State of ITAM: How Your IT Asset Management Must Evolve

State of ITAM: How Your IT Asset Management Must Evolve

The role of ITAM [IT asset management] and SAM (Software Asset Management) have to change to not only meet compliance responsibilities, but also, to meet the challenges facing businesses in a post-COVID-19 world. Silicon UK asks how CTOs can evolve their use of ITAM and SAM, and what the future looks like for asset management.

As businesses have continued on their digital transformation journeys, the assets they have acquired can rapidly expand. Asset management has also suddenly taken on a new urgency as the pandemic has deepened.

Also, as remote mass working has become the norm, managing the assets a dispersed workforce uses is paramount. The tools businesses use to safeguard these assets and provide an efficient working environment across their enterprises are today, a pressing concern for all CTOs. ITAM (IT Asset Management] and SAM (Software Asset Management) is a critical process all enterprises must pay close attention to.

According to Gartner: “ITAM depends on robust processes, with tools to automate manual processes. This data then enables organisations to effectively manage IT assets, vendors and a software and hardware asset portfolio from requisition through retirement, thus monitoring the asset’s performance throughout its life cycle.”

In their state of ITAM report, Flexera revealed: 25% of ITAM teams report directly to the CIO or CTO; 24% report to infrastructure management. ITAM teams interact heavily with many other functions, including infrastructure (55%), IT service management (52%) and procurement (50%). Only 45% of SAM practices have reached advanced maturity. Most SAM teams are responsible for software discovery (84%), inventory (77%) and audits (83%), focusing on on-premises software. A minority of SAM teams track software in the cloud (46%), SaaS (35%) or software in containers, also (34%).

Says Jim Ryan, President and CEO of Flexera: “Our report uncovers the top asset management challenges, including managing the impact of SaaS, cloud, and containers, which becomes even more important in the post-COVID landscape. It reinforces that those with the most mature SAM practices can achieve the highest savings. With this report, organisations can benchmark where they are today and plot a course to maximise the value they deliver.”

The integration of ITAM and SAM is often not as complete as it should be. Also, as businesses have continued to expand their use of cloud services, how hosted applications and other connected assets are being used is often not tracked and recorded in enough detail.

Chris Terndrup, Business Transformation Architect at Nexthink commented: “What businesses now need is the intelligence behind their purchasing decisions. Businesses will have a number of personas in their workforce with different needs and demands – which means using the wrong assets will impact the capacity of the employee to be productive. What’s more, it is essential that the high-power users, the core of any business, are provided with the right assets to do their job effectively to allow for smooth operations across the company.”

ITAM evolves

To gain a better insight into how ITAM/SAM has become a vital component of every enterprise’s IT managements, Silicon UK spoke with Ben Carr, Chief Information Security Officer at Qualys.

Ben Carr, Chief Information Security Officer at Qualys.
Ben Carr, Chief Information Security Officer at Qualys.

How are CTOs now approaching ITAM? Has this significantly changed over the short term?

“One of the big problems for ITAM is that it sits across many the IT organisation, but it can be hard to get this supported effectively. For CIOs and CTOs, this is a low-level requirement that is not often on their specific remit. Still, equally, they don’t support it effectively and ensure it is kept up to date, this, in turn, introduces significant risk into the organisation.

“Every team in an organisation should want to get this data, but many organisations have problems capturing this data in the first place. For those that do complete an audit, the challenge is keeping that data accurate and up to date.

“With COVID forcing more remote working and more moves to the cloud, this job isn’t getting easier. There is a potential upside: This transition has led more companies to use software agents for other purposes like cloud security, which can also gather IT asset data. This data can then be used for different purposes like ITAM. By collaborating on ITAM and security, teams can achieve what they need.”

What are the current challenges facing businesses that need to manage their digital assets better?

“The biggest current challenge is that companies are moving to more digital environments that use cloud services. These assets are generally more ephemeral than traditional IT environments, and they change over time more frequently. If you are trying to use ITAM tools built for those older physical environments and assets, you can face problems. It requires an approach that is aligned with this new model.

“The older model around ITAM does not scale effectively. You can see many of the companies involved in ITAM and ITSM re-architecting their systems to deal with the problems that come up here.”

How have businesses altered their digital transformation roadmaps because of the pandemic, how has this fed back into their deployment of ITAM and SAM tools?

“Within IT, teams have been asked to respond to COVID very quickly. In the first six months, the emphasis was on keeping the business going rather than on long-term planning. Areas like asset management and maintaining asset lists up to date were well down the list of priorities compared to keeping the lights on and implementing apps or services that would keep people productive.

“Today, we have gotten through that initial phase, and IT teams evaluate where they currently are. The move to remote work led to lapses around ITAM and SAM, so we need to address this. If we don’t, then there will be a significant amount of asset sprawl taking place that we just don’t know about.

“Cloud applications can be bought and implemented quickly, but those applications should be part of a more comprehensive process to be managed appropriately over time. We can’t work from single snapshots of points in time anymore. Instead, we have to keep everything current, and up to date, so we can track usage and respond faster.”

With remote mass working becoming the norm, how does this change in working structures impact ITAM and SAM?

“Looking at remote work specifically, there may be some changes needed around ITAM. For example, how many new IT assets get sent to the IT team today? Today, these now get sent directly to the end-user so they can get started and be productive. However, this makes the ITAM job harder; as a simple example, it is difficult applying the right asset tags at the start when the asset goes directly to the user and is provisioned digitally. Sending users their own asset tags to use is a small job, but normal processes may not be effective in the current environment.

“We have to be more diligent on how this data is tracked. If we are not, we risk those assets getting lost, but we also have issues from a security perspective. It’s not possible to patch and secure assets that you don’t know about.

“Mass remote working highlights the need for more automation around our processes. We have to adopt a mindset around improving IT staff and users’ training, then follow those processes consistently.”

Is the use of ITAM / SAM tools focused on cost reduction, or are these tools also being used for other strategic aspects of business rationalisation?

“We need to encourage more strategic thought around this topic, rather than relegate it down the to-do list. ITAM schemes directly lead to cost savings and spend reduction through better acquisition and buying processes. Still, the value they offer is foundational to IT and the business as a whole.

“Without accurate IT asset lists, you can’t accurately plan other projects. How do you know how many software licenses to buy, or when you will have to update your systems and spend precious capital? How can you plan out your security strategy if you don’t know how many assets you have, and where they are at all times? These are bigger issues that are made harder if you don’t get ITAM right. If you only look at ITAM from a business rationalisation and financial perspective, it’s not conducive to getting these projects done well.”

What do you think the future of ITAM / SAM looks like?

“Around core asset management tasks, outside of the evolution of the model to support cloud and ephemeral assets and services, there won’t be any significant changes in the future.

“Where there will be developments is around the discovery and automation sides. Without more automation, there will continue to be a deficit within existing projects that will make it more difficult for teams to keep up. That is where the most significant future changes will take place.

“The other big change will be around how different areas of IT start working around asset data. This covers IT security and IT operations, but also other departments too. Everyone will have to understand and see what this looks like and then use the data to help them manage their processes. As digital and IT, assets are more critical to the business, having a fair asset management process in place will core part of any mature business.”

Asset tracking

The IT landscape has changed for all businesses, thanks to the pandemic. The rush to deploy more hosted services and the expansion of IT’s consumerisation have meant CTOs have had to rapidly adapt their approach to ITAM and SAM. There is still work to be done, as asset tracking can be easily forgotten when faced with multiple tasks – many of which are considered mission-critical.

However, as Dr Barbara Rembiesa, President and CEO, The International Association of Information Technology Asset Managers (IAITAM) says your business must have an asset management policy in place. “If you aren’t managing your IT assets, you’re not managing your business properly. During COVID-19, ITAM professionals worked diligently to ensure that businesses stayed open and that employees could work from home. Many companies without ITAM programs were unprepared for the shutdowns and are still struggling to get back on their feet. What will they do now if there is a second lockdown?”

With Nexthink’s Chris Terndrup concluding: “The working structures within businesses must change. Closer collaboration between the IT department and HR as an example will help manage the stresses put on the workforce. Improving the employee experience by empowering staff with the right software assets will help them do their job effectively, but it will benefit the business as a whole.

“This is where the importance of software able to take on end-user sentiment is evident, as staff will feel heard and the dialogue with the IT teams is opened up. In addition, it can provide the capability to engage in real-time, improve quality of service, reduce costs and enhance the experience to be productive.”

Placing asset management as a core competence within an enterprise’s overall IT tracking is essential to maintain a secure hardware and software infrastructure. CTOs struggling to deliver the IT resources their businesses demand should not push ITAM and SAM lower on their agendas. The future of IT asset management is changing. Ensuring your business can track every asset is how your company remains safe and secure in a post-COVID-19 world.

Photo by George Morina from Pexels.