Panel Discussion - Seven Pillars of a Modern Hardware Asset Management Practice
25 aprile 2018
Martin Thompson | Owner and Founder, The ITAM Review | The ITAM Review
Todd Hogan | Product Manager | Ivanti
Darren Wilensky | Product Manager | Ivanti
In this educational webinar, Martin Thompson, founder and analyst at The ITAM Review, and Ivanti Product Managers Todd Hogan and Darren Wilensky will explore seven major areas of consideration for building a solid Hardware Asset Management (HAM) Practice.
In the webinar, Martin will unveil the HAM survey results fresh from the press and discuss these with the panel.
The panel discussion will cover:
- HAM accuracy and the knock-on business benefits
- Setting scope and justifying the investment of a HAM practice
- Managing the relationship between users and myriad device types - corporate and BYOD
- Delivering performance metrics that demonstrate business value
- Major process areas to consider
Mareike: Welcome to today's webinar entitled Seven Pillars of a Modern Hardware Asset Management or HAM practice. My name is Mareike Fondufe and I'm part of the product marketing team here at Ivanti. We thank you for taking time off your busy today to attend and learn about hardware asset management. Before we get started, just a few housekeeping items. If you have any questions during the webinar, please use the Q&A panel or chat windows and we'll try to answer as many questions during and at the end of the webinar as time allows. Or we can also get back to you per email on some of the questions. We will be asking a few poll questions in the beginning to gauge your interest and experience at hardware asset management so that we can then deliver the right depth of information for you. We encourage you to actively participate in those three very short poll questions so the content presented today will be of most value to you. Today's session will also be recorded and we'll send the slides and the recording links to you afterwards.
All right. So now I'd like to introduce to you today's presenters and panel. We have Martin Thompson on today who is the owner and founder of The ITAM Review, which is an online resource and community for worldwide ITAM professionals. Martin is an independent ITAM consultant for organizations seeking independent guidance and some ITAM strategy or ITAM tool selection. Martin also reviews tools, technology and services in the ITAM market. In the webinar today, Martin will cover the results of a recent survey that The ITAM Review conducted. Everything around hardware asset management and will summarize these findings [inaudible 00:01:58] part of the seven pillars of HAM.
Joining Martin today are Darren Wilensky and Todd Hogan. They're both product managers here at Ivanti. And you will hear about their experience on both ITAM from a compliance perspective and lifecycle point of view. Darren has over 18 years of experience in IT and his focus has been on providing technical and software solutions in the IT service management, IT asset management and IT operations management space. Todd Hogan is also a seasoned professional with over 20 years of ITAM related business value, leadership, and product development experience. Todd's passion is to define, build and deliver business value solutions. And he believes that a solution must always deliver measurable business value in terms of TCO and ROI and will definitely focus on this as part of the discussion today. So without much further ado, Martin, Darren, and Todd, please take it away.
Martin: Great. Thank you. Thank you to the Ivanti team for inviting me along to the webinar today. My name is Thompson from The ITAM review and I'm [inaudible 00:03:14] to take you through these seven pillars. So as was mentioned, this is the result of some research we've done with ITAM Review readers. And ITAM Review readers are basically hardware asset managers, IT asset managers and software asset managers globally in our community. And we're asking them the questions around the best practices and what they were struggling with and what they were doing well and so on and so forth. And we boiled that down into what we call seven pillars, so seven fundamental steps of a hardware asset management practice. So we're gonna take you through some poll questions to learn more about you and your practice. We'll go through the seven pillars in each...step by step. And throughout the pillars, we'll also look at the business benefits. This is a major area missing from a lot of your practices is the actual reporting of the business benefits. So we'll dig into that and hopefully leave you with some key takeaways about how you can maybe start to make a difference in your practice. And as was mentioned by the Ivanti team, we're very much open to your questions. Please fire them into the chat box and we will endeavor to answer them either today or by follow up. Next slide please.
Mareike: Okay. With that, we all move into the polls. You should be seeing a screen pop up on your site. We have three questions prepared for you. The first one is about your experience. So what is your experience with hardware asset management? Are you just starting out and beginning to learn about hardware asset management? Have you been practicing for a while or are you a seasoned black belt in that category? So it would be great if you could take some time just to answer that question.
Martin: I was actually asked by somebody once, "Is there a black belt?" Because we asked a similar question and they followed up just say, "Where can I get a black belt?" There isn't a black belt in hand that I know of but I'm sure we could create one.
Mareike: Perfect. I'm just gonna read out the other two questions as well as we're gonna look at the results of the polls at the end of the three questions, so just that you're aware. Second question will be around the different tools you're using to track assets in your organization. Do you have any tools in your organization right now using 1 tool, 2 to 4, 5 to 10, or are you using many different ones, 10 plus to track the different assets that you have in your organization? Gonna keep that poll open for a while.
Martin: It would be interesting to know as well for those on the call, why is it that you've got more than one? You know, I'm trying to imagine what the issues are but it would be good to know why you've got more than one solution and what other issues are there.
Mareike: Okay, and then moving on to the third question, how many resources do you have dedicated to hardware asset management in the organization? Are you sharing that responsibility in the team or do you have the dedicated one to two resource, three to four, or more than five? Give you some time to answer that question. All right. I think with that, we can close out the polls and look at the results and then maybe Martin you can respond to the results. Takes a while to load. Okay. Martin, are you able to see the results on the screen?
Martin: I'm just looking, how many... No, I can't see them very well unfortunately.
Mareike: Okay. So I'm gonna read out to you... This is the results for how many resources do you have dedicated to hardware asset management. It shows that 27% of our audience have 0 resources. Forty one percent of our audience have one to two dedicated HAM resources. Twelve percent have three to four resources dedicated and 20% of our audience actually have 5 or more resources dedicated to hardware asset management.
Martin: Right. So we've done a number of surveys over the years around the team size for an ITAM team versus. Obviously it depends on the size of the environment so I imagine there's obviously lots of different size organizations on the call. Obviously, the most striking thing here is that maybe almost a third of you have nobody doing this, which is quite surprising really. Maybe, you're on this call because you're embarking and looking at hardware asset management. But as we go throughout the seven pillars my belief is that you can't do security, you can't do SAM, you can't do a lot of things without hardware asset management. So if you have not got dedicated results and you've got a relatively large environment, I think it's definitely time to have a look at it and we'll go through that through the course of the webinar.
Mareike: Eric, can we just play the results for the first two questions. Okay. The on line with the resources question, the results of the, what is your experience with hardware asset management shows almost 60% are just starting out with HAM, 35% have been practicing for a while, and 5% are a black belt in HAM.
Martin: So maybe throughout the course of this presentation today... I mean, for me, it's all about building a business plan to say how are we gonna justify doing hardware asset management, what's the return and how are we gonna measure it as we go forward. And hopefully, you all will be able to walk away from today's webinar with that in mind. And if not, if you need some further guidance, then please [inaudible 00:11:14]. And there's another question, is regarding the tools. I'll just bring this up.
Mareike: Correct, yes.
Martin: How many tools do we use to track and I think the largest number is 2 to 4.
Mareike: Yes, with 66% of the audience, yeah.
Martin: And part of any inventory and hardware asset management plan is how do we go about collecting inventory for our entire environment. It's gonna be desktop, it's gonna be data center, it's gonna be cloud, it's gonna be mobile, tablet, and so on and so forth. And it's very rare to find technology that can crack every single, you know, touch point in your environment. And the reason we see a lot of tools as well is because of politics and history and, you know, you might have bought a company or you might have, you know, a country that used to doing their own thing, or, you know, there's different reasons why people are using different tools. It's not just about the technology. There's a lot of history involved, and different preferences in different departments and so on and so forth. So it's a case of bringing these datasets together to get an actual picture.
Mareike: Great. Well, thank you everybody for participating in these poll questions. I think there's very important insights and we'll make sure we'll address the content of the presentation today as well. All right. Then we'll move on to the [inaudible 00:12:48] Martin.
Martin: Thank you. So as I said, this is the result of questioning our ITAM Review community around what they're doing around hardware asset management. And we've boiled them down into seven key areas. And the first two are fundamental building blocks of hardware asset management. They're to do with accuracy. So it's the breadth of your coverage and the depth of your coverage. And I'll explain what I mean by those as we go throughout the webinar. We've then got ownership, so who owns the assets and that's very important from an ITAM point of view, but it's also important for security and it's also increasingly important for software licensing. We'll then go on to naming conventions. So we need to be able to actually identify our assets in the environment. And sometimes, naming conventions can actually help you address some of your challenges as well and we'll go into that. And then as I mentioned, the much overlooked area is the business plan and the performance metrics. How are we gonna monitor what we're doing, how well we're performing, and the return we're delivering. So how are we gonna show value? So we'll dig into that. We're gonna look at the major process areas to consider, how to look after these assets throughout their life cycle. And then the final pillar is the teams involved. As with all things ITAM, you can't do this in isolation. You can't sit behind your desk. You need to go out to the rest of the business and engage with different stakeholders. And we'll sort of talk about the key stakeholders involved and what value you bring to them throughout the course of the webinar. So hopefully by the time that you...the goal really is that if you've addressed hardware asset management throughout those seven areas, then you can have a pretty solid strategy in terms of hardware asset management.
So my first pillar is the breadth. So the goal with this is to show accuracy. And when you're looking at breadth and you're continually reviewing the breadth of your accuracy on a month to month basis, really good things start to happen. It really drives positive change. And the goal here is in layman's terms is if you say you've got 1,000 devices or 10,000 or 100,000, how do you know? How do you know that that number is accurate? You know, we need to make sure that the accuracy underpinning all of our hardware asset management practice is absolutely accurate. So the best practice around this, if you're not already familiar, is to first of all identify a source of truth. So what's gonna be your fundamental data source for hardware asset management. Now, that might be an inventory tool, it might be a asset management system, it might be all sorts of different things. But you need to identify one data source as a source of truth. And then, ideally, on a monthly or quarterly basis, whatever suits your business, we need to be comparing that data to other data sources. And that allows us to identify what we're missing, how accurate the data is, and, you know, exceptions that are happening in our business. So for example, you might have an inventory source and that might be from Ivanti or whoever and then you might compare that to your software delivery platform or SCCM. And the goal would be, is you're gonna have some data that's in the inventory tool, you're gonna have some data that's in SCCM, but the majority should be in the point C on that Venn diagram which is in...they're in both. And ideally, you wanna find, you know, that the SCCM team is gonna wanna know about stuff that you've got in inventory that's missing from SCCM and vice versa. And if you can report on that on a regular basis and continually improve it, really, really good things happen. And the best practice is to say you really ought to do that across three datasets. So maybe you've got inventory, SCCM, and active directory or maybe you've got antivirus, or, you know, somehow there's enterprise data source. And again, you've got, then, you know, machines that exist in active directory and they exist in SCCM but they're not in inventory. And through those three datasets and continually refining it, you end up with some really, really accurate data. And you need a process for obviously managing these exceptions so when you identify a machine that's not in one of these data sources, how do we do that? Do we raise a ticket? Do we, you know, send it to the SCCM team or whatever you need to do? You need to put pressures around it but really good things happen. And the data is also gonna get more and more accurate over time and that increases your reputation, increases your standing in the business, and it gives you some really, really powerful data to make some smart decisions. And a way of justifying this from a business case point of view is just to think about the size of your environment and think about the cost of the average device. So let's say that you have 10,000 assets and 5% of them, you can't see, you know, they're missing. So that's five, and according to my math, my back [inaudible 00:17:58] math, that's 500 devices are missing. And let's say that they're $1,000 each, by the time you put the hardware and the software together, they're $1,000 for argument sake. So that's half a million dollars already of devices that you can't see. So my question to you, when you're building your business plan, is when you go to your senior management team is how much risk can you tolerate because we've got half a million dollars' worth of assets are missing, not to mention the data that's on all of these devices with company data on it. So I would say this is the first pillar that you really need to think about is the breadth and the accuracy of data.
If I could pass to Darren and Todd on this, what's your recommendations here for getting this right? A lot of our readers were actually doing this quite manually, what would your recommendations be around this?
Darren: Hi. Darren Wilensky here. I think that the biggest thing to look at is really look at the different sources of...you've identified your source of truth for inventory, for discovery, for active directory, wherever you're getting your organizational data, your people, your locations, your cost in those business units, is to look at how those things are integrated. So am I truly bringing over data that's normalized, data I can use and sits in well across the board. So I have my inventory tool or my AMDB, or SAMDB, whatever it may be in your environment. And so that is basically a collection of the other two sources as well as other data sources you're pulling in. And do I have mechanisms to reconcile against my users, locations, mark up directory? Do I have a sufficient method of reconciling against machines from inventory and am I certain of this? So setting up exception reports, being able to be notified when something is missing or I've created a duplicated entry or for things of that nature, really important to have an accurate inventory of your estate. So when you're looking at these different sources, it's important to really understand the data you're pulling and where that data...how can you translate it and ending up into inventory where you have that full visibility of the assets. So I would say setting up those exception reports but making sure they're the right type of exception reports, making sure that you're looking at them often and understanding as soon as you have a break down how do you address that.
Todd: Hi, everyone. This is Todd. I think another thing you should consider when you're thinking about inventory is that if you don't know what you own, it's pretty difficult to manage it. So we need to make sure that as part of our inventory, we understand the acquisition of those assets because if you've purchased 1,000 of them but you can only find through discovery 750 of them, then that's where those exception reports that Darren was just referring to come into play. So a very important part of this is understanding what you've purchased, and having good integration with your purchasing records.
Martin: And obviously, the security team is gonna be very keen to know the fact that you've got 250 devices missing, you know, and your other stakeholders that are really interested in this stuff, aren't they? So if we could go to the next slide please. So my next pillar that we're looking at is hard... So we've looked at hardware actually in terms of breadth. So if I've got 1,000 machines, have I actually got 1,000 machines. The next area is around the depth. So this is about your hardware asset management fields. And it is very easy to get carried away with this because it all looks very interesting and, you know, can easily end up tracking 1,000 different fields for a laptop or a server. And you have to consider that every field that you're collecting and you're tracking, potentially has an overhead. So, you know, recommendation here is really to take a step by step approach because when you first start doing this, it might not be manageable amount of data, you might get a fire house of data coming at you. So, for example, if you wanted to say, you know, "I expect Fred's machine to have a gig of ram in it, for example, and I wanna track and I wanna exception report of all of the machines that don't have that same, you know, amount of memory that I'm expecting," you might get an enormous amount of devices coming through that's completely unmanageable. So it might be a case of just stopping the bleeding and slowly refining things rather than tracking everything or field in every single asset. I mean, the idea is to say that measuring my actual device versus what I expected to be there in my asset register or my CMDB or whatever is you're using and you need to consider how much noise am I gonna get and much...if you're gonna be able to manage it. You also need to think about the scope of what devices you're going to manage. So some people will say, we're only gonna track things if it's got a Mac address or we're only gonna track things if it costs over $1,000 or $500 or whatever it might be. Or we're only gonna track things with, you know, certain criteria, because you can't burrow[SP] the ocean and there's gonna be certain areas in your environment that are just too difficult to do or too, you know, not worth the effort and so on and so forth. So you need an overall imagery strategy to decide what you're going to do.
We'll come on to ownership later but you need to think about how am I gonna manage the ownership of a device as well. So am I gonna manage that via some sort of CMDB or, you know, use a management system or active directory or within the device record itself or am I just gonna say, "Actually, you know what? For now, I'm just gonna track who is the last logged on user," because that will give us enough of indication of who owns it. So just think about your high-level strategy in terms of what we're gonna be tracking. Best practice here is lock it down. I would hope that most of you have locked your desktops and tablets and whatnot down anyway. So if anyone can't just stick in any odd software on there and rip out a piece of hardware. The second best practice and I expect most of you will be doing this or if not, they've got it planned is know how to make your request systems as some form of shopping cart or service request system because that basically allows you to collect management approval and authentication and check whether...if you're gonna have software and hardware before you deploy it. And in the data center and in any cloud environments, you need some sort of change control in place. And that will help you with a lot of this accuracy because devices will only change, in theory, when you've given them management blessing to do so. So you really need some thought about what you're going to do at a high level before you dig into the weeds of all the different data fields.
That being said...if I could move on to the next part of this slide, please? That being said, what I've given here is these are the most popular fields from ITAM Review readers and just some things to think about. And these are the most common fields that people mention. And in the brackets is the key stakeholder that will find this valuable. So for example, operating system version and patch level would be particularly interesting to security and, you know, warranty expiry dates would be interesting to procurement. And if you're doing data center software asset management and licensing, then the make, the model, the CPU is, you know, the power of the device, the [inaudible 00:25:58] is useful, you know, the vendor is interesting for procurement and so on and so forth. Just to sync it out rather than scripting a mindless list of different data but what am I gonna use this, how am I gonna use this, and who is gonna find it useful? So, again, Todd and Darren if I could come to you, we've discussed before about proactive asset management, what does that mean in this concept here?
Todd: I think, you know, as we talk to customers around the globe, we often hear very simple things that they really need to get started with, that 80-20 rule. And so the list here that you've provided, Martin, is excellent because sometimes we see customers wanting to take this to a very complex level and complexity can really hurt you as you're trying to roll out a program. A lot of times, I will talk to executives and they'll say, "Look, I have a simple problem. I don't know what we have, I don't know where it's at, and I don't know who's using it." So you'll notice there that there's some information that Martin's identified about who's the user, where's the location of that asset. And then being able to just get your arms around a report that says, "Here's where all these assets are. Here's who's using them," is extremely valuable to your executive team and to the security team, just having an idea of where those assets are. So don't be over complex with your design. Go for the basics and it is a journey. It's gonna take you 18 months to 3 years to develop a really successful program. But there's victories all along the way. So don't be afraid to just start with the easy things and mature as you grow.
Martin, are you speaking? We lost you.
Mareike: Okay. There seems to be an audio issue. Martin, can you hear us? Todd or Darren, if you wanna talk a little bit about the next pillar until we get Martin back.
Todd: Sure. As I was just saying, one of the key things that when we talk to people around asset management is they'll say, "We just don't know what we have and we don't know where these assets are allocated." So you'll see here that the very first bullet is really important and that's being able to say, "Where's the asset assigned to? Who's using it?" And then I wanna run a report. I wanna be able to say these are all the assets that are being consumed in sales. These are all the assets that are being consumed in marketing or for this business line. And being able to provide that information, is where you can now run those exception reports and send it out to a business line manager that says, "Look, we believe these are assets that your team are using," and then that sense of accountability kind of happens where, you know, you can get response back from individual managers saying, "I haven't seen that asset. My team is not using that asset," And you can begin to manage that through a series of exception reports. So, you know, we talk about... Oh, are you back, Martin?
Martin: Yeah, sorry about that. I lost the connection. Sorry. Sorry, everyone. So I just wanted to thank you for taking over. From my point of view, ownership is particularly important when we need to take action because, you know, you might track an asset for years but when something goes wrong, you know, it might be a security issue, it might be a breach, it might be an asset that's gone missing, then we really need to know who owns this device. And if you've only got the name from when you first issued the device five years ago and it's not been updated which is what people typically do, then you're gonna be in serious deep water. Darren thought the user-based licensing is particularly important for ownership. Any views there?
Darren: Yeah, absolutely. Any subscription based or user-based licensing, you're typically licensed for a specific user. So for example, if you had 10 copies of Office 365 in your environment and they were assigned to Todd but I was using them, even though we had 10 copies, since I was the only user, I'm technically not licensed to use it and I would not be compliant. So capturing the actual user from both, you know, from the procurement side, when I purchase the license, understanding who is this for and then on the inventory side, understanding who's actually using it and then doing that reconciliation is extremely important when it comes to any user-based licensing. It's also important in terms of things like charging back path. So if you have an internal charge-back process across your organization, you know, where you don't want IT to be this black hole of money and you actually want all these different divisions at a company be responsible for what they're using, then understanding who's using it and what group they belong to, so the user and the cost center is extremely important so you can go ahead and charge those costs back and then also keep track of, you know, who's spending what and you can be able to make better decisions, you know, going forward.
Martin: I'd say that the people that are doing this really well have got a very tight alignment with the HR department. HR, you know, wages don't stay wrong for very long. HR typically have a very good view of who's in the company, you know, especially in terms of wages. So if you can get a tight integration with them to find out who's joining, leaving, and moving around the company and get that reflected in your user accounts, you get some very, very sharp data. So next slide, please.
So our next pillar is being able to identify an asset when we see one. And this is quite a complex topic but basically, we wanna make our assets identifiable so anyone in the business can say, "I got a gist of what that asset is actually for." So I would say there's no cookie-cutter solution for this. It's entirely dependent on your environment. So I'll give you an example. We've mentioned about location, tracking the location of devices. And sometimes, that's really, really useful. But I was working with an organization and they had laptops only, so there's no desktops or towers. And they had hop desking. So you could work anywhere in the business basically. So location was pretty much irrelevant to them but other things were more important. You really need to think about your environment and how that works and then build a naming convention around it. And, again, like the inventory plan, it really needs to be a holistic approach. There is an article here at the bottom that you can dig into this into more detail, but you really need some standards and uniformities. So it needs to be logical so people understand it. So maybe it's the device type. For example, you might have LAP for laptop for example or SER for server and then the server number or the server name. It can also help you with some of your challenges. So one of the challenges that ITAM Review readers mentioned was that they had difficulty differentiating between corporate devices and personal devices, and this is something [inaudible 00:34:36] with naming conventions because you can easily discriminate to say that's a corporate device and that's a personal device and so on and so forth. So it can really, really help you do some of the heavy lifting in terms of identifying things and help you do your tracking. I recommend device type is quite useful. You know, what type of device is ideally the user, location if it's applicable. Sometimes, something really unique like the employee ID is quite useful. I think, Todd and Darren, you can get into deep water with this if you're not careful, pardon me, if you get too carried away with it.
Darren: Yeah, you see, definitely can. I think one of the most important things when it comes to naming conventions especially for devices is you have a consistent process across your entire estate because otherwise, if you have one group, you know, naming machines using machinename_something and another group doing it a different way, this goes back to the accuracy of your data and causes conflicts with things not reconciling, or creating duplicates. So, you know, I've seen a lot of different environments. I've seen some who have gone, spent a lot of time developing their process and no machine [inaudible 00:35:55] gets put up, no machine gets imaged, unless it has a specific naming convention, and with that, you're able to tell the location of that device, the call center, and the name as unique. But it took a long time to come up with that process. Whatever process you have, it just has to play nicely across your entire estate to help you not [inaudible 00:36:17] run into data accuracy issues.
Todd: I think one thing you have to be careful with is that the one thing for certain in your environment is that your environment is gonna change. Either you're gonna have a reorganization or you're gonna have a merger. And so we've seen some of our customers who've gone up maybe a little too far with the naming conventions by tying in a specific location or an assigned user and in some cases, it works nicely, but if you've got a dynamic environment, what will happen is that as change happens in the organization, now you've got an asset name that doesn't match where that asset actually ended up travelling to through a reorganization or a restructuring of the company. So you have to be careful that you don't go too far into very specific naming because then as your company changes, you're gonna have to either pull those assets out of the directory and rename them to keep them accurate and that can be really time consuming if you have to do that. So there's a fine line between providing all the right information and maybe putting in too much information that might be subject to change. So you've gotta be a little bit careful.
Martin: Next slide, please. You also need to consider, you know, one user might have lots of different devices, that needs to be part of your plan. And you also need to consider that some of your assets that you want to track and you want to inventory and you want to manage their lifecycle are, you know, completely virtual. They might be part of the cluster, they might be assigned to a specific physical device. There's all sorts of things to think about in terms of the naming conventions. So we come onto our fifth pillar which is performance metrics. And the whole point of this is to show your value. So what are you doing and the value you're bringing in terms hardware asset management. And for us, as I mentioned at the start of the show, this is around, have you got a business plan about what you're going to do and are you tracking the right metrics to show the value against the business plan. So the most common question we get on the ITAM Review is, what metric should I be tracking? Well, sorry, that's the second most public[SP] question. Most public question is, "Am I getting paid enough." Second most public question is, what metrics do I need to track? And I would say the metrics are how do I show value against my original business plan? You know, you go to the senior management team, you put the business plan together, say, "This is what I'm gonna do. This is the value I'm gonna create." And then you show monthly or quarterly metrics to demonstrate the fact that you're doing that. And not enough people are doing this. They're doing it as a administrative function rather than a strategic valuable function. So just some examples of things that people use to demonstrate their value. So for example, if you're very security centric, you wanna show devices, you know, that we haven't seen in 90 days, for example, you know, devices that were collecting inventory for that suddenly gone missing. Security, you're gonna want to know about that. It's an incredibly valuable thing to know. You can share your stuff on those devices to find out what happened to them. Have they been lost? Have they just been stuck in a drawer? If they've been stuck in a drawer, why haven't we gotten them back? Because somebody else could be using that and we can save money, and so on and so forth.
Other things that are useful are maintenance costs. You know, the total value of maintenance and any that are not maintenance, and so on and so forth, maintenance metrics. If you're leasing devices, then certainly, you know, how many devices are in use versus the lease expiry and stuff like that. The age of hardware, the support cost associated with the hardware, any assets that might have been lost or stolen. The amount of assets that you've managed to reclaim and push back into the environment. That's incredibly valuable. I would definitely track that. And maybe the sweating of assets. So if you've managed to use an asset beyond it's useful life and therefore save the company money, that's something to track too. If I could come to you again, Darren and Todd, how do we track some of this stuff? We've spoken before about the use of dashboards for different stakeholders in different roles. Do you wanna explore that a bit further?
Todd: Yeah. I think we, as asset managers, we sometimes don't do a very good job of managing our own successes. And so what's really important is that you baseline the current circumstances that you're in. So if you have an executive up line that's saying, "Look, I just don't know what I have. I just want a simple report that shows me, you know, where all these assets are allocated." Or make sure you document the fact that when you started, before you started this process, you had no capability. Make sure that you write down all of the circumstances that you have and then make sure that you're letting people know upstream, hey, we do not have that capability today. And then when you deliver that capability of being able to say, "Okay, here's our first report. We have a high level of confidence that there's some value here." Make sure you market your successes to those people who are gonna help you fund the program. Make sure that you let them know that, "Hey, just three months ago when we started this, there was no ability to do this but, by the way, here's what we're doing today." Oftentimes, I see our customers who will do some really excellent work, but they don't promote the successes and the things that they've accomplished. So it's hard for you to get more money because no one recognizes the value. Oftentimes we get hang up in this thing about, you know, "What's the ROI?" You have somebody on the financial side saying, "I just wanna know what's the return on investment." Well, return on investment comes in many, many different ways. And we'll talk about security, I think, in the next slide, but, you know, if you can get the security person to send a testimonial to, you know, the CEO of your company saying, "Look, the new asset team has provided me with insights into security that are extremely valuable to me." That alone could expand your existence by making sure you're leveraging the benefits you're giving everyone. So you just have to take time to baseline what you don't have today and then as you deliver these reports, make sure you're promoting yourself and doing a little marketing. Darren?
Darren: Yes. Definitely would agree with that. The biggest thing, you know, in terms of dashboards and reports is, you know, whoever is funding this, whoever your executive support is coming from whether it's your direct manager, whether it's the VP or a higher level is you want to have something where you're showing that you're doing something of value that's important for them so they continue to fund. And as Todd said, you know, you really want to market your achievements. And the best way of doing that is when you first set out to...whatever your goal may be whether you're a brand new ITAM program, whether you're implementing a new inventory tool or whatever it may be, is really document where you are today and the problems you're gonna solve and how you're gonna do it. Then once you get there, you know, have reports, have dashboards to show the value you've added and to show the additional value coming down the road and get those reports and information, documentation, to the people you need to continue to fund that program or initiative and continue that down the road. Don't stop that after phase one. After each phase, continue that so you continually get that support.
Martin: It's good to mention as well that you're not gonna crack this overnight. Using my example before, if you've got 500 devices that are missing that you haven't seen for 90 days, you're not gonna get that down to zero in a month. But if you can show that you got it down to 450 or 400 or make a dent in it, and over a course of six months, you got it back down to a tolerant level as a risk, then I think you can demonstrate some really good stuff. So our sixth pillar, number six is major process areas. And this is, how are we gonna manage hardware throughout its lifecyle? So major process areas that people mentioned from our audience, from our community, were the hardware request process. So let's take our friend, Fred, that's one of your employees. So Fred is joining the company, what's the process for getting him a piece of hardware? And the ideal utopia would be you give Fred a piece of hardware that's from stock and that stock has been reclaimed from people that have left the company or otherwise are not using anymore because then you can demonstrate savings straight off the bat in terms of the hardware asset management. You then need to recognize might move departments and he might need different hardware or maybe he can take that with him but you need to track him throughout his lifecycle. He might need to replace in the hardware at some point. He might leave the company and we need to be quite tight on HR to say, "As soon as somebody is dismissed or leaves the company or whatever it might be, [inaudible 00:45:39] might be," we need to be quick to say, "What's the process for getting that piece of hardware back?" We don't want it stuck in a drawer. We don't want it [inaudible 00:45:48] the next six months. We need the hardware back because I can then give it to somebody else and I can show real saving. You've got all the other lifecycle steps such as upgrades and patching and it might be repaired, it might go into stock. We need to manage those. In terms of your business stratification[SP], I think reclaiming assets that are not in use and redeploying them is gonna be a massive one for you in terms of your business stratification. Just think about the average, what's your standard laptop, for example, and how much does it cost? And if you could avoid 10, 20, 30, 40 of those, what would that mean in terms of returns to your company? And ultimately, you've got a disposal process as well. Hopefully, you'll recycle it or you'll sell it on and that you have some sort of [inaudible 00:46:35] processed it, to remove devices. And I think the real test of processes here is when something gets stolen. You know, a laptop that's stolen or, you know, some other device is stolen, that really tests the process to see how watertight they are and how robust things are, both from an ITAM and from a security point of view. If I could come to Darren and Todd, there's great opportunity here of overlap between ITSAM and ITAM here. Do you wanna share your insights there?
Todd: Yeah, I think we see from our customers that the integration between your service management and asset management is a growing need and demand particularly for onboarding and off boarding and making sure that we're handling those assets efficiently from both a performance perspective and a security perspective. We recently launched an initiative where we're integrating our service management and asset management to the same platform to help support those kinds of things. So it's just a big step that we as a company are trying to be proactive in helping our customers bridge that gap between service management and asset management. Absolutely.
Darren: Yeah. When you break down service, assets, and even, you know, operations management, the core data needed for all three is very similar. We look at things like a catalog or inventory or the organizational data, these things are needed across all three disciplines. So in many ways, they're tracking a lot of the same things which are just extensions. So in asset management, we're tracking lifecycle and costs and financial and contractual, you know, in operations. In service management, we're tracking the inventory side as well as, you know, everything that's tied to it and seeing how that rolls up to a service. And then in security, you know, you need similar information to know who's using an asset. You know, is this asset patched where it needs to be for our corporate standards and things of that nature? So there's definitely many areas, sections where these disciplines cross over.
Martin: Something else, Darren, so what you've raised as well when we were discussing these things is all of these processes need a policy behind them and that policy needs a bit of teeth, doesn't it? It needs a bit of... All of this is irrelevant, really, unless there's some teeth behind it so I can take action and actually have some management approval behind you.
Todd: Yeah, we see that a lot with our customers who are struggling with their discipline. Darren and I have served as roles as consultants doing proactive engagements with customers, analyzing where they're at and what their next steps are. One of the things we commonly see as we look into their processes and policies, their use policies for the end users is that the policies don't support the things you're trying to accomplish with asset management. We've seen cases where the end users are not returning their hardware, so the asset manager is finding all of these assets just sitting somewhere under a desk because they've never been returned. Well, when we investigate the policies that the company has, the policies themselves suggest that it's at the pleasure of the manager of that team whether they return the assets or not. So there's no teeth there to force them to bring the assets back. So you might have to look at your policies and see that they support the things you're trying to accomplish.
Martin: And this brings it round full circle to your business plan and your metrics because then you can go back to your senior management team to say, "I'm heading in the right direction here. I'm doing the stuff that you've asked me to do, and I'm getting some good results and [inaudible 00:50:46] the returns, but some people over here, they're not behaving. They're not adhering to the policy. And that's when the senior management team comes down on them like a ton of bricks to get things sorted. And unless you have that business plan and the senior management approval to start with, you're always gonna be fighting an uphill battle. I'm conscious of the time, so if we could go to the final pillar. I think Darren and Todd you're gonna take this one.
Todd: Yeah, Darren should take that first one. You're the expert there.
Darren: If we're looking at stakeholders for hardware asset management, number one on the list is software asset management and obviously, to understand your software position, you have to understand what [inaudible 00:51:39] in your environment. So when we think about from the standpoint, we need to understand all of the laptops, desktops, mobile devices, things of that nature. And then even more importantly, we look at the data center side of them, now we have to understand all of our servers, you know, all of our virtual servers, are they part of clusters. Do we have any partitions, virtual pools, and how do they relate to each other? Because a lot of different products are really licensed on how they're used. So if you have an Oracle database sitting on vSphere 6.5 on a VM, well, then Oracle will require you to license that across every core tied to that cluster. You know, if you have IBM products and you have things like [inaudible 00:52:29] or virtual pools, these come into play when you're figuring out your license position. So it's really critical to understand both the hardware side in terms of what devices and then how they're related, all those different relationships when it comes to SAM.
Todd: The second bullet service management, we've kind of talked about that in the need for the integration. So I won't address that one again. But the third bullet is one that you should all be very interested in because the security world is becoming exponentially more important in the world we live in. And equally and important to security management is asset management. So if you're having a difficult time getting some funding or getting some progress with the company being willing to support a good program, go find your security leadership team and talk to them about how an asset management solution would help them and you'll find an advocate that will really help you move the asset management initiative forward. Security of knowing what assets you have, where that asset's at, what kind of information is on that asset is top of the list on security management. So that's a big one that you should all be leveraging to help enhance your ability to deliver an asset program. And I'll catch the next one, Darren, you can catch the next two.
Procurement. As I mentioned earlier, if you don't know what you own, it's really hard to manage it. So being able to pull in that procurement data and understand the relationship between a purchase order, the receiving of that asset and the allocation of those procured assets is critical, and that's where you're really gonna be able to understand what's in your environment and what's missing in your environment so that you can use your discovery tools as a way to validate what you know about procurement. So I can't over emphasize the need for you to have good procurement data and to be able to match that into your asset management database.
Darren: Yeah. And I'm looking at IT projects. You know, if you're starting a new initiative, maybe you're rolling out a new data center, it's really important to understand what assets do you have, you know, what devices are available for a project. You know, enterprise architecture, obviously, whenever you're looking at a new project, whether it's a new networking initiative, putting in whatever new infrastructure it may be, you have to understand what's currently in place and, you know, plan accordingly. So those two things, critical to understand HAM. On the finance side, you wanna understand what assets you have, do I have certain assets that I can depreciate, do I have certain assets that sit in certain areas where there's certain tax implications and things of that nature. So all these things really rely on solid HAM data.
Martin: Just before we finish on business benefits, I just wanna address a quick question that's coming from Bill, who said, "Just wanted to point out that ROI isn't necessarily a great measure of risk." And I absolutely agree. If your business plan needs to be tailored to what your business wants. So are you doing hardware asset management for risk or are you doing it to save money. Bill makes a very valid point. But I would say that all of the arguments we've mentioned so far equally apply to risk. Because if you've got 500 devices that are missing from your estate, were they encrypted? Were they patched the latest level? Are they gonna come back on the network at any point in future? If they're stuck in a drawer and unpatched, they present a risk. If they're stuck with data on them from the company, they're a risk. If they...you know, if you negotiate a contract with Microsoft thinking you have a certain amount of devices and then suddenly 500 more come on their network that you'd forgotten about, that's a risk. So you just need to tailor it to your particular environment. In terms of the business benefits, this is just some quotes from our community. And I've broken these down into Cost Avoidance, Smart Decision Making, and Efficiency and Agility. So the biggest one, by far, is just reclaim of stuff that's not being used so you can issue it as stock. The same applies to software. You'll save enormous amounts of money if you can say, "I'll hold some stock and I'll reissue it when I need to deploy a new asset and, you know, save lots and lots of money."
Other things in terms of aiding smart decision making was not renewing maintenance on things that you'd already decomisioned because you've got such bad data you didn't know and you can save some money there and be more efficient, be leaner. Better negotiations on planned purchases. You've got better visibility of what you've got. You've got visibility of stock so, you know, you can reduce purchasing. Making sure we have a good number of standard devices to take to the majority of businesses so we can reduce nonstandard device purchases. Again, this is, you know, if you've got a standard build for laptop or a tablet, have a few of those in stock knowing your anticipated usage, you know, and predicting your usage so that you can issue them straight away and not have to go and do ad hoc purchases here, there, and everywhere. It also speeds up the deployment process so when somebody starts in day one, their laptop is sat there waiting for them. So these are just some of the examples of business benefits. I think we've got...if we can go to the next slide, please.
Final key take always, I would say hardware asset management is a must have function. It's often been, you know, considered an administrative function and stock keeping function, but I think it's an absolute must-have. It's the cornerstone of security. It's the cornerstone of software asset management. You can't do software asset management if you don't do hardware asset management properly. That's a fact. And it's a must have function. Your business goals need to be articulated. You need to think about how am I gonna demonstrate my value here rather than just plodding on with it. You really need thinking about how am I gonna justify this to senior management? How am I gonna demonstrate my progress. And finally, think ecosystem, not silo. There's lots of other stakeholders and team members that make value of this data. And the value of that is if you can provide them really good accurate data, you know, let's say security was mentioned before, that really raises your profile. It raises the value of hardware asset management which gives you more resources, it gives you more budget, you're more of a strategic player rather than an administrative function. And these stakeholders will really, really help you if you help them and that will accelerate your maturity down the, you know, the maturity curve.
Mareike: All right. Thank you Martin, Darren, and Todd for sharing your experience and best practices around hardware asset management with our audience today. I do realize we went a little bit over but I do think we just answered the question that came in. And as mentioned, we will follow up and send you the recording link to today's webinar and the slide deck and we really hope that you found the panel discussion valuable today. If you have any questions, please still reach out to us at any time. For more information, please visit ivanti.com and look under Item Solutions, you will find various white papers and infographics and block topics around HAM as well that I think are interesting for you to check out. So thank you very much for attending today. Have a great rest of your day and we hope to welcome you to one of our next webinars again soon. Good by, everyone.