In-Depth

Year 2000 Desktop Action Plan

• 06/01/1999

If your mainframe is ready to greet the Year 2000, so are you, and that makes it all worth it. You can rest easily as the new century dawns. Or can you? The sinking feeling you had when you realized that the Year 2000 was a real threat may be back -- because if you didn’t include your desktop computers in your efforts to comply with Y2K, resting will not be an option come January 1, 2000.

Most IT managers assumed that PCs -- and PC software -- were upgraded so often that they both must be current. And even if the system or the application has some bugs, many folks assume that there is such a small amount of customized code at the desktop level that it isn’t even worth worrying about.

However, Industry analysts from a variety of research firms, such as GIGA Information Group, GartnerGroup and META Group agree that the average enterprise will experience problems with a large proportion of its desktop hardware systems -- some even predict failure rates of up to 30 percent -- and incur revenue losses due to the bug in PC software.

The fact is that Y2K problems lurk in both PC hardware and software. In addition to the BIOS problems in the hardware, there are problems at the operating system level. Not one single PC operating system is Y2K-ready without a patch or software fix from the manufacturer. And if commercial applications are a problem, custom applications pose an even greater threat. Then there are individual files, such as spreadsheets and databases that may be mission-critical, but not ready for the Year 2000.

So… now that you have read this far along, is that sinking feeling coming back again? You may have less need to worry this time, as there are things you can do between now and the end of December to minimize the impact of the Year 2000 on the desktop. Here’s an action plan that will help you celebrate the new millennium with all of your desktop computers humming.

You should have formed your core team to assess the situation long ago. If you didn’t, do it. The crucial first step is an inventory of all your PC hardware and software. This does not have to be the daunting task that it seems since there are tools available to automate the process. You don’t have to physically visit every desktop to determine which PCs have compliant BIOS chips and what applications and operating systems are running in your enterprise.

This may feel like "déjà vu all over again," as many organizations went through a similar process when they evaluated the Year 2000 project for their mainframe system. If your staff has just completed the mainframe project, you may want to question whether shifting gears into the desktop solution is the best use of your internal resources. For some organizations, Year 2000 teams may be working together productively and will be energized by a new facet of compliance. For others, the burnout rate may be setting in, in which case it might be most constructive to bring in an outside service provider.

Once you make the decision about your team, you will be ready to go to work on the problem. Make sure that one of the founding steps of the plan is to secure the support and financial commitment that you will need from senior management.

The next important step is to evaluate the software tool that will help you automate the compliance process. Though you may have heard that some companies are using traditional management tools for this, the truth is that these tools have a significant drawback: They can tell you what is on your system, but they cannot tell you whether or not the applications are Year 2000-compliant. With so much at stake, it is critical to go for the tool designed for the job at hand -- but with several tools available, how do you know which one is right? Here are some questions to ask yourself as you research which one is best for your needs:

Does it perform BIOS testing safely? Performing a manual reboot test of your PCs’ BIOSes is very likely to provide inaccurate results. The safe way to approach this obstacle is to automate that test by using a tool that will not disturb the operating system clock. Such tools are also more effective, requiring minimal user or IT interaction with the BIOS rest and allowing the collected data to be compiled in a centralized reporting module. A distinct advantage of automated testing is that it takes a fraction of the time requires for manual tests. Windows NT presents a particular testing challenge, because the operating system architecture prevents programs from communicating directly with the BIOS. For NT 3.51 Service Pack 5 or NT 4.0 workstations, the NT operating system intercepts calls to the BIOS and "fixes" the date internally through Dec. 31, 2000. To date, there is not tool that can get past NT to test the BIOS. You might want to consider booting with a DOS floppy disk to test in this environment.

Be skeptical of vendors who claim their products have successfully tested hardware in the NT environment and found no problems; they may be unaware of this NT quirk, and take the favorable BIOS reports at face value.

How large is the database of recognized applications? No tool will recognize every application that you have running in your environment, particularly those that your internal staff has developed. But the tool should at least give you a way to recognize all the applications that you have and attach a Y2K compliance status to them. Look for a tool that automatically recognizes most of the commonly used business applications and lets you know their Y2K readiness levels immediately. Also look for a tool that offers continual updates to its knowledgebase. Y2K compliance information changes very rapidly. Plus you want to buy a tool from a manufacturer who is committed to adding information to the knowledgebase as it becomes available.

Does the tool allow for checking of individual data files? Decide whether you have mission-critical data files and how much time you want to spend on fixing them. An important consideration when selecting a tool is first identifying who will scan files and who is responsible for fixing them -- end users who have been trained or your centralized Year 2000 team? For companies with thousands of PCs to control, the latter option is preferable. Then, ask yourself where the scanning will be done: Will you install the tool on each user’s PC or will you scan all files on a server?

You will also want to find out if the tool allows for different levels of scanning -- you may want to do an initial, quick scan that just identifies which files have potential problems, and then later do a deeper, more time-consuming scan on the files that are most critical to your organization. Other criteria relating to the choice of the tool include the percentage of files to scan that reside on non-networked, stand-alone PCs; what has the least impact on user productivity, general operations, infrastructure and network, and finally users’ login scripts or profiles.

Will the tool allow you to add custom applications and compliance notes to the database? For IT managers who have not looked at their desktop systems for a while, what begins as a mission for PC Y2K compliance may evolve into a surprising journey into the world of user-developed applications. In many companies, while IT managers have focused on keeping the mainframe problem-free, individual users have been installing, downloading and designing mission-critical software on their desktop systems. With Year 2000 on the horizon, these customized applications increase the possibility of non-compliance, so look for a tool that is flexible enough to adapt its database to the variety of applications you may have on-hand.

If you choose a flexible software management tool with the ability to discover every application either installed or launched, you can rest assured there will not be any surprises in terms of non-compliant customized applications. The tool will not only search every PC’s hard drive, it will also monitor the launching of every application -- so you will know whether a non-compliant application is actually being used. If it is not being used, why fix it? This knowledge saves you precious time as the Y2K deadline ticks closer and closer. You need a way to prioritize which problems you will fix, and there’s no better criterion than usage for your decision.

Does the tool provide reports that are meaningful and easy to understand? Columns and columns of information about what is installed on your PCs will frustrate you rather than help you. Look for a tool that organizes this information into reports that have some meaning. Look for graphical summary reports that you can take to your management to show the status of your desktop Y2K effort. Look for reports that show you which applications to fix first and where to go to get the fixes. Reports should list the steps you need to take to make your desktop systems Year 2000-compliant. And, if your environment is unusual in any way, the reporting mechanism that the tool offers should give you a way to easily generate custom reports that tell you exactly what you need to know.

Does the tool help to prioritize upgrades and fixes?Once you have a detailed report of which desktop applications are Year 2000-compliant, you will then need to take a hard look at your non-compliant applications and prioritize which ones you can devote time and resources to fixing before the fast-approaching deadline.

One way to determine which applications need to be upgraded is to assess the level of usage for each of them. The right software tool can automate this, which will save you a great deal of time -- a valuable commodity in any aspect of a Year 2000 project. The key is to find a tool that offers robust software metering (usage monitoring) capabilities. You may want to gather information, for example, that tells you how frequently each application is used, and by which departments and individuals. Plan to run the metering software for at least a month so you can rest assured that you are collecting accurate data on usage of all programs. Once you find this out, you will have the information you need to prioritize the applications that need to be upgraded. The software programs whose activity deems them central to the functioning of the operation will go to the top of the list, while others may be uninstalled entirely.

When you have introduced the best-automated tool to your system, you will be able to move into the next level of your action plan. The tool will test your BIOS chips, identify and determine the compliance of your software applications, and will then evaluate the usage of every program.

Your job is then to replace the hardware if the current BIOS chips may present too much of a risk, and sift through your applications, keeping the ones that are compliant and determining the others that are worth upgrading.

But the action doesn’t stop there. Because the desktop environment is so dynamic, and at the fingertips of so many users, addressing the Year 2000 and the PC is an ongoing process. That’s why this December 31, "control" will be the key to a "happy New Year."

Control is a matter of maintaining a "clean" state of desktops once the Year 2000 problems have been fixed. Because the desktop environment is subject to change on a daily basis from new users installing untested applications, swapping PCs between cubicles and hauling computers home and back, the work put into making the system compliant is extremely vulnerable. Chances are slim that the environment would remain compliant without a system for control.

Control can take many forms. When a user launches an application that has not been approved, for example, an alert may be triggered to an IT administrator, who then determines if it is safe for it to run -- or the application may simply be "locked out" and unable to be accessed. The right tool can flag inappropriate applications for either method.

This not only keeps the desktop system clean, but also prevents any non-compliant data from entering the company’s mainframe.

Is there life after Year 2000? Despite some of the more dire predictions, most of us will continue on in the Year 2000 and most systems will continue to function. That’s because enterprises have taken care of the problem. But wouldn’t it be nice if all the money you spent making sure your PCs were Y2K-ready gave you a return on investment beyond January 1, 2000? That’s why it is important to look for a tool provider that will be around in the future, and a tool that will have something to offer beyond Y2K readiness. You’ll find that if you implement the right tool for the Y2K problem, you will have a good solution in place to manage your PCs long term.

Once you’ve found the best tool with the most dependable provider and implemented the steps outlined above, the next step is to plan a New Year’s eve party. Think about ushering in the new century in the glow of a room full of working PCs -- just to celebrate the fact that you successfully kept the organization up and running. And remember that sinking feeling? You can save that for wondering if all the confetti your staff is tossing will get into the casings and damage the upgraded hardware.

*****

[SIDEBAR]

The good news is that the closer we get to the Year 2000, the more organizations are recognizing the risks it presents not only to their own information systems, but to valuable interfaced systems from suppliers, banks, and customers. As a result, many companies are extending their Y2K focus outside their immediate IS environments.

The bad news is that fewer companies have begun to consider the impact of Y2K on date-sensitive communications systems such as voice-mail. In fact, research indicates that as much as 80 percent of businesses’ voice-mail systems are not yet Y2K-compliant. If century-date issues are not addressed on these systems, voice-mail will cease to be effective.

When January 1, 2000 arrives, various date-dependent functions of non-compliant voice-mail systems will not work properly. Most voice-mail systems utilize a master table that logs the time and date a message comes in as well as the time and date it is to be delivered. Systems that cannot correctly process the new century date will become disoriented. The result would be similar to the chaos that might ensue if you cut a phonebook in half lengthwise, mixed the pages up, and then tried to find the numbers that correctly correspond to each name. In addition, undelivered messages posted before January 1, 2000-a Saturday-will look to the non-compliant system like messages that were posted in 1900 and are scheduled for delivery 99 years later! Report-generation, too, will become inaccurate, thereby decreasing the effectiveness of call centers and other organizations that rely on precise record-keeping.

Many companies with older voice-mail systems are choosing to move to a Y2K-compliant unified messaging environment while other companies with Y2K-compliant systems are also seeing the benefits of the technology. With unified messaging systems, they get access and control of all message types-voice, fax, and e-mail-from a single list and using a common set of commands, from either the telephone or personal computer. For these organizations, the increased time savings, efficiency and multiple media support they enjoy with unified messaging represent a much higher return on investment than they would receive by upgrading their existing voice-mail systems.

Marlyn Piper-Williams is system administrator of the voice messaging team for the U.S. Department of Health and Human Services (HHS). Five years ago, Piper-Williams was instrumental in moving the Department from a voice-mail system to AVT Corporation’s CallXpress, a unified messaging system. Piper-Williams chose CallXpress because it was based on advanced technology that promised to serve the department well for the next several years.

Unified messaging also represented an intelligent way to boost productivity. According to Piper-Williams, using CallXpress has saved time by allowing HHS workers to access all communications-whether voice-mail, fax, or e-mail-from their desktops and phones. "CallXpress makes it easy for HHS employees to stay in contact with the office by phone, no matter where they are," she says. "As a result, they’re more productive, even when they’re out of the office."

CallXpress has also proven to be extremely scaleable. For example, when Piper-Williams was challenged with moving an off-site office to CallXpress, all it took was a phone call to the local phone company. "In contrast," Piper-Williams says, "our previous voice-mail system would have required us to buy a $4,000 piece of equipment and another $50,000 node of voice mail just to get voice messaging capabilities to that site."

Admittedly, back when Piper-Williams purchased CallXpress, Year 2000 issues weren’t on her or anyone else’s minds. However, when century-date issues did capture the world’s attention, Piper-Williams says, AVT responded by upgrading her existing system and by building Y2K-compliance into all subsequent product releases. Once their system was upgraded, HHS conducted its own Y2K tests. "One weekend, we set up CallXpress as if it were December 31, 1999," she says. "We were pleased when at midnight we watched the system successfully roll over to the next millenium."

Later, when the President’s Council on Year 2000 Conversion mandated that all government agencies address the century date issue on their own systems and then report back on their progress, HHS was able to show that its messaging system was on target. "Y2K-compliance of our various information systems is imperative," says Piper-Williams. "It means we will be able to continue to serve the health and welfare needs of the country’s citizens into the next millenium. Having a Y2K-compliant unified messaging system takes us one step closer to our goal of compliance across the board."