The business case for endpoint management modernization according to Microsoft
Is your Chief Financial Officer (CFO) asking you to cut costs? This is a current theme with many of the Chief Technology Officers (CTOs) I speak with. After all, inflation in the United States is now at 8.5 percent, meaning higher input costs for businesses.1 This includes staff—Skillsoft reported that the number of IT decision-makers facing a talent shortage has grown to 76 percent,2 meaning wages are increasing for in-demand IT employees.3 Furthermore, the cost of recruiting and retaining IT staff has increased. Any CTO who can help the CFO with Benjamin Franklin’s old phrase “a penny saved is a penny earned” will win plaudits in the C-suite.4
Yet the “penny saved” dictum needs to be updated from the 18th century to be helpful. It is important to not just think about reducing the price of software licenses by a few percent but to understand the total cost of ownership, including the value of employee time and hidden costs, such as ongoing productivity losses caused by security breaches. It’s also important to recognize that business cases may have changed in the past couple of years because of changes in staff costs or the cost of cyber breaches.
Given this context, this blog post proposes some new ways of thinking about the economics of unified endpoint management (UEM). We’ll start by recapping the main savings you’ll see in a business case for UEM,5 before talking about recent industry trends and how they change how some customers are calculating the value of implementing UEM.
Recapping the business case for unified endpoint management
An independent Forrester analysis5 described three of the main benefits of Microsoft’s unified endpoint management:
- The savings from reduced support tickets due to more automated endpoint security.
- The savings from centralizing endpoint management by attaching on-premises devices to the cloud.
- Reducing the risk of a security breach and the associated costs from data loss.
Reducing support needs
The first plank of the business case is how unified endpoint management reduces support needs. The logic is straightforward: fewer support tickets result in fewer hours spent by helpdesk staff. For a 2021 commissioned Total Impact™ study of Microsoft Endpoint Manager,5 Forrester Consulting independently interviewed enterprise organizations to help benchmark the scale of the savings in reducing support needs. The savings can be thought of in terms of the support required at every stage of the user lifecycle. For example, Forrester estimates reductions in the time required to configure a new endpoint or to set up a new user on a laptop. These organizations told Forrester that the time taken to set up a new laptop can be cut by 25 percent for both users and IT admins in some cases, which is significant if it previously took a combined total of six hours to get a new employee up and running.6 After that, there is the general reduction in support tickets by users who have less need to call the helpdesk (through proactive, automation of issues before the user is even aware, for example). Our customers tell us they have seen a 20 to 40 percent reduction in tickets after the modernization of their endpoints.5 They also tell us there are further savings in helpdesk staff being able to resolve existing tickets faster by reducing the complexity of the tickets they are handling. All in all, the automation of workflows from unified endpoint management saves IT time, which can then be redeployed to more strategic projects.
Centralizing endpoint management and connecting on-premises devices to the cloud
The second part of the business case is the ability to centralize endpoint management and thus reduce fragmented costs. Allowing IT admins to manage devices from anywhere provides for greater staffing flexibility and economies of scale as IT admins can manage endpoints from one console, rather than separate panes of glass. It also ensures devices are configured and up to date with the latest security patches, whether the device is on a local network or not.
Some of the business case for this will be counted below, in reducing the risk of a security breach. Yet centralization also opens the ability to reconsider spending on overlapping technology and staff costs. For example, this might result in some legacy software savings, either through subscriptions, licenses, or maintenance costs. Additionally, the overhead costs of managing several vendors that support different device platforms or that provide services adjacent to endpoint management may be reduced by consolidating into a single solution. Equally, there might be on-premises hardware costs that can be re-examined. Lastly, customers tell us of staff time savings: onsite IT admins and network engineer hours can both be reduced significantly with this approach.
Reducing the risk of data breaches or non-compliance
Finally, unified endpoint management helps reduce the risk of data breaches. Forrester estimates the lost productivity of a security breach per affected employee at almost half a working day (about 3.5 hours) per year,5 as they may need to update their device with the latest patch or recover work or data that is impacted by the breach. Reducing the risk of a data breach by 30 to 50 percent (as some of our customers have estimated, especially as part of a broader Zero Trust approach) therefore results in significant enterprise savings. On top of the lost employee productivity costs, there are direct out-of-pocket costs of a data breach, such as the extra work in remediating the breach and possible increases in insurance premiums.
Updating the 2022 endpoint management business case for today’s world of work
So why am I encouraging you to revisit the business case for moving to cloud-based endpoint management? In short, two major things have changed. First, rising IT staff costs mean the relative value of automated solutions is higher than before. Second, the shift to remote and hybrid work has increased the average cost and risk of a data breach for companies, making the cost of not acting higher.7
First, statistics indicate an extremely tight labor market for IT talent. In January 2022, there were roughly 340,000 unfilled IT job openings posted by employers,8 11 percent higher than the average from the past 12 months.8 Gartner® reports that “IT executives see the talent shortage as the most significant adoption barrier to 64% of emerging technologies, compared with just 4% in 2020.”8 Further, those already employed in IT are looking elsewhere. An October 2021 survey from TalentLMS and Workable found that 72 percent of respondents in the United States are thinking of quitting their jobs in the next year.9
These dynamics have resulted in wage inflation. The Information and Cyber Security Salary Guide revealed the median salary for security engineers with one to two years of experience has risen 7 percent in the past year in the United Kingdom, while United Kingdom information security managers with over five years of experience can expect a 9 percent pay rise this year. Across help desk staff, network engineers, IT admins, and security engineers, the more that can be automated, the fewer hours needed (and consequently the less need to hire more IT staff to handle organizational requests).
Second, the cost of a data breach is higher the more an organization has moved to remote and hybrid work environments. According to the Cost of a Data Breach report by IBM and the Ponemon Institute, the cost of data breaches rose nearly 10 percent year over year in 2021. Moreover, the average total cost of a data breach was 28 percent higher when remote working was a factor in causing the breach (USD4.96 million per breach, on average) compared to breaches where remote working was not a factor (USD3.89 million per breach, on average). This discrepancy rises the more staff work remotely. The average cost of a breach at organizations with 81 to 100 percent of employees working remotely is USD5.54 million compared to USD3.65 million for organizations with fewer than 10 percent of employees working remotely.
Despite the big cost impact of a potential data breach, there are small things that you can do or act on immediately.
First, if you haven’t already, proactively engage with your company’s CFO on the topic of strategic value, not just costs and budgets. As I said at the start, the relationship between CTO and CFO is increasingly vital in ensuring an organization performs optimally.
Second, as part of that discussion, I’d encourage you to nominate someone on your team to revisit the business case for UEM in light of staff wage inflation and higher breach costs. To help you along, here is a description of Forrester’s business case for UEM, and Microsoft can help you customize and calculate the business case to your circumstances.
1Consumer Price Index Summary, Economic News Release, U.S. Bureau of Labor Statistics.
23 out of 4 IT teams are facing critical skill gaps, Brandon Vigliarolo, TechRepublic. November 11, 2021.
3Employment Cost Index Summary, Economic News Release, U.S. Bureau of Labor Statistics.
4A Penny Saved is a Penny Earned, American Numismatic Association. October 6, 2019.
5The Total Economic Impact™ of Microsoft Endpoint Manager, Forrester Consulting. April 2021.
6The Total Economic Impact™ of Zero Trust Solutions from Microsoft, Forrester Consulting, December 2021.
7Cost of a Data Breach Report 2021, IBM Security, Ponemon Institute. 2021.
8Gartner Press Release, “Gartner Survey Reveals Talent Shortages as Biggest Barrier to Emerging Technologies Adoption” September 13, 2021
GARTNER is the registered trademark and service mark of Gartner Inc., and/or its affiliates in the U.S. and/or internationally and has been used herein with permission. All rights reserved.
9IT Workers Will Be Hard to Find and Keep in 2022, Nicole Lewis, SHRM. December 13, 2021.