The total cost of ownership (TCO) for IT investments is the sum of all direct and indirect costs relating to that IT investment, and is a critical part of how you calculate ROI. But TCO is often greatly underestimated.
Gartner defines TCO as a comprehensive assessment of costs across enterprise boundaries over time. For IT, Gartner includes hardware and software acquisition, management and support, communications, end-user expenses, along with the opportunity cost of downtime, training and other productivity losses in its definition. But there’s a key variable missing from this equation. At Pythian we call that variable INCIDEX, or the expenses related to an incident, such as a major security breach.
INCIDEX is the cost to the business of not buying the redundancy or safeguards you need to ensure that your valuable systems perform uninterrupted. If you redefine TCO as CAPEX, plus OPEX, plus INCIDEX, everything makes sense. We like to call this the holistic TCO. You can use the holistic TCO analysis to justify a second datacenter strategy, or to justify an investment in security technology or to have a second supplier on standby.
A second data centre strategy can be seen as a broad doubling of CAPEX as you mirror your organization’s data infrastructure. This approach will also result in a meaningful increase in OPEX as you pay for data centres, system administrators and DBAs who know how to manage failover. This may sound like you’re incurring a lot of unjustified expense. But investing in redundancy can make perfect sense if you’re taking a holistic approach, and if the consequence of incident is high enough. And the consequences of IT incidents today are often are very high.
Why is INCIDEX so much more relevant today?
Over the last 30 years the cost of enterprise systems has plummeted. Servers that used to cost millions, now cost just tens of thousands of dollars. And technologies like Puppet, Chef, SaltStack, Ansible help you automate your data centre operations and reduce the requirement for system administrators and database administrators (DBAs). So the number of people you need to run your servers is much smaller today than ever before. With these advances, CAPEX and OPEX have fallen over time.
We used to live in a world where every building had a data centre in the the basement, and where an incident was usually an inconvenience only to the local IT team. Today, we’ve globally consolidated our data centres and workloads, and have globally integrated our enterprise resource planning applications. In this new world, a single incident has the potential to inconvenience thousands of people internally in a large organization. What’s more, it can impact your organization’s ability to generate revenue from those systems. In this new world, incidex is the dominant variable in TCO.
We’ve all read stories in which a single security incident damaged a global brand at a cost of hundreds of millions or even billions. If a billion dollar incident could be avoided with an investment in the hundreds of thousands of dollars in redundancy or security technology or in the quality of the people looking after your systems, would you make that investment? A holistic analysis of TCO would justify that investment.
To get the full benefit of your investment in these technologies, you need to ensure you have only the top talent working on your systems, including highly skilled, senior systems administrators and DBAs.
This is where Pythian can help. Pythian offers a complete range of solutions to help you adopt disruptive technologies, optimize your existing systems, and become more data driven. We can help you with everything from strategic IT advice to development and executive coaching, to full solution implementation and management to staff augmentation. Contact us today to learn more.