Surviving a Software Audit (Part 1 of 2): How ITAM will Cover Your Assets

You are going to be audited…I don’t think there is any way to phrase that sentence in such a way as to make it seem like everything will be just fine. When someone tells you that you will be audited, they might as well say they are coming to disrupt your ongoing projects, tasks, and ultimately, your life.

Whether you are facing a personal audit from your government’s tax revenue agency, or from an agency or association authorized to audit software licenses in the IT services organization you are in charge of running, the stress of an audit can be excruciating.

“The five vendors mostly likely to audit corporate software licenses are Microsoft, Adobe, Autodesk, Oracle, and SAP, in that order” according to an Information Week article dated January 28, 2014. They also stated that “Companies with 5,000 to 9,999 employees were the most audited, followed by firms with 10,000 to 25,000 employees.”

Software license auditing departments from software manufacturers are usually revenue generating and profitable within their organizations. It is much like saying a police department is a profitable organization within a government agency. For example, The State of Virginia raked in $101 million in speeding tickets last year. It was reported that, ‘It appears that some communities are falling into the trap of using ‘traffic enforcement as a mechanism to raise revenue.’

Software license auditors are often referred to as the ‘software police’. It is no coincidence that when a software manufacturer’s sales revenues are down, the software license auditors tend to be more active. As long as there are companies mismanaging their software assets, there will be a revenue opportunity for software license auditors.

Implementing Asset Management Makes You Less Attractive to Software License Auditors

By implementing an ITAM strategy, your organization becomes less attractive to those software license auditors who, at the end of the day, need to make money to justify their cause. As further evidence of this, Express Metrics claimed: “Respondents whose organizations have implemented IT asset management (ITAM) tools report a 32% lower audit rate within the last two years than organizations with no such tools.”

How an ITAM Strategy Will Help You Survive a Software Audit

With ITAM, prior to the software audit, you will be able to do the following:

  • Discover, validate, and reconcile assets on the network
  • Track and manage lifecycle change and audit history
  • Leverage approved standards for asset selection
  • Define and control asset management processes and operations


With ITAM, during the software audit, your company will be able to:

  • Communicate what assets you have
  • Communicate what the assets are used for
  • Show the auditors where they are located
  • Prove legal ownership, including documentation and media
  • Ensure compliance with contracts and government regulations
  • Show tracked software compliance reports to defend any discrepancies the auditor may claim

Software License Optimization and Entitlement (SLOE) Tools vs Asset Management using ITAM processes

There might be some people who believe they have their asset management problems solved by only using SLOE tools. I beg to differ. If you are employed by the legal industry, the health industry, the financial industry, or a government agency, I strongly recommend you know exactly where all your hard drives are located. Anything that holds data needs to be tracked.


Complete asset management, which includes both hardware and software, should be the goal of every IT organization. In a blog planned for later this month, I will address the security issues you have when you do not track hardware assets along with your software assets.

How to Assess a Software License Optimization and Entitlement Tool is a gated document that was published by Gartner on May 28, 2014. In that report, Gartner stated the following:

Tracking license entitlement has become a priority for many organizations as a means to alleviate the anxiety caused by annual software vendor audit. Gartner has seen an exponential increase in the number of contracts it has received from customers looking to purchase an SLOE tool during the past nine months. We don’t expect this trend to slow down, because more than 50 organizations are actively pursuing this technology.”

In Part 2 of this series, I will talk about using SLOE tools as part of a software license reclamation strategy. I have seen companies save up to one million dollars in software renewals when they make software license reclamation part of their asset management strategy. I will address the following steps in my next post:

  1. Discover Software
  2. Assess Software Usage
  3. Software License Reclamation

To be continued…

Surviving a Software Audit (Part 2 of 2): Three Steps for Software License Reclamation

-follow me on Twitter @marcelshaw

It’s Time to Add IT Operations Analytics (ITOA) to Your ITSM and ITAM Solution

Several years ago, after playing a pickup game of basketball, I felt some discomfort around my right shoulder. Six days after my basketball game, the discomfort I was feeling in my shoulder escalated to the point where it hurt to breathe. At this point, it was time to go to the emergency room. Once I arrived, there was a sense of urgency coming from the emergency room staff as they hooked me up to an EKG.

Within minutes, it was determined my heart was fine so I was sent for a chest X-ray. Shortly after the X-ray, they performed an MRI on my chest. Finally, I was given the news; I had pneumonia with pleurisy. I had fluid in my right lung. As a result, I spent a week in the hospital and I was treated accordingly. Without X-ray and MRI technology, things could have gone really bad for me.

Recently I evaluated a fascinating technology; IT Operations Analytics (ITOA). The best way I can explain ITOA is to compare it to an X-ray or MRI. It is a technology that will give you a deep look inside the inner workings of your network. ITOA uses pattern discovery techniques that will help identify issues on your network that you would not otherwise identify. Much like an X-ray or MRI, you will have a deep visual view of your network that will help quickly identify problem areas. It also may help you see potential problems occurring on your network before they become evident.

After installing this technology on 1,000 devices, we immediately noticed several issues. For example, we looked at applications crashes across the network.

App Crashes

We also looked at ‘applications crashes by device’ and compared that data to the ‘top application crashes’ information.

Crashes by Device

As we continued to navigate through the different modules in the console, it was apparent the information we were looking at was extremely valuable. Although we only had 3 days’ worth of historical data, we were able to cross reference data and make some preliminary assumptions of problems affecting the entire network. ITOA vendors caution against making such assumptions, so we contained our excitement, but make no mistake, we were ITOA’s newest converts.

We were excited because IE9 crashing just once on one PC would probably go unnoticed by IT services. IE9 crashing on one device numerous times could still potentially be missed, unless the end-user opened a support incident with the IT department. IE9 crashing several hundred times on 50% of your devices would certainly be a problem in the eyes of IT support. ITIL Service Desk systems are designed to recognize multiple incidents with the same issue as a ‘problem’. However, ITIL Service Desk systems are reliant on the end users to open the incident, which is how IT support usually becomes aware of a problem.

By adding ITOA technology to an ITIL service desk solution, we noticed how we could see the problems in real time. We saw the potential of identifying issues before the users even experienced a problem. We could see the vision of how this would allow us to proactively post issues to the support desk notice boards so that we could focus on a resolution.

We imagined how we would be able to help so many end-users who suffer in silence. Those who accept lagging performance as the norm. Those who simply learn to deal with an application suddenly freezing once or twice a day, sometimes causing loss of productivity. Most likely angering the end user, making it unpleasant for their co-workers who are sitting nearby. We could see how using this type of technology could make people happy and nice again…maybe I am a little too excited, but as I said; we saw the hopes and dreams that could come from using ITOA technology.

We were able to see how we could use this type of technology to ‘rule out’ problems. When I went to the emergency room, an EKG ruled out a heart attack. Once that was ruled out, the medical staff focused on something else.

Never underestimate the power of ‘ruling out’ something while troubleshooting network problems.

The ITOA product we used in our evaluation also had a security module. In the short time we had to collect data from the network, we picked up web traffic to and from specific countries.

Non-Trusted Sites

After looking at this data, we notified the security team who are now investigating. ITOA solutions allow you to raise alerts and send them to your ITSM solution so that the appropriate team is assigned to investigate suspicious activity. Furthermore, ITOA solutions can enhance the security posture on your network by analyzing and reporting suspicious activity coming from end-user devices.

As we continued our journey through the console, we were able to see devices with potential hard drive problems, devices that had hard resets, devices with application crashes, and devices with less than 3 GB of space available.

Problem Devices

We were also able to go back in time by looking at the historical data to see when devices were added to the ‘Devices with Problems’ list. For example, we noticed out of the 29 devices that had a potential HDD failure, 2 were added within the last 24 hours. We went deeper into the findings and we could see the model, the user, and all the information about the device that our ITAM Asset Management system had collected. We learned that all the devices were still under warranty.

Pattern Discovery Methods

Pattern Discovery Methods used by ITOA solutions include rapid rule-based analysis of wire data, hypothesizing of specific probability distributions to explain the occurrence of application and infrastructure performance statistics, discovery and analysis of system topologies, keyword search and string analysis of polystructured text/log files, and slicing and dicing of data organized in high-dimensional cubes.

Gartner stated in Seven Errors to Avoid That Undermine IT Operations Analytics…“applying many different pattern discovery techniques to the same dataset will yield better results than applying one or two. Hence, it is advisable to favor solutions that offer a broad range of techniques and, with regard to one’s own practice, better results will usually be obtained by looking at a given dataset through the lenses of multiple pattern discovery mechanisms.”

As I spent time looking at how industry analysts view the ITOA technology space, it was evident the amount of data collected by this type of technology would be enormous. According to most analysts, the level of skill that will be required to provide accurate analytics will be that of a data scientist.

For companies planning to implement ITOA technology, Gartner stated in a gated report:

“Plan to Add Data Scientists to Your IT Operations Staff over the Next Two Years at Normal IT Operations Professional Remuneration Levels”

Gartner also noted in their report titled Two Distinct ITOA Submarkets Provide Different Benefits to Enterprises that in 2013, one out of every 5,000 master’s-level degrees was awarded for studies related to data science; however, by 2015, that ratio is likely to rise to 10 out of every 5,000. –yet another indication of how this IT marketspace is becoming main stream. Data scientist’s compensation will soon align with that of IT professionals.


I strongly believe it is time for larger companies to start looking at ITOA technology as a part of their ITAM and ITSM solutions. The ROI will be apparent very quickly to companies that evaluate these technologies. However, it is important to hire people that can interpret the data so you can maximize the return on your investment. Finally, make sure the solution you choose will integrate into your ITAM and ITSM solutions.

-follow me on Twitter @marcelshaw

Asset Management On-Boarding and Off-Boarding Users (Part 3 of 3): Three Keys to an Off-Boarding Process

Three Keys to an Off-Boarding Process

A friend of mine recently shared an experience with me that he had while working as a manager for a software manufacturer. The experience was about an employee he had to terminate. He told me that after meeting with the employee and Human Resources (HR), he completed the paperwork that was required and sent it back to the HR department. Six months later he received an email from finance giving an overview of expenses for his department. He noticed they were still counting the salary of the employee that he had terminated six months ago.

He reported the error to finance and asked them to correct the problem. Finance responded and explained that the salary they reported was accurate and that the money had been paid to the person he terminated. Furthermore, they reported the person was still receiving a salary every two weeks. An internal investigation was opened and it was determined that even though the employee was terminated along with all benefits and access to company owned data, one single process had not been completed. It was the process that notified the accounting department to terminate the bi-weekly salary payment to the now, ex-employee.

Off-boarding users is not only an HR responsibility, it is an IT management responsibility. To do their job, employees often require many tools such as laptops, phones, subscription accounts, software, and access to networks that hold corporate data. When employees leave a company, they are expected to return the equipment supplied by the IT department.

Information Week commented on a study done by Intel called the Billion Dollar Lost Laptop Study.

“In the U.S. study, 329 organizations surveyed lost more than 86,000 laptops over the course of a year. A surprising number–13%–were lost in the workplace, and an equal percentage of companies didn’t know where laptops went missing”

If using an Asset Management system based on ITAM principles, a company will know exactly what assets a user has in his/her possession.


Automated processes can be built to recover those assets; both hardware and software, along with access to corporate data and subscription accounts that were assigned to the employee.

IMPORTANT: Your off-boarding process will only be as good as your on-boarding process.

  • Having processes in place that map users to the IT assets which users are assigned and re-assigned is critical to an effective off-boarding process. IT assets, in the possession of users that have not been mapped to that user, increases the potential of losing that asset.

Three keys are needed to create an efficient off-boarding process:

  • Consolidate Processes
  • Automate Processes
  • Generate a device list in the Off-boarding process that shows the assets that need to be recovered

Consolidate Processes

When creating an off-boarding process, it is important to try to consolidate processes for all tasks that need to take place. The example of the ex-employee that received a paycheck undetected by the company happened because the process to terminate salary payment was not executed by the same process that terminated benefits and network accounts. Consolidating processes would have simplified the execution of employee termination.

Automate Processes

When possible, build automation into your processes. Removing access to company networks, data, buildings access cards, and accounts should be automated to ensure no steps are overlooked. Any failures in the process should alert IT management so the problem can be corrected.

Include and automate online accounts and subscriptions to your off-boarding processes.


Many employees are supplied accounts to online cloud solutions such as or a subscription to a service such as MSDN. A person I worked with recently told me that his Salesforce account was still active. The problem was the account was supplied by a company he had resigned from more than a year prior to him sharing his story with me.

Generate a device list in the off-boarding process that shows the assets that need to be recovered

A list should be generated and supplied to an IT asset manager. When assets are returned, a confirmation interface or email should be sent that will trigger the automated process to update the asset management database.


When a laptop is returned, the management database should update at least two fields; the Lifecycle State and the Owner. For example, the lifecycle state could be changed from ‘Assigned’ to ‘Available.’


A similar process should remove software license mappings to users and their devices.


When the off-boarding process has completed all tasks, a report should be generated documenting the completed tasks.


On-boarding and off-boarding users is a critical part of ITAM. It is important to have methods in place to map assets to users when they receive them. Just as important is the off-boarding process so the asset can be recovered. As assets are re-assigned within an organization, automated processes should be in place so that the asset is not misplaced or lost. Assets that are lost will not be tracked which means an off-boarding process will not be able to capture or process those assets. Simply said, if you do not know what to recover, you will not know what to ask your users to return to the company, and you could lose the asset permanently.

-follow me on Twitter @marcelshaw

Asset Management On-Boarding and Off-Boarding Users (Part 1 of 3)

Asset Management On-Boarding and Off-Boarding Users (Part 2 of 3)