By: David MacKenzie,
Now has never been a more crucial time in the IT industry. 2020 started off with some pops and bangs, the final approach of Brexit – a divorce from the EU and foreign policy, the US and Iran were in high tension, Harry and Meghan stepped back from the royal spotlight, the Australian Bushfire ravaged through nature reserves, destroying lives and businesses nationally, we then drew to an end of Trump’s impeachment hearing.
Every year we see major headlines, but the above does not alter our strategy, focus, ability to adapt and tackle IT growth and challenges. The current climate has created some global shortfalls around jobs, stocks, shares, property and asset value. While at first it might seem frightening, we need to remember that this is a short term scenario and medical advancements are tackling the virus head on with a resolution in sight, global communities are sharing data, insight, and expressing the ability to collaborate – something that hasn’t happened on this scale since WW2.
I want to bring your attention and focus to the value that ITAM professionals provide in all global climates and scenarios. 2020 started off no different to 2019, another year to forecast budgets and spend, a new year of new products and releases by vendors, another year of audits!
Well, we might see that nasty word a little less this year perhaps? No, just because the current situation has an impact on what organisations do and perform, as professionals we must not forget what we are here to do.
The aim and goal of ITAM is to provide ‘a set of business practices that combines financial, inventory and contractual functions to optimize spending and support lifecycle management and strategic decision-making within the IT environment’.
Not only that, but we have a duty to ensure that we provide accurate, accessible data for all operational teams in our IT department. There’s a myth that ITAM stops at saving money, it doesn’t – it gives you a single pane of glass approach to your potential risk across your organisation. An IT Asset Management professional will be the first one to provide statistics on devices and software in deployment, as well as the lifecycle management aspects in line with Configuration Management.
In recent news, according to breaches filed with the ICO, over 40% of those cases were due to poor IT Asset Management practise and policy, or lack of. I’m sure we were all raised to know the benefits of keeping our house tidy, providing clarity and knowing where we put the Television remote!
IT Asset Management starts from the day you join the business, encompassing the Joiner, mover and leaver processes. There is a huge string of staff and a workflow involved in the deployment of your hardware and software, as well as the data held about you (whether this is on premise or in the cloud). Unfortunately along the way, organisations failed to understand how deep that information layer is, and how beneficial it is to Hackers (though, please remember, they are nothing like the 1995 film starring Angelina Jolie). 2019 saw a huge rise in cloud consumption and adoption, in fact, 90% of companies adopted this idea globally! AWS is currently the market leader with a staggering 32% of the market share and growing.
Surprising to know, cloud storage is also at an all time high with consumers using over 50% of it, and funnily enough – a lot of those users aren’t aware of where their data is held! As data custodians, it is our duty to ensure that all our systems and services are monitored, metered, and inventoried to avoid brand and revenue damage. There is an expectancy that the Cloud is more secure, this is a myth – your policies, process and people are what makes the information safe and manageable. Tools are a perk and may aid outcomes and outputs, but how many times have we seen a situation where a car was requested, it was then decided that an F1 car was to be procured because it was better than what your competitors were using. Sure, it was quick, powerful, but you forgot that the team had no idea how to drive it!
Plugging a gap with a tool that you assume will do what you need and more is a hugely dangerous decision. Culture and policy has prevailed time and time again, in previous I witnessed exec level members in an organisation, writing the pin code to their Blackberry on the back of the handset – you had a hardware encrypted device widely adopted by the NSA but all sense of security and protection was lost because a board member failed to adopt the core principle of what makes an organisation secure.
IT Asset Management is no different to the above examples, the data is what we like to call the crown jewels of IT. We maintain the lifecycle of those objects as well as their inherent costs, maintenance, and how we retire them from public visibility.
The COVID-19 outbreak has caused huge uncertainty for many organisations, companies, and its employees. Unfortunately a huge side effect to this is also an increase in cyber attacks against businesses, as well as VAP’s being approached. The heart of what we are here to do is provide organisational visibility of the systems, its software, and its users. The outputs and outcomes are cost avoidances, harvesting, ELP, forecasting, and also some Wizardry.
A key focus we are going to see in the next 12 months is where an organisation can save money, avoid costs, and lengthen the service life of assets (not just endpoints!). IT Asset Management will be the heart of this and it is now your duty to promote where you sit in the strategy of the business going forward. It’s time to get the clipboard out, your sharpies, roll in the white board and plan where you can aid your execs in repurposing finances and systems. If you haven’t done so already, consider an immediate investment in an IT Asset Management tool to provide data on your estate and its users, consider your true ups and who’s not utilising the benefits of an application (cough cough who requested Microsoft Visio, but only used it to view drawings?). You’re also experiencing a huge uplift in home working, cloud consumption and bandwidth issues (4 weeks ago we saw impact on Microsoft Teams, XBOX Live and other services) – so much so that one of those products saw a 734% global increase! This will have an impact on how you inventory systems and peripherals, but is also a great opportunity to understand where your estate is growing, and suffering. In this scenario I would highly suggest looking at a lease model, with the adage that there is a global supply issue on hardware – it might be worth contacting second hand equipment vendors to add some additional endpoints to your organisation as a short term fix.
Return on Investment (ROI) is key with the right tools and services, whether that’s going in house with your SAM function or through an MSP. Weigh up the pros and cons of those options, each has its benefits:
– Costs of employing an MSP
– Lack of in house ITAM can promote the use of an MSP
– Quality and delivery of data
– Readiness of the data
– Audit readiness of an MSP can provide more legal expertise over in-house SAM
– In-house SAM will be working on holistic issues that an MSP may not provide as well as strategic decisions
The above points are just a few metrics but crucial in the delivery of the framework. Now, I hope I haven’t bored you or possibly scared anyone with some of the suggestions and risks. ITAM has grown and transformed in the last ten years. The practise will continue to adapt and provide insight, and suggestion on how an organisation should be managing its risks and compliance in accordance with the regulations (ISO, PCI-DSS, SOX, and GDPR as an absolute minimum).
I would like to leave this on a high with a hugely inspirational quote by Nelson Mandela:
‘’The greatest glory in living lies not in never falling, but in rising every time we fall.’’