As we pass our “Coronaversary” this week, the issue that has captured the attention of our clients is the need for enhanced IT security. The equipment replacement cycle has taken retrograde steps. It is time to take a look at what drives the replacement cycle and what impedes it.
2020 was far from a typical year, though from the standpoint of the replacement cycle, maybe it was.
Not everything ages similarly
Infrastructure items such as switches have the longest lifetimes in IT. Wired network speeds have plateaued at 10G just about everywhere but the data center. With VLAN and QOS capabilities now ubiquitous and five-year to lifetime warranties now standard, there is less need than ever to replace these. That is why I have focused on endpoints, notably desktops and laptops.
What drives replacement
There have always been primary drivers for hardware replacements: new features and greater performance, hardware failures, and OS obsolescence. Unfortunately for service providers, none of these are quite the drivers they once were. I will address each individually and then look at alternative ways to frame these discussions to drive your success.
New features, better performance
The days of doubling processor performance in a generation are gone. The transition from magnetic drives to SSDs, and then NMVe SSDs brought great leaps in performance, but the next move to PCI-E 4.0 and higher core count CPUs bring far less sizzle. New features like USB-C, BT 5.2, and WiFi6 add value, but the ‘wow’ factor is still somewhat limited.
Hardware failures
Once again, we are past the days when failures were common enough to trigger replacements. As a system builder, we have pretty good access to statistics, and we are now seeing machines approaching seven years before failures become common, and we have had customers use machines for twice that long. Newer machines simply do not fail with any regularity.
OS obsolescence
When Windows XP was finally retired, there was a wave of replacement, which repeated itself with Windows 7. But with Windows 10, all bets are off. Windows 10 is the “last version” of Windows, though 20H2 is the ninth “last version.” Windows 10 is approaching six years old, and worse yet, many machines running Windows 7 or 8 were upgraded in place. These waters are muddied.
Driving replacement
With machines that last a decade, no prospect of another ‘true’ Windows version, and no leaps in performance on the horizon, what can we do? Three strategies stand out — HAAS (hardware as a service with automatic replacements), support contracts that incentivize the replacement of older machines, and the ‘nuclear option’, which I will detail last. Each has its pluses and minuses.
HAAS
Build in the cost of hardware replacement and bundle it with support. It theoretically takes the negotiation over replacement schedules right out of the equation. With the right approach, this can be a great answer. But the devil is always in the details. Many clients simply do not accept the necessity to replace machines even if they are ‘free’ under HAAS. And the ‘headline cost’ is always higher.
Contract structure
If you build your MSA to mandate machines stay under warranty (typically for three to five years), you have created an incentive to keep things fresher and avoid running the oldest hardware. But this can lead to disputes and ill will if not done very artfully. Once again, clients often perceive any machine that will boot to be “just fine,” which does not address this perception.
The ROI angle
Far too many of our clients believe that if a machine boots, it is just fine. But we know that ‘just fine’ is not the case. Lost productivity adds up. Even a 10% performance increase means four fewer hours of time a week wasted and even at just $25/hour of burdened salary, which is over $400 monthly, which means that a typical new $1,200 productivity machine pays for itself just three months.
The nuclear option
Problems like side-channel attacks and other chipsets/CPU attacks are based on a combination of hardware and OS patches, but in older machines (typically over five or six years), the hardware patches are just not available, making those machines inherently insecure. And this is where it gets exciting. It is a powerful argument, but if it fails, you risk having to ditch the client.
In closing
In an ideal world, the ‘softer’ arguments of reliability, productivity, and ROI would be more than enough to drive these replacement cycles. But in our new 'less with more world' it has become harder than ever to drive this cycle. And the reality of service cycles is that three-year lifecycles do not necessarily make sense. But with the right mix of carrots and sticks, we can still drive this cycle.
Joshua Liberman is President and founder (in 1996) of Net Sciences, Inc, New Mexico’s most security-focused MSP. Joshua is a former rock and ice climber, martial artist, and lifelong photographer. He has traveled worldwide and speaks five languages. Heidi, his wife, calls him the most interesting geek in the world.
