If you’ve been in the IT industry for awhile, you’ve no doubt noticed that it goes through one hype cycle after another. Many of us witnessed the dot-com explosion, implosion and subsequent MSP market conversion. Watching the cloud hype cycle of the past few years is a little disturbing -- not because I lack excitement about the massive possibilities of distributed computing, utility billing, virtualization advancements and economies of scale; they are large parts of my company’s business model. What bothers me is the extent to which companies will go to make a claim about the cloud. The exaggerations and omissions -- stemming from either ignorance, lack of risk aversion or outright dishonesty -- being used to sell cloud computing and cloud storage services are just nauseating. As an officer of a company competing in this environment, it’s especially hard for me to ignore these problems with cloud storage.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.
If you are presenting to management for a budget, and using this calculator as the basis for a Return on Investment (ROI), you will need to do more homework. An ROI measures as a ratio of the cost of investment against its expected benefit. For patching, calculating benefit can be very difficult to determine. How do you measure the cost of a system breach you have not yet had? You can estimate what expenses, penalties, and losses a company might incur when a breach occurs; but there is no certainty of a breach event and what those costs actually are. There are also regulatory compliance issues and/or potential fines for not patching, but those, too, can be vague. For calculating these potential risks and costs, it is advisable to enter into a discussion with your management team.