl icat e data fro m pri mar y to sec ond ary DN S serv ers. Ena ble dist ribu ted ad min istr atio n of the Do mai n Na me Sys tem
Page 89
na mes pac e by aut om atin g zon e crea tion and rec ord upd ate pro cess es for DN S serv ers. Dep loy a solu tion to imp lem ent sec ure and stan dar dize d rem ote acc ess for
Page 90
all user s in the org aniz atio n by imp lem enti ng a VP N solu tion allo win g em plo yee s to con nect fro m vari ous rem ote loca tion s. Ena ble filte ring of UR Ls for data sou rces to
Page 91
imp rov e blo cki ng of mal icio us We b site s and to deli ver a mec han ism that hel ps pre ven t intr usio n and exp loit atio n of vul ner abil ities . Dep loy a solu tion to
Page 92
prot ect mes sagi ng app lica tion s fro m viru ses, wor ms, spa m, and oth er ina ppr opri ate con tent . Dep loy a sec urit y solu tion to prot ect ope rati ng syst ems agai nst spy war
Page 93
e, mal war e, and oth er thre ats. Dep loy a solu tion to red uce do wnt ime and bala nce app lica tion loa ds. Cre ate poli cies to enf orc e con figu rati on bas elin es at reg ular inte
Page 94
rval s and use the m to prot ect the infr astr uct ure. Dep loy a solu tion to cent rall y mo nito r serv iceleve l agr eem ents for serv ers to hel p ens ure that app ropr iate agr
Page 95
eem ents are in plac e. Dep loy a solu tion to con soli date infr astr uct ure, app lica tion , and bra nch offi ce serv er wor klo ads. Dep loy a cent rali zed data rep osit ory for all serv
Page 96
er har dwa re and soft war e asse ts. Imp lem ent a cent ral solu tion to dep loy patc hes and upd ates to criti cal serv ers. Dep loy a solu tion to cent rall y ma nag e co mp atib
Page 97
ility eval uati ons and con figu rati on setti ngs for app lica tion s. Dep loy an ima ge mai nte nan ce solu tion to mai ntai na set of indi vid ual ima ges that is ind epe nde nt of har dwa
Page 98
re but can sup port ma ny diff ere nt har dwa re con figu rati ons.
Page 99
To advance from your current basic level to a standardized level of Optimization, we recommend the following projects:
Page 100
min istr ator s to use gro up poli cies to app rov e or blo ck mo bile app lica tion s.
Mon itor syst ems for com plia nce and enfo rce polic ies on user s or user grou ps. Depl oy and man age appl icati on ima ges to reso
Page 101
lve appl icati on com pati bility issu es. Depl oy a fire wall to prot ect des ktop syst ems and lapt ops from hac kers and mali ciou s soft war e. Use the corp orat e mes sagi ng syst em to ena ble mob ile devi ce acc ess to inter nal syst ems
Page 102
, and to sync hron ize mob ile devi ces with busi nes scritic al infor mati on. Mai ntai n an inve ntor y of inst alle d appl icati ons and conf igur atio n for mob ile devi ces. Prov ide a solu tion to rem ove sen sitiv e data rem otel y from
Page 103
lost, stol en, or com pro mis ed devi ces. Depl oy a solu tion that use s the Inter net to sync hron ize email , cont acts , and cale ndar with mob ile devi ces. Ena ble auto mati c ass ess men t and conf igur atio n of all nonPC
Page 104
devi ces suc h as han dhel d sca nner s, card read ers, and dum b term inals . Impl eme nt a solu tion to ena ble adm inist rator s to ass ess, depl oy, and upd ate mob ile devi ce soft war e and appl icati ons over the Inter net. Impl eme nt a cent
Page 105
raliz ed repo sitor y to auto mati cally audi t and trac k all hard war e and soft war e ass ets. Cre ate polic ies to enfo rce conf igur atio n bas elin es at regu lar inter vals. Impl eme nt a solu tion to capt ure all appl icati on and oper atin
Page 106
g syst em failu res in a cent ral loca tion to ena ble IT tea ms to trac k and mon itor des ktop prob lem s. Impl eme nt a cent raliz ed solu tion to depl oy patc hes and upd ates to all des ktop syst ems auto mati cally . Impl eme nt a solu
Page 107
tion to cent rally man age conf igur atio n setti ngs for all appl icati ons and roll out testi ng proc ess es to eval uate appl icati on com pati bility . Prov ide a virtu aliza tion platf orm to acc eler ate and exte nd des ktop and appl icati on depl
Page 108
oym ents from the cent raliz ed serv er to any devi ce. Impl eme nt a solu tion to cent rally man age soft war e appl icati on distr ibuti on and conf igur atio n setti ngs for local and rem ote user s. Ena ble user s to bac k up pers onal data on a regu lar
Page 109
sch edul e or acc ordi ng to orga niza tion al polic ies. Mai ntai na cent ral data bas e of user profi les and allo w user s to acc ess their profi les from virtu ally any wor ksta tion. Depl oy oper atin g syst ems that hav e at leas t one year of
Page 110
sup port from the date of inst allati on on clien t mac hine s. Roll out stan dard proc ess es and tool sets to man age oper atin g syst em ima ges and depl oym ents on clien t syst ems . Impl eme nt a solu tion to encr ypt driv es and che
Page 111
ck inte grity of earl y boot com pon ents for lapt ops and othe r devi ces, to prot ect sen sitiv e data if a devi ce is lost, stol en, or inap prop riate ly dec om miss ione d. Impl eme nt an iden tity man age men t solu tion that allo ws adm
Page 112
inist rator s to prov ision clien t acc ess and mod ify acc ess per miss ions . Prov ide unifi ed viru s and spy war e prot ecti on for busi nes s des ktop syst ems and lapt ops by usin ga singl e con sole to cent raliz ed man age men t
Page 113
To advance from your current basic level to a standardized level of Optimization, we recommend the following projects:
Page 114
Identity and Security Services (advance from basic to standardized) For mul ate data clas sifi cati on pro cess es to org aniz e info rma tion acr oss the org aniz atio n. Cre ate user acc ount s in the clou d that fede rate an exist ing iden tity man
Page 115
age men t syst em, othe r dire ctor y syst ems , or any stan dard sbas ed infra stru ctur e. Ena ble IT to desi gn and gen erat e repo rts for spe cific nee ds and to view logs hist oric ally or in real time , inclu ding activ e sess ions .
Page 116
Inte grat e infor mati on prot ecti on into serv erbas ed solu tion s suc h as doc ume nt and reco rds man age men t, email gate way s and arch ival syst ems , auto mat ed wor kflo ws, and cont ent insp ecti on. Impl eme nt an appl icati
Page 117
on to encr ypt and decr ypt cont ent, retri eve tem plat es and revo cati on lists, acq uire licen ses and certi ficat es from a serv er, and perf orm man y othe r relat ed task s bas ed on user right s and per miss ion. Allo w cont ent own
Page 118
ers to conf igur e right s man age men t to ena ble user s to ope n, mod ify, print , forw ard, or take othe r acti ons on right sman age d infor mati on. Impl eme nt right s man age men t solu tion to ena ble user s to publ ish and
Page 119
con sum e right sprot ecte d cont ent. Cre ate a unif orm auth enti cati on syst em for diffe rent appl icati ons that has the abilit y to sync hron ize acc ount s, reso urce s, and cred enti als amo ng dire ctori es. Prov ide dire ctor y serv ices
Page 120
for dire ctor yena bled appl icati ons to sim plify the appl icati on inst allati on proc ess. Prov ide a cent ral loca tion for conf igur atio n infor mati on, auth enti cati on requ ests , and infor mati on abo ut all of the obje cts that are
Page 121
stor ed on serv ers. Ena ble auth enti cati on at logo n and mec hani sms that cont rol acc ess to dire ctor y reso urce s. Set up trust relat ions hips to proj ect a user 's digit al iden tity and acc ess right s to trust ed part ners . Prov
Page 122
ide man age men t con sole that sup port s pas swo rd rese t and the abilit y to set up grou ps in the dom ain. Depl oy a serv erbas ed dire ctor y infra stru ctur e to man age user s, com pute rs, grou ps, print ers, appl icati ons, and othe
Page 123
To advance from your current basic level to a standardized level of Optimization, we recommend the following projects:
Page 124
What's Next?
As you move beyond these industry averages and high level metrics to explore your particular and unique TCO, service levels, and business opportunities for improvement, we invite you to take advantage of the following next steps: 1. Review Optimization white papers and customer case studies to learn more about the benefits and value of IO. http://www.microsoft.com/optimization/default.mspx
2. Request that a Partner or Microsoft representative contact you regarding your Core IO
Assessment and next steps. https://profile.microsoft.com/RegSysProfileCenter/wizard.aspx?wizid=e040f48d-4111-42ca-ad5c97033d637df1&lcid=1033
Page 125
Page 126
Description
Spending (capital investments and leases) on desktop PCs for growth, replacements and upgrades. Spending (capital investments and leases) on laptop / notebook / mobile PCs for growth, replacements and upgrades. Spending (capital investments and leases) on thin clients for growth, replacements and upgrades. Spending (capital investments and leases) on Windows Mobile messaging devices for new deployments, growth, replacements and upgrades. Spending (capital investments and leases) on non-Windows Mobile messaging devices e.g. RIM Blackberry, Nokia) for new deployments, growth, replacements and upgrades. Spending (capital investments) on PC operating systems to support growth and upgrades. Spending (capital investments) on PC personal productivity application to support growth and upgrades. Includes Office applications. Spending (capital investments) on PC business applications (core infrastructure related) to support growth and upgrades. Spending (capital investments) on PC utilities and IT support and administration tools. Spending (capital investments) on any other PC CAL licenses or user core infrastructure software.
Annual maintenance and support contracts for PC operating system software. Annual maintenance and support contracts for laptop PC hardware. Annual maintenance and support contracts for thin client hardware. Annual maintenance and support contracts for mobile messaging device hardware and service contracts. Annual maintenance and support contracts for any other core infrastructure hardware. Annual maintenance and support contracts for PC operating system software. Annual maintenance and support contracts for PC personal productivity application software. Annual maintenance and support contracts for PC core-infrastructure business applications software. Annual maintenance and support contracts for PC utilities and IT tools software. Annual maintenance and support contracts for any other PC / CAL software. Spending (capital investments and leases) on file/print servers for growth, replacements and upgrades. File servers are used to store documents in a secure manner. Print servers are used to queue user documents for printers. Spending (capital investments and leases) on directory and networking servers for growth, replacements, and upgrades. Directory servers include Windows NT operating system for domains and Active Directory servers , as well as networking servers such as DHCP, DNS, and WINS (excludes networking infrastructure such as routers, hubs and switches).
Directory/networking servers
Description
Spending (capital investments) on server management software to support new capabilities, growth and upgrades. Includes Microsoft Systems Management Server (SMS) and configuration manager solutions. Spending (capital investments and leases) on messaging and collaboration servers for growth, replacements and upgrades. Includes servers that provide e-mail, calendaring, messaging and contact services for users through Microsoft Exchange or other messaging / collaboration servers. Spending (capital investments and leases) on any other core infrastructure servers for growth, replacements and upgrades. Spending (capital investments) on server operating systems to support new capabilities,
Messaging and collaboration servers Other infrastructure servers Server Software Purchases Server operating system
Page 127
File / print software Directory/ networking software Security software and tools Messaging and collaboration software Database software Server monitoring Server management Other Server Maintenance and Support Contracts Server Hardware Maintenance and Support Contracts File/print servers Directory/networking servers Security servers Messaging and collaboration servers Other infrastructure servers Server Software Maintenance and Support Contracts Server operating system File / print software Directory/ networking software Security software and tools Messaging and collaboration software Database software Server monitoring Server management Other
Core Infrastructure Optimization Assessment Report growth and upgrades. Spending (capital investments) on file / print management software to support new capabilities, growth and upgrades. Spending (capital investments) on directory / network management software to support new capabilities, growth and upgrades. Spending (capital investments) on security management software to support new capabilities, growth and upgrades. Spending (capital investments) on messaging and collaboration software to support new capabilities, growth and upgrades. Spending (capital investments) on database and data warehouse management software to support new capabilities, growth and upgrades. Spending (capital investments) on server monitoring software to support new capabilities, growth and upgrades. Includes Microsoft Operations Manager. Spending (capital investments) on server management software to support new capabilities, growth and upgrades. Includes Microsoft Systems Management Server (SMS) and Microsoft Systems Center Configuration Manager solutions. Any other core infrastructure software spending.
Annual maintenance and support contracts for file / print server hardware. Annual maintenance and support contracts for directory / networking server hardware. Annual maintenance and support contracts for security server hardware. Annual maintenance and support contracts for messaging and collaboration server hardware. Annual maintenance and support contracts for other infrastructure server hardware. Annual maintenance and support contracts for server operating system software. Annual maintenance and support contracts for file and print management server software. Annual maintenance and support contracts for directory and network management server software. Annual maintenance and support contracts for security management server software. Annual maintenance and support contracts for e-mail, messaging and collaboration server software. Annual maintenance and support contracts for database management server software. Annual maintenance and support contracts for server monitoring software such as MOM / Operations Manager. Annual maintenance and support contracts for server monitoring software such as Includes Microsoft Systems Management Server (SMS) and Microsoft Systems Center Configuration Manager Annual maintenance and support contracts for any other server core infrastructure software.
Description
Annual expenses for WAN network bandwidth, particularly expenses for connecting branch / remote office to headquarters - those expenditures which could be reduced with WAN optimization tools and practices. Annual expenses for dedicated security hardware such as VPN and firewall investments, particularly those at branch and remote offices which could be reduced with integrated security solutions such as Microsoft Internet Security and Acceleration Server (ISA).
Internal or contract (outsourced) resources responsible for PC hardware and software asset analysis and planning for evaluation and purchase / procurement. Internal or contract (outsourced) resources responsible for PC installs, deployments and replacements. Internal or contract (outsourced) resources responsible for assessing PC / client related security threats and performing security planning and risk mitigation activities. Internal or contract (outsourced) resources responsible for PC and client hardware moves, adds and changes. Internal or contract (outsourced) resources responsible for PC user administration including additions, deletions, moves, and changes. Internal or contract (outsourced) resources responsible for PC productivity and business applications management including maintenance and settings management. Internal or contract (outsourced) resources responsible for PC software deployments. Internal or contract (outsourced) resources responsible for PC break fix management and maintenance. Reduce the person hours spent creating traditional management reports, including design, incorporating data, data updating, and distribution
Page 128
PC Security Patch Management Number of patch events per year Average person hours per patch event PC Image Management Number of core images Number of image updates / distributions per year Number of hours per year testing and certifying images (per image) PC Security Breach Mitigation Incidents per year Average person hours to resolve issue Server Operations and Administration Server Infrastructure Management Server hardware and OS moves, adds and changes (MACs) Availability and performance management Application management
Core Infrastructure Optimization Assessment Report Internal or contract (outsourced) resources responsible for PC security patch management for operating systems and applications.
Internal or contract (outsourced) resources responsible for PC image management including planning, configuration management, builds and distribution.
Internal or contract (outsourced) resources responsible for PC security breach remediation (when risk is realized) including response, repair and post incident forensics.
Internal or contract (outsourced) resources responsible for server hardware and operating system configurations and reconfigurations (moves, adds and changes). Internal or contract (outsourced) resources responsible for server availability (up-time) and performance monitoring and management. Internal or contract (outsourced) resources responsible for server application management including application adds, moves and changes (configuration management).
Description
Internal or contract (outsourced) resources responsible for server proactive security Server security and identity / access management management and user identity and access management to servers and applications. Internal or contract (outsourced) resources responsible for server and network based disk, Server and network disk, storage and file management storage and file management. Internal or contract (outsourced) resources responsible for server data protection including Server backup and restore management backup and restore management. Networking services management Internal or contract (outsourced) resources responsible for server network management. Internal or contract (outsourced) resources responsible for server asset management, IT asset, reporting and compliance management reporting, auditing and compliance management. Any other core infrastructure server related internal or contract (external outsourced) Other server related IT full time employees resources. Internal or contract (outsourced) resources responsible for server security patch management Server Image Management for operating systems and applications. Number of core images Number of image updates / distributions per year Number of person hours per year testing and certifying images (per image) Internal or contract (outsourced) resources responsible for server image management Server Security Patch Management including planning, configuration management, builds and distribution. Number of Patch events per year Average person hours per patch event Internal or contract (outsourced) resources responsible for server security breach remediation Server Security Breach Mitigation (when risk is realized) including response, repair and post incident forensics. Incidents per year Average Person hours to resolve issue Internal or contract (outsourced) resources responsible for managing IT tools such as Tools and Directory Management operations and configuration management, and Active Directory / directory management. Managing systems management software such as SMS, Tivoli or Zenworks Managing directories or building policies for directories such as Active Directory or eDirectory Service Desk Internal or contract (outsourced) resources responsible for core infrastructure (PC, user and IT Service Desk server) service / help desk support including operators, level 1 basic support, level 2 advanced support and level 3 technical or dispatched support services. Contacts per month Average Level 0/1 support minutes per call Escalation rate to level 2 support (%) Average Level 2 support minutes per call Escalation rate to level 3 / dispatched support (%) Average level 3 / dispatched support minutes per call
Description
Page 129
Core Infrastructure Optimization Assessment Report Facilities and Overhead PC Power Server Facilities and Overhead Operating and Cooling Power Data Center Space Annual operating power costs for PC hardware. Annual costs for core infrastructure server operating and cooling power.
Description
Cost of end users supporting themselves (self-support) and each other (peer support) in lieu of formal support to the organization. Includes formal training and informal learning time.
Problem resolution downtime lost productivity when waiting for service desk issue resolutions. Includes reduction in average number of incidents, time resolution per incident (mean time to repair) and escalation rate.
PC unplanned downtime events and resultant lost productivity costs. This cost includes only unplanned downtime not tallied as part of end user operations (peer / self support), security breach impacts, PC data loss / recovery or service desk problem resolution wait time. PC planned downtime events for on-going system maintenance, patches, updates and upgrades and the resultant lost productivity costs. Unplanned outages to servers which cause user downtime and resultant loss of productivity. These costs do not include server data protection or security breach related downtime.
Planned maintenance to servers causing downtime and resultant loss of user productivity.
Lost user productivity when a security breach occurs (virus, malware) and systems have to be repaired or recovered. Includes security incident productivity impacts for both servers and PCs.
Description
Lost user productivity when a PC data loss incident occurs and the system needs to be rebuilt and recovered.
Lost user productivity when an infrastructure server data loss incident occurs and the system needs to be rebuilt and recovered.
Page 130