How to Stretch Your Security Dollar
Unexpected ways to get additional ROI from security, business continuity, disaster recovery and compliance investments
Like the airbags in your car, a substantial amount of IT time and resources go into preventative and protective tasks. Things like security, compliance, business continuity and disaster recovery (BC/DR) that, while imperative, aren't necessarily producing any direct ROI, productivity, or other benefits during "uneventful" operations.
To be fair, the gear is bound to be earning its keep given the perpetual torrent of virus and spam-laden email, and DDoS attacks, not to mention failing compliance audits can mean big fines. Even so, it's arguably more of a "preventing losses, minimizing expenses" kind of ROI.
And all these preventative and protective measures add to IT budgets, which are already tight.
Photo by Rob Lee
"These expenses can run between five and ten percent of an annual IT budget -- not chump change. That covers ongoing expenses, not including initial purchase of hardware, software, or generators for DR sites," notes Beth Cohen, a Hot Technology Thought Leader (that's a real title) at TAC Advisory, whose career includes having been CIO and CTO at various startups, and before that, Director of Engineering IT at BBN.
Your disaster recovery hardware and software costs can be "anywhere from twice the costs of your production environment down to a much smaller amount, depending on the size of the production environment and on your recovery point and time objectives for the DR environment. If you are looking for full business continuity, it will be expensive," Cohen points out.
Find Other Uses
Do you ever wonder whether you could be getting some ROI on these investments when they're not being invoked for their primary purpose? Recoup some of the costs, helping these facilities pay for themselves, perhaps by saving money, improving productivity, even generating revenue?
The answer, according to a mix of consultants, users and vendors polled is, in general, yes ... sometimes enough to recoup the costs of the tool involved.
"You may buy for one reason, and can get double or triple the value from 'side effects,'" observes Jim Cuff, VP of strategy, Iron Mountain Digital.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
disaster recovery
Powered by TwitterOn Twitter now
disaster recovery
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.







How to Stretch Your Security Dollar
The word is preventive, not preventative. Someone isn't preventating something from happening, they are preventing it from happening.