All posts by Marcel Shaw

Marcel Shaw is a technology blogger focusing on ITSM, ITAM, and Endpoint Management at marcelshaw.com. Marcel has worked as technical consultant for more than 25 years for industry leading IT companies with a focus on United States government agencies. Marcel's experience also includes working as a legal expert witness for IT management. Marcel writes about industry technology trends and best practices. He incorporates his views and his many years of experience to provide unique technology advice for people that manage and support IT solutions. Marcel Shaw graduated from Brigham Young University in 1991. Marcel has worked in both pre-sales and post-sales roles for companies such as Softsolutions, Novell, Dell, Softricity, Gateway, Landesk, and Ivanti. Marcel’s expertise and experience include networking technologies (LAN, WAN), IP infrastructure. Internet Caching technology, Storage and Fibre technology (SAN), Security Standards and Technologies, Document Management, Directory Services (NDS, AD, LDAP), Federal Security Standards and Requirements (DIACAP, FDCC, USGCB), ITIL, Asset Management (ITAM), endpoint Management, and endpoint security. Marcel has worked extensively with United States federal agencies solving IT problems. These agencies include USDA, NIST, FDA, DEA, DHS, FBI, DHA, Whitehouse Communications, Army, Air Force, Navy, Joint Task Force, NIH, Social Security Administration, IRS, NOAA, and FAA among others. All of Marcel's posts are edited by Carrie Shaw (@carrieshaw). She is not only a very good editor, but a great wife. Thank You
Technology

IoT vs. Mobile Devices: What’s the Difference?

I live in a house that requires a well sytem to provide water. The problem with the well water is that it contains a lot of sediment, including iron and sulpher which makes the water taste horrible, and smell even worse. Therefore, we have a water softener as well as an iron filter to keep the water from tasting and smelling bad.

The water filtration system also protects appliances that use the water, keeping them from getting damaged as a result of iron buildup in their pipes.

Recently, we replaced our water filtration system with an updated version. I was pleasantly surprised to learn that the new system provided us with the ability to monitor and configure the system through our smartphone. Now, I can configure the system to schedule a backwash of the filter from my phone if I think the filters need to be cleaned, but what I am most impressed with is the monitoring capability of the water system.

Whenever there is a continuous flow of water, I get an alert on my phone. Sometimes, the alert is a result of an appliance running, such as the dishwasher, but on two occasions the alert was a result of a toilet that had malfunctioned, which left the water running for several hours.

It brings me comfort to know that if I am away from home and a pipe were to break, I would receive an alert telling me that there is a continuous water flow happening in the house.

Technology embedded in non-traditional computer devices, such as our water filtration system is referred to as the Internet of Things (IoT), but I often hear people get it confused with the term “mobility” or “mobile device” which refers to something completely different. With so many different terms that refer to the many types of technologies emerging in the world today, it can be difficult to keep up with them. Let’s explore the differences between mobile devices and IoT.

Mobile Devices

Mobile devices are typically computer devices that fit in the palm of your hand with an LCD flat screen which provides the user the ability to control the device by simply touching the screen, referred to as a touchscreen. Smartphones and Tablets typically fall under this category, with Samsung and Apple leading the mobile device market space.

Mobility management has been a hot topic for the past several years because most people own a mobile device, and many people use their device as a tool in their jobs. For example, most organizations currently have a Bring Your Own Device (BYOD) policy, which allows employees to use their own devices to access company email and data. These policies are typically associated with protecting company data and access to company networks. Mobility management is typically used to enforce these policies, forcing employees to load applications and security policies on their devices before being granted access to the network.

The Internet of Things (IoT)

IoT devices or objects, often referred to as “things” contain embedded technology with a unique identifier that enables them to connect to the internet, to smartphones, or to other IoT devices. The unique identifier allows each individual thing to be individually identified and connected through its embedded computing system, and inter-operate within the existing internet infrastructure.

Some examples of IoT devices that we see on the market today include security systems, thermostats, light bulbs, cars, drones, speaker systems, medical devices, farm equipment, and more. IoT devices can transfer data over the internet as well as the ability to receive data.

This means that things equipped with IoT technology can be configured, controlled, or monitored using a computer device, such as a smartphone.

Today, it is estimated that there are over 12 billion IoT devices connected to the internet. However that number is growing very quickly. Some estimates claim that by 2020, there will be more than 30 billion IoT devices connected to the internet. In the future, we will see an increase of IoT devices equipped with sensors and actuators, working together to support cyber-physical systems.

In cyber-physical systems (CPS), physical and software components are deeply intertwined, each operating on different spatial and temporal scales, exhibiting multiple and distinct behavioral modalities, and interacting with each other in a myriad of ways that change with context. Examples of CPS include smart grid, autonomous automobile systems, medical monitoring, process control systems, robotics systems, and automatic pilot avionics

IoT devices will continue to change the way we do things today, creating direct integration of the physical world into computer-based systems. This will allow us to sense and control more physical devices, resulting in improved accuracy and efficiency, while reducing human intervention. Reducing human intervention will provide an economic advantage for those who use the technology, as well as change the employment landscape.

-follow me on Twitter @marcelshaw

Technology Opinion

Why Should Amazon Buy Uber?

Amazon has changed the way millions of people purchase merchandise while Uber introduced a new and convenient way to travel. Both organizations have taken advantage of mobile technology making their services available anytime and anywhere. Amazon introduced disruptive technology by providing millions of products through an on-line catalog service. Uber provided an easy way to get a ride in just minutes from almost any location.

Amazon’s Grocery Services

Recently, Amazon expanded their offerings by providing consumers a way to purchase groceries online. However, to provide a comprehensive grocery catalog, Amazon needed to sell perishables in addition to their pantry offerings. When Amazon acquired Whole Foods last year, many people believed that Amazon was making a move into brick-and-mortar operations. In reality, local grocery chains have established a local grocery supplier for Amazon’s real objective, online grocery shopping.

What’s missing? A delivery service that can meet Amazon’s requirements for its entire customer base. Currently, grocery services that include perishables, have been limited to a small percentage of Amazon’s customer base.

Why is Uber the best option to deliver Amazon’s groceries?

Who is the biggest delivery service is the world? Most people would probably not consider Uber to be a delivery service, however; Uber is probably the biggest delivery service in the world if you consider a rideshare service to be a delivery service. Uber delivers people and recently, Uber started offering meal delivery services by contracting with local restaurants.

One more thing to consider when looking at Uber as a delivery service, Uber’s model allows them to provide delivery service without purchasing delivery trucks, unlike other delivery services that would have to consider increasing their vehicle inventory if they were to provide grocery delivery services for Amazon.

Why should Amazon purchase Uber instead of contracting with Uber?

If there is something you want to buy, chances are that you will see what you are looking for through the Amazon app. Amazon is the world’s largest one-stop-shop for almost anything you want. However, if you need a ride, you go to Uber.

Amazon should purchase Uber, then incorporate features from the Uber app into the Amazon app. I dream of a world where one day, I can purchase my dinner, movie tickets, and transportation from a single self-service portal. I believe that Amazon is positioned to provide the world’s first one-stop-shop for all your needs and desires.

Amazon, if you are listening, strike while the iron is hot. It’s time to acquire Uber.

It’s time to build the world’s best self-service portal.

-follow me on Twitter @marcelshaw

Technology, Technology Opinion

Avoid Ransomware Attacks with IT Asset Management

When installing a home security system, it is important to perform a discovery so that you can document all vulnerabilities around the property you wish to secure. Why? Because a security system is worthless if you do not secure every window and door. When implementing an IT security solution to protect your data, it is important to perform a discovery so that you can identify all IT assets that need to be secured.

Unfortunately, many organizations continue to struggle with IT asset management and as a result, assets are often misplaced or lost. Why? Because IT assets are often misplaced or lost when they are changed, updated, relocated, or refreshed. Assets that are misplaced or lost can put an organization at risk because it is not possible to keep an IT asset up-to-date when you don’t see it.

It is no secret that many organizations have recently been hit with ransomware attacks such as WannaCry. On March 14, 2017, Microsoft released a critical patch that protected IT assets from WannaCry ransomware; however, on May 12, 2017, at least 230,000 computers in more than 150 countries were paralyzed by the ransomware.

Why? Because these organizations were not current with their patch and security updates. Many organizations that were hit with the ransomware were running unsupported operating systems like Windows XP and Windows 2003, which Microsoft no longer supports.

The Importance of an IT Asset Database

Maps are critical to generals and commanders who are at war because they provide a complete view of the battlefield. Maps provide details about the landscape along with all its obstacles. When fighting a war, it is important not to be surprised by the enemy. Without maps, generals and commanders would find it very difficult to identify and secure vulnerable areas on the battlefield.

IT asset databases are much like maps that provide a view of the battlefield. When IT can see everything, they are able to see obstacles that are putting the organization at risk. Organizations that want to protect themselves from ransomware attacks need to have reliable IT asset reports so they can see all assets that are vulnerable to a ransomware attack, such as older outdated operating systems and applications.

Organizations that do not have reliable asset reports are at risk. In other words, they are fighting a battle without a reliable map.

To avoid the cost and stress experienced by people who have been impacted by ransomware attacks, get a reliable map, i.e., build an accurate and complete IT asset database using a reliable IT asset management solution. Then build processes and procedures to track the assets throughout their lifecycle.

Security Starts with Discovery

To apply security policies to IT assets, security solutions must see the asset. Historically, organizations have not given much attention to the importance of discovery services and the IT asset database. They view it as a necessity to their security solution instead of a critical component to the business.

If you left one window unlocked in your home, it would not matter that the rest of the windows and doors were locked. Everything must be discovered for complete security. Be sure to choose reliable discovery solutions if you want to ensure your network is secure. An undiscovered device is like an unlocked window.

Summary

Organizations need to implement IT asset management to ensure security is applied to every IT asset on the network. Organizations that are not managing IT assets using ITAM principles do not have a complete security solution. Don’t let your data be compromised by an IT asset that you did not see.

-follow me on Twitter @marcelshaw

Technology Opinion

Why is Change Management Critical for Software Asset Management?

Early in my career, I often traveled to work with our customers. I remember one trip that required me to visit several cities in just four days. Before embarking on that trip, I remember calling a travel agent to make a change to the first flight of that trip. The travel agent was inexperienced because he made the change exactly as I had instructed.

To my surprise, the change that the travel agent made to the first leg of my flight caused the airline to cancel the flights I had scheduled for the entire trip. Why, because on most airlines, a change to the first segment of a trip requires the entire trip to be cancelled, and then the tickets have to be re-issued. Unfortunately, I lost all the discounts from my original ticket because my discounts were based on a seven day advance purchase.

As a result, I had to find another airline with cheaper flights, rearrange several of my appointments, and stay an extra night in a hotel. An experienced travel agent would have advised me of the consequences of my change request if it were to be granted. If I had been advised properly, I would not have made the change based on the additional costs that were to be incurred. Although some changes seem simple, they can have unintended consequences without the required expertise.

When audited, many organizations are required to pay thousands, and in some cases millions of dollars for violating software license agreements. Configuration changes and software updates are often to blame when an organization is found to be out-of-compliance with their contracts. For that reason, it is important that organizations consider software license contracts as part of their change management process.

Change Management

IT changes made within an organization are typically done to improve performance, and ultimately to save money. However, IT changes can also have unintended consequences that have a reverse affect, resulting in additional expenses as did the change to my flight. Change management is important for IT because it formally manages ongoing transitions from a current configuration to a future configuration.

Gartner states that “Change management is the automated support for development, rollout, and maintenance of system components (i.e., intelligent regeneration, package versioning, state control, library control, configuration management, turnover management, and distributed impact sensitivity reporting).

A change management request first requires detailed information about the future configuration to be submitted, then the configuration details to be reviewed by a change advisory board.

Change Advisory Board (CAB)

A change advisory board (CAB) supports IT personnel or a “Change Management Team” by reviewing change requests that have been submitted. After reviewing a change request, the CAB will either approve or deny the request.

The CAB is generally a team of representatives from various departments as well as people that have a specific expertise.

Because a configuration change can have an effect on employees and/or business processes, many organizations require a CAB to review all change requests in order to protect cost, risk, and revenue.

Software License Management Challenges

According to Gartner, “Optimizing complex licenses manually is labor-intensive; it requires specialized knowledge and does not scale. Larger enterprises will need a SAM tool. A SAM tool can automate, accelerate, and improve manual processes. It can pay dividends over manual alternatives, and can often pay for itself.”

Software license contracts are difficult to understand. For example, IBM releases over 3,000 license changes a year and they have over 100 license metrics. Some IBM products have up to 5 or 6 different license metrics depending on what a customer has purchased. The challenge many organizations face when managing software licenses is that they do not have a good understanding of their software license contracts which is required when using a Software Asset Management (SAM) tool. For this reason, it is important that change management requests are reviewed by a software license expert.

In the scenario above, Sally makes a request for change (RFC) to add a new partition to a server. After the RFC is reviewed by the CAB, the change is approved and then scheduled.

Following the change, a software audit is performed and the organization is found to be out-of-compliance with their contract based on the new partition that was added to the server.

How did this get past the CAB?

The CAB did not have the proper expertise required to make an evaluation about how that change would impact the software license agreement.

Add a License Expert to the Change Advisory Board (CAB)

To avoid unnecessary costs resulting from a software audit, organizations need to have a software license expert on the CAB.

Many organizations struggle when it comes to finding the expertise required to evaluate software license impact. For this reason, it is important to consider hiring a third-party with the proper expertise for the CAB. Although this is an additional expense for an organization, it will help avoid additional costs that come from being out-of-compliance with a software license agreement.

Conclusion

A change management process that requires software license contracts to be considered for every change request can help organizations avoid unnecessary costs resulting from a software audit. However, much like an inexperienced travel agent incurred additional costs for my trip, an inexperienced license expert on the CAB might approve changes that could incur more costs simply because they do not understand their software license agreements and the impact of the RFC. Be sure to hire or partner with the expertise required for evaluating software license contracts.

-follow me on Twitter @marcelshaw

Technology, Technology Opinion

Five Reasons the Data Center Needs Software License Optimization (Part 2)

In part one of this series, I suggested that every organization should consider implementing a software license optimization solution in the data center. Here are five reasons your organization needs Software License Optimization:

1 .  Complex License Variations

Software licenses are defined using multiple factors. These factors include the physical server, the number of processors, or the number of users; however, licensing becomes much more complicated if using virtual servers, cluster or fail-over solutions, and storage arrays.

IDC predicts that “Software License Complexity will Indirectly Cost Organizations an Average of 25% of their Software License Budgets in 2016.”  

 

Software vendors that sell into the data center tend to have many license variations for their product offerings. For example, terminology used in software license contracts will use terms such as Power Value Units (PVU), Resource Value Units (RVU), and Core Factor Table to define their software entitlement.

Complex statements in software license contracts are often confusing for most IT managers, especially when conditions or exceptions are added to the license definitions.

Some software vendors have up to 5,000 active license variations, which leaves many IT managers guessing about how to properly apply the licenses they have purchased.

2.  License vendors make changes which can affect licensing

Software license posture can be compromised when configuration changes or software updates are made to the network.

 

IT managers that are tasked to manage licenses need to understand how these updates or changes impact current license agreements. This is a lot to ask of someone who does not have licensing experience or expertise.

3.  Technology alone is not able to correctly calculate most server licensing

Software licensing tools provided by a software vendor or a third party are needed to monitor and manage software licenses, however these tools are not sufficient without people who have licensing knowledge and experience. It would be like providing software to model data in a database to someone who does not understand a database.

The complexity of datacenter software licenses requires those that manage the licenses to have a proficient understanding about the licenses and license contracts they are managing.

4.  Market expertise required – Having the right people with the right knowledge

Organizations that try to manage software licenses without hiring the proper expertise are at risk. Unfortunately, too many organizations are willing to take on this risk and as a result, software auditing has become a lucrative and profitable business for many software vendors and their partners.

Software optimization solutions require people with expertise in many areas. For example, Microsoft, IBM, and Oracle have unique licensing models that have many license variations that are often modified or updated.

Software optimization vendors typically employ software license experts that keep up-to-date with changes or updates to software licensing models. These experts can provide valuable insight and recommendations to help their customers stay compliant with their software license agreements.

5.  Software Audit Protection

Software optimization vendors can also assist an organization that is facing a software audit. In fact, some of these vendors will even represent an organization, much like an attorney, and fight on their behalf during an audit. These experts are usually people that have worked as software auditors in the past, so they are familiar with the software audit process.

Another important benefit is that software optimization experts can help organizations that have been hit with fines and penalties after a software audit by negotiating with the auditors on behalf of the organization. These experts are often successful at reducing penalties and fines demanded by the software auditors.

Conclusion

When software auditors are aware that an organization uses IT asset management (ITAM) best practices, they tend to move on to their next victim. In a study, Express Metrics claims: “Respondents whose organizations have implemented IT asset management (ITAM) tools report a 32% lower audit rate within the last two years than organizations with no such tools.”

Organizations that do not partner with software license optimization solutions and experts need to budget for unknown expenses. Why? Because these organizations will probably be out of compliance with software license agreements and as a result, they will pay the price.

-follow me on Twitter @marcelshaw

Technology, Technology Opinion

Five Reasons the Data Center needs Software License Optimization (Part-1)

Many years ago, I supported document management software used primarily by legal firms. The software provided attorneys with the ability to quickly access legal documents on the network. The software included intelligent searching capabilities, powerful reporting features, and version control for thousands of documents on a local area network. The capabilities we provided boosted the efficiency of legal departments and law firms all over world.

Although we provided a great software package that supported legal departments everywhere, the software alone was useless without the expertise of a legal expert or an attorney. When organizations need legal expertise, they hire legal experts. They don’t rely on legal software alone to handle legal matters.

Hire the Right Experts

When taxes are due, tax accountants are hired or subcontracted versus relying solely on a tax software solution. Software vendors that audit their customers typically employ software license experts along with software tools to perform the audit.

Regarding software license management, I am amazed how many organizations still do not employ or contract with  software license experts in addition to software optimization tools for software license management in the datacenter.

Software audits are on the rise because software vendors are realizing that audits can generate revenue, and that customers are not investing in software license management solutions or experts.

As long as there are organizations that are non-compliant with their software license agreements because of poor license management, software vendors will continue to find software audits to be profitable.  

In a gated Gartner report published May 28, 2014. Gartner claimed: “Tracking license entitlement has become a priority for many organizations as a means to alleviate the anxiety caused by annual software vendor audit. Gartner has seen an exponential increase in the number of contracts it has received from customers looking to purchase an SLOE tool during the past nine months. We don’t expect this trend to slow down…”

It is not practical to rely on IT managers to manage software licenses in the data center unless they have licensing expertise. This would be like having an accountant with very little legal expertise represent the organization in a lawsuit accusing executives of misappropriating funds. Although the accountant could provide the information required to defend against the accusation, the accountant would not have the required expertise to handle legal process, legal negotiation and most importantly, knowledge of local applicable laws.

Here are five good reason’s every organization should consider implementing an efficient software license optimization solution in the datacenter:

  1. Complex License Variations
  2. License vendors make changes which can affect licensing
  3. Technology alone is not able to correctly calculate most server licensing
  4. Market expertise required – Having the right people with the right knowledge
  5. Software Audit Protection

Part 2

In the second installment of this two part series, I will discuss complex license variations, market expertise, software audit protection, and how software licensing can be affected when configuration changes are made in the datacenter.

 

-follow me on Twitter @marcelshaw

Technology Opinion

Rise of the Chief Data Officer (CDO) and the Impact to ITSM

Within the IT organization, different entities often fight for control and resources to support their objectives. For example, IT security personnel might ask for more control by taking away rights from end users, while IT support services objects to the request for fear of increased call volumes. Furthermore, with limited budgets, resources are limited, making it difficult to support IT projects for each department. However, executives have to make decisions, leaving some IT projects unfunded.

Unfortunately, too many executives make decisions based on intuition instead of readily available data. This endangers the future of many organizations. In a gated report, Gartner predicts “through 2020, over 95% of business leaders will continue to make decisions using intuition, instead of probability distributions, and will significantly underestimate risks as a result.”

Intuition can be dangerous to an organization. For example, the evolution of Netflix over the past decade was a result of a series of decisions that were made based on the available data as well as some predictive analytics. The data they analyzed indicated a decline in store rentals, an increase in future bandwidth capabilities, and a generation (Gen Z) that expected “instant gratification.” Those who ignored the data did not understand what customers wanted, what future customers would expect, and the technology that would be available to meet customer expectations.

Many companies used “intuition,” to project that people would not want to abandon the local store experience. Today, those companies are nowhere to be found.

Who is the CDO?

Many organizations are realizing the value of their data so they are beginning to treat their data as a company asset; hence, the rise of the Chief Data Officer (CDO). The new executive CDO role is responsible for exploring how to use the organization’s data for its benefit. The CDO role will require this executive to have market and industry knowledge with a “technical” understanding of the organization’s data.

Gartner claims that “the race to drive competitive advantage and improved efficiency through better use of information assets is leading to a sharp rise in the number of chief data officers (CDOs). As a result, Gartner predicts that 90 percent of large companies will have a CDO role by the end of 2019.”

CDO responsibilities will more than likely vary across different organizations; however, we should expect the role will include data governance, data analytics, and data technology. Data governance responsibilities include setting standards and consistent processes to ensure the consistency, accuracy, security, and availability of the data. Interpreting data using data analytics from business intelligence tools will be a critical part of the CDO role as well as choosing the best software tools that support the organization’s objectives.

How will the CDO impact IT Service Management?

The CDO will play a large role in how the IT service management organization and software is structured and integrated with other software tools. Analytics and metrics provided by ITSM reports will provide critical information that will help the CDO determine risk to the organization when new software tools, new processes, and new policies are implemented.

The data provided from the ITSM tools and reports is important when setting IT strategy and defining IT architecture. ITSM reports help organizations make informed decisions when choosing software and hardware to support the objectives of the organization.

For example, if an organization decided to change from PCs to tablets on a project supporting one of the business units, a pilot program would ensure the objectives of the project are met. ITSM reports and metrics are important when analyzing data to determine the costs required to support the proposed solution.

ITSM reports and metrics will provide CDOs with the information they need in order to make informed decisions, avoiding the need to guess or use intuition to set objectives for future IT strategy and related IT projects.

Summary

Data provided from IT service management reports and metrics will be vital information for the CDO as he/she defines strategy for new technology, process, policy, security, and IT architecture. ITSM managers should expect the CDO role to have a direct impact on how IT service management will be implemented, delivered, measured, and most importantly, integrated with other IT solutions within the organization.

-follow me on Twitter @marcelshaw

Technology Opinion

Can RFID Help You Meet ITAM Objectives?

1 Comment

When I go to the grocery store, I tend to purchase much more than originally intended. To make matters worse, my usual grocery store seems to have more and more self-checkout registers every time I go. When I am ready to leave, my grocery cart is usually overflowing with items. Then I am expected to act like a cashier because I have to scan each item myself and finally pay a machine.

I estimate I spend an extra 12 hours a year in the grocery store working as a cashier at the self-checkout register. Imagine if I could simply walk up to the register and in a second, every item in my basket is instantaneously scanned without ever having to remove an item. Radio-Frequency Identification (RFID) is a technology that could make that wish come true. In fact, RFID can be used in many situations when an asset needs to be tracked. Many organizations use barcode scanners to track IT assets; however, barcode scanners require someone to see the asset and then find the barcode so it can be scanned.

What is RFID?

Much like barcode tags, RFID tags contain a unique identifier. RFID tags need to be read by an RFID reader just like barcode tags need to be read by a barcode scanner. The difference is that RFID readers use radio frequencies to communicate with an RFID tag instead of a line-of-sight scanner. RFID tags come in two formats: Active and Passive.

Active RFID

Active RFID tags have a battery so they can be set to automatically broadcast the asset information using a radio signal on a regular interval. The signal is picked up by an RFID reader located in the area.

Passive RFID

Passive RFID is when the tag is electrically charged when it is within range of the RFID reader, causing the chip in the RFID tag to power on, and send the tag’s unique hexadecimal value to the RFID reader. Passive RFID is commonly used to track assets as they enter or leave a dedicated area such as a room.

Can RFID technology help IT asset managers meet ITAM objectives?

To fully understand if RFID will help you with your ITAM objectives, it is important to understand how it works as well as its benefits and/or limitations. RFID capabilities include asset monitoring, asset tracking, checkpoint tracking, and bulk lifecycle updates. 

 1.  Asset Monitoring

Asset monitoring requires “active RFID” so that assets can send the asset information to a dedicated RFID reader at regular intervals, which is important in an environment containing assets with sensitive information. Alerts can be set when critical assets stop reporting to the asset management system; however, the problem with active RFID is that the battery on the RFID tags will eventually need to be replaced. Dead batteries can result in a false “asset missing” alert.

2.  Asset tracking

RFID provides the ability to instantly track assets within a building or room without having to scan individual assets, which will save IT administrators a great deal of time. I have witnessed IT employees walk through buildings scanning the barcodes of assets they can see. I have also seen inventory reports raise an alarm because some IT assets were not located using a barcode scanner due to human error. In one case, a laptop that was thought to be missing was simply locked in a drawer in someone’s office. If that laptop would have had an RFID tag, it would have been discovered by a mobile RFID scanner.

3.  Checkpoint Tracking

Checkpoint tracking is the ability to log an asset when it passes through a doorway or a checkpoint. For example, IT assets with an RFID tag could be logged as they enter or leave a building. Organizations that have sensitive data on PCs or laptops can be notified if an asset passes through a checkpoint.

Organizations with employees that share IT assets, such as hospitals could benefit by using RFID tags. Checkpoint tracking can give administrators insight to their operational landscape by showing when and where IT assets are used. For example, assuming a nurse uses a tablet throughout the day, the hospital could track and measure the time each nurse spends with a patient or client during therapy, and how many rooms were visited by that nurse over a given period of time.

4.  Bulk Lifecycle Updates

For IT asset administrators, RFID provides the ability to make bulk status changes to assets. For example, a room full of old laptops with RFID tags could instantly be changed to “decommissioned” without making contact with each IT asset. Making bulk asset lifecycle changes can be useful for IT service centers, loading docks, and receiving docks.

Conclusion

RFID tracking might not be for everyone doing IT asset management; however, there are some industries that could benefit from using RFID as part of their IT asset management solution. Educational institutions, medical institutions, police agencies, and manufacturing facilities are just a few examples where RFID technology could be helpful when operating an ITAM solution.

-follow me on Twitter @marcelshaw

A special thanks to Ron Kirkland for his contribution

Technology, Technology Opinion

Five Future Technologies to Watch for IT Service Management

As technology advances at such a rapid pace, many IT solutions become outdated very quickly. If organizations want to stay competitive and up-to-date with current technology, they need to stay informed about future technologies or their current solutions become quickly outdated . With regards to IT service management (ITSM), here are five technologies to watch that impact ITSM solutions in the future:

    1. Internet of Things (IoT)
    2. Security and Compliance
    3. Security Broker Authentication
    4. Predictive Analysis
    5. Virtual Reality

 

Internet of Things (IoT)

We will see an impact to ITSM solutions from IoT in two areas, CMDB and ITAM. To support IoT, ITSM processes and tools need the ability to integrate into IoT APIs.

Network systems and applications are typically provided access with Identity and Access Management (IAM) technology; however, IAM would be overwhelmed with the relationship and access demands required by IoT. Therefore, the Identity of Things (IDoT), which is an extension of IAM applies a unique identifier (UID) to IoT devices. This allows you to control relationships and access between the IoT and other entities inside and outside of your organization.

Gartner says, “IT asset management (ITAM) and software asset management (SAM) systems have traditionally managed IT and software assets of all types. The IDoT will assume some functional characteristics of ITAM and SAM within or integrated with IAM architecture, or be linked to ITAM as attribute stores.”

Without proper tracking of IoT devices and their configurations, it is difficult to apply security policies. ITAM and a CMDB will be critical for tracking the influx of IoT devices that are expected to hit company networks over the next several years.

Security and Compliance

Security is the number one priority in most organizations; however, not all organizations have integrated their security with IT service management processes. ITIL security management defines best practices when planning, controlling, analyzing, and maintaining security policies and processes to protect sensitive data.

A solid padlock securing the data paths of a circuit board. White Background.

It is important to build processes that integrate security management into change management processes if organizations are looking to minimize risk in the future. Over the next few years, IT organizations should expect to see more integration capabilities from their ITSM solution providers, which will allow them to integrate their security tools.

Security Broker Authentication

As IT solutions move into the cloud, many organizations will implement a cloud access security broker for authentication.

2016-09-16_8-08-31

Cloud Access Security Brokers (CASBs) can be on-premises or cloud-based. CASBs enforce security policies prior to allowing access to cloud resources.

Gartner says, “By 2018, 50 percent of enterprises with more than 1,000 users will use cloud access security broker products to monitor and manage their use of SaaS and other forms of public cloud.”

IT service management need to be prepared to support those having difficulty accessing the organization’s cloud solutions using CASBs

Predictive Analysis

In order to make informed decisions, it is important to understand current network service impact and costs. This is accomplished when current data as well as historical metrics are analyzed in order to predict future behaviors or to understand unknown events.

Predictive Analysis helps IT service organizations distribute workloads based on data from multiple sources.

Many ITSM software solutions are expected to add predictive analytics capabilities to their service management solution; however, these features are not useful if the IT organization does not have the expertise required to understand the data provided by these tools. IT organizations should consider employing a data scientist if they want to take full advantage of all the data and metrics that IT service management tools will soon deliver.

Virtual Reality

Virtual Reality (VR) solutions could soon work their way into the IT business environment. Knowledge management is a challenge for many organizations. In the near future, don’t be surprised to see IT organizations flirt with VR technology as they advance their employee training services.

Double exposure of man wearing virtual reality headset

Research and Markets believes that the industry will see over 60% growth every year for the next five years, transforming it from a fringe technology enjoyed by the techy few into a major medium for gaming, entertainment, and business.

VR could one day become a component of your Knowledge Management offering if the technology is retrofitted and accessible via an ITSM self-service portal.

-follow me on Twitter @marcelshaw

Technology, Technology Opinion

Three Tips for IT Asset Management (ITAM) Discovery

Many years ago, I observed a house being built directly behind my house. Once the house was completed, I was surprised when one day workers showed up and began to take the house down. In fact, they took everything apart including the foundation. As it turned out, the foundation was not built correctly. As a result, everything built on top of that foundation was not reliable.

IT discovery is the foundation to your IT asset management (ITAM) solution. If discovery is unreliable, then all of the asset information you are trying collect will not be reliable. According to an article published by computer weekly, “almost 66% of IT managers admit to not having a completely accurate record of their IT assets”

For accurate IT asset discovery, make sure you consider the following guidelines:

  1. Understand the difference between discovery and audit
  2. Don’t Discover everything from the start
  3. Define IT asset reports needed for IT asset management (ITAM)

Understand the Difference between Discovery and Audit

Do not confuse IT asset discovery with an IT asset audit. Discovery tools should allow you to automate manual processes. Gartner defines “discovery” as follows:

IT asset management (ITAM) entails collecting inventory, financial and contractual data to manage the IT asset throughout its life cycle. ITAM depends on robust processes, with tools to automate manual processes. Capturing and integrating autodiscovery/inventory, financial and contractual data in a central repository for all IT assets enables the functions to effectively manage vendors and a software and hardware asset portfolio from requisition through retirement, thus monitoring the asset’s performance throughout its life cycle.

The key difference between discovery and an audit is that an audit is more of a one-time event, whereas, discovery will be on ongoing process. For example, if a technician spends a day with a clipboard inventorying every PC in the organization, then you will have an accurate inventory report for that day only.

If you deploy discovery tools that show when PCs connect to the network, then you will have an accurate report every time you run an inventory report. Discovery tools will also account for PCs not connected to the network by showing you the last time they connected. PCs that do not check-in for a period of time can be flagged as missing in the inventory report.

Be sure to choose tools that can ‘monitor’ critical IT hardware assets such as PCs and Servers. PCs and Servers often contain additional software assets that need to be monitored.

IMPORTANT: If you are not able to see the hardware, then you probably won’t see the software.

IT assets that are not monitored need to check-in to the asset management system on a regular basis. This can be done by setting your discovery tools to run daily or weekly. Discovery tools should then be able to report any changes from the previous inventory scan.

Don’t Discover Everything from the Start

When looking to implement IT asset management, don’t try to do everything at once. Allow time for your asset management solution to mature. If your asset management solution is too complicated, chances are it won’t be successful.

When architecting your asset management solution, be sure to have a clear vision of what you are trying to accomplish. For example, are you able to address the following questions?

  • Why do you need asset management?
  • What do you want to track?
  • How do you want to track assets?
  • What type of reports do you expect?
  • Why do you want those reports?
  • Who will manage and maintain the ITAM solution?

If you don’t clearly define your IT asset management objectives, you could end up giving your employees a lot of unnecessary “busy” work. For example, if an organization is concerned about managing software licenses, it would make sense to build your solution so that it tracks the software, as well as the hardware hosting the software. You could complicate and distort you software asset management objectives if you try to include switches, routers, and printers.

Allow your IT asset management processes to be perfected before expanding the solution to include additional assets such as switches, routers, and printers. It is more important that your solution is successful. Keeping your solution simple from the beginning will increase your chances for success.

A simple and successful IT asset management solution can be matured into a fully functional and reliable solution that follows ITAM best practices.

Trend dashboard

Define IT Asset Reports Needed for IT Asset Management (ITAM)

Reports and dashboards will give you a summary of all your IT assets. Patricia Adams, an ITAM expert says ”by having an understanding of the benefits that a complete end-to-end solution can provide, CIOs, CFO’s and chief security officers (CSO’s) will be better able to address the issues they are facing (many unknowingly) within their particular organization.

As you begin your IT asset management project, define the type of IT asset reports you expect from your solution. This will help you identify what to discover and how often it will be re-discovered.

Be sure to design Business Value Dashboards (BVD) for your solution. BVD’s will help you translate technical information into cost and risk for non-IT management inside the organization. Ultimately, BVD’s will show the value that the IT department brings to the organization by helping executives make informed decisions.

Summary

Don’t let IT asset discovery become a stumbling block to your ITAM solution. Be sure to have clear objectives and a clear vision of the reports that will be needed to support those objectives. Set your discovery tools to discover and monitor assets relevant to your objectives. Most important, don’t overwhelm your IT employees with unnecessary discovery information, especially during the early phases of the project.

-follow me on Twitter @marcelshaw