Power management has gained renewed interest to many IT and security organizations because (1) power savings can drive a significant operating expense reduction, (2) the risk of security incidents and breaches can be reduced, and (3) first pass patch success rates can be improved. These three objectives can be realized using BigFix Power Management, a capability included in BigFix Lifecycle.

Reduce Power Costs

In the past, power management was all about savings including electricity, cooling requirements, reducing carbon footprint since a considerable amount of power was consumed.  Much of the time, these desktop computers were idle – users not logged in – at times during the day, all night, and over weekends costing corporations potentially an extra hundred dollars or more per computer each year. The adoption of laptops changed this dynamic as power consumption became an integral part of laptop design. Lower power CPUs, LCD displays, solid state hard drives and powerful batteries reduced the power consumption significantly.

When laptops are plugged in at the office, however, they often run in high efficiency mode and are attached to external monitors – both of which consume more power than expected. Additionally, 68 percent of organizations report that desktops are still the primary computing device for employees.[1] Relying upon employees to voluntarily adopt power saving practices and habits is typically ineffective.  Organizations can realize significant power savings by enforcing power saving policies, on both laptops and desktops, and prevent users from changing configurations.

BigFix Power Management includes a number of strategies for saving power all workstations. Some common power saving strategies are

• Enable Monitor Standby – Monitors represent a significant portion of power usage for desktops and laptops. Enabling Monitor Standby has minimal end-user impact because most monitors recover quickly from low power mode. Monitor Standby can be easily combined with the System Standby or Power-off strategies below.
• Enable System Standby – As computers use very low power in standby mode, System Standby is considered the best approach to power management. Users must wake computers with a mouse click or keyboard strike before using them, but most computers wake from standby within 10 seconds.
• Power-off Computers – You can power off computers at predefined times to save electricity but can impact users the most.

Another Feature of BigFix Power Management is its ability to model different power profiles and estimates savings. After BigFix Power Management is deployed, baseline data is collected about current power consumption. After a few days, BigFix is then able to estimate possible annual savings. As shown below, BigFix shows the current power usage, the possible minimal power consumption, and an estimated annual savings of $233 per device! Therefore, an organization with 10,000 workstations could save an estimated USD $2.3M annually.

Reduce Security Risk

Company assets can no longer be fully defended by a firewall — the historical perimeter defense mechanism.  The growth of virtualization, new managed devices, and remote employees working from home and other public locations has made it difficult for IT and security organizations to define and protect the perimeter.  Endpoints have become the new perimeter and securing them is key to preventing security incidents.

In additional to keeping endpoints continuously patched, turning idle endpoints off can minimize unauthorized access especially during non-business hours. Historically, forcing machines into suspend or hibernation mode was politically difficult due to impact to end users.  However due to the rise of security incidents and data breaches, automatically turning systems off during non-business hours is effective at reducing security risk and worth the tradeoff. BigFix Power Management can power down, suspend or hibernate workstations after a configurable period of idle time — shrinking the attack surface.

 Improve Patch Effectiveness

Workstations that are on the network but powered off cannot be patched. BigFix Power Management enables WoL (Wake-on-LAN), allowing BigFix to boot systems that are powered off allowing BigFix to execute patch and remediation actions, thereby increasing the first pass patch success rate. Once patch/remediation actions are complete, BigFix Power Management can then power systems back down. Wake-on-LAN also reduces the impact on end users allowing patching to be performed outside of normal work hours. With BigFix, policies are extremely flexible allowing organizations to develop and enforce a comprehensive set of power management policies for many different groups of workstations to satisfy almost any business need.

BigFix Power Management is a feature of BigFix Lifecycle. For more information, visit https://www.BigFix.com/ where you can schedule a demo or request more information.

[1] https://www.spiceworks.com/press/releases/spiceworks-study-reveals-desktops-and-desk-phones-still-dominate-in-the-workplace/

Author:  Dennis Jensen, Director of BigFix Competitive Insights.  Editor:  Cy Englert, BigFix Marketing.