Why managing your own SOE is time (and money) wasted

Author: Martin McGregor, CEO and Co-founder, Devicie

Infrastructure-as-a-service is now a smarter, safer and cheaper way for many organisations to manage your SOE.

Years ago, when I worked in an IT helpdesk role, the boss pointed out that my team should never make jokes about people calling for technical support because they were professionals in other fields.

If you’ve seen The IT Crowd, there’s a very real concept presented. A lot of the requests IT helpdesk professionals get are well below their skill level. ‘Turning it off and on again’ can still end up as the cure for some of the issues that come across your desk. What stuck with me was that the technology solutions I implement are only as good as their ability to assist people in improving their efficiency and, overall, improving how they work. I was there as a computer specialist, so their employees didn’t have to be, and that was ultimately better for the organisation.

I’ve built my career as an IT and security generalist, building and securing what is often referred to as corporate technology; that is, the universal infrastructure that underpins business operations. This includes end user compute (EUC), security, storage and collaboration capability. While there’s no doubt corporate technology helps improve overall workplace efficiency, I have seen first-hand many companies spend far too much time, money and resource on this tech, when they would have been better served focusing on building and improving value-generating technology. I have built hundreds of email servers for customers, sized from a couple of staff to tens of thousands.

When you stop and consider that nobody builds their own email systems anymore, it seems reasonable to ask why any company would still build and maintain their own infrastructure to manage and secure end-user devices. Both are crucial parts of the corporate tech infrastructure, and both require specific expertise and unique knowledge. Both have security risks, too.

So why is one outsourced completely, yet the other mostly insourced?

The technology to provide a cloud-based infrastructure-as-a-service is relatively recent. And like every SaaS solution brought to market since the noughties, it takes a period of time for widespread adoption. Firstly, for IT departments and business managers to become aware of the opportunity, and then to accept that a centralised, cloud-based provider of services could be more capable, efficient and cost-effective than either traditional DIY or a services-based outsourcing approach. The same is true for EUC.

Pitfalls of  DIY SOEs

Upon reflection, almost every Standard Operating Environment (SOE) project to manage EUC that I was called in to assist on was on the back of a failed internal project. In some cases, millions of dollars of lost productivity were spent, despite an initial promise that it would make the organisation more efficient. The common theme was that companies didn’t fully understand the scope or complexity of the task when they started, so it went on for longer than they anticipated and came in significantly over budget.

Better technology investments

A better approach is when organisations focus their technology experts on improving their products and services, while keeping corporate technology costs as low as possible by outsourcing this to specialists in that domain. A good example of this is companies deciding they are going to build their own Microsoft Intune solution. Intune has powerful mobile device management (MDM) and mobile application management (MAM) capabilities, however, it is not an out-of-the-box solution. Like all generic corporate technology, it’s an enabler, where the value is gained after significant customisation. With Intune projects, I’ve seen a lot of time invested and millions of dollars spent without a successful outcome for the business.

Sometimes organisations take years of effort to realise they can’t do it internally. Often this effort has been at the expense of focusing on revenue-generating or value-creating technologies that can have a direct impact on the bottom line.

Benefits of an SOE-as-a-service

There are many benefits of a cloud-managed SOE solution that you rent rather than own.

Here’s my top three:

  1. You are paying a monthly fee for a service you don’t have to build. It is available in weeks rather than months or years, and if for some reason it doesn’t work, you will know it has failed straight away before you’ve invested in it or paid for it.
  2. You don’t have to maintain or upgrade it as your business develops, which has happened with every bespoke SOE ever developed. SOEs degrade over time and eventually need to be redone. It’s a vicious time and money sink cycle.
  3. You are giving over a complex – but generic – part of your business to experts, who focus on one thing only: providing secure and productive infrastructure to support your modern workforce.

Devicie’s 100% focus on a secure, productive SOE-as-a-service

Devicie is built by highly skilled SOE builders who have automated all the processes required to bring an organisation to that future state quickly, at a very low cost compared to building your own IT infrastructure.

We use a proven process to map end-user requirements carefully and use a piloting process to ensure employees can work functionally from that future state. Then we guide an organisation through that process to modernise their infrastructure and apps so they can get there as fast as possible.

In your future state with a SaaS-based SOE, every end user will have a consistent, positive device experience, with the most up-to-date security, applications and policies to enable them to work safely and productively.

Their devices can become a secure barrier for your business, rather than the most vulnerable and susceptible to cyberattacks. Devicie has no need for configuration or support from your IT team and manages every machine without an agent. The result is that your IT and security teams have 100% visibility of the compliance and security posture of every end user device, wherever it is being used, ensuring they are consistently patched, up to date, and included in reporting.

There is no longer any reason to spend money or time on building your own SOE. It is not a technology project that will make your business more competitive. Companies are better off reassigning those IT resources to managing the stack that affects your customers and impacts the quality of your products and services.

Related resources

Why securing end-user devices is a key part of the Zero Trust journey

Moving to the future state for device security can quickly uplift organisations towards Zero Trust while also facilitating a positive end-user experience. 

Read more
devicie essential eight capabilities statement

Devicie Essential Eight: Capabilities statement

This document outlines how Devicie helps organisations to quickly implement key ASD Essential Eight controls on end-user devices.

Read more
How Devicie automates Essential Eight on end-user devices

How Devicie automates Essential Eight controls on end-user devices

Devicie automates Essential Eight controls on end-user devices, so organisations can ensure security and productivity.

Read more