Bobby Kuzma, CISSP

I find myself particularly troubled by a piece of research published recently. Beware before reading it yourself that it’s fairly opaque, even for tech saavy folks, but I wanted to comment on the implications.

In a nutshell, this paper describes a weakness that is present in virtually every desktop or server-based anti-virus software. This weakness would allow a rogue program to effectively hide from anti-virus software while running, by swapping innocuous program code into the view of the anti-virus software when scanned.

This paper describes specific methods of implementation, and is probably in the wild as you read this.

I have long been an advocate of having defense in depth with regards to security issues. This issue can be mitigated to a degree by using network based scanning technologies to prevent malicious software from entering your network, but even that will not protect against all scenarios. While there haven’t been many media-based virus outbreaks lately, the proliferation of easy to use flash drives, media players, and external disks present a clear risk of infection.

My recommendation at this point to most customers would be that they verify their network-based anti-virus scanning systems are functioning properly, and to ensure that there is a clear policy in place for the use of external media on company computers.

As a technology consultant, there are fewer things that frustrate me more than spending 30 minutes sitting at a client’s computer waiting for something to run that should take 5 minutes. This frustrates me on many levels. Since I have to sit waiting for the machine to process a task, I have to charge the client for my time. Concurrently, the user, whose machine I am working on, also sits aimlessly, twiddling their thumbs, their productivity is sapped and their time wasted.

Let’s use a simple scenario to look at how much time and money is being wasted by a single slow machine. We’ll assume that the computer is, overall, 30% slower than it should be—conservatively—and that the user is a fully-burdened employee with labor costs of $15 per hour. So, out of an eight hour work day, the user is wasting just over 2 hours of time waiting on their computer. That’s $30 per day. $150 per work week. That’s $7500 over the course of the year—flushed down the toilet—and that’s only in direct payroll costs! That doesn’t account for the potential lost revenue or customer frustration. How often have you spoken with a customer service representative and had to wait because “my system is slow?”

Now, most small business owners I know would take a look at that number and raise an eyebrow. They want to know how to fix this. Here are 7 ways that you can keep your computers running with maximum efficiency.

1. Maximize the amount of RAM (random-access memory) in your system: RAM is a special type of computer memory that is very fast, but also very expensive. The main feature to consider is seek time—the amount of time that it takes to retrieve a single chuck of information. Most RAM has seek times measured in microseconds, that is, millionths of a second. At the time of this writing, 6 gigabytes (GB) of fairly high performance RAM retails for around $160, approximately $27 per GB. Now, compare this to hard disks where a conventional 7200 RPM hard disk, like those most commonly found in business class desktop computers, has an average seek time of 10 to 12 milliseconds. Currently, a 1 terabyte (TB) hard disk retails for about $90, or 9 cents per GB.The cost of RAM is 300 times that of hard disks in terms of cost per storage, but is 1,000 times faster in terms of seek time.

   Why is this important? RAM is where your operating system (Windows, MacOS, or Linux) is loaded and runs from, and where your programs and data must be loaded into in order to run. When your computer fills up its RAM, it begins to perform a process called Swapping: where it copies some data from RAM to the hard disk. When that data needs to be used, it is read from the hard disk back to the RAM. The more applications you have open at a time, the more RAM you need to prevent swapping.

   Is your computer swapping? There’s a couple of performance counters inside the operating system that we can use to tell, but there’s an easy way to tell: if your disk activity light lights up and says lit for a while, and the computer gets really slow, you’re swapping.

2. Defragment your hard disk: your computer tries to save files to the disk in single continuous blocks. However, sometimes it can’t find a place to fit the whole file. When it can’t, it breaks the file into chunks and places it wherever it can. When the computer tries to read the file, it cannot read the file without skipping around. That skipping around slows things down. You can run special programs (called defragmentation tools) to reshuffle all of your files into continuous chunks.
3. Don’t install unneeded programs: many programs—most notably freeware or shareware programs—install elements that run in the background which slow your machines performance.
4. Run anti-virus software: this may seem counter-intuitive, because many anti-virus packages, if left on their default settings, can cause significant slowdowns. Nevertheless, anti-virus programs are a significant defense against malicious software that slows down your computer even more!
5. Refresh your installation: periodically wipe and reload your system(s) to reduce the amount of cruft—a multitude of computer debris that leads to poor performance—that may choke a machines proficiency. If your IT provider is following best practices, they should be able to reimage the system in about 20 minutes, and that image should include all the standard applications for your business. If they don’t have the ability to do that, you should ask why. Microsoft offers these tools for free via its Windows Deployment Services. Many software issues can be corrected with a reimage and restored data backup.
6. Replace your machine on a regular schedule: many age related maladies can also slow your computer down, without stopping it altogether. Hard disks advanced in age may require multiple attempts to read or write data, slowing things down. To prevent a meltdown, failing cooling fans can cause your processor to slow down. Power supplies also cause a myriad of problems when they stop delivering crisp, clean power. We recommend replacing desktops on a 3 year cycle for concern of overall performance, warranty, and the availability of parts.
7. Don’t be pound foolish: There are significant differences in the performance and build quality between a computer costing $600 than one costing $1000. It is proven that the real-world performance of a more-expensive machine is double that of a less-expensive unit. Remember, depending on the version of Microsoft Office and Windows that you purchase with your system, $300-$400 of the total system cost is solely for this software. That doesn’t leave much room for reliable hardware in a low dollar or budget computer.

Technically, I should include an option 8: buy a Mac. However, outside the realm of graphic design and video production, business software for Apple computers is sparse at best. There’s a reason why Microsoft and standard computers are a business standard.