As the world embraces the hybrid working model, we have seen a significant shift in employees’ computing requirements. Hybrid workers expect a high level of performance from devices, no matter where they are – fast, fluid and without diminished security. And with devices on the go, employees want highly responsive laptops that can get them online quicker so they can stay productive, easily collaborate and chat with co-workers and tackle their to-do list more effectively. However, businesses are not refreshing their PCs and laptops as quickly as they should. According to a study by SMB IT market research firm Techaisle, at least 40 percent of SMBs have either no PC refresh policy or are not following the system. As a result, 32% of Windows 10 PCs owned by SMBs are more than four years old. Outdated PC devices and aging machines lead to frequent downtimes, impact work efficiencies, and hurt employee experience. Forrester Research, Invest in Employee Experience, Drive Your Bottom Line Growth, commissioned by Intel, reveals that 50% of employees report that their PC device is outdated or insufficient.
According to Techaisle, PCs that are more than four years old also reduce IT efficiency and productivity, resulting in 70 hours of productive time lost per year per PC. These PCs on average experience 3X more malware attacks and 3.5x more phishing attacks than more modern Windows 10 PCs. And wait, there’s more. According to StatCounter, 13.06% of all current Windows PCs are running Windows 7, which hasn’t been supported since January 2020. Although 71.76% are using Windows 10, and a further 10.07% have Windows 11 installed, that still leaves many people who have not upgraded to the latest operating system. PC fleets running on old operating systems (OS) mean more bug fixes, security patches and costly device replacements.
For IT personnel, it means bearing an even greater burden. Even if one at-risk device is affected by malware, it can bring down the entire network. See More: Why the Future of Work Depends on PC Fleet Stability and Predictability Security in Focus The past two years have been anything but normal for information security professionals. With cyberattacks on the rise, security pros across every industry are acutely aware of the risks posed by cybercriminals and how hackers are shutting down vital infrastructure and exploiting vulnerabilities in software. But increasingly, organizations are experiencing rapidly changing threats that directly target identities, access control and data below the OS. Attacks on the BIOS firmware have become too frequent and can give hackers control over the system, allowing hackers to install keylogging software and steal sensitive data. A 2021 Security Signals report showed that over 80% of enterprises had experienced at least one firmware attack in the past two years. Despite this sobering statistic, only 29% of security budgets are allocated to protect firmware.
This evolving reality affords IT managers and decision-makers a great opportunity to build a PC upgrade strategy that meets the shifting technology needs of hybrid workers and empowers IT with hardware-based security they can count on. The good news is that there is a straightforward solution to this problem. Learn why organizations should adopt a next-generation PC platform to uplevel PC fleet manageability, security and overcome key IT hurdles: 1. Troubleshooting out of band devices remotely It has become quite commonplace for IT to get a call from an end-user whose device has become corrupted due to malware downloads. By deploying PCs with Intel vPro® Enterprise for Windows, powered by 12th Gen Intel® Core™ processors, companies can utilize technologies and services within the Intel vPro platform, such as Intel® Active Management Technology (Intel® AMT).
Intel AMT is powered by a separate hardware engine on Intel chipsets, which means that Intel AMT can operate independently of the main CPU and independently of the operating system state. Intel AMT is always available and always accessible. Intel AMT needs to be activated and is only available with Intel vPro® Enterprise for Windows. In effect, Intel AMT provides persistent out-of-band connectivity that operates independently of the OS, allowing fixes to a broader range of system issues, even when the OS is down. With Intel AMT, IT can repair corrupted drivers, application software, or the OS on non-responsive systems or use KVM to monitor OS upgrades. 2. Improve efficiency and reliability of IT support Today, IT struggles to maintain dispersed device fleets and deliver remote support to end-users. An unresponsive laptop that users can’t power on or boot up results in end-user downtime. Either the user must ship the failing laptop back to the office, or wait for IT support to fix the device.
In such cases, IT needs hardware-level access and control features, known as out-of-band management, to troubleshoot devices. This allows IT teams to perform tasks such as PC setup and configuration, maintenance, and security updates. They can also deal with PCs that are powered off or unresponsive. In hybrid work models, next-generation business PC platforms enable IT teams to remotely and securely access out-of-band devices and fix corrupted or failed drivers and application software.
This greatly speeds up device repair and maintenance, helping employees to be productive again. The Total Economic Impact Of The Intel® vPro™ Platform (TEI) report by Forrester and commissioned by Intel estimated that by using the Intel vPro platform, an organization can improve employee experience and reduce security exposure. 3. Enjoy enterprise-grade security with confidence With hackers now attacking the BIOS on the PC, simple antivirus software defenses aren’t enough to defend against firmware threats. However, a PC powered by Intel vPro® Enterprise for Windows includes integrated hardware-based PC protection through Intel® Hardware Shield, which provides the following features:
Below-the-operating system security, which locks down memory in the BIOS against firmware attacks and enforces secure boot at the hardware level
Intel® Control-Flow Enforcement Technology (Intel® CET) provides hardware-based protection against multiple classes of attacks, including memory safety-based attacks and increasingly popular control flow subversion techniques. This technology helps prevent an entire class of attacks that can’t be thwarted with software-only solutions.
Intel® Threat Detection Technology (Intel® TDT) provides IT teams with real-time insights about end-user devices. With the industry’s first silicon-enabled AI threat detection, provided only by Intel, this enhanced security feature takes full advantage of the advanced telemetry capabilities of Intel® Hardware Shield by augmenting ISV solutions to help stop ransomware and cryptomining attacks.
These features are available out-of-the-box and minimize the risk of a malware injection by locking down memory in the BIOS when software is running and help prevent planted malware from compromising the OS. It also helps ensure the OS boots securely. The Total Economic Impact Of The Intel® vPro™ Platform found that respondents attributed an average of 76% of security improvements to the Intel vPro platform security features and tools, including Intel Hardware Shield, Intel Active Management Technology (Intel AMT), Intel EMA, and others. This clearly illustrates that Intel vPro provides enterprise-grade, multilayer, hardware-based security capabilities that empower IT to restore productivity and reduce help calls during an attack. 4. Do more with limited IT resources and focus on what matters Monitoring employees’ devices is hard enough, and it becomes more challenging in a distributed work environment with laptops that are constantly on the move. With the Intel vPro® platform powered by Intel® Active Management Technology (Intel® AMT) and Intel® Endpoint Management Assistant (Intel® EMA), IT can schedule and automate tasks in the background without the need for end-user involvement. Most organizations are short-staffed with fewer IT resources. With the help of the Intel vPro platform, IT can expand their toolset, reduce the cost of PC fleet management and shorten the time spent remediating corrupted devices.
The Total Economic Impact Of The Intel® vPro™ Platform report showed that there are device management support cost savings – in particular through the use of Intel Active Management Technology (Intel AMT), Intel® Endpoint Management Assistant (Intel EMA), and Intel® Stable IT Platform Program (Intel SIPP). It also leads to reduced support for in-person escalations and fewer help desk tickets. With Intel vPro, support incidents can be resolved more often by the primary help desk representative without escalation. With Intel AMT and Intel EMA, help desk representatives have the remote access tools they need to resolve an issue, even if a person isn’t at the device or it is powered off. Another huge advantage for small IT teams is that with Intel AMT and Intel Stable IT Platform Program (SIPP), organizations can save significant time by avoiding failures of image and patch processes for remote employee
s. The additional IT cost savings resulting from Intel AMT and Intel EMA enable IT to focus on various tasks such as responding to audit, compliance, and reporting needs, planning for future endpoint improvements and supporting other teams IT requests. It’s worth noting that some Intel vPro® features are exclusive to Intel vPro® Enterprise for Windows. These include remote management support with Intel® Active Management Technology (Intel® AMT). In addition, there’s connectivity support for Wi-Fi 6/6E and Thunderbolt™ 4 technology.