The PC Refresh Cycle Has Been Extended Too Far
The four-year PC refresh cycle that became standard in enterprise IT during the 2010s was a budget optimization made under specific conditions: hardware improvements were incremental, Windows 7 was stable, and the marginal productivity gain from newer hardware was not large enough to justify more frequent refresh. Those conditions no longer hold. The PC refresh cycle at many organizations has stretched to five, six, and in some cases seven years without a corresponding assessment of whether the extended cycle is actually saving money.
The financial logic of extending the refresh cycle is straightforward at first order: a laptop that costs $1,500 and is kept for seven years instead of four costs $214 per year instead of $375. The capital expenditure is deferred. The IT budget looks better in the years when hardware purchases are avoided. The cost that does not appear in the calculation is the productivity cost of employees using hardware that is increasingly slow relative to current software demands, the support cost of troubleshooting hardware failures in aging devices, and the security cost of running hardware that is approaching or has passed its firmware support window.
The Software Demand Problem
Enterprise software requirements have increased substantially since the conditions that established the four-year cycle. Video conferencing at 1080p, which is now a baseline requirement rather than a premium capability, is CPU and memory intensive. AI-assisted tools — GitHub Copilot, Microsoft 365 Copilot, and their equivalents — add inference workloads that were not present three years ago. Browser-based applications that have replaced desktop applications have not reduced hardware demands; they have shifted them to RAM and GPU resources that older hardware lacks.
A laptop purchased in 2019 running the current version of Windows 11 with Teams, a browser with fifteen tabs, and an AI coding assistant is a slow machine. The employee using it experiences that slowness as reduced productivity. The IT helpdesk receives tickets about slow performance that are resolved with a restart and not tracked against the hardware age that is the actual cause. The cost of the slow hardware is real and ongoing. It does not appear on the asset tracking spreadsheet that shows the laptop’s book value.
The Security Lifecycle Problem
Hardware manufacturers provide firmware updates — BIOS, UEFI, and embedded controller firmware — for a defined period after a device’s release. After that period, security vulnerabilities in firmware receive no patches. The laptop that is kept in service past its firmware support window is running unpatched firmware vulnerabilities that cannot be mitigated through software updates.
The firmware security risk is distinct from the operating system security risk and is frequently overlooked in lifecycle management policies that focus on OS support windows. A Windows 11-capable laptop running current, patched Windows 11 may still be running firmware that has not received a security update in three years if the manufacturer’s support period has ended.
Intel’s Platform Update mechanism and HP’s, Dell’s, and Lenovo’s firmware update tools provide visibility into firmware currency for managed fleets. Organizations that have not integrated firmware update status into their endpoint management reporting do not know which devices are running unpatched firmware — which means they cannot assess the security posture of their fleet accurately.
The Total Cost Calculation
The total cost of PC ownership includes acquisition cost, support cost, productivity cost, and security remediation cost. Organizations that optimize the refresh cycle for acquisition cost alone are optimizing one variable in a multi-variable equation. The correct calculation includes the increased support cost for aging hardware, the productivity cost of slower machines quantified against employee hourly rates, and the incremental security risk cost of devices approaching or past their support window.
For most employee segments, this calculation produces an optimal refresh cycle of three to four years, not five to seven. The employees whose work is hardware-intensive — developers, designers, finance analysts running large models — have an even shorter optimal cycle. The budget savings from extended cycles are real. The productivity and security costs they create are also real and are borne by different budget lines, which is why they are systematically undercounted in refresh cycle decisions.
Refresh cycles set by finance optimization without productivity and security inputs produce the wrong answer reliably.