With the opportunities for gaining strategic advantage from information technology rapidly disappearing, many companies will want to take a hard look at how they invest in IT and manage their systems. As a starting point, here are three guidelines for the future:

1. Spend less. Studies show that the companies with the biggest IT investments rarely post the best financial results. As the commoditization of IT continues, the penalties for wasteful spending will only grow larger. It is getting much harder to achieve a competitive advantage through an IT investment, but it is getting much easier to put your business at a cost disadvantage.
2. Follow, don’t lead. Moore’s Law guarantees that the longer you wait to make an IT purchase, the more you’ll get for your money. And waiting will decrease your risk of buying something technologically flawed or doomed to rapid obsolescence. In some cases, being on the cutting edge makes sense. But those cases are becoming rarer and rarer as IT capabilities become more homogenized.
3. Focus on vulnerabilities, not opportunities. It’s unusual for a company to gain a competitive advantage through the distinctive use of a mature infrastructural technology, but even a brief disruption in the availability of the technology can be devastating. As corporations continue to cede control over their IT applications and networks to vendors and other third parties, the threats they face will proliferate. They need to prepare themselves for technical glitches, outages, and security breaches, shifting their attention from opportunities to vulnerabilities.

In the long run, though, the greatest IT risk facing most companies is more prosaic (deu: prosaisch/selten/nüchtern) than a catastrophe. It is, simply, overspending**.** IT may be a commodity, and its costs may fall rapidly enough to ensure that any new capabilities are quickly shared, but the very fact that it is entwined (deu: verwoben) with so many business functions means that it will continue to consume a large portion of corporate spending. For most companies, just staying in business will require big outlays for IT. What’s important—and this holds true for any commodity input—is to be able to separate essential investments from ones that are discretionary, unnecessary, or even counterproductive.

At a high level, stronger cost management requires more rigor in evaluating expected returns from systems investments, more creativity in exploring simpler and cheaper alternatives, and a greater openness to outsourcing and other partnerships. But most companies can also reap significant savings by simply cutting out waste. Personal computers are a good example. Every year, businesses purchase more than 100 million PCs, most of which replace older models. Yet the vast majority of workers who use PCs rely on only a few simple applications—word processing, spreadsheets, e-mail—that have been technologically mature for years; they require only a fraction of the computing power provided by today’s microprocessors. Nevertheless, companies continue to roll out across-the-board hardware and software upgrades.

Much of that spending, if truth be told, is driven by vendors’ strategies. Big hardware and software suppliers have become very good at parceling out new features and capabilities in ways that force companies into buying new computers, applications, and networking equipment much more frequently than they need to. The time has come for IT buyers to throw their weight around, to negotiate contracts that ensure the long-term usefulness of their PC investments and impose hard limits on upgrade costs. And if vendors balk, companies should be willing to explore cheaper solutions, including open-source applications and bare-bones network PCs, even if it means sacrificing features. If a company needs evidence of the kind of money that might be saved, it need only look at Microsoft’s profit margin.

In addition to being passive in their purchasing, companies have been sloppy in their use of IT. That’s particularly true with data storage, which has come to account for more than half of many companies’ IT expenditures. The bulk of what’s being stored on corporate networks has little to do with making products or serving customers—it consists of employees’ saved e-mails and files, including terabytes of spam, MP3s, and video clips. Computerworld estimates that as much as 70% of the storage capacity of a typical Windows network is wasted—an enormous unnecessary expense. Restricting employees’ ability to save files indiscriminately and indefinitely may seem