How to Stretch Your Security Dollar

Unexpected ways to get additional ROI from security, business continuity, disaster recovery and compliance investments

By , ITworld |  Security, business continuity, compliance

Like the airbags in your car, a substantial amount of IT time and resources go into preventative and protective tasks. Things like security, compliance, business continuity and disaster recovery (BC/DR) that, while imperative, aren't necessarily producing any direct ROI, productivity, or other benefits during "uneventful" operations.

To be fair, the gear is bound to be earning its keep given the perpetual torrent of virus and spam-laden email, and DDoS attacks, not to mention failing compliance audits can mean big fines. Even so, it's arguably more of a "preventing losses, minimizing expenses" kind of ROI.

And all these preventative and protective measures add to IT budgets, which are already tight.

Photo by Rob Lee

"These expenses can run between five and ten percent of an annual IT budget -- not chump change. That covers ongoing expenses, not including initial purchase of hardware, software, or generators for DR sites," notes Beth Cohen, a Hot Technology Thought Leader (that's a real title) at TAC Advisory, whose career includes having been CIO and CTO at various startups, and before that, Director of Engineering IT at BBN.

Your disaster recovery hardware and software costs can be "anywhere from twice the costs of your production environment down to a much smaller amount, depending on the size of the production environment and on your recovery point and time objectives for the DR environment. If you are looking for full business continuity, it will be expensive," Cohen points out.

Find Other Uses

Do you ever wonder whether you could be getting some ROI on these investments when they're not being invoked for their primary purpose? Recoup some of the costs, helping these facilities pay for themselves, perhaps by saving money, improving productivity, even generating revenue?

The answer, according to a mix of consultants, users and vendors polled is, in general, yes ... sometimes enough to recoup the costs of the tool involved.

"You may buy for one reason, and can get double or triple the value from 'side effects,'" observes Jim Cuff, VP of strategy, Iron Mountain Digital.

Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question