Ivanti Blog: Posts by

City of Seattle: Adding ITAM to Its ITSM Platform Improves Service Delivery While Optimizing Assets

Wed, 01 Sep 2021 12:00:01 Z

Anyone thinking about embarking on the journey to extend their IT Service Management (ITSM) with IT Asset Management (ITAM) should have a sit-down with Jenny Rock from the City of Seattle.

A 27-year technology veteran who began her career in the telecommunications industry, Jenny has been with the City of Seattle for 15 years — the last four as Product Engineer in what is now known as the Collaboration and Workplace Technologies division. She’s part of the service management operation, working with the Ivanti^® Neurons for ITSM and ITAM solutions.

The Backstory

The City of Seattle sits on Puget Sound in the U.S. Pacific Northwest and is the largest city in the state of Washington, supporting a population of more than 750,000. As a city, Seattle is known as a progressive leader in technology, innovation and the environment.

The City of Seattle was tasked to consolidate its several IT departments into one department which it called ‘Seattle IT’. Previously, separate teams supported the technology needs of many individual city departments such as power and utilities, transportation services, parks and recreation, courts, police, fire, facilities management, and more — around 50 departments in all. This distributed model resulted in a lot of duplication of processes and effort across the board.

The greatest challenge Seattle IT faced was the lack of standard, shared, day-to-day repeatable processes and a better way to discover and track assets. The separate IT teams had their own processes and data repositories.

Previously, as Jenny explained, there were occasional efforts to take physical inventory and somehow track assets, but it was difficult to execute and data was difficult to maintain with the disparate existing systems in place, which led to a lack of ownership and accountability at all levels.

The Pain that Drove the Effort to Modernize

Ultimately, it was apparent Seattle IT needed to standardize and mature its processes to be more efficient.

“We were struggling with maintaining a record of licenses, entitlements, warranties and vendors,” Jenny said. “What’s more, we were overpaying for licenses we didn’t need and for software that had been installed — in some cases multiple times for the same users. As such, we needed a way to better track these assets.”

Some of the key drivers that led Seattle IT’s Service Management organization to extend its Ivanti Neurons for ITSM solution and add on ITAM included:

Transparency for all stakeholders regardless of their interest, from auditors to the departments who pay for IT services and ultimately to the taxpayers of the City.
The need to solve key pain points around IT contract management, software license management, warranty tracking and migrating more asset types into the database.
A demand for improved process automation and greater integration between ITSM and ITAM.
The need to deprecate a legacy solution used to manage and track inventory of all types, from consumables to capital assets.

Bringing Order and Process

One of the first efforts was to start building out the Enterprise Application CI as a repository to gather as much data as possible from all the consolidated IT departments. Jenny and team were able to consolidate two or three other application repositories, numerous spreadsheets and some Access databases.

Since then, the team has been promoting Service Management across the many city departments, implementing ITIL best practices and keeping pace with the changes resulting from the ever-evolving IT consolidation.

“With Ivanti, we’re now bringing all of our assets into a modernized ITSM interface and will be setting up actions, rules and processes for managing our inventory,” Jenny said. “This will provide us with a more accurate overview of what assets we have and what we are paying for in terms of software licensing.”

Leveraging ITSM Processes and Full Asset Lifecycle Management

Today Seattle IT leverages ITSM processes across many of its operations. Key areas the Seattle IT Service Management organization handles include:

Service Catalog Management
Service Level Management
Incident and Request Fulfillment
Change Management
Knowledge Management
Service Asset and Configuration Management
Problem Management
Process Evaluations

According to Jenny, tracking assets in their ITAM repository with Ivanti will enable full asset lifecycle management and improved use of discovery tools to link assets with each other as well as with users, departments and locations.

“The opportunities with this new solution are endless. We’ll also be able to see how much we spend each year to maintain our technology solutions and determine if we need to adopt cloud-based solutions, for example, in place of an on-premises solution to save money.”

When physical inventories are taken, it’s much easier for teams to find assets and verify information for them. This also helps internal Service Management teams work together more closely, because workflow and processes provide a clearer picture of what’s expected for any given request or incident.

Progress by the Numbers

Already, Seattle IT’s Service Management organization has loaded 42,200 city records in the Workstation CMDB, powered by Ivanti Neurons for ITSM and ITAM solution. The CMDB consists of about 17,000 items in surplus or pending surplus, and about 21,000 deployed items, with the remainder in other various states — in stock, being prepped or staged for deployment, with the vendor for repair, etc. This includes user devices, training room equipment, testing machines, shared devices and loaner stock.

Jenny said that within Ivanti Neurons for ITSM, there are 26,000 employee records, more than 15,000 of which are active, including contractors, temporary employees, and interns. And given the movement of personnel in and out of the city government and the shift to remote work, the team’s CMDB devices have a lot of movement as well. “For example, we have about 7,900 laptop computers, 2,000 tablets and 12,000 desktop/specialty workstations in use,” she added.

One of the most important fields added in this effort was the “Custodian” field, which is required when the asset isn’t deployed to an owner or isn’t designated as surplus.

“This meant that if your name was on it, you’d better know where it was and be able to produce it at any point you’re asked to,” Jenny said. “Device support and deployment teams soon learned the benefits of having the data in one place and the accountability it provided. Everyone is now responsible for the data, and no one wants to be the custodian of something they can’t prove they have.”

Jenny and the Service Management organization are now in the process of expanding the Ivanti deployment to include servers, databases, infrastructure devices, communications devices and has seen departmental interest in using it for traffic devices or other IoT devices.

“We are also looking at tracking software licenses, entitlements, warranties and contracts, and this will be added into our overall processes where previously they were all managed as individual processes,” she said.

The Two Greatest Advantages of Adding ITAM to ITSM

According to Jenny, efficiency and accountability are the two greatest advantages of adding ITAM to its ITSM platform. “With these advantages will come not only monetary and budgetary benefits but goodwill from our customers. We charge our IT services back to the departments we serve, so while we’re able to provide them detail of what they’re being charged for. Previously it was a bit fractured in terms of how it was delivered.”

She concluded, “To be able to pull this detail from one system moving forward will help our department be much more transparent to our customers AND make it easier for them to request assets. Overall, our goal is to minimize both losses and inefficient processes.”

You can listen to the full interview with Jenny Rock from City of Seattle here:

ITSM and ITAM: Great Together, Like Peanut Butter and Chocolate or Gin and Tonic Pt. 2 of 2

Fri, 04 Jun 2021 13:00:00 Z

As mentioned in Part 1 of this blog series, IT Service Management (ITSM) and IT Asset Management (ITAM) make a great combo to support IT’s overall plan to maximize operational efficiencies and improve service delivery experiences, while also optimizing compliance and cost.

Part 1 covered two use-case examples: 1) Empowering Users with Self-Service; and 2) Faster, Better Incident Resolution.

This post discusses the remaining three use-case examples: 3) Tackle Problem Assets with Proactive Management; 4) Effective Change Management; and 5) Complete Lifecycle Visibility.

3. Tackle Problem Assets with Proactive Management

Correlating asset information with incident and problem management helps you assess why certain devices consistently fail. By doing so, you can manage the overall risk proactively versus trying to fix each device as it fails, adding unnecessary costs and downtime in the process.

Let’s say Karen, an IT Manager, is preparing for the next vendor negotiation and standardization initiative. By looking at problem data and analyzing the associated device information, Karen finds certain types of devices are failing at a 30% higher rate than other models. Diving further into the asset information, including purchase history and warranty coverage, she determines it no longer makes sense to fix these device types going forward and instead makes a switch and standardizes on a different type of device to keep users productive.

Karen also looks at incident and problem data to assess which hardware still has value beyond its initial lifecycle. Her analysis shows that rather than adhere to the market standard of three-year hardware refresh cycles, she can initiate an extension to four years, enabling the organization to gain more life out of existing devices.

Simply making a few key changes to procedures and device standards can create savings and optimize costs across the enterprise. Had Karen taken a traditional approach, she would have only seen problems coming in through the service desk and looked at call resolution to determine how long it took analysts to solve a particular user’s problem.

By creating “one system of truth” — one repository where information is collected, filtered against and analyzed, you can correlate results and make more informed decisions. This way, you know if a problem impacts the wider organization and can trigger actions proactively to remedy the issue while checking into the hardware contracts, licensing information, etc. Having the insights to know the exposure and risks involved to draft a clear remediation plan can turn a problem into an opportunity.

4. Effective Change Management

According to research from EMA, 32% of surveyed organizations achieved IT operational efficiencies through improved insights. (“Reinventing ITSM,” EMA, 2019).

Making asset information available as part of the Change Management process helps ensure changes are more effective and successful, partly by identifying potential risks up front as well as making the process more efficient.

For instance, with more asset insight readily available as part of the review cycle, the Change Advisory Board (CAB) can review and answer key questions such as:

Are appropriate licenses available and properly allocated, including desired and needed versions?
Are any additional software packages, drivers, or hardware add-ons required, and are needed licenses also available?
Are the hardware configurations acceptable or do they need to be enhanced with more memory, connections, capacity, or storage to cover unplanned incidents or failures?

Where resolution times are critical, having more complete asset information can also speed emergency change requests. Let’s assume a server running a business-critical application crashes and must be replaced quickly. The incident response team can check the asset inventory immediately to see if there’s a replacement server readily available. Once one is found, the team can initiate an Emergency Change with complete information on the replacement server, including its exact location, where it needs to go and any necessary software and add-ons.

5. Complete Lifecycle Visibility

It’s no secret that many organizations still use spreadsheets to track their hardware and software, noting purchase information and linking the device to the initial user who requested it. Full visibility of what assets are in the environment, where they are and how they are used — all without cumbersome spreadsheets — is vital for service desk analysts to do their job efficiently, with quicker resolution times on incidents and problems.

However, many IT organizations often only verify an asset’s location once a year — and some organizations only every five years. (“Navigating through the Complexities of the Fixed Asset Management Function,” Ernst & Young).

Consider a temporary-staffing company that provides temp workers with devices at the start of an assignment. Across different job roles, devices will be switching hands, changing locations and demanding access rights at an exploding rate. If IT carries out a manual inventory audit, these user changes would either be poorly tracked, or not tracked at all — posing a significant security risk and not providing IT with much-needed visibility into a device’s health and performance.

Organizations benefit from ITSM and ITAM processes and tools that are unified:

Organizations can perform real-time scans and reconcile user and location information.
This enables the service desk to resolve incidents much faster, improve customer experiences, and enable more self-service.
Not only is it vital from a service-and-support perspective to know at all times where all organizational assets are, but also from a security standpoint, where lost or stolen assets can jeopardize data integrity.

It’s also critical to manage assets throughout their entire lifecycle by tracking performance data, issues, fixes, patch information, contracts and licensing to ensure software and hardware investments are running at optimal performance and not impacting employee productivity. Complete lifecycle visibility through unified ITSM and ITAM is often the missing piece of the IT puzzle for many organizations.

Catch Our Webinar Replay

Check out our recorded webinar Why IT Service & Asset Management Are Better Together. Our presenters share more insights for solving business problems proactively with ITSM and ITAM. You’ll also hear some true stories, such as why mysteries make for good night-time reading but not so much when it comes to network routers.

ITSM and ITAM: Great Together, Like Peanut Butter and Chocolate or Gin and Tonic Pt. 1 of 2

Tue, 01 Jun 2021 17:08:51 Z

Actor 1: “Hey, you got peanut butter on my chocolate.”

Actor 2: “Well you got chocolate in my peanut butter.”

This 1970’s ad campaign of “Two Great Tastes that Taste Great Together” put Reese’s Peanut Butter Cups on the map.

Know what else makes a great combo? IT Service Management (ITSM) and IT Asset Management (ITAM).

Historically Separate Disciplines

Traditionally detached disciplines, ITSM ensures timely delivery of essential services and support for the enterprise, while ITAM discovers and tracks the hardware and software assets for those services and optimizes the overall value, costs and compliance across the asset lifecycle.

These two practices are typically implemented in separate areas of the organization with different business objectives and goals, yet their processes and data are highly interrelated. When IT is structured along operational silos, gaining visibility and automating manual processes across the IT landscape becomes a real challenge. Separate teams, tools and objectives limit information and data sharing and isolate ITSM and ITAM from one another.

In contrast, ITSM and ITAM closely aligned and integrated means many activities and processes become more automated, efficient and responsive — with fewer things “falling through the cracks.” IT teams gain greater insight and are better positioned to implement more proactive practices that increase service levels and efficiency at lower cost.

Benefits of Combining ITSM and ITAM Processes: Five Use-Case Examples

This blog and its upcoming Part 2 companion post cover five use-case examples where combining ITSM and ITAM processes, data and insights can be part of an overall plan for IT to maximize operational efficiencies and improve service delivery, while also optimizing compliance and cost.

The first two use cases discussed below are: 1) Empowering Users with Self-Service; and 2) Faster, Better Incident Resolution. The Part #2 post covers the remaining three: 3) Tackle Problem Assets with Proactive Management; 4) Effective Change Management; and 5) Complete Lifecycle Visibility.

1. Empowering Users with Self-Service

IT service desks often lack the visibility into what software applications are available and how they’re being used. This hobbles the effort to fulfill self-service requests quickly, plus organizations end up purchasing more software, creating unnecessary spend and compliance issues. With unified ITSM and ITAM processes, you can reclaim or re-harvest unused software to cut costs and optimize existing asset performance.

For example, let’s say Jane, a sales manager, needs Microsoft Visio but doesn’t have the application and can’t afford to lose several days waiting for the purchase and installation of the software:

She tries to launch Visio, but access is denied
Traditionally, she would call the service desk to make the request
The support desk analyst would send a task to the purchasing department, which would order a new software license after waiting to get approval for the purchase
IT would send a confirmation to Jane
The IT technician would perform a manual lookup of the device and the user and initiate the Microsoft Visio installation — now several days after the initial request.

Let’s now assume ITSM and ITAM are working together, accelerating software-request processes for users via self-service:

When Jane submits her request for Microsoft Visio, the system checks and identifies that Visio licenses are available, yet unused
The Visio application can then be assigned to Jane, and through endpoint management processes, installed automatically in compliance with entitlement
The service management solution documents and tracks the process, notifies Jane and closes the software request

The whole process finishes in minutes instead of days, empowering users and freeing the service desk to focus on other strategic projects.

2. Faster, Better Incident Resolution

Businesses stay productive and employees stay satisfied when the Service Desk can resolve incidents more quickly and effectively. Consider Michael, an employee who contacts the Service Desk because his laptop doesn’t charge or shut down properly:

If the Service Desk has visibility into the complete asset record of the laptop, they can see it was acquired only a few months earlier and is still under warranty
With this asset visibility, the analyst handling the incident can choose to do a warranty replacement rather than spend resources trying to fix the laptop internally
The analyst can also check the asset repository for an available loaner or replacement laptop so Michael can keep working
When the faulty laptop is returned, any software licenses associated with the device can be reclaimed for re-use by other employees

This simple laptop example shows how the business could benefit from leveraging asset information for faster resolution times, increased employee satisfaction and lower support costs without sacrificing quality. With greater hardware and software information, analysts can more quickly identify possible causes for other types of common incidents, such as lower performance or application crashes, which could be due to insufficient RAM or conflicting software versions. Plus, logging all the steps and actions assists in analysis or in audit requirements later on.

Learn More in the Companion Blog

You’ll find three more use-case instances of how ITSM and ITAM are better together in Part 2 coming soon.

Catch Our Webinar Replay

Check out our recorded webinar Why IT Service & Asset Management Are Better Together. Our presenters share insights for solving business problems proactively with ITSM and ITAM. You’ll also hear interesting true stories such as what a cookie monster has to do with potential IT security threats.

Ivanti Gives Voice to IT Incident Management Software

Thu, 06 May 2021 19:25:59 Z

A protracted, exasperating customer service experience popped into my mind while reading this sentence in the Ivanti Voice data sheet: “One of the most frequent customer complaints about call centers is having to repeat information.”

Ain’t that the truth. Here’s a brief personal experience.

Awhile back, some thieves targeted my neighborhood late one night. Two cars parked on our street had windows smashed and items stolen. What’s more, our garage door was left open (a rare occurrence, thank goodness). My car wasn’t locked, and the thieves stole a satchel that contained among other things my checkbook. Once I had notified the credit union of the theft, it quickly closed the checking account and opened a new one.

But my troubles didn’t end there.

Not thinking, I had failed to notify our primary bank and home mortgage holder, “The Brawny Behemoth Bank,” of the change in credit union checking account numbers. That meant that half of each month’s automatic mortgage payments—drawn on the credit union—weren’t being made. I called the Behemoth Bank to make them aware of the issue and the urgency to get the new credit union account tied into their system.

Easier said than done.

It took nearly a month and speaking with no fewer than seven different banking representatives on the phone to iron things out. The most frustrating part of the ordeal was having to rehearse the backstory to each representative.

Many Organizations Are Handcuffed

Not sure those checkbook thieves ever ended up in handcuffs. But the truth is, when it comes to customer service, many organizations are handcuffed by rigid, overly complicated systems and processes.

For example, it’s common for an agent/representative to access an average of three to five applications to service a customer. Making life better and more satisfying for everyone—service desk agents and users—is the ultimate measure of ITSM success. Savvy customer service departments look to leverage operational flexibility to streamline their operations and provide:

Better tracking of client information
Case management to solve problems
Voice enablement for improved customer loyalty
Improved metrics for business understanding
Automated workflow, and knowledge management for agent/rep efficiency
Better communications for happier customers

Voice Enablement for Improved Customer Loyalty

For the purposes of this blog, let’s focus on the third bullet point—voice enablement for improved customer loyalty.

Voice enablement—or telephony integration—extends automation and self service to the call center. Phone integration and call deflection can do everything an agent can. For example, a user calling to reset a password can be identified and authenticated via an API and talked through the reset—with alerts sent to that individual and their supervisor for security purposes. In addition, telephony integration enables the nature of a call to be identified and relevant information sent to users and agents from your knowledge base.

Incident Management with Ivanti Voice

With Ivanti Voice customer data and agent screens travel everywhere with the call so the next agent has the same information as the last. (I wish my Behemoth Bank would have had Ivanti Voice.) Agents can recognize and handle priority customers before other calls based on ticket or contact records.

The solution features automatic “screen pop” of relevant contact and incident information in the service management application. Calls can be highlighted or separated into various queues based on type, priority, or queue time. Transferred calls are minimized because caller information and the reason for the call are identified using IVR input and application data. This means calls are answered by the right agent the first time.

Be confident that the right agent or team is handling the call. Reduce wasted call-handling time and save on overall costs.

Ivanti Voice is built to support Ivanti® Neurons for ITSM deployments both on-premise and in the cloud. It brings together the three main components to any service engagement:

the agent
the business data
the main medium employed in any contact-center environment – the phone

All components you need to run a complete service desk contact center solution are provided in one offering. You can realize faster, more efficient service to drive customer satisfaction beyond current levels. This integrated, voice-enabled approach helps ensure that any organization can be better aligned with its strategic business initiatives while driving down service costs drastically and increasing customer satisfaction.

Contact us and learn how you can eliminate the roadblocks or “remove the handcuffs” by simplifying and automating your service engagements with Ivanti Voice.

An Early Thanksgiving: 15 Years at Ivanti

Thu, 03 Sep 2020 20:40:00 Z

The U.S. Thanksgiving holiday that falls on Thursday, November 26 this year came early for me. I’ll explain why later. Saturday, August 22 marked my 15^th anniversary with Ivanti. And, spoiler alert, this is an “attitude of gratitude” blog expressing thanks for the rewarding career experience Ivanti has been for me.

My time with Ivanti constitutes a significant chunk of a 40-year working life—which also includes a five-year stint at Data General Corporation in Colorado and Massachusetts, and eight years with FranklinCovey in Salt Lake City.

But let’s get back to Thanksgiving. Here’s a quick timeline of how the holiday came to be, based on information from History.com:

1621: Colonists who had settled Plymouth, Massachusetts and Native Americans of the Wampanoag tribe shared an autumn harvest feast. While turkeys were indigenous, there’s no record of a large, roasted bird at the feast. The Wampanoag brought deer, and there would have been seafood—mussels, lobster, and bass—plus the fruits of the first Pilgrim harvest, including pumpkin.

1777: The Continental Congress declared the first national American Thanksgiving following the Patriot victory over the British at the Battle of Saratoga.

1789: In his first year as president of the fledgling United States of America, President George Washington again called for a national day of thanks on the last Thursday of November to commemorate the end of the Revolutionary War and the ratification of the Constitution.

1863: President Abraham Lincoln declared Thanksgiving to officially fall on the last Thursday of November, to be celebrated nationally.

1939: During the 20^th century, Thanksgiving evolved into a day of leisure and new customs. To help boost the ailing economy, President Franklin D. Roosevelt detoured from tradition by declaring November 23, the next to last Thursday that year, as Thanksgiving Day (“Franksgiving”) to lengthen the Christmas shopping season, causing considerable controversy. On November 26, 1941, Roosevelt admitted his mistake and signed a bill into law officially making the fourth Thursday in November the national holiday of Thanksgiving Day.

Over the River and Through the Woods: Ivanti Has Felt Like Home

Americans go to great lengths to travel home for the Thanksgiving holiday, and Thanksgiving week is one of the busiest travel holidays of the year. To me, Ivanti still feels like home. The company has certainly changed and evolved over time, much like the family homestead that undergoes renovations and updates. But a “home” is less about the physical structure and more about—yes, I’ll say it—the loved ones inside.

I was hired by Landesk, one of Ivanti’s predecessors, in August 2005 as a long-form copywriter, producing white papers, data sheets, solutions briefs, brochures, etc. Landesk and HEAT merged in 2017 to form Ivanti, and through it all, I’ve felt fortunate to be associated with such great people—an accomplished and committed executive team; bright engineers; savvy sales people; motivated marketing types; and the finance, HR, legal, operations, customer care, and training professionals who help make the company what it is. The company continues to make significant strides in a competitive market, and employees are being productive in the “next normal” of working remotely.

Why Do So Many Ivanti Employees Stay So Long?

In early January, I wrote a 20 Years of Service Q&A blog that featured the five Ivanti employees listed below who were recognized at that time for reaching the two-decade milestone. More have joined that august body since:

Kevin Smith, Senior Channel Sales Manager (Toronto, Canada)
Bari Carney, Senior Renewal Account Manager (Rutherford, New Jersey)
Paul Petersen, Vice President, Corporate Strategy and Sales Channel Enablement (Chicago, Illinois)
Deanne Benn, Corporate Paralegal (Colorado Springs, Colorado)
Gary Wang, Senior Sales Engineer (Sydney, Australia)

Reasons abound for why people stay devoted to their jobs and employers for years—even decades. Is there a secret to long-term worker loyalty? Well, it’s a whole combination of factors. Here’s a sampling:

Work that has purpose and meaning
To stay part of something special
Personal contributions that make a difference
Gifted and talented co-workers
Irreplaceable culture
Challenge and excitement
Benefits, incentives, and compensation
Career development
Great relationships with leadership
Work-life balance

A New Traeger Grill and Gifts from a Brit

Having reached 15 years with Ivanti, I qualified for the company’s benefit to find something on Amazon valued up to $1,500 (gift-amount values are also associated with 5, 10, 20, and 25 years of service). After some searching, I landed on a Traeger Ironwood 885 barbecue grill/smoker. LeeLa Smith in HR ordered and paid for it and Amazon shipped it to my home. I attached the legs, shelf, handle, and other components and have already used it several times, learning and grilling “on the job”.

I had mentioned my Traeger grill selection to Ivanti’s VP of Marketing, Melanie Karunaratne in the UK, whom I currently report to, in our weekly 1:1 call. Then, lo and behold, within a couple of weeks of the grill delivery I received from Melanie a Chicken Throne (to roast/smoke a whole chicken) and a Rib Rack, with a very kind note with work-anniversary and birthday well wishes (my 66^th birthday was August 16), and appreciation for our association over the past 12 years.

The Pilgrims of Plymouth in 1621 didn’t have roasted bird for their Thanksgiving, but we’ll grill and enjoy such this November. Thank you, Ivanti. And thank you, Melanie.

Continuous Vulnerability Management Is a Must

Thu, 28 May 2020 17:24:19 Z

Face it. Your IT systems may be secure today, but what about next week? Granted, as stated by the Center for Internet Security (CIS), you and your team members must operate in a constant stream of new information—software updates, patches, security advisories, threat bulletins, and more. But as you know, attackers have access to the same information and can leverage gaps between the onset of new knowledge and remediation.

A threat actor may discover and exploit a critical vulnerability in your environment. You’re on the clock when it comes to patching your systems, and risks increase before a patch is available. And once it is, the longer it takes to patch the more vulnerable you are to potential exploits.

If you don’t treat vulnerability management as an ongoing process, your infrastructure is exposed because hackers can find, weaponize, deploy, and attack it faster than your team can patch the vulnerability.

CIS Basic Control #3: Continuous Vulnerability Management

The first six of 20 CIS controls—known as the basic controls—provide essential cyber hygiene. The first two of those basic controls are the inventory and control of hardware assets and software assets, respectively. The third control is continuous vulnerability management. It’s described by CIS as the effort to “continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunities for attackers.”

Without question, continuous vulnerability management should be part of every organization’s security practice, yet the time and manual work involved from when a vulnerability is first identified to when a software update deploys is challenging.

For example, how many days does it take your IT team to map Common Vulnerabilities and Exposures (CVEs) to patches, then research, test, and roll out patches? And how do you prioritize them? Researching known issues from blog posts, vendor documentation, and other sources to determine the reliability of patch updates is yet another time-consuming activity. Prioritizing patches can also increase risk if pushing out critical patches is the current rule of thumb rather than those that are actively exploited. Deciding which patches to prioritize, test, and roll out can extend the vulnerability management process.

Improve the Experience of Continuous Vulnerability Management

Security solutions from Ivanti streamline the process from identifying, classifying, and addressing vulnerabilities to avoid threat actors exploiting gaps between security vulnerability reports and remediation. Your IT team will no longer spend hours manually working through scan reports provided by the security team to translate CVEs into software updates.

Deduplicating and researching CVEs to figure out what needs to be done to resolve each vulnerability can take anywhere from five to eight hours each time your team performs the process. Since most exploits happen within 14 to 28 days of updates being made available, every day of delay leaves attackers more time to gain a foothold.

Using an automated CVE-to-patch import capability in Ivanti patch solutions, you can streamline the process from hours to minutes. Whether you’re using vulnerability assessments from Rapid 7, Tenable, Qualys, BeyondTrust, or another vendor, Ivanti solutions map the patches that relate to those CVEs and build a patch list of updates that you can quickly approve or publish for remediation in your environment. Meanwhile, you’ll improve the experience of your IT teams who previously struggled to make sense of security reports under time pressure.

Without Ivanti, deciding which patches to prioritize, test, and roll out can extend the process. With Ivanti, you can also take advantage of our Patch Intelligence tool that combines patch data from Ivanti’s third-party patching catalog with patch reliability and security metrics. You can:

Optimize the rollout of important updates by gaining insights that would take time and effort to discover otherwise.
Gain visibility into issues reported by the vendor for a patch or a group of patches, or identified by Ivanti in bulletin information located with associated CVEs and patches.
Extend insight into the issues experienced across Ivanti customers through anonymized peer data that reports back whether customers had to roll back the patch.
Determine reliability of updates and the confidence level in rolling out quickly.
Identify patches that will require more testing, fast-track patches that have a high probability of success, and help prioritize testing and what can be deployed immediately based on threat scores and reliability ratings and roll out to optimize patch cycles.

Whether you’re patching endpoints with Ivanti Patch for SCCM, Ivanti Patch for Endpoint Manager, or are patching the data center with Ivanti security solutions, you’ll improve the experience and productivity of IT teams that previously spent many hours researching, deduplicating, and preparing a patch group of updates manually.

View our new infographic and see how fast you could be exploited without continuous vulnerability management.

Now Working from Home? Smart Tips to Stay Productive

Tue, 12 May 2020 21:53:56 Z

With more and more people encouraged or required to work from home these days, we reached out to some of our remote-work veterans for their insights on staying productive within their domestic domiciles.

Q: What are your essential tools for communication, collaboration, and outreach (phone, email, Teams, WebEx, etc.)

Brandon Black, Vice President and GM of Supply Chain: Staying connected with your team and customers alike is essential when working from home. Using a combination of phone, email, and Teams/WebEx is not only critical to the day-to-day operations of all facets of our business, but being more dependent on these tools quickly ramps your skills.

David Martinez, Product Marketing Manager for the Ivanti Service Manager solution: Lots of email, instant messaging, conferencing tools, and calls. I still prefer phone calls—talking to someone in real time. But make sure to test your remote conferencing tools if you need to host or participate in webinars.

David Murray, Director of Product Management, serves within Ivanti’s newly-formed Independent Business Unit (IBU): Most important is having good-quality broadband. I had to upgrade to fiber broadband, so it was a bit difficult at first until I got that sorted. I tend to use video on calls as much as possible given that I’m remote. So much of communication is non-verbal, so that helps me feel like I’m part of the team as opposed to being remote. I use 4G mobile as backup in the event broadband fails, which it occasionally can do. I can then use my mobile phone as a hotspot for my laptop. The most serious incident was when a truck managed to cut through the broadband cable taking out the whole neighborhood for about a week! That was fun.

Other than that it is really the same tools as when I worked in the office. I tend to use a headset, which is a habit from my years of office working. I really don’t need others to know that I’m at home, but I don’t want audio quality to be an issue for when I’m communicating with people. I think a headset helps with that.

Kate Borsheim, Sr. Director, Global Customer Engagement: When it comes to critical tools for communication, collaboration, and outreach, the obvious stand out: phone, chat, email, Webex, Teams, etc. My favorite tool is Samepage. Tools themselves will not guarantee effective communication, but how you approach and implement their use will.

Rob DeStefano, Senior Product Marketing Manager: 1. Mobile phone (and A/C charger); I’m able to use for calls, conferencing apps, and two-factor authentication of company apps; 2. Bluetooth headset (because…kids); 3. Email and Teams for messaging.

Q: Key learnings: What “rules or guidelines of productivity” have you set for yourself (conducive home office set-up; lighting/windows; room temperature, music, rest/rejuvenation) that have worked well for you?

Brandon Black: Have a place in your home that you designate for work. I start my day the same whether I’m going to the office or working from home. I get a solid breakfast in my belly and then get after it. The challenge that I have working from home is time management. Staying focused isn’t a problem but knowing when to turn it off is a struggle. With global responsibilities, my day starts bright and early, and I’m constantly still at it deep into the evening hours. Keep yourself in check and remember that a work/life balance is very important.

David Martinez: Have a good working spot or spots; have a comfortable chair at your main spot but also remember to get up and stretch often. Definitely have good light and a view outside if you can. Make sure you can close the door for some privacy when needed. Use your earphones if you need to ‘tune out’ outside noises. Also schedule time to be nice to yourself—for me that’s going for a walk or having lunch or coffee with friends or family. With the current situation, I’m making more calls to reach out to friends.

David Murray: If your environment doesn’t feel right, it is hard to be productive. I invested in a sit/stand desk just to mix it up a bit so that I’m not sitting at the desk for hours on end. It took a bit of time to get my “set-up” right so that I could be productive—monitor and laptop risers to get everything to a comfortable height, storage space to eliminate clutter.

In the winter months I like to break my day up a bit. For the normal office worker in the winter time it is dark when they are going into the office and dark when leave for home. I use remote working to my advantage. Ireland’s weather can be very unpredictable so, if the sun is shining in the middle of the day, I’ll take an hour off and bring the dogs for a walk or go for a spin on my bike. It makes the long winter months a lot more bearable, and that flexibility is a real plus for working from home. It is important to get out of the house at some stage. It can be very easy for a day to go by where you don’t go out your front door otherwise, and that’s not good for your mental and physical health.

I tend to have a lot of meetings so I don’t really find a sense of isolation, but sometimes my mornings can be pretty quiet, so I’ll put some low-level music on in the background to keep me sane. Marty in the Morning tends to be my guilty pleasure—easy-listening background music with occasional dad jokes.

Evan Riddle, Sales Engineer: I need to have a routine, so I start my day at the same time each day. My home office setup is away from the family, so it feels as if I left when I begin working.

James Link, Technical Architect for Unified Endpoint Management: I block off time in my calendar with reminders to keep projects / admin work on track without letting things pile up.

Jared Richardson, Senior Marketing Content Manager: Have a home office or a space with minimal distractions. Bring everything you need for the day—coffee, water, snacks. Keep a little mini-fridge stocked. Music is a definite plus but keep the TV out of your office unless it’s essential.

Invest in a good-quality office chair. I bought mine from a corporate auction when a local business folded. They had $2,000 chairs for $100. Also, a desk that lowers/raises is an awesome investment. I got one at IKEA for fairly cheap.

If you video conference, be aware of windows and select a nice background. Use your windows or a lamp as a ‘key light’, where the light hits your face. It makes you look more attractive compared to being backlight like you’re in the witness protection program. Neat bookshelves or accent walls make great backdrops.

Kate Borsheim: We’ve all grown up knowing that “sharing is caring.” To be an efficient and effective remote worker and remote team manager, you must adopt a transparent, self-service mentality/practice. You need to architect a way to publish information and projects you’re working on. Doing so provides others the information they may need, without having to track you down to find it. As a manager, I could gain insight into the details of projects, programs, and events my team members were working on, without micro-managing or bugging them with update requests. Our practice of publishing our project details also let our team step in for one another in case of family emergencies, sick days, travel delays, and holidays. We all played a part in architecting our collaboration tool in a way that allowed us to work far more efficiently than we ever had before.

Kimberly Little, Territory Manager, Mid-Atlantic & Chesapeake Region: Find a place, preferably an enclosed space or “office” that allows you the option to close the door when you leave at the end of the day, or if there is some disruption or noise in the home.

Rob DeStefano: Work in a dedicated space: If you don’t have a true home office to work in, work in the same place every day. It will become familiar and you’ll settle in. As for background noise, it’s my Sonos and music-streaming services. You want some white noise that prevents distraction. For me, music serves that purpose while inspiring creativity.

Ron Kirkland, Senior Sales Engineer: Keep as many blinds, drapes, etc. open for as much natural lighting into your office as possible. Also, get up! Don’t sit all day or for extremely long stretches. I have a stand/sit desk and stand for about one-fourth of my office time. I also have a chair that forces repositioning. The HAG chairs promote movement, sitting sideways, backwards, etc.

Q: Do’s and Don’ts: What do you do to limit distractions during working hours?

Brandon Black: First, understand and accept that there will be distractions. Narrow your focus to the task in front of you. Treat every day like it’s your business and you’re responsible for payroll!

David Martinez: Make your to-do list for the day and refer to it. Close the door if you want to let the rest of the household know you shouldn’t be disturbed. Set specific times to check personal email and such but mind the temptation to keep clicking away.

David Murray: Do’s: Have a dedicated office space so that when you’re at work, you are at work!- Stay away from the kitchen—have a plan for when to take breaks. Have a plan for work. I’m pretty old school and have a handwritten To Do list. Being able to cross stuff off as I go through the day is really satisfying. Other than that, the volume of work to be done usually means there really isn’t much time for distractions if I want to get finished at a reasonable hour.

Don’ts: Don’t forget to plan lunch. There is no canteen or food truck outside my door, so you need to be a bit more organized when it comes to food. Otherwise that can become a big distraction. Also, try and stay away from email. The “Work Offline” option is great to just turn it off for a while whether you are working remotely or in the office and helps you focus on completing tasks without interruption.

Evan Riddle: I create a to-do list and take breaks like walking my dog.

James Link: Avoid bookmarking news as your home page or social media notifications on your phone.

Jared Richardson: Like I said above, no TV. Try not to do chores. Even throwing in a load of laundry can be detrimental if you’re easily distracted. Make sure to take purposeful breaks. Walk outside for 15 minutes, stretch, eat.

One other thing, working from home can be lonely. There’s zero socialization for most of us. Coming from a loud and active television newsroom, I wasn’t prepared for the stillness. Sometimes if I have to ask a colleague a question, I will call them instead of a Teams chat—not all the time—but only when I anticipate a quiet day.

Kate Borsheim: Keys to limiting distractions are creating a routine that works best for you and understanding how people prefer to communicate. Build an environment where you can focus and function. Be sure to share with those you normally engage with daily how you prefer to communicate (chat, phone, email, text), and also note how they prefer to be communicated with. Adapt your collaboration with them in a way that’s conducive to you both. Not doing so opens the door for people to distract you unknowingly and vice versa.

Kimberly Little: I’ve found that the distractions are really minimal if you just stay focused on the work at hand. That’s really it. You’re either committed or you’re not and potential distractions don’t exist when you’re focused on a particular plan and outcome. Also, I discovered early in my career that I tend to work much longer hours from home than I ever did in an office. For example, you wake up in the middle of the night with an idea and move to your office to take care of it. Or maybe a revelation regarding something you’re working on that prompts a need to return to the office to complete. It’s both convenient and productive.

Rob DeStefano: Aside from music, I shut the home office door if anyone is home. One of the benefits of working from home is the focus that can be difficult when we sit at our office desks. Don’t eat while on a call. You may think you’re on mute, but you’re not. And tortilla chips aren’t a proper lunch.

Ron Kirkland: When in your office on a Webex or call, close your door. Also, know when ‘enough is enough’. Answering emails, planning demos, building use cases, testing your kit, researching competition, etc. all takes time. Most of the heavy lifting should be done during office hours, but other chained tasks, follow ups, and requests answered from prospects can take a lot of time, and drift into evening and weekend work. I think it’s just the way things are nowadays but be aware and know when and what can be put into the next working day.

Try to eat lunch or breakfast-type meals outside of your office. Snacks in the office are OK.

If possible, let the family know not to disturb you when you’re in a meeting. If my daughter has something ‘urgent’ she may ‘ring my door bell’ to get my attention and I’ll gesture back how many minutes I’ll be before I can answer. If it’s an emergency, she knows she can just come in.

A Day in the Life of IT is Anything but Ordinary: Industry Predictions for 2020 and Beyond

Thu, 23 Jan 2020 17:37:00 Z

Did you happen to catch the important news unveiled in Ivanti’s January 7 press release? Ivanti enters the next decade with an augmented leadership team. Jim Schaper, Ivanti’s current Chairman of the Board, has been appointed Chief Executive Officer, and the company’s longtime CEO Steve Daly has retired but will continue to serve as a Board Member. You can learn more about the new Ivanti leadership team in one of our recent blog posts.

We Also Have Other Seasoned Industry Gurus Sharing Their Predictions for 2020 and Beyond

These key appointments add deep industry expertise and guidance as Ivanti continues to help customers succeed through the power of unified IT. By the same token, we’re also blessed with well-respected technology thought leaders who can offer keen insights into what the future holds for the IT industry in the years ahead.

This week, we’ve posted three other blogs highlighting predictions for the future of IT around security, AI and automation, and ITxM. For our final day of IT predictions, we wanted to dive into our experts’ thoughts around how IT as a whole will change over the next decade and how that will impact your day-to-day as an IT professional. We asked a variety of experts from our Chief Technology Innovation Officer to our Product Managers to a Senior Director of IT for their crystal-ball predictions.

Bob Janssen, Chief Technology Innovation Officer; Ivanti

UX Becomes the DX Priority: Moving into 2020, user experience (UX) becomes the priority of IT digital transformation (DX) within the DX context of people, process, and technology. IT’s primary mission? Enabling and empowering people—with process and technology following it. IT will focus most on how to delight and inspire users and customers through elegant, intuitive technology that makes them more productive and effective. This move to “humanize” IT will unroot traditional IT processes and force a more organic and real-time approach to technology service delivery that eliminates department silos and further embeds innovative IT organizations into the business.
Shadow IT Steps into the Light: The challenge and risk of shadow IT will be eliminated in 2020 as organizations adopt new technologies that provide real-time insight into IT devices, services, and applications, as well as the workers that use them. Real-time visibility that’s proactive, predictive, and productive across organizations and geographies will enable IT to see everything that’s going on while being able to act immediately on issues that may affect the security, health, and productivity of user devices and the business.
There’s No More “Dev” and “Ops” in DevOps: By the end of 2020, the concept of DevOps or DevSecOps will start to become outmoded, with IT silos being a thing of the past. It will no longer be desirable that Dev, Ops, and Security teams collaborate; they’ll simply be one, united team with extreme ownership over IT outcomes.

Rex McMillan, Product Manager; Ivanti

IT Enables the Four-Day Work Week: With an increased focus on user experience and automation, IT will enable greater productivity and performance of the business and its users—who’ll be able to accomplish more with less time and effort. That may help many organizations realize a goal of offering four-day work weeks for a new generation of Millennial, Gen Y, and Gen Z workers who are shifting the concept of work from a “place” to a “thing” where productivity is measured by outcome rather than the hours worked.
Managed Services Becomes a Commodity: New technologies that provide real-time visibility across cloud services and infrastructure will enable organizations to remain cloud-agnostic. Consequently, managed services providers will need to demonstrate incremental value as a commodity product. Insight into cloud usage and costs, along with automation and orchestration of workload processes, will free organizations from cloud lock-in while taking optimal advantage of lower cloud costs, scalability, and agility. With a more proactive view into SaaS outcomes and activity, organizations will achieve a portable and future-proofed environment.

Mark McGinn, Managing Director at Marxtar, a Certified Ivanti One Partner

Social Media Will Overtake Traditional Communication of Email and SMS by 2025: Research shows that the mass notification market is growing rapidly. With a more mobile and flexible workforce, efficient working practices, and a desire for immediate communication, companies will migrate to more open and widespread communication models.
By 2025, Organizations Will Be Searching for a More Targeted Communication: With the growth in social media, email, TV, and radio outlets that creates “too much noise,” miscommunication, and fake news, end users will increasingly ignore these communication channels of businesses. As a result, companies will be looking for a guaranteed communication system that people will trust and pay attention to.

Mihai Rosca, Product Manager; Ivanti

IDaaS Will Take Hold: Identity-as-a-Service (IDaaS) solutions will gradually replace existing on-prem environments in 2020, reaching more than 20% of environments (double the number of implementations that exist today). This will be driven by the increased scalability and security of the cloud while enabling costs to shift to an operational model, which will provide organizations with predictable expense patterns and eliminate risks, difficulty, and the costs of the IAM on-premise infrastructure. The greatest movement to IDaaS solutions will be initially with small- and medium-sized companies, with larger organizations moving more slowly due to size and the need to touch multiple decision-making points more broadly throughout the organization.

Adam Jones, Senior Director of IT; Ivanti

2020 will be the Year of Developing Workers to Fill Skills Gaps: As competition for IT talent grows and demand continues to outpace supply in 2020, IT organizations will look internally to develop workers to fill skill gaps. We’ll witness internal investment in existing staff more than ever before, and retaining these resources will be a top organizational challenge.
2022 Is the End of the Password: Our identity will—reliably and consistently—be our own faces or other bios. Organizations will abandon passwords and embrace a whole host of new challenges.
By 2030, Bring Your Own Identity Will Be the Norm: As the gig economy booms, “bring your own identity” will be the norm. Workers will own their information and federate with the companies during the length of each gig.

You can see all of our expert predictions for a new decade of IT in our new infographic. The infographic includes predictions surrounding AI, ITxM, and security.

Predictions about AI & IT Aren’t Jokes, So We Added Some

Wed, 22 Jan 2020 13:01:00 Z

I’m the least qualified to ever opine on the impact of artificial intelligence (AI) on the IT industry. That’s why we invited well-respected industry thought leaders at Ivanti and Lynx Technology Partners to chime in on what the future holds for AI in IT in 2020 and beyond. You’ll find their predictions farther down.

But first, a few jokes.

“What do you call a cat does it take to screw in a light bulb? They could worry the banana.”
“What did the new ants say after a dog? It was a pirate.”
“Why did the monsters change a lightbulb? And a cow the cough.”
“What do you call a pastor cross the road? He take the chicken.”
“What do you call a farts of tea? He was calling the game of the dry.”

Comedy Written by AI is No Laughing Matter

In his June 8, 2018 article for IFLScience titled “AI’s Attempts At One-Liner Jokes Are Unintentionally Hilarious,” writer Tom Hale reported on neural network scientist Janelle Shane and her efforts to train a next-generation neural network to write one-liner jokes. “The results are so unbelievably unfunny, they are hilarious,” writes Hale. “(Shane) started by plugging in a dataset of over 43,000 jokes that use the basic structure of “What do you call a something that somethings?” or “How do you something a something?” In theory, the neural network would learn the structure and relevant content of the jokes, meaning it could create some gags of its own. However, just as numerous projects like this have shown, they can’t seem to get a grip on our sense of humor.”

As published in the Los Angeles Times on April 1, 2019, Seth Borenstein of the Associated Press says, “Alexa and Siri can tell jokes mined from a humor database, but they don’t get them. Linguists and computer scientists say this is something to consider: Humor is what makes humans special. When people try to teach machines what’s funny, the results are at times laughable but not in the intended way.”

Borentein then quotes Kiki Hempelmann, a computational linguist who studies humor at Texas A&M University-Commerce. “Artificial intelligence will never get jokes like humans do. In themselves, they have no need for humor. They miss completely context.”

Our Experts Don’t Miss the Context of AI in IT

The industry predictions below were kindly contributed by these AI and automation gurus:

Ian Aitchison, Senior Product Director at Ivanti
Mihai Rosca, Product Manager at Ivanti
Rex McMillan, Product Manager at Ivanti
Aric K. Perminter, Founder and Chairman at Lynx Technology Partners, a Certified Ivanti One Partner
Melanie Karunaratne, Director of Product Marketing at Ivanti
Marcel Shaw, Federal Sales Engineer at Ivanti

Ian Aitchison, Senior Product Director at Ivanti

By 2025, Strategic Planning AIs will Guide the Business: The first new Strategic Planning AIs will guide total business strategy leadership, effectively operating as an executive board-level decision assistant.

Mihai Rosca, Product Manager at Ivanti

Machine Learning Will Mature Faster than We Imagine: Already, processes that use machine learning rather than human control are considered typical or natural. Take for example a new program written by a developer that leaves it to the software to identify the system that will execute particular processes based on advanced analytics—in the cloud for instance. Into 2020 we’ll see more and more systems that test and monitor themselves to enhance business processes and software delivery. As test automation evolves, we’ll witness an exponential increase in the use of automated scripts and patterns that can then be read and used to predict the impact of committed code on production environments.
Automation and Orchestration Will Come to Life: In the context of economic uncertainty throughout most of 2019, 2020 will create even greater leadership opportunities for CIOs as they focus on improving ways to deliver more with less. As IT automation becomes more widespread, there will also be a push towards the orchestration of information, systems, and business transformation. This automation-orchestration combination will empower CIOs to do more with less more efficiently and improve IT’s value within the organization.

Rex McMillan, Product Manager at Ivanti

By 2023, It Will Be the Time of AI: We will be the time of AI; it will be ubiquitous in the enterprise. When done correctly, people will not even realize when AI is being used.
By 2025, AI Experts will be Embedded in Every Department: There will be AI experts embedded in finance, sales, and IT departments. CIOs will have created the Office of AI and Machine Learning. This office will have increased C-suite visibility. Departments like marketing, sales, and finance will rely increasingly on this department to gain insight about their respective responsibilities.

Aric K. Perminter, Founder and Chairman at Lynx Technology Partners, a Certified Ivanti One Partner

In 2020, Hackers and Responders will Both Use AI: AI will continue to shape and change security. AI will be a big help in speeding response to attacks, but hackers are using the same technology and techniques to exploit vulnerabilities. In 2020, we will see who can stay in the lead.

Melanie Karunaratne, Director of Product Marketing

In 2020, Security Teams Embrace Automation and AI: The continued shortage of cybersecurity professionals needed to fill vacancies will lead to accelerated adoption of automation and AI for cyber hygiene and decision support to counter the skill gap and free up personnel.
In 2021, AI will go Mainstream: Service management organizations will take AI and Machine Learning out of innovation labs and into mainstream workflow projects.

Marcel Shaw, Federal Sales Engineer at Ivanti

AI Will Manage ITAM Solutions: By 2035, ITAM solutions will be managed by AI technology without the need for human intervention. With 8.8 billion people on earth averaging 16 connected devices per person, ITAM will require non-human asset managers powered by AI to keep up with asset management demands.

You can see all of our expert predictions for a new decade of IT in our new infographic. The infographic includes more AI predictions, others around ITxM and security, and changes to your day-to-day job.

2020 ITxM Predictions: A Transfusion of Expert Insight

Tue, 21 Jan 2020 13:01:00 Z

Quick question. What does ITxM mean to you? Well, a Google search leads immediately to scores of results pertaining to the essential, life-saving industry of transfusion medicine and the donation, storage, and distribution of blood products. But what does ITxM mean within the context of enterprise IT network environments? Well, it’s all about improving an organization’s capabilities within the areas of IT asset, IT service, and IT security management systematically. And toss in IT identity management as well.

Here’s the thing. Asset, service, security, and identity management encompass overlapping IT initiatives. Unifying IT includes discovering where these roads meet and charting the steps to boost efficiencies and reduce duplicate efforts. Unifying IT isn’t about getting two or more departments to work together more collaboratively. It’s about leveraging practices and tools to track asset lifecycles, improve service levels, manage identities and levels of access, and safeguard your IT investments and sensitive information.

Transferring IT Insight: Experts Share Their Predictions for 2020 and Beyond

The ITxM industry is one of those that is constantly changing. In the past decade, we saw IT innovations that few people could have accurately predicted. Looking forward, our team at Ivanti couldn’t help but wonder what the future holds for ITxM in the upcoming decade. We asked various ITxM experts to share their predictions for 2020 and beyond. The industry predictions below were kindly contributed by these ITxM-savvy gurus:

Rory Canavan, CEO of SAM Charter, an internationally recognized consultancy in enterprise-wide Software and IT Asset Management
Melanie Karunaratne, Director of Product Marketing at Ivanti
Rich Gibbons, Microsoft Licensing Analyst, The ITAM Review
Marcel Shaw, Federal Sales Engineer at Ivanti

Rory Canavan, CEO of SAM Charter

More Indirect Licensing Clauses Will Come to Light: Offering users of one system access to the features and benefits of another system is an unwitting bi-product of an open API architecture, and one that makes software magnetic. Such technical achievements should be viewed as a privilege, not a right—and it’s a privilege that software vendors will be keen to exploit financially.
SAM/ITAM Wages Will Rise: The lack of new blood in the SAM/ITAM industry is a worrying trend that could turn the industry into an old boys’ network—and result in a smaller field of experienced individuals demanding higher and higher wages/day rates.
SAM/ITAM Will Get More Legal in Nature: An often-overlooked element of SAM/ITAM is a comprehension of basic legal concepts around Intellectual Property and how this translates into IT operations. If we have to go toe-to-toe with software vendors around the T&Cs of contract law, then it pays to know the rules under which contract and IP law can be applied.
CCPA Will Be a Whip that Drives Better SAM/ITAM: The California Consumer Privacy Act (CCPA) is the USA’s version of EU General Data Protection Regulations (GDPR). As of 2020, notices on websites for businesses trading in California have to inform the end user of what personal data is being captured and seek permission to use that data in the manner they wish. It also seeks to inform end users of how their data might be used by third parties. Certain limits are applied to the companies under this legislation (earning more than $25 million per annum, or trading in more than 50,000 personnel records), but expect this legislation to work its way down the economic food chain, and wider across America. Why would you build two information infrastructures—one to accommodate California and another to accommodate the rest of the USA? Such an option won’t scale for enterprise in the United States.

Melanie Karunaratne, Director of Product Marketing at Ivanti

In 2021, AI Will Go Mainstream: Service management organizations will take AI and Machine Learning out of innovation labs and into mainstream workflow projects.
In 2020, Unused SaaS Subscriptions Need to Go: Eliminating unused SaaS subscriptions will be a key focus for asset-management cost optimization initiatives.
By the end of 2021, Green IT Disposal Will Be a Top Board Issue: Asset Managers will be expected to report out to the executive-level board their achievement against targets for green IT asset disposal in support of growing corporate social responsibility initiatives. The role of asset management will also have a dotted line reporting to the CISO in a bid to secure assets against increasing security incidents and breaches.

Rich Gibbons, Microsoft Licensing Analyst, The ITAM Review

Low Code/No Code Will Continue to Grow: “Low code/no code” will continue to grow, empowering users across organizations to make apps and solutions that work for them, right there and then. No more searching for a solution in the market, waiting for approval, etc.; just make it yourself and crack on. This will cause several problems: the tools used pose a variety of compliance issues with their own licensing; connecting into other enterprise software will open up more indirect-access compliance issues; it will make an organization’s software portfolio messy and hard to manage; and will make data regulation compliance (like GDPR and the new California regulations) much more difficult.
Cloud Audits and Audits from Tier 2 Vendors Will Become More Common: Cloud audits will start to become more common—that is, vendors auditing across public cloud environments like AWS and Azure, as well as auditing against SaaS app usage. We’ll also see a rise in audits from Tier 2 vendors like Quest, Micro Focus, etc.
Organizations Will Begin to Look at Cost-Waste in the Cloud: Cloud economics, cost management, and FinOps will continue to grow in importance as organizations keep wasting big money in the Cloud. ITAM will see a growing focus on cost management alongside compliance.
Partners Will Be Less Common with Tier 1 Vendors: Tier 1 vendors will take more business direct rather than via partners.

Marcel Shaw, Federal Sales Engineer at Ivanti

AI Will Manage ITAM Solutions: By 2035, ITAM solutions will be managed by AI technology without the need for human intervention. With 8.8 billion people on earth averaging 16 connected devices per person, ITAM will require non-human asset managers powered by AI to keep up with asset management demands.

You can see all of our expert predictions for a new decade of IT in our new infographic. The infographic includes more ITxM predictions and others around security and changes to your day-to-day job.

IT Security: Thought Leaders’ Predictions for 2020

Mon, 20 Jan 2020 13:01:00 Z

Chris Goettl is many things to many people. Family man. Homebrewer. PC gamer. Hockey player. And IT security guru and thought leader. As Director of Product Management, Security, at Ivanti, Chris is a highly sought-after expert for his insights into how organizations can strengthen their enterprise IT security in an increasingly demanding environment.

Chris hosts a monthly webinar focusing on Patch Tuesday and security vulnerabilities, and frequently blogs about security topics. Chris’ commentary has been published in notable security news sources like SC Magazine, Redmond Magazine, ComputerWorld, Threatpost, Help Net Security, and others.

He and other noted authorities recently shared their security-related predictions on what 2020 has in store. Here’s a peek into Chris’s crystal ball:

Chris Goettl

Windows 7 Will Remain a Security Target, Even After its End of Life: Our research shows that 39% of IT professionals report they won’t be completed with Windows 10 migration projects by January 14, 2020—the Windows 7 end-of-life date. That means Windows 7 and Server 2008\2008 R2 will continue to be common targets in 2020 for threat actors who are counting on the fact that these operating systems will still be very prevalent and exposed.
Companies Move Toward Real-Time Security Response: While security threats continue to increase and malware becomes more sophisticated, the attack tactics have remained the same for 20 years. In 2020, companies will still be defeated by a lack of basic cyber hygiene. However, by 2021 companies will take a hard line with known exploited vulnerabilities and move toward real-time response to remediate threats in hours instead of months or weeks. To achieve this, companies will place risk mitigation before operational impact when it comes to these known threats. Concerning this basic lack of cyber hygiene, patching continues to play a critical role in protecting the enterprise IT environment.

And within the context of reducing the gap between working out which patches resolve which CVE’s and then deploying those to the devices that need them, Ivanti’s Andrew Souter, Area Vice President of Sales Engineering in Sydney, Australia, writes: “Two of Ivanti’s patching solutions—Ivanti Security Controls and Ivanti Patch for Endpoint Manager—feature a unique ‘CVE to Patch’ capability that lets you import a CVE list from any third-party vulnerability scanning tool. It then converts that automatically into a list of applicable patches ready to download and deploy. This feature alone can save your operations teams hundreds of hours spent researching CVE’s. It helps you deploy patches to your devices faster and reduces that 120-day patch gap to a matter of hours."

Executives at Lynx Technology Partners Share Their Predictions

The following predictions were shared by three security-savvy executives at Lynx Technology Partners, a Certified Ivanti One Partner: Mike Brown, Vice President of Security Engineering; Aric K. Perminter, Founder and Chairman; and Doug Yarabinetz, CMO.

Mike Brown

In 2020, Social Engineering Will Continue to Grow: Social engineering will continue to be the largest area for cybersecurity attacks. It will continue to be the most utilized form for breaches. There will also be more sophisticated phishing campaigns, backed by ransomware requests, targeted at large companies. We will also see a large increase in SMishing as more and more confidential and personal data resides on cell phones.

Aric Perminter

In 2020, Hackers and Responders Will Both Use AI: AI will continue to shape and change security. AI will be a big help in speeding response to attacks, but hackers are using the same technology and techniques to exploit vulnerabilities. In 2020, we will see who can stay in the lead.
In 2020, Mergers and Acquisitions Will Grow in the Security Space: Last year, we saw records broken with increased merger and acquisition activity within the security sector. This will continue in 2020 as new and emerging technology vendors are acquired by the big boys.

Doug Yarabinetz

In 2020, Integrated Risk Management Will Be a Focus as Organizations Evolve: The growing threat of attacks casts a big shadow over business financials, reputation, and overall viability creating a need for aligning security priorities with the overall corporate vision and goals to protect critical digital assets and systems. Integrated Risk Management (IRM) allows organizations to make better informed, more strategic business decisions. Every organization needs to continue to evolve in how they approach risk. 2020 will see more and more CEOs expecting their risk management strategy to align with organizational goals and objectives. IRM will become a focus for tying programs and activities to something meaningful for the business.

Ivanti’s Adam Jones and Melanie Karunaratne Weigh In

Adam Jones serves at Senior Director of IT within Ivanti’s corporate IT department, and Melanie Karunaratne is Director of Product Marketing located in Ivanti’s Bracknell, UK office. Here are their predictions on the topic of security:

Adam Jones

Zero-Trust Access and Architecture Will Be the Norm: By 2025, zero-trust access and architecture will be the norm. Whether cloud-delivered or on-prem, security will no longer be determined by where you sit or what network you’re connected to.
By 2025, We Will Have Lost the War for Privacy: The War for Privacy is over. We will all surrender to the convenience and life improvements that sharing our data provides.

Melanie Karunaratne

In 2020, Security Teams Embrace Automation and AI: The continued shortage of cybersecurity professionals needed to fill vacancies will lead to accelerated adoption of automation and AI for cyber hygiene and decision support to counter the skill gap and free up personnel.
In 2020, Data Centers Will Be Targeted: As organizations fail to meet their Windows 10 migration target dates, systems will remain vulnerable to attack. A number of high-profile attacks will take place in data centers as a direct result of the end-of-life support of Microsoft Windows Server 2008.

You can view more security predictions as well as predictions around service management, asset management, and the general future of IT in our new infographic.

Celebrating 20 Years of Service: Ivanti Employees Reveal Why They've Stayed

Tue, 07 Jan 2020 22:25:15 Z

"If only I’d spent more time at the office" isn’t a common deathbed utterance for sure. But on the flipside, there are plenty of reasons why people stay devoted to their jobs and employers for years—even decades. What’s the secret to long-term worker loyalty? It’s a whole load of factors. Here’s a sampling:

Work that has purpose and meaning
To stay part of something special
Personal contributions that make a difference
Gifted and talented co-workers
Irreplaceable culture
Challenge and excitement
Benefits, incentives, and compensation
Career development
Great relationships with leadership
Work-life balance

Among the Ivanti employees recognized recently for achieving the milestone of 20 years of service are (left to right):

Kevin Smith, Senior Channel Sales Manager (Toronto, Canada)
Bari Carney, Senior Renewal Account Manager (Rutherford, New Jersey)
Paul Petersen, Vice President, Corporate Strategy and Sales Channel Enablement (Chicago, Illinois)
Deanne Benn, Corporate Paralegal (Colorado Springs, Colorado)
Gary Wang, Senior Sales Engineer (Sydney, Australia)

To learn a little more about why they’ve “stayed so long,” we sent them some questions and requested their responses:

Q: Twenty years is a long time to be with one company. What is it about Ivanti that has made you stay?

Kevin Smith: As a channel manager, I always found the opportunity to work with our partners very rewarding. Every day provides new and different challenges, and working in a team environment makes my job feel like I am part of a team. I have also been blessed to have strong mentors guiding me over the years.

Bari Carney: I came to Ivanti via Landesk and the Touchpaper acquisition at the end of 2008. I’ve been lucky to be part of hard-working teams throughout my time with Ivanti and I love the people I work with. I am currently part of the Renewals Team and have been since it was formed back in 2011. It has been great to be part of something from the start and I love seeing how successful we have become. My manager motivates me to help achieve our goals and makes me feel I am a valued team member. I am a remote employee and Ivanti helps me to have a manageable work/home-life balance. All of this makes a world of difference and makes me want to stay with Ivanti.

Paul Petersen: I wanted to manage a branded product and be involved in all aspects of the business: focus on revenue is primary so sales is my focus—but I plan marketing as well as product development. Ivanti allows for individuals to take action in their area. I love the support my team gets while we focus on generating sales and a better product.

Deanne Benn: Most importantly, there have always been very wonderful people to work with. I also enjoy the variety of work there is in a software company. There is a prestige being in the tech field, and for me, there has always been better compensation than in other fields.

Gary Wang: Without a doubt, it’s the people and the culture. I’ve had regular catch-ups with many of my ex-colleagues over the years and every time we get together, we reminisce about the great times we had working together. Since they left, none have ever been able to find a similar culture. If anyone does think about leaving, I ask them the same question: Sure, the grass may look greener, but what are the people like?

Q: What are three words that best describe the Ivanti culture?

Kevin Smith: Teamwork, respect, growth.

Bari Carney: Teamwork, rewarding, challenging.

Paul Petersen: Responsive, accountable, engaged.

Deanne Benn: “Work/life balance” is important to me.

Gary Wang: Passionate, fun, camaraderie.

Q: What are some of the changes you’ve seen since you started with the company?

Kevin Smith: The biggest change has been the market in which I serve. When I started with GoldMine (later FrontRange, then HEAT, then Ivanti), the CRM market had only a handful of players; today that market has exploded with hundreds of vendors all competing for a mature and savvy customer base. Another major change is how technology changes the way we sell. In my early days at the company, we spent a good part of our days dressed in suits visiting prospects in face-to face-meetings. Today’s culture is much different—face-to-face boardroom meetings have been replaced with web meetings and business attire is much more casual.

Bari Carney: As mentioned, I came to Ivanti via Landesk and the Touchpaper acquisition at the end of 2008. Landesk was an Avocent-owned company. Avocent was purchased by Emerson, which then spun off Landesk, and Landesk in turn was purchased by Thoma Bravo. More recently we were purchased by Clearlake Capital and merged with HEAT and rebranded to became Ivanti. That’s a lot of change over the last 10 years. When we were purchased by Thoma Bravo there was a focus on renewals and the team was created. I like working with existing customers and this has been a great fit for me.

Paul Petersen: This will seem obvious, but the big change was the internet and mobility. Twenty years ago I used Netscape, Yahoo, a Palm VII, and Blackberry—brands that have all but disappeared. The internet changed the way apps are developed and how people use applications—moving from server-based to the cloud. Faster access, lower admin, cool user interfaces.

Deanne Benn: There have been many different company combinations through acquisitions and mergers large and small over the years, but today’s Ivanti is the biggest by far, and with the largest product offering. It seems that we are poised for still greater things.

Gary Wang: I come from the HEAT side of the business and when I first started, it was during the merger between GoldMine and Bendata. The organization has since changed its name from GoldMine, to FrontRange Solutions, to HEAT Software, and now Ivanti. The organization has also grown significantly. In Australia itself, there were less than 15 people back in 1999, and now we have just moved into our brand-new office with more than 30 employees.

Q: What has your professional journey been like to get where you are today, and how has your role changed over the years?

Kevin Smith: My professional journey at Ivanti has taken me through five company name changes and numerous senior management changes. My official role strangely enough has not changed that much other than I have greater input on product-related matters, which I really enjoy.

Bari Carney: Touchpaper was a UK-based company with a small US presence. I helped the sales team with renewals and sales quotes. I transitioned to a Sales Specialist at LANDESK and onto a Renewals Account Manager with Ivanti, achieving Senior Renewal Account Manager last year.

Paul Petersen: My goal was to work for branded companies: Symantec, WinFax, Goldmine—and we were big in retail at the start and moved more to channel partners over time. And I always found a new area to work on so moved from sales to channel management to now General Manager. I just focused on the work and was willing to take some risks and show I wanted to run it. We also had change in ownership and changes in exec staff and goals; I adapted to new corporate initiatives while working to keep sales on track without disruption.

Deanne Benn: I was the first paralegal the company had hired when I joined the legacy HEAT/Service Manager side of the business, so I have seen a legal team of varying sizes up and down over time. My team now is the largest I’ve ever worked with, but each one is a great asset and easy to get along with. Sometimes my role has concentrated on corporate and intellectual property matters, and sometimes the bulk of my work has been customer contracts and vendor set-up, but never has there been a dull moment.

Gary Wang: My history with Ivanti goes beyond the 20 years as I was a partner implementing Ivanti’s solutions since 1996. I came on board as a Professional Services Consultant, but my heart was in pre-sales. As soon as a Sales Engineering role became available, I quickly moved across and have loved it since. I get to meet different people all the time and have travelled the world. The SE role has transformed over the years, from a technical role to perhaps a magician. We don’t have a lot of time during a demo and people have short attention spans. If we don’t deliver a demo that is compelling, contextual, and entertaining, the audience will switch off and we will lose them.

Ivanti Insiders Chime in on the Importance of ITAM

Fri, 13 Dec 2019 22:24:25 Z

In the spirit of this month’s “12 Days of ITAM Awareness,” and in keeping with the mantra “What you know you have, you can manage; what you don’t know you have, manages you,” we reached out to a number of gifted IT professionals known as “Ivanti Insiders” for their responses to these three questions:

How does ITAM impact your organization?
What is your organization’s approach to IT asset management?
If your IT assets could talk, what would they say?

Their answers are insightful and entertaining. Read on.

How does ITAM impact your organization?

“It's a source of truth.” — Ivanti Insider
“We need that info and we need it today!” — Ivanti Insider
“Very important as we need to know where our machines are and what is on them.” — Josh Castleberry, Cyber Security Administrator, MDU Resources Group, Inc.
“We have no idea because we don’t do ITAM well ... yet. Who knows what we’ll learn?” — Ivanti Insider
“ITAM is about budget and fiscal responsibility. You can't manage what you don’t know about, and you can’t plan without knowing what you have.” — Ivanti Insider
“ITAM is very important as a misplaced asset can cost my company big time.” — Ivanti Insider
“Without it, we won’t know which machines have been stolen.” — Ryan Black, Systems Administrator, US Synthetic
“Compliance and security. Knowing what we have out there helps immensely when it comes to what needs upgraded/replaced.” — Ivanti Insider
“Asset management is an important part of our organization in being able to provide the best customer service, beginning with being able to handle our assets we provide to end users.” — Ivanti Insider
“We have 38 locations, so knowing where everything is could be a full-time job.” — Jason Koslowski, Senior Systems Analyst, Frandsen Financial
“It gives us the ability to track our assets, where they’ve been, and what’s been done to them. Helps a ton!” — Ivanti Insider
“We can’t manage end-to-end lifecycle without adequate ITAM resources in place.” — Ivanti Insider
“It’s critical. With close to 1,000 locations and many hundreds of mobile users, we need to know where things are.” — Ivanti Insider
“ITAM is a large part of ensuring our equipment is always operational.” — Ivanti Insider
“We need to have a better handle on our laptops in the organization!!! Device reconciliation is non-existent.” — Adam Howard, Systems Administrator, Rack Room Shoes, Inc.
“Control and budget (or budget control). We have lots of expensive assets around and not enough accountability for them.” — Daniel Cogny, Systems Developer, OPS
“Enables us to effectively secure devices when out in the field.” — Ivanti Insider
“It’s an every-day struggle to make sure all assets are accounted for and no human error accrued.” — Jim Brunetti, Cyber Security Engineer, Terumo BCT, Inc.
“It ensures we have assets on hand to fulfill requests quickly and maintain awareness of important assets.” — Ivanti Insider

What is your organization’s approach to IT asset management?

“It must be done!” — Ivanti Insider
“No clue.” — Ivanti Insider
“Manually track everything.” — Ivanti Insider
“Everything located and ready at all times.” — Ivanti Insider
“Using Ivanti and MobileIron to track devices.” — Josh Castleberry, Cyber Security Administrator, MDU Resources Group, Inc.
“Constant update check via Internal programs dedicated for this type of work.” — Ivanti Insider
“Using ITIL to register all assets and link it to all the changes/incidents, etc.” — Ivanti Insider
“It could be of great value, but not implemented yet.” — Ivanti Insider
“We should probably be better about actually doing it.” — Ryan Black, Systems Administrator, US Synthetic
“Inventory and manage the asset from the minute it comes off the pallet to when it goes out the door.” — Ivanti Insider
“Our Asset Management department scans and tags all items as they hit the loading dock. After that, each area manages their assets.” — Ivanti Insider
“It’s a buzzword, but never fully implemented, so visibility is limited and often outdated.” — Ivanti Insider
“We like to know where everything is, but we don’t like to proactively replace old hardware.” — Jason Koslowski, Senior Systems Analyst, Frandsen Financial
“Slow, incremental improvement in figuring out what’s coming in and what’s going out. So much room to improve tracking of usage.” — Ivanti Insider
“We want to know where everything is at all times so we can properly manage the device lifecycle.” — Ivanti Insider
“Ivanti Endpoint Manager with a home-grown Inventory web app that keeps history.” — Jeremy Shupick, Network Administrator, Wyoming Machinery Company
“It runs well; we know where our machines are and what users are using them for.” — David Gregory, IT Support Specialist II, US Synthetic
“It has been spreadsheets. In the process of rolling out Ivanti Endpoint Manager and asset management." — Tad Thies, DevSecOps, AutoAlert LLC

If your IT assets could talk, what would they say?

“Where am I?” — Ivanti Insider
“Don’t forget about meeeeeeee!” — Ivanti Insider
“Dang! Now they know about my software I’m not to have.” — Thomas Smith, Director, Telecom and IT Support, SCI Funeral and Cemetery Purchasing
“I’ll hide, you count to 100, and then try to find me!” — Ivanti Insider
“Quit using me for more than three years. I want to retire.” — Ivanti Insider
“Why doesn’t my user keep me connected during Patch Week?” — Josh Castleberry, Cyber Security Administrator, MDU Resources Group, Inc.
“Why haven’t I been reimaged or had my hardware upgraded since I was deployed five years ago?” — Ivanti Insider
“Here’s my number. Write it down!” — Ivanti Insider
“We are being used and maintained properly.” — Ivanti Insider
“Please track me, inventory me, and use me. I can show organization value, too!" — Ivanti Insider
“It’s so cold being left in the back-room closet.” — Ivanti Insider
“It’s so dark in this drawer. Wish someone would come visit.” — Ivanti Insider
“I have so many friends sitting on these shelves, pallets, and cabinets.” — Ivanti Insider

Top 10 Takeaways: National Cybersecurity Awareness Month

Tue, 05 Nov 2019 20:37:52 Z

It’s a done deal. The month of October is in the books—and with it the conclusion of National Cybersecurity Awareness Month. But by no means does it spell the end of Ivanti’s commitment to helping our customers around the globe continually fortify their IT security. As a quick wrap up, here are 10 key takeaways from Ivanti’s efforts to support this U.S. Department of Homeland Security public-awareness initiative:

#1. The quantity of IT security-related content packed into a single month was timely, massive, and valuable. This included more than 30 blogs from our product management experts and thought leaders, Security Controls boot camps, a Cybersecurity Virtual Event, and more. Here’s just a sampling of the blogs that were posted throughout the month:

#2. Participants in our Security Controls Boot Camp webinars brought their toughest IT security questions to a panel of experts ready to help. In case you missed them, Ivanti’s Erica Azad provided a succinct, informative summary of each webinar in her October 23 blog post. You can still access these webinars:

#3. In the October 17 webinar above, co-presenter David Murray said: “Understanding and managing vulnerabilities has become a continuous activity requiring significant time, attention and resources. Attackers have access to the same information. When researchers report new vulnerabilities, a race starts among all parties, including attackers, vendors, and defenders. Organizations that do not scan for vulnerabilities and proactively address discovered flaws, face a significant likelihood of having their computer systems compromised.”

#4. The Wednesday, October 9 “Patch Tuesday” webinar, where security experts recapped the Microsoft and third-party security patches released on Patch Tuesday.

#5. The first-ever Cybersecurity Summit Virtual Event “Insights to Combat Today’s Evolving Threats,” that included speakers and sponsors from CrowdStrike, Morphisec, Forrester, Integral Consulting, Kenna Security, Lynx Technology, Sirius, and Ivanti. The keynote speaker of this on-demand event was Dr. Chase Cunningham, a Principal Analyst at Forrester, responsible for guiding client initiatives related to security operations center planning and optimization, counter-threat operations, encryption, network security, and Zero Trust concepts and implementation.

Other presentations from the Summit include:

Title

Presenter(s)

Keynote: Cybersecurity as a Business Enabler

Dr. Chase Cunningham, Principal Analyst, Forrester

Adversary Tradecraft and the Importance of Speed to Take Action

Chris Kachigan, Sr. Director, Solutions Architecture, Crowdstrike

A Proactive Prevention Strategy to Reduce Risk

Andrew Homer, VP of Business Development, Morphisec

CISO Panel Discussion: The Current and Future of IT Security Strategy

Peter Green, vCISO Adviser, Sirius Computer Solutions

Phil Richards, CISO, Ivanti

Dan Anderson, Lifescan

Ryan Layton, CEO, Secuvant

Don’t Fix That! Learning to Focus on the Vulnerabilities that Matter Most

Jeff Aboud, Director of Product Marketing, Kenna Security

Integrated Risk Management = Enterprise-Level, Strategic Decision Making

Gina Mahin, CEO, Lynx Technology Partners

Risk-Based Prioritization in the Trenches

Chris Goettl, Director of Product Management, Ivanti

Chris Wakulik, Cybersecurity Engineer

Andrew Homer, VP of Business Development, Morphisec

Jeff Aboud, Director of Product Marketing, Kenna Security

#6. In connection with the Cybersecurity Summit Virtual Event mentioned above and with an October Halloween theme, Ivanti CISO Phil Richards published the blog Threat Thursday: Haunted by Breaches.

#7. The CIS Controls from the Center for Internet Security that together form a defense-in-depth set of best practices that mitigate the most common attacks against systems and networks.

#8. Gotta get a Goettl. Security evangelist and Ivanti product management director, Chris Goettl, who provides bylines and commentary to SC Magazine, Redmond Magazine, ComputerWorld, ThreatPost, Help Net Security, and other notable security news sources.

#9. Ivanti provides the security controls that experts agree create the highest barriers to real-world attacks—and they dovetail nicely with NCSAM 2019’s message of “Own IT. Secure IT. Protect IT.”

#10. Good thing October has 31 days in it. We needed all of them.

Website Security: A Q&A With Ivanti’s Andrew Ariotti

Thu, 31 Oct 2019 19:13:23 Z

It’s no secret that websites aren’t immune to cyberattacks—denial-of-service attacks, data breaches, brute-force login attempts, malicious payload exploits, undetected malicious bots, and more. In conjunction with October’s focus on National Cybersecurity Month, we reached out in a Q&A format to Andrew Ariotti, Ivanti’s senior manager of web marketing, for his take on the challenges associated with keeping Ivanti’s websites secure.

What are your primary responsibilities and goals as Senior Manager of Ivanti’s web team?

AA: My overall responsibility is to manage the content and development of all customer-facing websites for Ivanti. The primary focus is around the Ivanti website, as well as the translated versions (currently in 10 languages). I also manage the search engine optimization (SEO) for our websites, which includes working with several SEO agencies located around the globe. My team consists of content producers and developers that are the ones that make things happen. Outside of managing the team, I’ll dabble here and there from time to time on the content creation side and development. Development is scary, though, since I’ve been out of it for so long.

What do you see as the primary challenges / concerns / worries / pain points concerning the Ivanti websites across the globe and how they pertain to the protection, stability, and growth of Ivanti?

AA: A company’s website is the public’s first impression of the organization. That creates a massive amount of pressure on myself and my team to make sure that our messaging is spot on and the experience is a good one. A bad experience for prospective customers could sour their impression of Ivanti. With this in mind, security and stability are some of the most important things we focus on. Downtime isn’t an option these days, so we have put everything in place that we can to prevent it. I’m pleased to report that since the launch of Ivanti’s site we’ve achieved nearly 100% uptime!

When it comes to cyberattacks on websites, what are you most concerned about?

AA: I think the biggest concern is always around the stability of the site, and preventing any type of attack that could harm the image of the company. Routine maintenance, patching, load balancing, data backups, reviewing analytics and broken links, etc., are all part of stability. Obviously, there are many forms of cyberattacks, but stability of the site is the one that keeps me up at night.

As a follow-on question, cyber-attackers don’t typically target individual sites manually because it’s tedious and time consuming. They rely on automation such as bots that scrape lists of websites and check for a range of common vulnerabilities that can be easily exploited. What strategies and tools are you and your team employing to strengthen website security?

AA: A few months after launching our website we knew that we needed a security layer to prevent all of the common attacks on our website. We weighed our options and landed on Cloudflare as our security platform to cover the areas that we were concerned about. Once we brought it to our security and IT teams they were on board with the initiative. Since implementation we’ve been happy with the solution and feel like we’ve developed a world-class integration to provide the highest level of security.

Concerning the need to protect the administrator interface and other backend elements of the Ivanti website from brute force attacks, it this something Cloudflare helps with?

AA: Since we don’t have any sort of login on our marketing sites, we are generally protected from any brute force attacks that could target us. Most of those we leave behind the firewall here at Ivanti. Cloudflare does have several things in place to help prevent brute force attacks, but an intelligent system is the best way to prevent them.

Using insecure or simple passwords for the website’s administrator interface, FTP, or control panel can also lead to websites being compromised. What role does password management play with regard to Ivanti’s websites?

AA: Secure passwords are key and should be second nature for everyone at this point! Luckily we have two-factor authentication on everything that we run to keep us a little more safe. Changing passwords frequently is the best way to avoid having your internet accounts accessed. As far as Ivanti’s websites, we employ the same system that IT uses for single-sign-on (SSO) so that we have that extra protection and one less password to remember.

With regard to the best practice of testing website security, what learnings and insights are you able to share with readers?

AA: Find the right tools and price point that fit the needs of the organization. There are a lot of options out there, and the competition will never stop. Look for a good provider that delivers the layers of security you need and make sure you have a good backend developer like I have to implement it!

Are visitors or users of the Ivanti websites, such as the Community site, allowed to upload files for certain reasons? If so, what security risks might this pose?

AA: I don’t have a ton of exposure to the Community site, but I know that they do allow their users to upload text files and screenshots. Whenever the ability to upload files is an option there will always be a risk involved. Currently we are using Salesforce Communities to power our community/forums, which provides layers of security behind their system on top of Cloudflare.

What has your professional journey been like to get where you are today, and how has your role changed over the years?

AA: Since the AOL days I’ve always been obsessed with the internet. When web browsers became a thing, I dug into the HTML that made those pages work. When I was in high school, I looked for every technical class I could and landed on a class in web design. After graduating from Weber State University in Computer Science, I worked in web development in several jobs and eventually landed at LANDESK (now Ivanti) in 2013. The team was much smaller then—just myself and another backend developer. We wore lots of hats, which came with a lot of growth and learning. Along the way, I always enjoyed the project management side of the web so when the manager role opened, I went for it! I’ve been managing for a few years now and have enjoyed every minute. I have a great team, and great support from my manager and our amazing CMO.

What’s something you’ve done in your life that you’re particularly proud of?

AA: That would have to be my three beautiful children for sure—two boys that love the things I do (sports and video games) and a daughter that is full of energy. They are definitely my biggest accomplishments that continue to impress me every day.

Tell us a little about your name; its origin; who named you and why that name.

AA: I had to look it up, but apparently “Andrew” is of Greek origin. It was a pretty popular name in the 80s, so I imagine that had a lot to do with it. All of my siblings’ names are pretty standard, nothing too crazy. In asking my mom she said, “We just liked the name. A good, old-fashioned Bible name.” Upon some research, I’m not sure it is actually a Bible name. I love my mom regardless!

Ivanti Marketing Isn’t Fickle about “Cheese and Pickle”

Thu, 17 Oct 2019 16:48:24 Z

The verdict is in about the condiment Branston Original Pickle from Britain. After a recent taste-testing activity involving Ivanti’s marketing team members at corporate headquarters in Utah, it’s evident that folks aren’t fickle about the pickle. They are firm and steady—either they like it, or they don’t. There’s no middle ground, flip-flop, or equivocation.

Ivanti Marketing isn’t fickle

about Branston Original Pickle.

We’re either in or out—

no room for doubt.

A torrent or not even a trickle.

But Let’s Back Up a Bit

I’m a huge fan of the British television detective drama series “Endeavour” starring Shaun Evans as Detective Constable Endeavour Morse and Roger Allam as Detective Inspector Fred Thursday. The series is set in the mid-to-late 1960s in Oxford, England. It focuses on the early career of DC Morse with the Oxford City Police after he leaves Oxford University late in his third year without a degree, and is taken under the wing of the veteran detective Fred Thursday.

As the series progresses, we learn that Fred’s wife Winifred or “Win” (played by Caroline O’Neil) prepares a different sandwich for him according to each day of the work week:

Monday: Cheese and pickle

Tuesday: Luncheon meat

Wednesday: (You’ll find the answer near the end of this post)

Thursday: Ham and tomato

Friday: Corned beef

“Cheese and Pickle” Tickled My Fancy

Applying my American-slanted brain power, I assumed “cheese and pickle” was nothing more than sliced dill pickles and sliced cheese between two slices of bread. Boy was I wrong.

Googling the phrase took me to a condiment called “Branston Original Pickle” that’s been around since 1922, produced originally by Crosse & Blackwell in the village of Branston, Staffordshire, and now owned by Mizkan Euro Limited. A tagline on the jar’s lid reads “Bring Out the Branston,” and an all-caps callout on the back label declares: PERFECT IN A CHEESE SANDWICH.

Here are the product’s ingredients from the Branston website:

Vegetables in Variable Proportions (52%) (Carrot, Rutabaga, Onion, Cauliflower), Sugar, Barley Malt Vinegar, Water, Spirit Vinegar, Tomato Purée, Date Paste (Dates, Rice Flour), Salt, Apple Pulp, Modified Maize Starch, Colour (Sulphite Ammonia Caramel), Onion Powder, Concentrated Lemon Juice, Spices, Colouring Food (Roasted Barley Malt Extract), Herb and Spice Extracts.

The Quest for a Taste Test

Gathering our marketing team together for a taste testing seemed like a good idea, but I needed more information, so I reached out to Melanie Karunaratne and Erica Azad in Ivanti’s Bracknell, UK office west of London for any insights about Branston pickle.

Melanie responded, “Branston is an acquired taste, popular in 70s and 80s, mainly with cheese or ham sandwiches and salads, pork pies, etc. It’s sweet and crunchy. If it’s more than $3.00 I wouldn’t get it as you are paying too much.”

Erica Azad, a transplant from Utah working in the Bracknell office and managing our content marketing team, replied to me: “(Branston) reminds me more of a chutney or relish than a pickle. I mentioned to (coworker) Vijay Mistry that you’ve been watching ‘Endeavour’ and were curious about cheese and pickle sandwiches. His reaction was one of immediately shaking his head and saying, ‘Bad. Very bad.’ When I asked him if he meant the ‘Endeavour’ series or the Branston pickle, he replied ‘Both.’ So there you go. However, one of our co-workers here brings a cheese and pickle sandwich to work every day.”

September 27th: Fred Thursday’s “Monday Cheese & Pickle” Friday

It turns out that a World Market store near my home carries small jars of Branston pickle, so I purchased a few of them a week in advance of the taste testing event scheduled for noon on Friday, September 27th. Recalling what Melanie K. said about Branston pickle being an “acquired taste,” I was reticent to try it out at home in advance, but I forged ahead—and quickly became a fan. (Perhaps it had something to do with my great grandmother, Alice Whitney, who, like Branston pickle, was also from Staffordshire.)

And thanks to a lot of help from senior product marketing manager, Peggy Hayes, and executive admin, Joey Hamada, the event was expanded beyond the taste test to include platters of luncheon meats and cheeses, chips, a range of Diet Coke flavors, cookies, and more.

Participant Feedback: The Results are In—and Mixed

I solicited feedback from taste-test participants and received some notable comments. Catherine Shumway, Marketing Communications Manager, emailed a one-word reply: “Yuck.” But Peggy Hayes chimed in on the thread with, “Catherine, you didn’t taste it.” Whereupon Catherine responded, “Oh yes I did. One bite. One swallow. One memory I hope to rid from my mind.”

Below are opinions of some additional team members:

Adam Smith, Senior Product Marketing Manager: “My children laugh at me because I like cheese and (dill) pickle sandwiches. I think if I tried slipping this into a cheese sandwich for them, they’d berate me for weeks. Strangely though, I liked it, but not in the quantity it was served. It overwhelms any other taste, including the cheese. After tasting the quarter-sized sandwich, I made another, but with a lighter spread. However, with its A1-like taste, I think it would be better paired with a juicy cheeseburger with grilled onions.”

Alex Sutton, Marketing Intern: “I honestly enjoyed Branston and thought it was tasty. I'd be curious to try it on other things and see what those who use it frequently typically use it for. But overall, I'd recommend the product to a friend to try!”

Ashtyn Creel, Social Media and Blog Manager: “I’m glad I missed it.”

Dan Lalli, Marketing Communications Specialist: “The lingering taste of stale shrimp took me back to aisle 8 at Smith’s Marketplace, with reminders of me frantically trying to pick out the 'best quality' Kroger shrimp platter.”

Dan Longhurst, Senior Graphic Designer: “I thought it was alright for a cold vegetarian sloppy joe. But I would pick a Manwich® with a slice of cheddar every day of the week. It’s interesting to see and taste what other, less advantaged cultures choose to put in their mouths. That was a fun volunteer project.”

Drew Ostler, Finance Manager: “I was surprised that I really liked it. I enjoy trying new foods, so I was up for the experience. That being said, I didn’t think I would enjoy it, but I did. It had a stronger flavor than I planned—and interestingly tasted similar to A.1. Steak Sauce. Thanks for sharing.”

Lynn Phillips, Web Producer: “It smelled stronger and more intimidating than the actual taste. To be honest: I liked it! I could see myself putting it on a burger or a meat that is a bit more fatty and savory.”

Melissa Frazier, Video Producer: “I loved it. It tasted like a mix of BBQ sauce and pickles.”

Mike Mosley, Senior Product Marketing Manager: The pickle cheese concoction’s unusual chunkiness left me wanting—a Diet Coke was quickly acquired.

Peggy Hayes, Senior Product Marketing Manager: “The lumpy, jellied flavors exploded in my mouth, but not in a good way. I spit it all out quickly and spent the rest of the day eating chocolate—ENDEAVOURing to cleanse my palate of rancidness.”

Rachel Tam, Marketing Automation Intern: “I was skeptical at first, but it tasted very good. It functions like relish on your hot dog.”

Scott Jarrard, Director of Creative: “The Branston pickle sandwich could possibly be the secret sauce in Carl’s Jr. Bacon Western Cheeseburgers! And that’s saying something! The stuff is incredible! You’re stuck on a desert island and you can only live off of one condiment, what do you choose? Branston pickle! It’s sweet, beautiful, and just amazing. If I was a writer I could come up with some good comparisons, but the stuff is like the cotton in cotton candy, the sun on a sunny day. It’s all that’s good in this world and will brighten anyone’s day.”

Sharon Gee, Corporate Strategy Project Manager: “Upon smelling it, I was a hard pass! But thanks so much for including me.”

What Sandwich Did Winifred Prepare on Wednesdays?

The answer is fish paste. Yes, fish paste—like, fish purée in a squeeze tube. Let me put it this way. I can’t wait for Marketing’s reactions at the next taste testing: Fred Thursday’s “Wednesday Fish Paste” Friday!

Until then, as Fred Thursday would say, “Mind how you go.”

Color October with IT Security All Over

Tue, 01 Oct 2019 11:01:36 Z

October’s here! My favorite month starts today. Autumn colors. Crisp, cool mornings. College football. Oktoberfest oom-pah-pah. Halloween. And National Cybersecurity Awareness Month. Wait, what?

Well, why not? Who doesn’t want to be safe and more secure these days?

National Cybersecurity Awareness Month (NCSAM)—an initiative of the U.S. Department of Homeland Security—is a team effort between government and industry to raise awareness about the importance of cybersecurity and the need for all of us to be more vigilant and secure online—at home and in the workplace.

“Own IT. Secure IT. Protect IT.”

The overarching message of NCSAM 2019—“Own IT. Secure IT. Protect IT.”—focuses on key areas such as citizen privacy, consumer devices, and e-commerce security.

As an enterprise IT software company, Ivanti provides the security controls experts agree create the highest barriers to real-world attacks. Yes, we go big on our annual Halloween festivities for employees and families—but we work all year long helping customers strengthen their IT security stance.

This blog offers a snapshot of how Ivanti is helping create greater cybersecurity awareness through:

1. Timely blogs from product experts and thought leaders

2. Security Controls Boot Camps

3. “Patch Tuesday”

4. Cybersecurity Online Virtual Event

5. “Threat Thursday”

1. We’re “Chockablock” with Blogs

“Chockablock” in the Queen’s English is “chock full” in ‘Merican. Either way, our blogs will help you stay current on cybersecurity issues and trends throughout the month. We asked our product management experts and thought leaders to contribute blog posts spanning a range of IT security topics. Here are plenty of titles to pique your interest:

2. Security Controls Boot Camps

When it comes to cybersecurity, it seems there are more questions than answers these days. Why do security programs fail? How does a company that passed a recent audit suffer a breach? Is there a silver bullet to securing my environment?

All the more reason to participate in our Security Controls Boot Camps that offer you the opportunity to bring your toughest IT security questions to share with a panel of experts who are ready to help.

The first of our series of four Security Controls Boot Camps, “How to Cut through the ‘Fog of More’ to Achieve a Solid Security Foundation” was held on September 26. Below are descriptions and registration links to the remaining three boot camps in the series held this month. Be sure to sign up!

Thursday, October 3: Privilege Management for an Unpredictable World

with security product expert David Murray

Admin accounts are the “keys to the kingdom”, but attackers use them for full access to information and systems. While a least-privilege approach is a security best practice, removing admin rights can mean disgruntled users and lost productivity. David Murray will show you how to maintain control without sacrificing user productivity and satisfaction.

Thursday, October 10: Is Application Control a Maintenance Headache or Manageable Solution?

with security product experts David Murray and Jason Everson

Industry analysts increasingly cite application control as key to protecting endpoints against attacks and persistent threats, yet many companies struggle to implement effective whitelisting. Discovery can be an exhaustive process, and once a whitelist is implemented, the need to maintain and update it is constant. In this boot camp, David and Jason share how to implement application control easily without bogging down the system or straining your already stretched IT resources.

Thursday, October 17: Plug Your Patching Holes with Ivanti Security Controls

with security product expert Sara Otremba

Is your patching full of holes? Does your IT team spend days trying to match CVEs in vulnerability reports to patches, leaving your organization exposed? Sara Otremba, Product Manager for Security, wants to take that burden off your hands by showing you how the patching capabilities of Ivanti Security Controls help IT teams and security teams work together to reduce the time to patch. Plus see how you can patch not only Windows, but Red Hat Linux and CentOS from a single interface.

3. October “Patch Tuesday”

Join us on Wednesday, October 9 as security experts Chris Goettl, Todd Schell, and Brian Secrist recap the Microsoft and third-party security patches released on Patch Tuesday. Get the latest news on recent ransomware and other malware attacks. We’ll share insights on the patches to watch for, what you’ll want to test before deploying, and which patches to prioritize for rollout. We’ll also spend 20 to 40 minutes answering your technical questions so you can be confident you’ve got the right plans in place.

4. Free Cybersecurity Virtual Event

Reserve your spot for Wednesday, October 23 to experience “Insights to Combat Today’s Evolving Threats.” It’s a live, no-cost event featuring expertise from top IT security leaders from Forrester, CrowdStrike, Morphisec, Kenna, Ivanti and others. Need more reasons to attend? Here are five:

Advice for every level: Whether you’re an analyst in Operations, a Security Manager, or the CISO, we have content for every level.
A holistic approach to security: Don’t worry, you won’t sit through several presentations just on patching (unless you’re into that kind of thing). Our experts are providing insights on all aspects of endpoint security.
Six informative sessions: Hear from Forrester, Crowdstrike, Kenna, Morphisec and Ivanti.
Available when you are: This event is entirely online. If you can’t attend the live event, sessions will also be available for all those who register. You won’t miss a minute of the action.
It’s 100% free: No travel expenses, no freezing-cold conference halls, no awkward lunches. That means no cost for you to attend.

5. “Threat Thursday”: Breaches, Attacks and Exploits

Join us on Friday, October 25 for this month’s news, expert recommendations, and a full analysis of active cyberattacks across the globe from Ivanti’s CISO Phil Richards and Chris Goettl, Director of Product Management. This isn’t a digest of cyberattacks. Phil and Chris tell you exactly what to look for and the actions you need to take to stay protected, mitigate the damage, and strengthen your defenses against the next attack.

Wow! Talk about a full menu of learning available during National Cybersecurity Awareness Month. Who wouldn’t love October?

Ivanti Cloud: Leverage Data Across IT Silos to Improve Services

Fri, 20 Sep 2019 20:06:21 Z

We’re right around the midpoint between “Interchange Past” held in Madrid and Nashville last March and April, and Interchange 2020 scheduled for Prague and Las Vegas next year. So, what do Interchange and this blog about Ivanti Cloud have in common?

Well, Ivanti Cloud was unveiled and showcased in Madrid and Nashville keynote sessions—and it promises to be highlighted again at Interchange 2020: March 11-13 in Prague and April 27-30 in Las Vegas.

Interchange is our annual user conference that brings together customers, partners, and prospects from around the globe to learn from and network with Ivanti product managers, developers, and user experience teams. Registering before December 31, 2019 qualifies you for a special discount and promotional offers.

Unified Intelligence You Can Act On—In the Cloud

Ivanti Cloud helps you bring together data from multiple sources, then normalize, reconcile, and leverage it across these IT disciplines:

While every enterprise is unique, the IT organizations within them have lots of needs and pain points in common. Consider these challenges for example:

Data integration: How well is your data tied together between IT departments?
Security intelligence: What types of real-time tools are you using to identify security threats? What security intelligence are you leveraging?
Incident investigation: What do you use to investigate and resolve incidents?
Device reconciliation: How do you reconcile data about what you’ve purchased, who has it, and how it’s being used?
Windows 10: How do you know which machines to reimage and which to replace?
Maturing IT: What is your organization doing to improve IT overall—automation, user experience, digital transformation, data integration, business intelligence, cloud-based solutions, etc.?

Data—and Data Silos—Everywhere

What was once a scarcity of information is now a super-abundance. A survey of 400 IT professionals conducted by Ivanti in April 2019 reveals the need for a more unified approach to working with and implementing IT data. According to the survey:

31% of respondents deal with 25 or more sources of data
15% say they have way too much data
50% say it can take days, weeks, or longer to get actionable recommendations from data
68% of respondents aren’t confident they have the resources to work with the data and make it actionable

What if you could:

Bring your data together—from all across IT—and make it understandable, actionable, and easy for other systems to consume?
Receive an interpretation of your data, time-saving recommendations for what to do next based on that data, and strategic insights that propel you forward?
Make multi-vendor environments work better together?

Ivanti Cloud Use Case Scenario: Service, Asset and Endpoint Management Working Together

During Interchange keynotes in Madrid and Nashville, Duane Newman and Tom Davis of Ivanti’s executive team presented an overview of Ivanti Cloud that included an IT service incident scenario of a user’s slow-running computer that needed attention.

The scenario that Duane and Tom presented in their keynote is summarized below. However, Ivanti’s Adam Smith, Senior Product Marketing Manager for Ivanti Cloud, has also reproduced the Interchange demo in this eight-minute video.

1. User Contacts IT Using Skype for Business

As is often the case when an end user encounters a computer issue, their first inclination isn’t to submit an IT ticket, but rather to reach out to a friend in IT, or a friend of a friend, through an instant messaging application such as Skype for Business.

In this example, employee Alan Taylor’s computer is running slow. With the Ivanti Skype for Business Adapter, a ticket can be created directly into the Ivanti Service Manager interface.

2. The Incident Populates with Asset Data

Alan Taylor’s computer is already linked to the incident—a benefit of aggregated data. Model number, lease and owner information, department information, etc., is linked to the incident. This aggregation of data across multiple disciplines is a key advantage in focusing on the problem—where the data needs to be viewed.

3. Issue Resolved Using Ivanti Real-Time

Clicking “View Real-Time Details” launches Ivanti Cloud within the context of Alan’s WIN10-202 computer. The first of these real-time capabilities employs sensors or cloud agents on the device to provide instant feedback about the device and what’s happening with it. From there, connectors pull data into Ivanti Cloud to be used by different services within it.

The details of the computer come back in the Ivanti Cloud right away. This isn’t static inventory data loaded previously for demo purposes. Ivanti Cloud has connected with the asset and displayed the current data.

Using Ivanti Real-Time Intelligence, “CPU Usage” is clicked.

Within CPU Usage, we can drill into any of the machines indicating high CPU usage, including Alan’s machine, WIN10-202. It indicates a W script process at 77%, so something has run away, so we’ll kill that process now.

We’ve now gone back into the WIN10-202 system and can see that the CPU is down to 25%. We know something is going on here because we’ve had a number of issues with this machine.

A key point here is that IT service management solutions aren’t typically able to remediate at the endpoint—but that’s the key. This particular IT incident is broader than what a service management solution can handle. Ivanti Real-Time Intelligence incorporates the capabilities of service management, asset management, and endpoint management—all inherent to the problem you’re trying to solve.

4. Smart Advisors Show Asset Is Up for Replacement

Even though Alan’s machine is running Windows 10, the question is whether the machine should be reimaged or replaced. As shown below, these filters allow us to “fine-tune” this Smart Advisor, based on the machine’s OS version, how much free disk space it has, and so on.

Then scrolling down, we can view the recommendations. In the case of Alan’s WIN 10-202 machine we see a recommendation to replace, based on the number of incidents we’ve encountered, its configuration, its age, that it’s out of warranty, etc. Smart Advisors use data from different systems and correlate it to provide insights into what you can do next to alleviate potential issues, save time, and improve the way you do things inside IT.

From this point, we can bounce back to the end user, Alan, and inform him we’re going to replace his machine. And afterwards, within the context of the IT ticket we can update the entire back-and-forth conversation.

Then finally, from the Asset Management interface linked with Service Management, we’ll simply say we will log a request to replace the machine with a new one.

The entire process is closed loop and is an example of Unified IT. It’s not just a set of tools with manual steps in between, but an intelligent process—without having to jump from console to console—that led us from one step to the next to resolve the end user’s issue. It’s an example of just-in-time service encompassing Service, Asset, and Endpoint management. IT is never disengaged from the end user, providing a significant service to the organization.

Take a few minutes to learn more about Ivanti Cloud and how it can help you improve IT services and business performance. Visit our Ivanti Cloud page where you can also request a demo.

ITSM and ITAM: Great Together, Like Peanut Butter and Chocolate or Gin and Tonic Pt. 2 of 2

Tue, 23 Jul 2019 22:14:10 Z

Part 1 covered two use-case examples: 1) Empowering Users with Self-Service; and 2) Faster, Better Incident Resolution.

This post discusses the remaining three use-case examples: 3) Tackle Problem Assets with Proactive Management; 4) Effective Change Management; and 5) Complete Lifecycle Visibility.

3. Tackle Problem Assets with Proactive Management

By creating “one system of truth”—one repository where information is collected, filtered against, and analyzed, you can correlate results and make more informed decisions. This way, you know if a problem impacts the wider organization and can trigger actions proactively to remedy the issue while checking into the hardware contracts, licensing information, etc. Having the insights to know the exposure and risks involved to draft a clear remediation plan can turn a problem into an opportunity.

4. Effective Change Management

According to research from EMA, 32% of surveyed organizations achieved IT operational efficiencies through improved insights. (“Reinventing ITSM,” EMA, 2019).

For instance, with more asset insight readily available as part of the review cycle, the Change Advisory Board (CAB) can review and answer key questions such as:

Are appropriate licenses available and properly allocated, including desired and needed versions?
Are any additional software packages, drivers, or hardware add-ons required, and are needed licenses also available?
Are the hardware configurations acceptable or do they need to be enhanced with more memory, connections, capacity, or storage to cover unplanned incidents or failures?

5. Complete Lifecycle Visibility

It’s no secret that many organizations still use spreadsheets to track their hardware and software, noting purchase information and linking the device to the initial user who requested it. Full visibility of what assets are in the environment, where they are, and how they are used—all without cumbersome spreadsheets—is vital for service desk analysts to do their job efficiently, with quicker resolution times on incidents and problems.

However, many IT organizations often only verify an asset’s location once a year—and some organizations only every five years. (“Navigating through the Complexities of the Fixed Asset Management Function,” EY).

Consider a temporary-staffing company that provides temp workers with devices at the start of an assignment. Across different job roles, devices will be switching hands, changing locations, and demanding access rights at an exploding rate. If IT carries out a manual inventory audit, these user changes would either be poorly tracked, or not tracked at all—posing a significant security risk and not providing IT with much-needed visibility into a device’s health and performance.

With unified ITSM and ITAM processes and tools, organizations can:

Perform real-time scans and reconcile user and location information.
This enables the service desk to resolve incidents much faster, increase customer satisfaction, and enable more self-service.
Not only is it vital from and service and support perspective to know at all times where all organizational assets are, but also from a security standpoint, where lost or stolen assets can jeopardize data integrity.

It’s also critical to manage assets throughout their entire lifecycle by tracking performance data, issues, fixes, patch information, contracts, and licensing to ensure software and hardware investments are running at optimal performance and not impacting employee productivity. Complete lifecycle visibility through unified ITSM and ITAM is often the missing piece of the IT puzzle for many organizations.

Learn More in Our Webinar

Register today for the webinar Why IT Service & Asset Management Are Better Together. Ivanti presenters Kevin J. Smith, author and Senior Vice President, and Arlen Beylerian, Principal Product Manager, will share insights for solving business problems proactively with ITSM and ITAM.