There is no doubt that anti-virus is the basic and one of the top critical security of all IT organizations. However, there might be sharp difference in the measurement of anti-virus effectiveness. In a previous presentation one year ago, I mentioned that the installation rate and update-in-time rate are two important factors to measure the performance of anti-virus system. In fact, a lot of IT organizations use these two factors as their KPI for desktop anti-virus or mal-protection.
We had some interesting practice on this. One year ago, we set up one new KPI – infection rate for anti-virus team, besides the above two. This new KPI means the number of infected machines in one month. At that time, we don’t know the average number of this KPI in the industry and even we don’t know whether or not it’s a proper KPI for anti-virus. One year passed. We lowered this number from above 10%, to lower than 5%. It’s a great achievement. The more convincing point is that we got to know this number of our international part is close to our current number of China.
The other potential KPIs and metrics for anti-virus system we discussed include the helpdesk ticket number related to desktop anti-virus, deskside support hours, number of re-installation of operating system, and etc.
When I worked at CA as principal consultant, I often present to customers on the value and benefits of a “end to end” application level network monitoring system. It helps IT guys build up the capability to pinpoint the the incidents and evaluate the business impact at the first glance. It helps the IT service providers show their service levels and KPIs and charge to their customers. It helps telco companies to enhance its product portfolio and expand its edge into customers’ premise… However, in the real world, it has more meanings.
Typically, IT has different function groups or departments, e.g. enterprise applications(ERP, CRM, and etc.) development team, application operations team, and infrastructure IT team. They have different missions and services. When ever an incident or bad performance user compliant occurs, no team can confirm it’s not their ball to solve this. A virtual team or a SWAT team is always kicked-off for no matter small an incident and complaint. The root cause analysis and responsibility often become a very touch job.
End to end application level network monitoring system can help on this greatly. Particularly for infrastructure IT and application operations team. This kind of system can build up the baseline for each site, each key operations and sensitive time slots. Any departure might lead to easier analysis on the “root cause”, and as a result, the solution and resolvement could be quickened.
Recent Comments