Tag Archives: Asset Management ITAM

It’s Time to Add IT Operations Analytics (ITOA) to Your ITSM and ITAM Solution

Several years ago, after playing a pickup game of basketball, I felt some discomfort around my right shoulder. Six days after my basketball game, the discomfort I was feeling in my shoulder escalated to the point where it hurt to breathe. At this point, it was time to go to the emergency room. Once I arrived, there was a sense of urgency coming from the emergency room staff as they hooked me up to an EKG.

Within minutes, it was determined my heart was fine so I was sent for a chest X-ray. Shortly after the X-ray, they performed an MRI on my chest. Finally, I was given the news; I had pneumonia with pleurisy. I had fluid in my right lung. As a result, I spent a week in the hospital and I was treated accordingly. Without X-ray and MRI technology, things could have gone really bad for me.

Recently I evaluated a fascinating technology; IT Operations Analytics (ITOA). The best way I can explain ITOA is to compare it to an X-ray or MRI. It is a technology that will give you a deep look inside the inner workings of your network. ITOA uses pattern discovery techniques that will help identify issues on your network that you would not otherwise identify. Much like an X-ray or MRI, you will have a deep visual view of your network that will help quickly identify problem areas. It also may help you see potential problems occurring on your network before they become evident.

After installing this technology on 1,000 devices, we immediately noticed several issues. For example, we looked at applications crashes across the network.

App Crashes

We also looked at ‘applications crashes by device’ and compared that data to the ‘top application crashes’ information.

Crashes by Device

As we continued to navigate through the different modules in the console, it was apparent the information we were looking at was extremely valuable. Although we only had 3 days’ worth of historical data, we were able to cross reference data and make some preliminary assumptions of problems affecting the entire network. ITOA vendors caution against making such assumptions, so we contained our excitement, but make no mistake, we were ITOA’s newest converts.

We were excited because IE9 crashing just once on one PC would probably go unnoticed by IT services. IE9 crashing on one device numerous times could still potentially be missed, unless the end-user opened a support incident with the IT department. IE9 crashing several hundred times on 50% of your devices would certainly be a problem in the eyes of IT support. ITIL Service Desk systems are designed to recognize multiple incidents with the same issue as a ‘problem’. However, ITIL Service Desk systems are reliant on the end users to open the incident, which is how IT support usually becomes aware of a problem.

By adding ITOA technology to an ITIL service desk solution, we noticed how we could see the problems in real time. We saw the potential of identifying issues before the users even experienced a problem. We could see the vision of how this would allow us to proactively post issues to the support desk notice boards so that we could focus on a resolution.

We imagined how we would be able to help so many end-users who suffer in silence. Those who accept lagging performance as the norm. Those who simply learn to deal with an application suddenly freezing once or twice a day, sometimes causing loss of productivity. Most likely angering the end user, making it unpleasant for their co-workers who are sitting nearby. We could see how using this type of technology could make people happy and nice again…maybe I am a little too excited, but as I said; we saw the hopes and dreams that could come from using ITOA technology.

We were able to see how we could use this type of technology to ‘rule out’ problems. When I went to the emergency room, an EKG ruled out a heart attack. Once that was ruled out, the medical staff focused on something else.

Never underestimate the power of ‘ruling out’ something while troubleshooting network problems.

The ITOA product we used in our evaluation also had a security module. In the short time we had to collect data from the network, we picked up web traffic to and from specific countries.

Non-Trusted Sites

After looking at this data, we notified the security team who are now investigating. ITOA solutions allow you to raise alerts and send them to your ITSM solution so that the appropriate team is assigned to investigate suspicious activity. Furthermore, ITOA solutions can enhance the security posture on your network by analyzing and reporting suspicious activity coming from end-user devices.

As we continued our journey through the console, we were able to see devices with potential hard drive problems, devices that had hard resets, devices with application crashes, and devices with less than 3 GB of space available.

Problem Devices

We were also able to go back in time by looking at the historical data to see when devices were added to the ‘Devices with Problems’ list. For example, we noticed out of the 29 devices that had a potential HDD failure, 2 were added within the last 24 hours. We went deeper into the findings and we could see the model, the user, and all the information about the device that our ITAM Asset Management system had collected. We learned that all the devices were still under warranty.

Pattern Discovery Methods

Pattern Discovery Methods used by ITOA solutions include rapid rule-based analysis of wire data, hypothesizing of specific probability distributions to explain the occurrence of application and infrastructure performance statistics, discovery and analysis of system topologies, keyword search and string analysis of polystructured text/log files, and slicing and dicing of data organized in high-dimensional cubes.

Gartner stated in Seven Errors to Avoid That Undermine IT Operations Analytics…“applying many different pattern discovery techniques to the same dataset will yield better results than applying one or two. Hence, it is advisable to favor solutions that offer a broad range of techniques and, with regard to one’s own practice, better results will usually be obtained by looking at a given dataset through the lenses of multiple pattern discovery mechanisms.”

As I spent time looking at how industry analysts view the ITOA technology space, it was evident the amount of data collected by this type of technology would be enormous. According to most analysts, the level of skill that will be required to provide accurate analytics will be that of a data scientist.

For companies planning to implement ITOA technology, Gartner stated in a gated report:

“Plan to Add Data Scientists to Your IT Operations Staff over the Next Two Years at Normal IT Operations Professional Remuneration Levels”

Gartner also noted in their report titled Two Distinct ITOA Submarkets Provide Different Benefits to Enterprises that in 2013, one out of every 5,000 master’s-level degrees was awarded for studies related to data science; however, by 2015, that ratio is likely to rise to 10 out of every 5,000. –yet another indication of how this IT marketspace is becoming main stream. Data scientist’s compensation will soon align with that of IT professionals.


I strongly believe it is time for larger companies to start looking at ITOA technology as a part of their ITAM and ITSM solutions. The ROI will be apparent very quickly to companies that evaluate these technologies. However, it is important to hire people that can interpret the data so you can maximize the return on your investment. Finally, make sure the solution you choose will integrate into your ITAM and ITSM solutions.

-follow me on Twitter @marcelshaw


A government agency in Washington, D.C. was informed of a hard drive recall because a certain type of hard drive in their new PCs’ could overheat and potentially start a fire. The PC vendor had three hard drive suppliers and only one of them reported hard drive issues. As a result, the government agency had to open 3,000 PCs to replace 1,000 hard drives.

If you figure it took 10 minutes every time a PC was opened to verify the type of hard drive being used, then 20,000 minutes (333 hours) was wasted opening PCs that did not actually have a hard drive issue. With asset management tools in place, the agency could have created a report that displayed the names of all the PCs with the defected hard drive.


After replacing all hard drives, asset discovery tools would also have discovered the new hard drives as soon as they connected to the network. Remember, just because an asset was added to the management database does not mean it is being tracked. An ongoing asset inventory process is needed to track an asset.

Asset discovery should not be a one-time event. It should be a continuing process that runs on your network. Asset discovery tools provide details about your IT assets by taking inventory of all the asset components on a regular basis, then reports the information back to a central database. Without tracking, assets are easily misplaced or lost.

In one study, laptops were reported to have a 5-10 percent chance of going missing during their lifecycle. Theft accounted for 25-40 percent of those missing laptops. The rest were simply missing. Ongoing inventory processes with most asset management systems will flag assets that stop communicating on the network.

IT Asset Management starts with choosing the right asset discovery tools. To make sure you have a tool that can discover and track the asset for its entire lifecycle in your organization, use the following checklist to define your IT Asset Discovery tool requirements.

The IT Asset Discovery Tool Checklist


Discovers Hardware Details

Choose discovery tools that give you detailed information about your devices. Information, such as part numbers and serial numbers for all the components that make up an IT asset, is not too much to ask. This type of information will come in very handy in the event of a hardware recall.

Discovers Software Details

Choose a discovery tool that can tell you about the Firmware, Drivers, Operating System, and the Software installed on all your PCs and laptops. At face value, you may not think that having this information is important for your security requirements. In actuality, having the ability to verify versions of your software is directly related to your security baselines.

Many older versions of software do not meet current security requirements. Security tools that keep software applications updated often do not account for additional installations of older versions of that same software on the same machine.

Also, do not forget about those software audits, which can cost your organization lots of money. It is important your discovery tools have the ability to give you an accurate inventory of all installed software. You need to know the version installed and the name of the PC or laptop where it is installed. I will discuss software audits in much more detail in an upcoming blog.

Checks-in Often

The asset information in your database is a snapshot in time. The accuracy of your asset information deteriorates over time. For example, imagine it has been a week since your PCs and laptops have checked into the asset management database. If you run a report today to see how many installations you have of a software application, your report will be a week old based on when the asset data was last updated.

Asset Management tools need to “monitor” the assets and report back on a regular basis. It is important to have a report that tells you how long it has been since an asset has checked in. Assets that have not checked in for several days should be flagged and investigated. The asset data should be in question and investigated until the asset is recovered.

Tracks Assets over the Internet

Many organizations allow their users to take their laptops with them for business travel or to work at home. When asked, many IT administrators feel confident about the accuracy of their IT asset information, including the security posture of those assets with one caveat, the remote users. It is important to have asset discovery tools that continue to monitor assets even when off the internal network.

Choose tools that can use the internet to connect to those assets to get any updates or changes. Many IT asset monitoring agents can be configured to “call home” using the internet. Make sure the discovery tools you choose meets this requirement. Simply waiting for the end-user to VPN on to the network so that you can get any asset updates is inefficient and unreliable. Tools that connect and update the asset management database each time the user connects to the internet should be the requirement.

Tracks Asset Changes

Choose asset management tools that can detect changes to your hardware or software. To minimize network traffic, only changes should be sent over the network to the asset management database.

Avoid tools that send ALL of the asset’s information each time the asset checks in to the asset management database. This can cause additional network traffic.

Tracks Location

Choose asset discovery tools that have the capability to provide the location of the asset. Determining the location of the asset can be done by looking at the IP address and mapping the address to the actual location. You could also track the asset location by the associated end user.

No matter how you locate the asset, choose an asset discovery tool that can provide a way for you to locate the asset you are managing. If the asset is off the network, then you should at least know who has it and that the asset is “remote.”

Eliminates End User Disruption

Choose a tool that prevents the end user from interrupting the ongoing processes and communication with the asset management database. The best way to prevent users from interrupting the asset management procedures is to make the solution transparent. If the local agent software is interrupted or removed, the asset tool should have the ability to detect and repair the local agent so that it can continue to report on the state of the asset.


The foundation of IT Asset Management is collecting all the asset information. Choose discovery tools that detect both hardware and software. Utilize discovery tools that keep the asset management database up-to-date by monitoring the assets for any changes to hardware and software. Make sure the tools you choose work on the internal network and over the internet. To ensure accuracy, implement measures to prevent users from interrupting the asset discovery tools. Remember, not only is it important to know the asset exists, it is also important to know where it is located.

Follow me on Twitter @marcelshaw

IT Asset Management, a three tiered approach (Part 2 of 4)

4 Steps to IT Asset Discovery, tier 1 of IT Asset Management 

Collecting IT Asset information is the first tier of an IT Asset Management strategy. This is where you build your database with IT assets that will be tracked. It is important to have a strategy for collecting, storing, and monitoring IT Assets. To begin your IT asset management project, start with these 4 steps to successfully collect your IT asset information.

First, you must define IT assets that need to be collected. Second, you need to identify IT assets that need to be monitored. Third, choose scanning tools that meet the requirements defined in step 1 and 2. Fourth, choose an IT Asset Database that allows you to add and map custom fields

1.  Define IT Assets that Need to be Collected

Define IT Assets that will be managed and added to the IT asset management database. Start by identifying assets controlled by the end-user. PCs, laptops, mobile devices, and associated software applications are often lost or misplaced overtime when not accounted for in an IT asset management solution. Next, consider tracking printers, network devices such as routers, switches, servers, and storage with their associated applications.

  1. Identify IT Assets that need to be monitored

The level IT of tracking applied to an IT Asset will vary. A good way to differentiate the level of tacking is to have “monitored” devices and “un-monitored” devices.

Monitored devices will generally be the devices controlled by the end user like a laptop or PC. These assets are usually at most risk for security attacks. Monitored devices generally need a service or client that runs on the device. The monitored device needs to be able to report changes quickly since it has to react to change. Servers and their associated applications should also be considered for monitoring.

Unmonitored devices would be devices that are generally controlled by IT such as network printers, routers, and switches. These devices are usually changed pro-actively. Network devices under the control of the IT Management system should still follow ITIL principles relating to Configuration Change Management. Remember, “Un-monitored” refers to the level of tracking, not to be confused with monitoring/managing software that may be used to configure and alert on the health of the IT Asset.

Mobile Devices will usually fall somewhere between “monitored” and “un-monitored” but whatever is decided, they need to be tracked. At a minimum, IT needs to know what mobile devices are connecting to and accessing the organization’s data.

Integration between your ITSM solution and your asset management solution should be part of your strategy. If an IT asset is serviced, the incident management tool should be able to view details about the asset from the asset management system. For example warranty, contract information, and installed software may be helpful to an analyst working the incident.

  1. Choose the right Asset Discovery Tools

Agent-based Asset Discovery tools have the ability to discover everything that is connecting to your network. They also have the ability to collect detailed hardware information including manufacturer and part numbers from various components of an asset.

For example, in addition to being aware of a laptop, information about the memory, hard drive, and monitor can be available to you if and when you need it. Furthermore, asset tools can provide you with the Operating System (OS) information running on the laptop and any software application installed.

Choose a tool that can do network discovery by accessing network directories such as Active Directory, that can do ping sweeps and even listen to network management protocols such as SNMP. You want to know an asset exists and the type of asset discovered

The tool you choose should also allow you to manually input IT assets into the management system, often using forms. For example, a smaller company may want to track the lifecycle of assets but are not concerned with detailed information beyond the fact that it exists. A form can be created for end-users or an admin to enter the required information into the database.


Be sure to choose a tool that can import the IT Asset data from an external data source. Make sure the software can talk to external databases. Because spreadsheets are the most common tool used for IT asset management in organizations today, it is important to have the ability to access data from XML files, Excel files, or delimited-ascii files.

Many organizations use scanning tools such as barcode scanners and RFID scanners. When building IT Asset Management, integration with mobile scanning tools should also be a requirement

  1. Identify the Best IT Asset Management Database

When you consider gathering the IT Assets with all associated components and software, the amount of data collected can be extensive. As you prepare for tier 2 of IT Asset Management, you will want to carefully choose your asset management database and database tools.

Make sure the tools you choose allow you to extend the database with custom fields. For example, you may want to know the name of the person who scanned in a device with a barcode scanner.

If you cannot customize your asset management database to accommodate your requirements, then you are restricted by the limitations of the database. IT Asset Management Database tools must have the ability to add custom fields, to map IT assets to custom fields or link IT asset information to external sources. For example, you may want to link a mobile device to its associated account and service provider.


Processes defined at tier 1 are designed to get your IT Assets into your IT asset management solution. Processes defined at tier 2 normalize the database tables for consistency and accuracy. Tier 2 processes also map IT assets to other IT assets or to custom data that you define. Processes defined at tier 3 are aligned with ITAM principles for tracking the lifecycle of the asset.

The more information you collect and properly manage at tier 1, the better prepared you will be when implementing tier 2 and tier 3 of your IT Asset Management solution.

see also:

IT Asset Management, a three tiered approach (Part 1 of 4)

IT Asset Management, a Three Tiered Approach (Part 3 of 4) -Three Keys to IT Asset Management Intelligence

Follow me on Twitter @marcelshaw