When DEX Strategies are Abandoned

Written By Steve Walsh

A couple months ago, I watched a certain unnamed airliner (that can’t catch a break in the news lately) talk about their culture of people first and how EUEM tools made sense for their company.  While I do believe they want to do better, it makes me wonder how many companies DEX strategy might be derailed/canceled/deferred by a lacking a mature Computing / Security / SDLC strategy.

Before the holiday break I spoke with a peer via video who asked if I had any experience working with leadership that despite huge success with their EUEM tool, they would not be renewing.  I instantly grew suspicious on the definition of “huge success” but after they shared some facts, I did some napkin math that determined they were seeing 3X ROI via automation, cost avoidance, productivity savings, etc.  My latest favorite question to ask everyone I talk was my next question.  “What is their MS Security Score?” as you can gather some key information based on a low number, or, you get a puzzled look on the other end.  My peer smiled as indeed I was onto the problem.  While a subset of the organization did some incredible things with their DEX tool of choice, the rest of the organization neglected the rollout of MFA, policies were never implemented, tools did not integrate with ITSM tool of any choice, 99% Windows 10 Compliance really meant, 99% has Windows 10 but 20% of those could not be uplifted to a supported version of Windows 10….

As I read details of the Southwest story over the past few days, in between the apologies and ownership and I have zero doubt, eventual success of turning this around, I am reading they knew their systems were outdated.  How many of those outdated systems are also run on unsupported OS’s?  What will the labor costs be to get their Computing strategy up to par with their DEX strategy?  Or, if it’s just the SDLC strategy, who will be the person ultimately responsible?

Other colleagues and I just heard a pretty inspirational message a couple months earlier live and in person about how Southwest was going to do great things with their selected EUEM tool and how DEX mentality really was culture wise, very much Southwest mentality too.  I couldn’t help but think that where employee monitoring is on the rise at many companies, it would be disappointing to see a company who is using a EUEM tool for good might not get to do so in the new year…and I really hope that I am wrong about that.

So my advice to my peer…ideally, that DEX strategy pivots to help improve overall environment Compliance in the environment.  EUEM tools are excellent at finding tech debt, and then deciding what you would like to them.  Reach out and identify that generic login account on that legacy OS by asking a simple question, “who is logging into his machine?”  Or, “forcing” a support desk call if you really need to grab some attention…point is, work out a plan with Security, IT, and HR leaders to drive improvement.

While EUEM tools can take End User Computing’s value in an organization to a new level of automation, organizations must be mature from a security and vulnerability perspective as well.  While companies can and do execute mature Computing and DEX Strategies concurrently, EUEM tools are usually short lived when other key priorities aren’t also front and center.

Steve Walsh https://www.aylaconsultingllc.com
Previous

NASA’s Software Asset Management
Next

ControlUp Test Drive