Monday, October 1, 2012

Saving Money with IT Security Processes. Example 5/26: Reducing Help Desk calls and duration with Patch Management

Article number 5 in a series dedicated to giving examples of the way IT security processes can help your company save money.

The Help Desk is the service provided by people who are there to collect user calls about IT incidents, answer them when possible and, when not, transmit to people who can. A typical Help Desk receives thousands of calls a month. Companies lose percents of their annual revenue in these incidents: incident ⇒ business is down, user (employee) is demotivated + Help Desk must be paid to intervene.

There are three levels of difficulty for a user call handled by the Help Desk:
  1. The Help Desk knows how to solve the incident described by the user, or they know to whom they should redirect it. This takes a few minutes and represents an important part of the whole lot.

  2. They don't know precisely how to solve incident nor whose help they should ask for. So they must investigate, take a lot of time to understand the real root of the incident and to act accordingly. Along the time, the Help Desk will build a database of knowledge about these incidents and, so, will improve its overall performance. However, this second level of difficulty represents the biggest part of all calls.

  3. The incident is just overly complex, the Help Desk knows they won't be able to solve the incident, so they just redirect it to the regular IT team and ask for help. This is a small part of all calls.

Improving on this may seem like climbing an impossible mountain.
However, IT Security can simplify the work of the Help Desk and save company's money this way: accelerate work ⇒ downtimes decrease + Help Desk teams can be reduced. One way is the Patch Management process.
Albeit unrelated at first sight, the Patch Management process keeps your software up-to-date. If it's up-to-date on all workstations, then it's precisely the same on all workstations. Then two workstations will have the same set of possible incidents, instead of two different sets of possible incidents. Now, if the Information System is 30 software pieces on 1,000 desktop PCs, then instead of having, say 5 different versions per software, you'll have just one. So, instead of 30 x 5 = 150 sets of possible incidents, you'll have just 30.

This means that the database of incidents (for level 2 difficulty) will grow faster compared to the total number of possible incidents. So a larger part of level 2 incidents will be treated as fast as level 1 incidents, resulting in a significant increase in Help Desk performance:
  • Users will be more satisfied,
  • Help Desk will find its job more rewarding,
  • Help Desk will save time, that can be put onto something else.
This is a very often forgotten side of security. Most people will just see Patch Management as a protection against vulnerabilities or vendors no more supporting old versions of software, but will overlook the virtuous circle of simplifying the information system.