While improvements in productivity and cost avoidance are often the business rationale used to validate training costs, other extremely valuable business requirements can also be used to justify training. Requirements such as insuring compliance and system availability are likewise facilitated by trained personnel maintaining the system on an ongoing basis, and are a small price to pay for avoiding massive penalties and expenses.
Training provides benefits other than cost containment that, while they can be described and observed, are more difficult to quantify, as their many variables can be specific to both industry and organization. Examples of such qualitative benefits that are very top of mind to senior management are adherence to compliance requirements and system availability.
Even a quick glance at the issues involved with compliance and availability shows that any serious attempt at managing these critical business requirements without the benefit of training will put a project at serious risk, resulting in more costs and lost revenue.
Compliance The protection of data by the enforcement of policies and security is a benefit that can be increased from training. Compliance training revolves around such issues as:
- What controls are required by regulations such as Sarbanes-Oxley, HIPAA, PCI, DSS, etc.? This type of training is beyond the scope of Infoblox training.
- How can security controls be implemented, maintained, controlled, and reported on? Infoblox Administrator training addresses these concepts thoroughly.
There are a number of issues, but protecting data subject to exfiltration via DNS is top of mind. While Infoblox can prevent and stop such attacks with the Infoblox DNS Threat Analytics solution, an effective and ongoing deployment requires knowledge and training to minimize the threat due to the sophistication and ever-changing nature of the attacks.
If auditors discover weaknesses in the policies and controls over data access, including a vulnerable DNS implementation, the consequences will likely involve outside consultants to remediate the lack of controls, resulting in significant expense. Of course, if an attack is successful, the financial consequences of data losses run into millions of dollars per incident depending on the amount of data compromised3. It’s intuitive that a small investment in training can provide the Infoblox Administrator with the knowledge and tools required to avoid potentially expensive and damaging data security issues.
System Availability
High availability is typically a requirement for mission-critical production applications. The cost avoidance of system availability can be expressed as the amount of revenue lost due to a system outage plus the costs associated with system remediation and the value of employee time wasted. Most outage costs are significant and vary by industry and organization size. Dunn & Bradstreet reports that 59% of Fortune 500 companies experience at least 1.6 hours of unplanned downtime per week4. That translates into more than 80 hours annually.
When Infoblox is configured for high availability for a domain, the system can continue running despite temporary network, hardware, or service failures. Yet configuring, testing, and maintaining a high-availability system is not a trivial task, and errors are often caused by a mistake in configuring the high-availability system. Training is an obvious strategy to mitigate the risks of an unplanned outage causing a production system to go offline and triggering a cascade of costs.