Bring up the topic of Windows Vista in a crowded room of IT experts, and you're sure to get a variety of reactions and comments. People aren't shy about sharing their perceptions-positive or negative-about the new operating system from Redmond, Wash.-based Microsoft Corp. Just search the term on the Internet, and you could be reading for weeks.After years of talk about Vista, Microsoft released the system to businesses on Nov. 30, 2006.

A survey of 200 CIOs, CSOs, IT managers and network administrators across Europe, Asia Pacific and the United States, conducted by PatchLink Corp., Scottsdale, Ariz., revealed that more than half do not plan to deploy Vista, but 43% of respondents do. Those who plan implementation will not do so for at least another year.

Chad Hersh, analyst at Boston-based Celent LLC, is not so sure insurers will embrace Vista. "Aside from the improved security, many insurers probably see it as yet another IT expense that doesn't offer much of an associated return on investment."

Another survey, conducted by Boca Raton, Fla.-based Amplitude Research on behalf of Albuquerque, N.M.-based security firm VanDyke Software, supports Hersh's prediction. Half of the 255 network and system administrators surveyed have no plans to deploy Vista. The reasons for not deploying include:

* 36.84% can't justify the return on investment.

* 36.84% feel more comfortable sticking with the current version of Windows.

* 9.02% said Vista has no features that justify the upgrade.

* 2.25% don't use Windows.

* 1.5% said too many features have been dropped.

* 13.53% listed "other" reasons.

But the other half also had reasons for testing, deploying or planning to deploy the operating system. Of that half, 58.33% said their primary interest in Vista is its "enhancements," while 30.12% cited "improved usability."

Pacific Life Insurance Co.'s Life Insurance Division beta-tested Vista, recognized its benefits and is deploying Vista on 1,400 desktops.

People can keep agreeing to disagree for a little while; details of how Vista will influence business won't be known until a number of companies gain long-term experience with the newly released operating system. Until then, there are facts and concerns worth exploring.

ADMINISTRATOR PRIVILEGES

Pacific Life's No. 1 goal in deploying Vista was to secure the desktops, according to Cameron Cosgrove, vice president of information technology at the Newport Beach, Calif.-based insurer's life insurance division. Cosgrove notes that one of the keys to security is taking administrator rights away from users. "That makes the computing experience for our end-user more secure and more reliable."

Cosgrove provides the example of a user who needs to install an application. "If you don't have administrative privileges on your desktop, you can't install anything," he says. When the need to install arises, the user is prompted for administrative credentials and directed to call the help desk. The help desk can use Microsoft's Remote Assistance to access the user's computer, install the application, make sure it's running correctly and then disconnect.

"That happens over the phone and within a minute," says Cosgrove. "And with XP that's something we would've had to have done in person, probably with multiple reboots and a lot of time."

Remote Assistance includes session logging (on the computers of both the helper and the person being assisted) to help track the information and processes used to correct a problem. Remote Assistance also enables users to chat and transfer files between their two machines.

SECURITY

Pacific Life is not alone in being security-minded. Security tops the list of insurance users' concerns with Vista. One security feature enables users to monitor entry to restricted resources and records, which helps ensure security and meet compliance requirements while containing cost. Additionally, improvements to strong authentication, via smartcards and new platform capabilities, allow third parties to adopt authentication methods.

"Most experts agree that Vista's additional security features are long overdue, but any new operating system [and especially one that carries Windows' baggage] will have holes," says Hersh.

Ken Steinberg, CEO of Savant Protection, a Nashua, N.H.-based provider of anti-malware software, provides some reasons why operating systems have gaps. "For every thousand lines of code a vendor writes, there are generally seven to 20 flaws," he says. "So this means our core operating systems, not even with any applications on top of them, have about 200,000 flaws or greater in them of varying levels. It is impossible to expect any software vendor to cue out every flaw. There will always be exploits in software."

Steinberg and his colleagues say they have examined Vista from many angles. "We've looked at it from a user standpoint, from a business standpoint and, being who we are, from an internal standpoint," he says. "We put on our black and white hats and probe it the way we think someone would try to attack it...we've looked at the internals of Vista from a kernel state [and it] has not changed dramatically."

Hersh advises insurers not to make snap judgments. "Until Vista is widely deployed and undergoes trial by fire, it's premature to judge how well its security features will hold up in the real world."

THE SYSTEM'S COMPATIBILITY WITH SOFTWARE AND HARDWARE

Security plays another role in compatibility of existing hardware. Microsoft BitLocker Drive Encryption, a new data-protection feature, uses a Trusted Platform Module (TPM) 1.2 to protect user data and ensure that a PC running Windows Vista has not been tampered with while the system is offline, i.e. laptops.

Pacific Life plans to use the feature-but not immediately because its laptops have older TPM chips that won't support it. The insurer coordinated its annual (desktop) equipment turnover with its deployment of Vista and plans to do the same with laptops.

"We're not in our cycle yet [where we see end of life] for our laptops," says Jeff Cranney, manager of desktop infrastructure and help desk at Pacific Life. "We already have [security] software that does this for us so, as we turn over our laptops, we'll start integrating BitLocker. The software we're using right now is not compatible with Vista. So we're doing 1,000 desktops now and more later, and our laptops go into our second phase. By then we'll be closer to our turnover cycle with the laptops."

Hersh predicts other insurers will also wait to deploy Vista on laptops and desktops because they may need to upgrade software and hardware. "Concerns about migrating desktop applications, needing to upgrade software, whether peripherals' drivers will be supported, etc.-all these issues will likely cause many insurers to wait one, two or even three years before switching," he says.

Application compatibility, which Cosgrove considers the most time-consuming part of the project, hasn't been much of a problem for Pacific Life. "Testing our applications took several months because we have so many of them," he says. "Making sure that everything was compatible-all of our in-house written applications, all of our third-party applications work correctly-went very smoothly."

Pacific Life had only one or two old applications that needed changes to work with Vista, according to Cosgrove. "We were in Beta before general release and most all the third-party products we were using were keeping up. They're all there today."

Cranney credits Microsoft's Systems Management Server's (SMS) ability to aid in removing local administrative rights that enabled the smooth transition. "SMS provided a mechanism to enable us to remove local administrative rights. We previously used login scripts which can only function in the context of the user who is logged on when the script runs. Without SMS we could not have removed local admin rights because we would not have had a method to automatically deploy software to users."

Pacific Life previously used login scripts to make sure the desktop was current in terms of applications, viruses and other specifics. "That used to slow down the user when they had to log in to the network," says Cosgrove. "Now that's gone and we're 100% on SMS. It's behind the scenes, logging in is quick and SMS is how we install all of our applications."

Cranney sees the SMS implementation as the biggest change in this project vs. its previous XP and Windows 2000 projects. "Let's say the application works fine with the admin rights," he says. "Then we have to test it without, and many apps weren't designed to run without admin rights, so we had to apply techniques that Microsoft provided or helped us with to allow the app to run without admin rights-assuming it had been built with admin rights."

SEARCH CAPABILITIES

One improved feature of Vista that has attracted the attention of a few experts is its search capabilities. "Anyone currently using search in Windows will understand and welcome the importance of this," says Hersh.

Cosgrove understands. In the past Pacific Life stored all of its documents on a file server in file shares. Access required permission from the owner of the folder. "If you don't have access, you can't search across them," says Cosgrove. "If you're searching for a document and you don't know what it's called, you really can't do that."

As part of Pacific Life's project, the company implemented Microsoft Office SharePoint Server 2007 (SPS) and put a number of documents in a document library. "Using SharePoint and also using the Vista search box we're able to search across our network file shares and document libraries and have a single seat search across all of our document locations," says Cosgrove. "Not only can you search across multiple folders and directories, but it's highlighted-the search identifies your key words, so you're able to narrow down from a large field of results quickly."

That feature could prove a big benefit for larger corporations, according to Cosgrove. The challenge in a large company, such as Pacific Life, is processing hundreds of thousands, if not millions, of documents. The migration of those documents may not happen or may be very time-consuming, he says.

"With Vista and SharePoint you can index your documents in the file shares as well as the document libraries and search across both," says Cosgrove. "So while you're making that transition to a more structured storage and retrieval scheme of your documents, you can use Vista and SharePoint together for searching."

And, Pacific Life is planning to move all of its documents into the SharePoint document library so it has full control over the retention period as well as better search and collaboration.

STORAGE

Not all potential users are completely sold on Vista's promise. In fact, some industry experts say certain Vista features may ultimately require more memory and create other challenges.

"Enhancements like the 'Aero' [user interface] and other graphical improvements leverage hardware not typically found in corporate desktops [powerful graphics cards, lots of RAM]," says Celent's Hersh. "The system itself is a massive resource hog, with requirements that very few corporate desktops include today, including 1 or 2 GB of RAM, even more disk space and very fast processor speeds."

Pacific Life did eventually have to upgrade memory in its machines, but that was part of the annual equipment turnover.

FINAL THOUGHTS

Will the insurance industry welcome Vista into its world? Only time will tell, but experts have their predictions.

"Some carriers with captive agents may find it an appealing option for mobile users, but, by-and-large, most deployments will likely be as the result of regularly scheduled PC upgrades," says Hersh.

Carriers will wait as long as as they can to switch to Vista, says Hersh, but avoiding massive upgrades or supporting operating systems when replacing PCs with older operating systems can be difficult. "Of course, many of the features expected to be in Vista were scrapped, which likely means that Windows 2010 can't be far behind," concludes Hersh.

Savant Protection's Steinberg looks even further down the road. "In 5-10 years there will be no more Windows as we know it," he says. "It will be a Windows file manager or desktop manager on top of a Linux derivative."

No matter what happens, upgrading to any operating system requires planning, says Cranney. "You can't just plop a system down and expect it to be successful," he says. "You really do need to plan what you're going to do-what you're trying to accomplish. Make sure your needs are going to be met."

Register or login for access to this item and much more

All Digital Insurance content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access