Security VulnerablityBy Baselinemag | Posted 2004-02-05 Email Print
"Software that automates the management of personal computers can make a tech-support staff considerably more efficient."
Last August, 25 offices of Menlo Worldwidea subsidiary of CNF, a $5-billion logistics and shipping company based in Portland, Ore.were hit by the Blaster and Welchia worms. The self-propagating, rapidly spreading worms targeted Windows 2000 and Windows XP operating systems, causing debilitating network surges and crashing some machines.
A few Menlo locations were knocked offline for several days, hampering workers' productivity, although CNF says that it did not miss any shipments. To repair the damage, the company spent more than $200,000 on labor alone for technical staffers, says Roger Wilding, senior technical engineer at CNF. That figure doesn't include less-quantifiable losses, including projects that were put on hold while the computers were being revived. "That gave a wake-up call to management," Wilding says.
It turns out the only Menlo offices affected were those that were not being managed by CNF's SMS system at the time. As a result, none of the desktops at those locations had been automatically patchedas most of the roughly 4,000 other PCs throughout the company hadand therefore remained vulnerable to the worms. CNF soon afterward allocated the funds to upgrade to SMS 2003, which better integrates software-updating functions to track which machines in the organization need patching.
Wilding's group completed most of the upgrade in about 30 days, and now all desktops at CNF receive automated updates via the software. "In terms of risk avoidance, I'd say we've already recovered the cost of the upgrade," he says.
So if the value of such software is seemingly obvious, why isn't every organization using it? Complexity is one hurdle. IDC's Broussard says desktop-management software, while it's generally getting easier to use, tends to be more complicated than most organizations assume. Most packages require external databases and directory services, which are distributed repositories for information about users, devices and other network resources.
For that reason, customers say, it's well worth paying for extra consulting and training services. Dustin Sanders, director of networking services at Packaging Corporation of America, a cardboard manufacturer based in Lake Forest, Ill., last year decided to spend $30,000 for a week of ZENworks training. He and his 17 tech-support staffers, who manage 4,200 desktop computers at about 100 sites nationwide, received a deep tutorial on the software from a Novell instructor. The payoff was practically immediate, he says: "That was unbelievably good, because then I was able to customize ZENworks for what I needed it to do."
As Broussard notes, "Your average twenty-first-century American is familiar with a computer. But these tools assume you know how to use servers and networks."