Three Ways to Avoid a Software Audit

One rainy afternoon several years ago, I waited in a parking lot for a leasing company representative to pick up my car. I leased that car three years earlier so it was time to return it. Unfortunately, I exceeded the mileage in the agreement so I had to provide the representative with a check before he would take back my car. I exceeded the mileage by 3,000 miles and the penalty was 25 cents per mile.

When software auditors come knocking on your door, they are looking to see if your organization has exceeded the number of licenses purchased. Similar to how a penalty is applied for exceeding mileage on a leased car, a penalty is applied when you exceed your license count. These penalties can be very expensive, especially for smaller organizations. To make things worse, many organizations don’t know if they have exceeded their license count and if so, by how many.

Software Vendor Partners and Software Audits

To avoid damaging relationships with customers, software vendors commonly use partners to perform their software audits.

An article posted regarding Microsoft software audits states: “Most often we are seeing Microsoft approach customers via email to conduct a self-audit, but we also see the more invasive, third-party types of audit that will send a shiver down any CIO’s spine.”

Why would Software Vendor Partners Want to Perform Software Audits?

Partners who perform software audits usually receive a percentage of the proceeds from penalties and true-up costs that are billed to an organization for any unlicensed software discovered during the audit. To avoid being targeted by software auditors, you need to understand the motivation of most software auditors—money.

How Can I Avoid a Software Audit?

Software audits are expensive for software vendors and their partners to perform. I recommend three things for any organization looking to avoid a software audit.

  1. Use ITAM software tools
  2. Build accurate software license reports
  3. Demonstrate understanding of your software license agreements

Use ITAM Software Tools

With IT Asset Management (ITAM) tools in place, you will properly discover software assets installed on your network. You will also have normalization capabilities, which will prevent inaccurate software license reporting that is a result of inaccurate data in your database.

ITAM tools that see software utilization can help recover unutilized software licenses. This can be a life-saving feature, or at a minimum, a job saving feature if you exceed your license count and are facing an upcoming software audit. Many organizations have been able to save or re-appropriate funds when renewing software licenses after removing software that is never used by employees.

ITAM SAM

When organizations manage their software using ITAM processes and software, they discourage software auditors hoping to make money from penalties and true-up costs that result from discovering unlicensed software.

In a study, Express Metrics claims: “Respondents whose organizations have implemented IT asset management (ITAM) tools report a 32% lower audit rate within the last two years than organizations with no such tools.”

 Dashboard Blog 4

Build Accurate Software License Reports

Building accurate software reports is critical if you wish to avoid a full software audit. Often times, your software vendor or their third-party contractor will request a report that shows how many licenses you own versus how many you are using. If you are able to provide reports that are accurate and easy to understand, you can avoid a visit from the software auditing team.

Build reports similar to the software auditor’s reports. If your software license report looks like the software auditor’s report, you could lessen the chances that the software auditor will follow up by performing a full onsite software audit. Software audit report templates are available online.

  • Avoid contacting your software vendor or their partners to find sample/template reports.

This might raise a red flag from the software vendor’s perspective which could result in a date with the software auditor. Be advised that some software vendor partners not only sell licenses, they also do software audits.

If the software auditor decides to run their own software tools to build reports, it will be important to have your own software audit reports to address any discrepancies. The worst thing any organization can do is sit back and accept the findings of a software auditor at face value. Mistakes that favor the software auditor will result in unnecessary costs.

Demonstrate Understanding of Your Software License Agreements

It is important to understand your software license agreements, especially if you have to answer questions raised by a software auditor. Much like sharks will target an area where there is blood in the water, software auditors target organizations with a lack of knowledge about their contracts. When software auditors sense compliance issues they might see dollar signs, so if you demonstrate poor understanding about how your software licensing is structured, prepare to spend a day with the auditor at your location.

Summary

There is no indication that software audits are slowing down, so to avoid unexpected expenses as a result of a software audit, organizations should invest in ITAM tools. In a gated Gartner report published May 28, 2014. Gartner claimed:

Tracking license entitlement has become a priority for many organizations as a means to alleviate the anxiety caused by annual software vendor audit. Gartner has seen an exponential increase in the number of contracts it has received from customers looking to purchase an SLOE tool during the past nine months. We don’t expect this trend to slow down…”

No organization is immune from a software audit, however, organizations that demonstrate a good understanding about what they have through accurate software license reports will not be targeted as often as those who demonstrate poor ITAM practices.

-follow me on Twitter @marcelshaw

Tracking Bigfoot and Missing IT Assets: A Tale of Poor Discovery Techniques

One dark cold night, three men are quietly sitting deep in the woods, somewhere in the Appalachian mountains. They listen intently to every noise, then from a distance they hear a sound that could resemble the creature they are seeking—Bigfoot. One of the men jumps up, takes a deep breath, and with all his strength lets out a sickening howl that sounds like he is part screaming and part singing. Meanwhile, at a campsite a couple of miles away, a group of young adults are sitting around a campfire. They hear what sounds like a man screaming in the distance. A young man sitting by the fire and under the influence of alcohol, jumps up, takes a deep breath, and lets out a scream in an effort to mimic the sound he just heard. Upon hearing a scream off in the distance, the three Bigfoot hunters stare at each other, eyes wide open. One of the men says, “It’s a Squatch!”

An IT administrator has finally been able to free up some time to start a very important project. He cleans up his office and calls the warehouse to have someone retrieve the server for him. “What server?” replied the man from the warehouse. “I ordered a server two months ago,” said the IT administrator. “In fact, someone came by my office and told me it had arrived,” claimed the administrator. The man from the warehouse responded, “Are you sure they were talking about the server? Anyways, we will have someone search the warehouse and give you a call back.”

  • Marcel Shaw’s Observations – The Bigfoot hunters could probably benefit from scientific equipment while IT administrators will benefit using IT asset management discovery software with B2B and lifecycle tracking capability. If you don’t track your IT assets from the time they are purchased, including a method to document when they arrive, they could go missing.

-Poor discovery techniques lead to confusing conclusions.

  • Patricia Adams’ Observations – Having a formalized process that centrally receives all IT assets would assist with tracking. By linking the asset request and purchase order to the shipping info, when the asset is received it can be matched back to the request. When it is stored on the stockroom shelves, using a barcode on the exterior box will automate the manual processes so assets are not easily misplaced after they are entered into the ITAM tool.

Bigfoot1b

The Bigfoot hunters, or Bigfoot scientists as they like to call themselves, decided to document the Bigfoot with a camera. One of the men takes an apple and climbs eight feet into a tree. He takes the apple and pierces it into one of the branches. He positions his camera to capture anything that might come for the apple. The three men leave the area for several hours and return to see that the apple has been taken from the branch. The camera’s battery did not last for more than 30 minutes, which meant they did not capture any video of the apple eater. One of the men looked at the others and said, “Don’t worry about the video, that apple is eight feet up in the tree.” They instantly became excited, looked at each other, and simultaneously said, “Squatch!” Meanwhile, a black crow sits atop a tree not far away enjoying the rest of his fresh red apple.

The IT administrator stopped by the data center in search of his server. While he was there, one of his employees approached him and said, “You know those two virtual servers I told you about a couple of months ago?” “The servers that we don’t know anything about?” said the administrator. “Yes,” replied the employee. “Nobody knows what they are used for and I am afraid to remove them in case they are part of somebody’s project. If we keep them, we will have to pay for the licenses in the upcoming renewal. What do you you me to do?” asked the employee. “Turn them off and wait for the phone to ring,” replied the administrator.

  • Marcel Shaw’s Observations – Next time, the Bigfoot hunters should probably focus on making sure that the camera is working before making any conclusions. The servers in the data center are not properly tracked using current asset management processes. Virtual technology has drastically reduced the effort it takes to spin-up a server for projects or testing purposes; however, many organizations have been surprised with unexpected costs as the result of a software audit. Those servers need a license, so organizations need to put discovery procedures in place to ensure virtual servers are tracked when they are created. Be sure to track who it was that spun-up the server and for what purpose. The good news, the IT administrator did not make any assumptions as did the Bigfoot hunters. Shutting down the servers to see if someone would notice was probably their best option. If he had concluded that the servers were no longer in use, he might have destroyed important data or set someone’s project back several months.

-Assuming is not considered discovery.

  • Patricia Adams’ Observations – Virtual server sprawl is an expensive problem in many data centers. Any VM that has been staged requires a supporting software license. If it is online and hasn’t been used within a defined time period, it should be removed. You don’t want to leave costly software licenses sitting around unused for extended periods of time.

-Inaccurate conclusions lead to inaccurate decisions.

Bigfoot1a

While returning to their truck, the Bigfoot hunters (scientists) discover a dead deer not too far from the road. They analyze the deer. One of the men points to the bones and says, “You see how clean that break is right there? That is the result of a Squatch.” He explained to the others that when the Squatch eats, it breaks the bones much like what they were observing. “They just snap the bones,” he said. Meanwhile, eight miles down the road, a young family traveling home from vacation sits in a repair shop waiting for their car to be repaired after hitting a deer several miles up the road.

The IT administrator stopped by to see the asset manager. “Have you seen that server I ordered?” he asked. The asset manager looked at his spreadsheets. “I see here when it was ordered and I have an email from the warehouse that they received it. I told them to take it to your office,” said the asset manager.

  • Marcel Shaw’s Observations – Apparently there is little to no education required to be a Bigfoot scientist; however, asset managers should be educated on ITAM best practices. Using spreadsheets and email demonstrates a poor understanding about how IT asset management should be done when tracking IT assets.

-Subject matter training minimizes mistakes

  • Patricia Adams’ Observations – Putting in place a process to track hardware and software throughout its life cycle is not complex, though it might be difficult to standardize the process which might vary based on geographies, locations, headcount, IT staff, or many other factors. If an asset manager needs training on how to create applicable policies, processes, and metrics to implement an ITAM program successfully, IAITAM offers a hardware asset management training course.

Bigfoot1c

Conclusion

When the IT administrator returned to his desk, he looked around his office to see if there was a possibility someone had put the server in his office. He got down on his hands and knees and looked under his desk and sure enough, there it was along with a few other boxes. Meanwhile, the Bigfoot hunters went on to have a weekly TV show where they could demonstrate their Bigfoot expertise. Although Bigfoot never appeared in any of their episodes, they convinced millions of people to watch their show that was really about nothing at all.

Bigfoot2

Whether or not you are tracking animals or IT assets, poor discovery techniques will lead to inaccurate results.

Three Keys to an Efficient ITSM Self-Service Portal

Traveling can be quite stressful, especially when visiting unfamiliar places. Many years ago, when I rented a car, I would ask for a map and directions. Even though I had a map, I always seemed to get lost in unfamiliar places. Sometimes I misunderstood the directions I was provided, and sometimes I was given poor directions.

GPS technology simplifies the process of getting you to your destination because it has the ability to pinpoint your location. With GPS technology, it is almost impossible to get lost, even in the most unfamiliar places.

When IT Service Management organizations design efficient self-service capabilities for their customers, it is much like providing GPS capabilities to someone who is looking for directions. When customers are provided the ability to solve their own IT problems, or to make a request without soliciting the help of another person, they will have a better experience. Self-service improves customer satisfaction while reducing IT service management costs.

When building self-service capabilities for incident resolution and request fulfillment capabilities, it is important to have three key building blocks for an efficient ITSM self-service portal.

  1. Knowledge
  2. Automation
  3. Asset Management

Knowledge

Empowering your customers with relevant information in a self-service portal is critical. If customers do not trust the knowledge provided, they will not use the self-service portal. An app using GPS technology not only provides directions, it provides additional relevant information about surroundings such as restaurants, gas stations, and hotels. Like a GPS, a self-service portal needs to display relevant information to the customer through the self-service portal.

Knowledge provided to customers in the self-service portal should include the ability to search for an answer to a question. Known issues should be easily obtainable along with instructions for a resolution.

Self Service Portal1

Create a ‘How-to’ section on the portal. How-to knowledge will reduce support calls. If customers are calling to ask the same question about a specific task, create a ‘How-to’ knowledge document. For example, if customers often call support to have someone assist them through the task of connecting their phone to the wireless network, create a ‘How-to’ document and post it in the ‘How-to’ section of the self-service portal. Use pictures where possible to show the customer what to do.

Consider adding a social media component to your self-service portal. Much of the information we get today comes through social media. As customers learn tips and tricks, they will post their findings for other customers to see.

Be sure to monitor the knowledge information provided to keep it fresh. If the knowledge provided by the self-service portal is not helpful to the customers, they will not trust the content. If they don’t trust the content, they will not use the knowledge database. The result will be more calls to the support analysts.

Automation

Automating redundant tasks will reduce costs and minimize errors. Analyze your incidents to find the most common issues.

Self Service Portal 4

If possible, create an automated process to resolve common issues such as a password reset. For example, when someone forgets their password, have an automated task verify the person’s identity, then allow that person to reset the password. Meanwhile, the process can log an incident as opened then resolved without intervention from an analyst.

Self Service Portal 5

When providing catalog services to your customers, automate request fulfillment through the self-service portal. For example, a request for software that requires a license might need a manager’s approval. The request process can be automated to notify the manager of the request. When approved, the software will automatically install to the customer PC.

Asset Management

Automation in conjunction with asset management will enable your self-service portal to manage and track IT assets that are requested by the customers. For example, if a customer requests a laptop, integration with an asset management database allows you to verify if the asset is currently available.

Self Service Portal 2

Connect self-service hardware requests to IT asset management procurement processes, if possible. If an asset is not available, automated processes can facilitate a purchase request with minimal intervention from the analysts.

For software, create automated processes that will facilitate the automatic delivery and installation of the software package. Use asset management to track the software license. Map the software license to the customer in addition to the location of the device. Software license tracking will insure the organization is prepared in case of a software audit.

-follow me on Twitter @marcelshaw

Help Desk vs Service Desk: What’s the difference?

In my first IT job, I worked as a Help Desk Analyst. I supported a software package that tracked individual documents when DOS was predominantly used as the operating system on most IBM-compatible computers. The software we used to support customers would create incidents, which meant it would create a profile with a unique incident number, a category, the analyst, the customer, and various other pieces of information we considered important. The way we provided IT support was what many called a ‘Help Desk’ or ‘ticketing’ solution.

We often hear the term Help Desk or Service Desk when talking about IT Service Management (ITSM) solutions. Help Desk solutions usually refer to incident management, whereas Service Desk solutions extend beyond incident by adopting additional ITIL disciplines.

When defining an IT Service Desk, Gartner says that: “IT Service Desk (ITSD) products range from simple call tracking/trouble ticketing (aka “help desk” products) to broad suite solutions encompassing call management, incident management, problem management, IT change management, configuration/inventory repositories, request fulfillment and self-service portals.”

Let’s discuss the difference between a Help Desk and a Service Desk in more detail.

Help Desk 

Help Desk solutions, which do incident management without formalized processes for other ITIL disciplines, tend to focus on getting the customer back up and running as soon as possible. 

Help desk

Help Desk solutions provide a reactive method for IT support. Ownership of an incident from start to finish is typically the responsibility of the front–line-support analyst. Depending on what is considered to be most urgent, escalation analysts often perform all the tasks of a problem manager, change manager, and release manager.

Service Desk

Service Desk solutions provide a way to accomplish problem, change, configuration, knowledge, and release management, in addition to incident management. Today, most Service Desk solutions are able to be designed according to ITIL V3 best practices. When organizations move from simple ticketing systems (i.e. Help Desk) to an IT Service Desk solution, they usually require a change in software tools so they can meet their objectives.

ITSM Model

Service Desk solutions focus on preventing problems by measuring performance, sharing knowledge, managing configurations, and formalizing problem, change, and release management processes.

With a Service Desk, IT service management organizations will separate incident and request processes, creating an environment where IT can provide a value to the organization through request fulfillment and catalog services.

Service Desk software tools can also help improve efficiency by providing self-service portal capabilities. Services offered include requests such as software, hardware, and network access to corporate resources.

Help desk 2

With a Service Desk solution, IT service management organizations structure their employees into groups and roles such as change managers, problem managers, and release managers according to ITIL best practices. Furthermore, analysts are aligned with the appropriate IT experts when doing problem and change management.

Service Desk solutions share information with analysts, and their customers, through automation and a managed knowledge database.

Service Desk software solutions can be integrated with internal or external corporate resources.

Through integration and automation, a Service Desk solution will increase efficiency and add value to the organization by providing automated request fulfillment services.

Summary

Organizations not providing Service Desk capabilities should examine their ITSM software and their IT service management organizational structure so that appropriate changes can be made when moving from a Help Desk to a Service Desk.

BrightTalk ITIL BP

On February 16, 2016, I gave a presentation for BrightTalk discussing best practices for adopting ITIL into your ITSM solution. Adopting ITIL best practices, along with choosing the right software tools, will transform your IT service management organization from a Help Desk solution to a Service Desk solution.

-follow me on Twitter @marcelshaw

Three Reasons Government Needs ITAM

Several times a year, I take Constitution Avenue in Washington, D.C. on my way to visit government agencies. It is a beautiful city with many beautiful buildings and museums. Prior to my first visit, I imagined government buildings in Washington, D.C. were bland and boring, much like my old high school. To my surprise, I found each government building mesmerizing with beautiful architecture that is designed by some of the greatest architects in the world.

I also experienced the enormity of the U.S. federal government as I visited various agencies. I learned that the U.S. federal government is the largest IT consumer in the world, employing over 4.3 million people. However, unlike commercial enterprises, government agencies have a unique challenge with regard to how IT assets are purchased and managed.

Government Acquisition Requirements

Government agencies around the world typically have acquisition requirements that must be followed when making an IT purchase. In the United States, it is called the Federal Acquisition Regulation (FAR) which has an underlying objective of conducting business with integrity, fairness, and openness. These requirements help government agencies avoid corruption that can possibly occur when commercial companies lobby politicians.

Government agencies usually have a budget for IT expenditures; however, unlike commercial companies, if government agencies do not spend the entire budget during the government’s fiscal year (Oct. 1 – Sept. 30), they are at risk of their budget being reduced. For this reason, government agencies are at risk of purchasing IT assets that have redundant features, or assets that might not be necessary because they have an objective to spend their budget. This is unlike commercial enterprises who typically scrutinize every purchase with the objective of spending less.

For a government agency, IT Asset Management (ITAM) practices and processes can help control and manage IT asset costs. For agencies looking to meet budget, instead of saving money, ITAM is a good way to re-allocate funds to other projects that can help the agency be more productive and efficient.

Below are three areas where ITAM will help government agencies:

  1. Control Spending

Many years ago, I hosted a party and provided food and drinks for everyone attending. I was expecting quite a few people; however, I failed to ask the invitees to confirm whether or not they would attend. As a result, I was not sure how much food to purchase. To be safe, I bought a ton of food and drinks so that I would not run out of anything. I had leftovers for two weeks and still had to throw a lot of food in the garbage.

ITAM lets you see what IT assets you have which allows you to make accurate decisions about what assets are needed. It’s simple, if you are not using ITAM, it is like trying to provide food for a party of friends without knowing how many will attend. I have found that government organizations that lose track of IT assets usually purchase too many software licenses and they tend to purchase technologies with features that overlap each other.

In a report posted in 2015 by the International Association of Information Technology Asset Managers, Inc. (IAITAM) titled “Understanding the Federal Government’s ‘IT Insecurity’ Crisis,” they noted that in an audit of eight locations maintained by the U.S. Department of Energy (DOE), the Inspector General (IG) found that in 2012 DOE spent nearly $2 million more than necessary on IT equipment acquisitions. Another audit in September 2014 by IG found that over a three-year period, DOE paid approximately $600,000 more than necessary on software licenses.

2.  Eliminate IT Assets that are Underutilized

When purchasing IT assets for a large government organization, it is important to understand the requirements so that products purchased can be mapped to the specified requirements. Unless an agency is using ITAM, they will quickly lose track of recent IT acquisitions along with the requirements that had been used to justify the purchase.

For software assets, when features overlap, the result will be that applications or features within applications will not be utilized. Even when applications are not used, they are costing the organization money with ongoing maintenance and support costs. With ITAM, not only will organizations be able to see all the assets, they will be able to see if assets are utilized. On the website of the U.S. National Institute of Standards and Technology (NIST), they claim:

3.  Security

It is hard to imagine a good IT security system without proper ITAM practices. For example, think of how a physical security system is installed in order to protect a building. Before it can be installed, a security specialist evaluates the building by taking an inventory of all doors and windows, along with any other security risks. It would not be realistic to install a security system on most windows and doors. Security would need to be installed on ALL windows and doors.

It is no different when trying to secure IT assets. An inventory needs to be kept of all hardware and software assets before any security measures can be effective. If you don’t know what hardware assets you have, then you won’t know if something is lost or stolen. If you don’t know what software assets you have, then you can’t be sure that all software is patched and up-to-date.

The IAITAM published a report that states, “Spending greater and greater sums without proper ITAM controls in place is a prescription for more breaches, risks posed by unauthorized devices, increases in lost and stolen hard drives, and major vulnerabilities created by outdated and/or ‘unpatched’ software.”

Summary 

IT asset management can help identify risks in your IT environment and cutcosts by up to 50 percent. So why don’t more government organizations invest in asset management? For many, the reason could be they don’t know where to start and they don’t know how to sell the value of asset management to the rest of their organization.

Government agencies need to understand the importance of ITAM practices. They need to understand that it is not only required to keep costs down, it is also needed to ensure that every device is accounted for and secure.

-follow me on Twitter @marcelshaw

Three ITSM Projects for Your Five-Year Plan (PART 5 of 5): Self Service

I’ve had to travel a lot throughout my career in technology. Years ago, I remember having to stand in line at the airport to get my boarding pass. Then, when the internet was adopted by the airlines, they provided the ability to check-in online and print your boarding pass, which eliminated the process of waiting in line. Now, I simply check into my flight using a smart device, and then I present an electronic boarding pass at the gate.

When we look around the world we live in today, it seems everything is moving to self-service portals. Grocery stores, airports, banks, gas stations, and fast food restaurants are examples of places we interact with a self-service portal instead of an actual person. Because of these technological advances, a new culture has emerged in the emerging generation which Gartner has named ‘Gen Z.’

“With consumers’ preference for using the Internet and mobile services to drive business efficiencies and optimize time management, every industry is striving to improve the customer experience and meet the demands of Gen Z by simplifying, automating and making more intelligent end-to-end processes, and minimizing manual interventions, enabling the consumer to self-serve.”

For IT service management organizations, I believe the most important project should be to either build or improve the self-service portal. For an ITSM self-service project, asset management (ITAM), along with process automation tools, will provide a solid foundation.

Remember, it is important that the tools selected are able to integrate with the ITSM solution. If choosing a cloud solution, be sure to understand integration capabilities or integration limitations.

What is ITSM Self Service?

An ITSM self-service portal should provide the following:

  1. IT technical support
  2. Service requests

IT Technical Support

When a user has an issue, a good self-service portal provides access to a knowledge base listing common issues or frequently asked questions, reducing the number of calls to an analyst. If an issue needs to be analyzed, the user should be able to open the incident using a simple form designed to route the incident to the appropriate support group.

Automated processes that can reset a password or update their device with the latest approved patches should be made available to the user. Personally, I have found that one of the most valuable features provided in a self-service portal is the ability of online chat with the analyst.

Service Requests

A large part of your self-service project will be the service catalog. It will be important to determine what services will be offered through the self-service portal. Once the services are determined, they will be added to the service catalog. Services should be designed so that they are only visible to the appropriate users.

For example, if an inside sales person is not allowed to have a company phone while an outside sales person is provided with a phone, the self-service portal should not make the ‘request phone’ service visible to the inside sales person.

A request process might need to reach beyond the traditional boundaries of an ITSM software solution. Integration into HR, sales, asset management, and accounting are just the beginning. The goal should be to build your solution with efficient B2B connections.

Gartner says, “Business to business (B2B) processes are also continuing to be streamlined to drive down costs by decreasing the number of redundant manual interventions. This is being accelerated by new technologies focused on providing more intelligent and predictive processes linked to the IoT to speed up and automate even skilled-people-based processes.”

As you design your self-service portal, follow the advice of Joe the IT Guy, an ITSM blogger, who says to “…think about self-service from an end user point of view. They shouldn’t have to worry about which part of the business supplies phones, or pensions, or paperclips. They shouldn’t have to go to multiple self-service facilities for different goods or services. So plan for the extension of the self-service capabilities at the outset rather than allowing it to be a belated addition when someone suggests that a HR employee portal is needed. Not only will this deliver a better employee experience, it will also allow the organization to benefit from increased efficiency and effectiveness, and economies of scale.”

Summary

ITSM projects require significant time and money. Projects need to be aligned with current needs as well as future technologies. Providing a self-service portal that can provide help in addition to fulfilling requests will help organizations reduce IT support costs. Furthermore, organizations will have an infrastructure in place that will be able to adapt to technology changes and demands expected in the near future.

On November 18th 2015, I gave a webcast for BrightTalk and discussed three key projects for ITSM. You can view the webcast by following this link.

BrightTALK

-follow me on Twitter @marcelshaw

Three ITSM Projects for Your Five-Year Plan (Part 4 of 5): Integration & Automation

Recently, I called a company because the heater in my house would continue to operate regardless of the temperature reading. They insisted on having their service technician come to my house to evaluate the problem and make a diagnosis. For several hours, I was concerned about how much this would cost because they could not tell me until the technician completed his investigation.

I have had this same experience when calling IT support; however, I am not as concerned about costs as I am about meeting a deadline. In any event, this is still a cost for IT support. Anytime IT has to investigate issues on the network, or in software for a solution, there are unknown costs associated with that process. The longer it takes to find the issue, the more it costs.

Historically, as IT organizations looked at the costs of supporting all their computers, they began looking at tools that could automate manual processes. The reason for automating processes was simple, automation reduces costs. Furthermore, integrating your IT solutions into your ITSM solution makes IT support easier, faster, and much more efficient.

For example, many years ago, an analyst would often dispatch a tech to a person’s desk to troubleshoot a problem that could not be diagnosed over the phone. Many organizations found that implementing a tool that controlled the computer remotely from the analyst’s computer reduced the cost of the incident by up to 90 percent.

The only way to prepare for emerging technology, in addition to supporting your current ITSM requirements which are often operating with reduced budgets, is to implement automation tools that can integrate with all your network, database, and software solutions.

For example, when an account is locked because a customer forgot their password, the analyst might need to call the IT admin. However, if the analyst has the appropriate rights, they could unlock the account by accessing the required network tools. If an automated process is implemented, the analyst could trigger the account to be unlocked by simply pressing a button from the incident page. Ultimately, the best way to handle this example would be through a self-service process; however, I will discuss this in more detail in part 5 of this series.

When examining costs, an incident can fall into one of three categories:

  • Instant Resolution
    • Known cost
  • Resolution Pending Action
    • Known cost
  • Resolution Pending Investigation
    • Unknown cost pending investigation
    • Most expensive
    • Troubleshooting required

Instant Resolution

Integration Projects 1

When an incident can be instantly resolved by the technician, the cost of the incident is easily determined. Some examples of instant resolution would be a password reset, a “how-to” question, or a known issue with resolution instructions available in the knowledge base. Any incident that is opened and resolved during a call falls into this category.

Resolution Pending Action

Integration Projects 2

When an incident can be resolved by the technician pending an action, the cost of the incident is also easy to determine. For example, if it is determined that a customer needs a software update or a replacement phone or laptop. The analyst would determine if the item is under warranty and initiate an automated process to replace the device. The analyst would mark the incident as ‘resolved’ when the customer receives the replacement device or software update. The incident cost is easily determined, even if there is an outstanding action item that needs to happen prior to closing the support incident.

Resolution Pending Investigation

Integration Projects 3

Anytime an incident needs further investigation to determine the cause of an issue it is placed in this category. For example, if the analyst has to dispatch a technician or escalate an incident, the cost of the incident will be unknown until a diagnosis and resolution is determined.

In some cases, these types of issues are moved to the Problem Management team. To reduce the costs of IT support, organizations are focusing on incidents that require investigation. This is accomplished using smarter technology.

When I called about the problem with my heating system, a technician was dispatched to my house.

Integration Projects 4

In the near future, embedded technology such as (IoT) will eliminate the need to have someone investigate an issue.

The ideal solution would be to know about an issue before the customer realizes there is an issue.

Integration Projects 5

When technology can self-evaluate and determine the cause and resolution without manual intervention, the cost of the incident can immediately be determined.

With embedded technology, my heating system could have reported back to a central system with the diagnosis. As a result, a person or an automated system could contact me and notify me of the impending problem and recommended resolution.

Forbes quoted Gartner regarding future technology trends stating that “to an increasing extent, technologies will be able to not only collect information, but learn based upon it. In the process, much of the initial analysis that has typically required a human can be done by machines, elevating the analysis in the process. People will need to engage at a higher level as a result.”

We can expect this type of technology to rapidly expand over the next several years for IT support. The demand for problem notification from network and software solutions continues to increase as budgets for IT support shrink.

Process Automation

It is important that organizations have tools in place to support automation. This can be done using a business process manager (BPM).

Integration Projects 7

Automation tools can eliminate redundant manual tasks. For an ITSM solution, automated tools can trigger a new incident.

ITSM Integration

Be sure to choose process automation tools that are easily integrated into a wide variety of network solutions, including your ITSM solution.

Integration Projects 6

Process automation tools should be able to listen for changes in other databases. Tools should be capable of triggering a process based on a change. Also, automation tools need to have the ability to move data from one system to another. For example, if a person is terminated from an organization, an automated process should be able to cancel all accounts that have been setup through the IT department, such as a mobile telephone account.

Be sure that automation tools can execute programs or run scripts. Finally, automated tools should be able to integrate with database standards such as ODBC or web services in order to integrate the different network solutions.

Summary

Building automation and ITSM Integration into your network architecture will reduce the cost to support redundant manual tasks that could introduce human error. The tools used need to have the ability to integrate with different solutions on the network. With this type of architecture in place, your ITSM solution will be prepared to handle the smart technology that is evolving which can notify the ITSM solution of impending issues, thus reducing the time and costs required to investigate and diagnose a problem.

In Part 5, I will discuss Self Service as an ITSM project.

-follow me on Twitter @marcelshaw

Three ITSM Projects for Your Five-Year Plan (Part 3 of 5): Asset Management

When I call my bank for assistance, an automated recording helps direct me to the right person. Recently, I have noticed an increase in ‘intelligent’ automated telephone assistance where the system tries to resolve my issue without ever sending me to an actual person. In my opinion this is more annoying than it is helpful. I usually end up saying “operator” over and over until I can speak with a person.

What I believe to be most helpful is when I call for assistance and the automated system recognizes me by my phone number. When IT service management solutions are able to map IT devices to their owners, service analysts can quickly determine what devices the customer has within seconds. Furthermore, integration tools can be implemented giving the analyst the tools to resolve issues remotely.

To properly map IT assets, make IT asset management one of your ITSM projects. All organizations that are dependent on technology should have IT asset management. Be sure to use ITAM principles when defining your requirements.

Also, it is important to understand there are two components to managing IT assets, Configuration Management (CMDB) and IT Asset Management (ITAM). Gartner defines the difference in a report titled ‘Configuration and ITAM Intersect in the IT Service View CMDB’.

2015-12-07_22-40-42

A CMDB is an important component of an ITSM solution; however, I am assuming that most organizations are using a CMDB. If not, then it might be a good time to start.

ITIL defines service management processes while ITAM defines asset management processes. Good ITIL practices suggest that you build a CMDB to track and manage configuration settings on IT assets that you support. Use ITAM processes to manage and track the lifecycle of IT assets.

Three Reasons to Build an ITAM Solution into ITSM

  1. IT Asset Mapping
  2. Request Fulfillment
  3. IoT

IT Asset Mapping

ITSM solutions can benefit by saving time and money when asset information is easily available to the analysts supporting their customers.

An ITSM solution should be able to tell you what your customer is using when they call for support. A verbal discovery process wastes valuable time. By mapping the IT assets to the person using the asset, the analyst will immediately be able to see hardware IT assets, software assets, software version, accounts, and warranty expirations.

Request Fulfillment

Many IT organizations are working towards automating tasks and processes that are redundant, such as ordering and assigning IT assets. For example, if somebody needs specific software to accomplish a task, an automated request and automated software delivery process can eliminate the need for an analyst to spend time fulfilling the software request. IT asset management would be required to properly track the software entitlement in order to protect the organization from allocating more licenses than it owns.

IoT

Support will be required for non-traditional IT technology in the near future; however, there is not an immediate IoT project needed for ITSM solutions because IoT is not a mature technology yet.

In a post by Forbes, they wrote that ‘Gartner indicates that the providers of Internet of Things platforms are fragmented today, and would benefit greatly from cobbling together a better ecosystem where data is shared more broadly. This issue will persist through 2018, and IT departments will likely procure more one-off solutions as opposed to integrated webs of solutions that would serve them better. As IT leaders clamor for a better way, the change will come, says Gartner.

As IoT matures, there will be a natural progression towards using ITSM solutions to support IoT solutions.

Asset Projects 1

In this example, smart technology in a lightbulb at face value might seem trivial for IT to support. However, what happens when there are 1,000 smart lightbulbs attached to a central circuit with software that is able to turn lights on and off depending on when people are in the room?

Who will support the IoT software when it fails? I believe initial responsibility will be given to the IT service organization.

A good way to prepare for IoT as it matures is to build an ITAM infrastructure that can document and track IT assets.

Summary 

IT asset management is a project that many organizations have neglected to properly define and fund. With the influx of IT assets coming into the market, it is hard to imagine controlling inventory, software licenses, and ultimately security without a proper IT asset management system in place.

BrightTALK

On November 18th 2015, I gave a presentation via webcast on this topic for BrightTalk.

In part 4, I will discuss ITSM integration and automation.

-follow me on Twitter @marcelshaw

Three ITSM Projects for Your Five-Year Plan (Part 2 of 5): Trends

I remember during school in the mid-1970s, we often enjoyed an educational film that felt like a break from the normal school curriculum. The films consisted of a projector, screen, and a large reel of film that made a loud clicking noise in the background throughout the presentation. Towards the late 1970s, I remember we began watching education films on TV using the latest technology; Betamax.

In the early 1980s, consumers were able to purchase a device that played popular movies at home. The problem consumers faced at that time was deciding which format to purchase; VHS or Betamax. At a price of $1,000.00 USD and up, the purchase of such a device was an enormous investment for most families. The ongoing debate during that time was about which technology would become mainstream, and which would become obsolete.

Initially, Betamax owned 100% of the market in 1975; however, when VHS was released, a battle for the consumer was born; so by 1981, Betamax dropped to just 25% market share in the United States, and by 1986, 7.5% market share in the United Kingdom. Ultimately, those who invested in VHS had a wider variety of movie selections available, while those who invested in Betamax stood by and watched their movie options diminish each time they went to the video rental store.

Building ITSM solutions require significant time and a significant amount of money. Projects need to be aligned with current needs as well as future technologies. For example, if an organization invests in an operating system that is not widely adopted in the marketplace, they might see their options decline when looking for software providers, integration, and expertise; similar to those who chose Betamax that ultimately had fewer options in movies. Not only is it important to understand the needs of your organization, it is also important to understand the current technology trends.

For those who are making decisions regarding ITSM solutions within an organization, it is important to understand IT trends. The reason; to stay competitive and efficient.

Trends

Trend can be defined as a ‘shift’ or ‘bend’ which in summary means to change direction or move in another direction.  

In a gated report called “Top 10 Technology Trends for 2015,” Gartner explains why it is important to monitor technology trends stating that, “IT professionals should examine these predictions for opportunities to increase their support for cost control, revenue generation, and business transformation initiatives.” 

Social Media Trends

In Gartner’s Top Ten Technology Trends report, they also claim, the rapid evolution of social media and mobile technologies is driving consumer behavior, especially with Gen Z, which grew up expecting on-demand, speedy, but flexible services.

I plan to discuss this trend in more detail on the last installment of this series.

Mobility Trends

I think it is safe to assume that mobility is no longer a trend, rather a way of life. The trend we are seeing now in the world of mobility is wearable devices. All ITSM projects need to include mobility capabilities for both analysts and their customers. Although it might be premature to create specific wearable ITSM projects, supporting today’s mobility platforms should put your solution in a better position to support the onslaught of wearables entering the marketplace.

Mobility should be a subset of all your ITSM projects. It is important to offer the same services from mobile devices as from a PC. All IT organizations should have mobility as part of their requirements when looking for an ITSM solution provider.

Cloud Trends

Cloud technology has matured; however, it still may not be ready for some organizations. Companies offering cloud solutions often tout their uptime (typically 99.99%) along with cost savings and simplified management requirements. However, be cautious when choosing this type of infrastructure. Sometimes ROI is not achieved for several years, so be prepared to make a long term commitment to your solution provider if you wish to see that cost savings.

Also, consider that your data is with a third-party. Make sure you understand the termination provisions if your organization and provider part ways.

Security can also be an issue, especially if your organization has to meet government requirements to protect personal data. Who will be responsible if there is a security breach and consumer personal data is stolen? Who will pay for the lawsuits and government fines?

I believe cloud technology has significantly improved over the past couple of years; however, it may not be the right solution for all organizations. I will discuss this in more detail in part 4 and 5.

IoT Trends 

Many experts believe that IoT devices could reach up to 50 billion by 2020. There is no doubt there will be a market disruption as IoT begins to flood the markets.

With IoT, access to systems and applications is provided using Identity and Access Management (IAM). However, traditional IAM solutions are not capable of dealing with the relationship and access requirements that come with IoT. Therefore, the Identity of Things (IDoT) is an extension of IAM that applies a unique identifier (UID) to IoT devices/objects, which allows you to control relationships and access between IoT and other entities inside and outside of your organization.

How IoT Trends apply to ITSM Projects

In the near future, I expect ITSM solutions will be required to support IoT along with IDoT. Presently, IoT APIs are too segmented to begin building a specific ITSM project around IoT. Funding such a project would be risky and could waste money. However, service managers can prepare for the oncoming IoT technology surge with the right projects in place. I will discuss this in more detail in part 3 of this series.

On November 18 I plan to introduce three key projects that will help you meet ITSM demands over the next five years while building an infrastructure to support ITSM demands that are expected in the future.

BrightTALK

The three ITSM projects I will discuss during my webcast are:

  1. Asset Management (Part 3)
  2. Business Process Automation and Integration (Part 4)
  3. Self-Service Portal (Part 5)

-follow me on Twitter @marcelshaw

Three ITSM Projects for Your Five-Year Plan (Part 1 of 5)

Several years ago, when we purchased our house, I envisioned doing several projects around the property, yet here I am almost five years later and everything is still as it was when we purchased. Projects require planning, which is where I failed.

I remember growing up, we had a neighbor with an unusual man-made hole in the ground next to his home. It turns out that he was building a swimming pool. In fact, he finished it six years ago. The problem with his project is that he started it 25 years ago. This is a good example of a poorly planned and underfunded project.

It is important to properly plan your projects with timelines and a completion date. But more importantly, the project needs to be properly funded.

IT support covers all types of business and government organizations. Projects that define, enhance, or upgrade the IT infrastructure are a part of everyday life for IT employees. The people responsible for choosing and planning projects often put their careers on the line depending on the outcome and success of the project.

With the adoption of the internet in the mid 90s, Dell aligned their strategies and IT projects to build a streamlined process to sell computers directly to the consumer market, cutting out the middle man. Competitors eventually followed Dell’s lead; however, by then it was too late, Dell surpassed Compaq to become the largest PC manufacturer in 1999. Operating costs made up only 10 percent of Dell’s $35 billion in revenue in 2002

Many careers were ruined inside Dell’s competitors. Those who failed to see the power of the internet cost their companies millions of dollars in market share by not funding projects to make them competitive.

Commercial organizations that choose the wrong IT strategy will fund the wrong projects and quickly fall behind their competitors. Government organizations that define the wrong strategy, i.e., fund the wrong projects, become inefficient, ultimately costing officials their jobs and/or the elections.

With regards to IT Service Management (ITSM), how should you build solutions today so that you can meet the demands of tomorrow?

In a report published by Software Magazine called “The Future of ITSM”, they claim the following:

“Our data shows that the top three strategic priorities for ITSM teams include improved user experience for internal service consumers—end users, improved operations-to-service desk integrations for incident and problem management, and improved operations-to-service desk integrations for configuration and change management. All three data points call out for stronger operations-to-ITSM integrations—in terms of workflow, analytics, and automation, as well as effective role-aware visualization”

When defining ITSM strategy, you can look to technical magazines, blogs, and analyst reports; however, the information overload might be overwhelming. There are many opinions about what you should do to meet the demands of today while keeping up to date with the technology of tomorrow. Buzz words such as cloud, IoT, social media, and mobility, amongst others, are in the headlines of almost every technical article in the media.

BrightTALK

On November 18, I will be presenting via webcast for BrightTALK on how three key ITSM projects will enhance your current service management requirements while preparing you for your service management demands in the future. In addition to the webcast, I will post a five-part series, this being part 1.

In Part 2, I will continue to discuss the trends. I will also introduce my recommended ITSM projects.

 

-follow me on Twitter @marcelshaw