High instances of missing anti-virus software, un-patched software,
the prevalence of malware and poorly managed hardware lifecycles are
negatively impacting the effectiveness of the average North American
information worker. The report underscores how the challenge of setting,
monitoring and enforcing IT policies is limiting the productivity of North
American organizations and exposing them to unnecessary security risks and
needless expenditures.

Collected over a two year period, the report uses inventory data from
some 90,000 desktops and servers, representing over 200 organizations from
across the United States and Canada. Through a process called the Softchoice
TechCheck(TM), participating organizations were asked to complete a survey
detailing their organization’s stated IT policies, practices and standards.
They then provided Softchoice with a copy of the data from their inventory
solution for analysis. The two information sources were compared in order to
identify the gaps between stated IT policies and practices and the realities
of the desktop environment itself. The aggregated statistics formed the basis
of the study.

“What we have seen is a breakdown within IT departments when it comes to
verifying the healthy state of their technology assets,” said Edwin Jansen,
manager of the Softchoice services group responsible for the study. “Our
findings show that many organizations either don’t realize the value of
maintaining effective IT asset management practices or they don’t think they
need to be worried. This is clearly not the case.”
While most organizations stated that they believed themselves to be well
protected from a security perspective, of the PCs surveyed in the study, 6
percent were found to be missing antivirus software entirely and 5 percent
were found to be missing the most current anti-virus updates. Moreover, on
average, 23 percent of PCs within organizations were found to be missing major
Operating System (OS) Service Packs, a critical line of defense in protecting
end users from the latest virus threats.

“There’s a real gap between how secure people think they are and what
protections have actually been deployed to the desktop itself,” said Dean
Williams, a Services Consultant for Softchoice and the author of the report.
“This disconnect is translating directly into serious risks, even for
organizations that have invested substantially in network and desktop security
On average, 49 percent of the PCs surveyed were found to have moderate to
severe infestations of adware, spyware and other malware. While not
immediately obvious to the end user, the presence of even one or two malware
applications can substantially degrade a PC’s performance, leading to longer
computer boot up times and higher rates of system crashes, all of which affect
end user productivity.

Sixty three percent of participating organizations said they were
attempting to actively maintain a hardware asset lifecycle within their
organizations. Of this group, 39 percent of the hardware assets inventoried
were found to be beyond the organization’s stated lifecycle or PC retirement
schedule. PCs typically pay for themselves many times over; however, at the 36
month mark, the costs of supporting and maintaining these systems begin to
increase and, by 42 months, often surpass the outlays made in the initial 12
month period.
“The popular wisdom seems to be that keeping a PC in use longer means
less money spent,” added Mr. Williams. “But issues such as increasing support
costs, decreased resale value and even potential costs for disposal
demonstrate that managing a predetermined retirement age for PCs has
significant benefits.”

Softchoice Services was responsible for providing the TechCheck
consultations and for compiling the data used in this study. In all, survey
statistics and IT inventory data from 210 organizations were utilized for the
analysis. A wide variety of industries were represented in the study including
healthcare, technology, insurance, financial, non-profit, education,
government, and manufacturing. The organizations ranged in size from 28 to
4,452 PCs; the average number of PCs per participating organization was 456.