Embed Size (px)
Citation preview
Security and Infrastructure OptimisationSecurity ConsiderationsName Barry HughesTitle Senior Consultant - MCSMicrosoft Corporation
Agenda
• What is the IO Model and where does it come from?
• Outline Core IO model and its benefits• Review the IO assessment tools• Sample outputs
Agenda
• What is the IO Model and where does it come from?
• Outline Core IO model and its benefits• Review the IO assessment tools• Sample outputs
End-user Downtime
Poorly IntegratedSolutions
SecurityThreats
Manual Processes
TechnologyChange
InfrastructureComplexity
CostPressures
InflexibleArchitectures
IT ServiceManagement
IT Challenges Today
IT Budgets
Models
Meeting the Challenge:Infrastructure Optimization
• Grounded in industry analyst and academic work
• Variant of the Gartner IOMM
• Benchmark for technical capability and business value
• Drive cost reduction (IDC, WiPro), security, and efficiency gains
• Enables organisational agility
• Implementation of Best practices
• Sequencing framework• Step-by-step
implementation• Vendor agnostic
Cost Center
More Efficient Cost Center
Business Enabler
Strategic Asset
BasicStandardiz
ed Advanced Dynamic
Application Platform
BasicStandardiz
ed Advanced Dynamic
Business Productivity
BasicStandardiz
ed Advanced Dynamic
Core
Agenda
• What is the IO Model and where does it come from?
• Outline Core IO model and its benefits• Review the IO assessment tools• Sample outputs
Core Infrastructure Optimization Model The journey to enhance IT’s impact to the business
CROSS-MODEL ENABLERS
Desktop, Server and Device ManagementDesktop, Server and Device Management
Security and NetworkingSecurity and Networking
Data Protection and RecoveryData Protection and Recovery
Identity Presence Rights Mgmt Network Access
IT & Security ProcessIT & Security Process
Identity and Access ManagementIdentity and Access Management
What does Maturity look like?
Source: GCR & IDC data analyzed by Microsoft, 2006
Security Best Practices That Optimise Infrastructure … and save money
Source: GCR & IDC data analyzed by Microsoft, 2006
No Identity Management• Multiple directories• No PC Management• Many passwords; SDcalls• Manual user provisioning
Basic Identity Management • Single Active Directory• Limited PC Management• Manual User Provisioning• Single directory for Auth
average IT labour costs per PC per
year
$1320/PC Cost$580/PC Cost $230/PC Cost
Full Identity Management • Single sign-on• Meta Directory• Automated Password Reset• Automated User Provisioning
Minimal PC Security• Anti-virus• Reactive security
Limited PC Security • Centrally Managed PC Firewalls• Automated Patching
Comprehensive PC Security • Anti-Spyware• SW inventories for patching compliance• Network Access Control and
Quarantine
Comprehensive PC Security = $160/PC Savings
Identity Management = $210/PC Savings
$80/PC $130/PC
$70/PC$90/PC
Belfast TrustCustomer Case Study
...Infrastructure Optimisation Experience
Agenda
• What is the IO Model and where does it come from?
• Outline Core IO model and its benefits• Review the IO assessment tools• Sample outputs
Alinean Tool
demo …How to use the Alinean tool What the output looks like
Agenda
• What is the IO Model and where does it come from?
• Outline Core IO model and its benefits• Review the IO assessment tools• Sample outputs
Your Industry Assessment
Basic - 1 Standardized - 2 Rationalized - 3 Dynamic - 4
B S R DIndustry Comparison
Core IO Top BenefitsBusiness Goal /Feature
Benefit Total 3 year Savings
Server Operations and Administration
Labour to manage the servers €1,827,296
Server Maintenance and Support Contracts
The ongoing annual hardware and software maintenance and support contract costs for servers to support file / print, directory, security and messaging / exchange.
€323,759
Business Goal /Feature
Benefit Total 3 year Savings
PC Operations and Administration
For PC operations and administration, the internal IT staff labour, outsourced / contract labour and managed services contract costs for current (as is) and costs and benefits for proposed (to be). Includes PC Infrastructure (PC engineering): procurement, MACs, security management, user administration and provisioning, PC application management, software deployment, break-fix maintenance and PC data and storage management.
€207,980
IT Service Desk IT service desk costs for the current (as is) and costs and benefits for the proposed (to be) optimised plans.
€183,463
Core IO Top Benefits
Business Goal /Feature
Benefit Total 3 year Savings
Server Hardware Purchases
The ongoing annual hardware amortized costs and upgrade costs for servers to support file / print, directory, security and messaging / exchange. Consolidation is based on Solution Selection settings of physical / logical or virtualization / workload management consolidation practice selections, and specific settings as to the level of consolidation available / possible. Additional savings such as avoidance of maintenance and support contracts, facilities and overhead, and most importantly labour to manage the servers is covered under Server Operating Costs and Server Operations and Administration respectively.
€167,865
Improve Search Effectiveness (indirect)
The incremental benefits from improved search functionality, helping users to find files.
€135,165
Core IO Top Benefits
Business Goal /Feature
Benefit Total 3 year Savings
Service desk problem resolution
Problem resolution downtime lost productivity when waiting for service desk issue resolutions. Compares current (as is) costs to costs and benefits for the proposed (to be) optimised infrastructure)
€82,363
Server Software Purchases
The ongoing annual software for servers to support file / print, directory, security and messaging / exchange including costs for the current (as is) and costs and benefits for the proposed (to be) optimized plans.
€70,052
Core IO Top Benefits
Business Goal /Feature
Benefit Total 3 year Savings
End User Operations Cost of end users supporting themselves (self-support) and each other (peer support) in lieu of formal support to the organization. Includes formal training and informal learning time. Compares costs for current (as is) with the costs and benefits for the proposed (to be) optimized infrastructure.
€59,190
PC Power The power costs for PCs in the current (as is) infrastructure, and power costs and savings in the proposed (to be) optimized infrastructure.
€56,643
Other benefits €260,529
Total €3,374,308
Core IO Top Benefits
Cumulative Costs vs. Cumulative Benefits
Summary of Core IO ROI Analysis from Alinean
IT Budgets
• Reduces net total costs per user per year from €3,144.85 to €2,316.80
• Improves overall IT productivity through task automation and proactive avoidance, reducing labour related efforts on Client and Server IT Operations and Administration from: − 27.17 full time equivalents (FTEs) in-house
resources to 8.13 FTEs under the optimization plan, making 19.04 FTEs available for projects (Year 1)
• Reduces service desk calls from 966.3 total calls per month to 386.5 total calls per month
Summary of Core IO ROI Analysis• The projects will require a €351,830
initial investment and €591,952 cumulative investment over 3 years.
• Comparing costs and benefits, the project is expected to deliver:− Risk Adjusted ROI of 371 %− Net Present Value (NPV) savings of
€2,117,601− Payback period of 16 month(s), 4 months
after implementation
Next Steps
• Build IO roadmap of projects• What a typical IO roadmap looks like
Proposed program plan
Proposed program plan
• Priority 1 – 5 Projects - De-Risking• Priority 2 – 0 Projects – Stabilising• Priority 3 – 2 Projects – Quick wins• Priority 4 – 10 Projects – Enablers• Priority 5 – 5 Projects - Business Value
Realisation• Priority 6 – 0 Projects - Service
Optimisation
Priority 1 – De-Risking
• Desktop and Server Firewalling• Server and Domain Isolation of Finance
& HR• Implement device lockout on mobile
and Non-PC devices• Directory Services Consolidation
through Identity & Access Management Optimisation
• Network, Security and Process Optimisation
• Establish a configuration management database as an enabler for Security Process
Priority 2 – Stabilising
• No projects identified for this customer
Priority 3 – Quick wins
• 2007 Office System Compatibility Pack
• White Pages and Self Service
Priority 4 – Enablers
• PKI Infrastructure• Implement a secure wireless
networking infrastructure – rogue detection
• Implement a standard set of server images based on server role
• Server Virtualisation strategy and deployment
• Data Protection Solution Cost Review• End to end Service Management
Solution Optimisation
Priority 4 – Enablers (continued)• Desktop Optimisation, Deployment
and Encryption• Configuration Management
Optimisation• Presence Solution• Rights Management for document
and email protection
Priority 5 - Business Value Realisation
• Implement Server Backup & Restore solution using Virtualization
• Implement Virtualization for your Application Testing Environment
• Implement a consolidation strategy for Branch offices
• Enterprise Search• Instant Communications
Priority 6 - Service Optimisation• No projects identified for this
customer
Summary
• Security is inherent throughout the IO model
• Demonstrates the Business Value of security solution
• Assessment tools for “where am I?”• Implementer Guides for step-by-step
“where do I want to be?”
• http://www.microsoft.com/io• http://www.microsoft.com/business/peopleready/d
efault.mspx
• http://download.microsoft.com/download/a/4/4/a4474b0c-57d8-41a2-afe6-32037fa93ea6/IDC_windesktop_IO_whitepaper.pdf
• http://download.microsoft.com/download/9/f/3/9f337be9-cc5a-46d6-bcbd-27e77acdb0ed/IDC_ADIO_whitepaper.pdf
Resources
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after
the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
