Ivanti Blog: DEX

The Rise of Experience-Level Agreements (XLAs) in Practice: A Deep Dive into ITSM Transformation

Fri, 21 Nov 2025 15:17:59 Z

For decades, the backbone of IT Service Management (ITSM) has been the Service-Level Agreement (SLA). While effective for tracking the nuts and bolts of IT delivery, SLAs have one critical blind spot: they say little about how users actually feel about their IT experiences.

This is where Experience-Level Agreements (XLAs) and Digital Employee Experience (DEX) fill in the rest of the picture. They provide a new paradigm that's rapidly gaining traction, promising to transform ITSM by focusing on the human experience behind the numbers.

But what exactly are XLAs and how do they differ from traditional SLAs? Moreover, how does Digital Employee Experience factor into successful XLAs?

What are XLAs?

Experience-Level Agreements are a set of metrics and commitments designed to ensure that the end-user experience is consistently positive and meets (or exceeds) expectations.

While you should use XLAs and traditional SLAs in tandem, the latter focuses on technical performance and uptime. XLAs prioritize the user's overall experience, including factors like ease of use, responsiveness and emotional satisfaction.

By focusing on the user's perspective, XLAs help organizations align their services with user needs, driving satisfaction and loyalty.

Understanding how SLA, XLA and DEX work together

XLAs, SLAs and DEX work in tandem to provide you with a 360-degree view of your technical and user experience metrics.

	Description	Example metrics
Service-Level Agreements (SLAs)	A contractual agreement between service providers and customers that define the expected service quality, availability and responsiveness. SLAs focus on technical metrics.	Uptimes. Response times. Resolution rates. Etc.
Experience-Level Agreements (XLAs)	A contractual agreement between providers and customers that focuses on end-user experience, measuring the quality of service from the user's perspective. XLAs include not just technical performance, but also factors like usability, accessibility and overall satisfaction.	End user satisfaction score. Net promotor score (NPS). Digital experience score (DEX).

Unlike SLAs and XLAs, Digital Employee Experience (DEX) is not another type of agreement. DEX refers to the quality of digital experiences employees have while performing their job functions. It encompasses the technology, tools and digital environments they interact with daily.

Based on their experiences across these tools and environments, a DEX score is created (which is measured as part of the XLA). A positive DEX is crucial for employee productivity, engagement and overall job satisfaction.

How DEX enables successful XLAs

Digital experience analytics are an important metric in the success of XLA's. By ensuring that employees have a positive digital experience, organizations:

Improve productivity — When employees can work efficiently and effectively, they're more likely to deliver excellent service to customers.
Enhance customer experience — A positive DEX often translates to a better customer experience, as employees are better equipped to meet customer needs.
Drive business outcomes — By focusing on DEX, organizations can drive business outcomes, such as increased revenue, reduced costs and improved competitiveness.

Best practices for implementing XLAs

Implementing XLAs requires a careful, strategic approach to ensure that you not only measure user satisfaction effectively, but also drive meaningful improvements in service delivery.

By following the best practices below, organizations can successfully integrate XLAs into their operations and foster a culture centered on positive user experiences.

Define clear user experience metrics: Identify the key metrics that you will use to measure user experience. These should be specific, measurable, and aligned with business goals.
Leverage technology: Use advanced analytics, AI and machine learning to gather and analyze user data. These tools can help identify trends and areas for improvement. DEX tools enable you to gather and measure your IT experience across devices, users and the organization.
Engage users: Regularly collect feedback from users through surveys, feedback forms and testing. This provides valuable insights into their needs and preferences. Ensure that surveys utilize AI to identify and highlight sentiment.
Train and empower IT teams: Train your IT teams in user experience principles and give them the autonomy to make decisions that improve the user experience.
Continuous improvement: Treat XLAs as a living document. Review it regularly and update it based on user feedback and changing business needs.

Challenges and lessons learned

Implementing XLAs isn’t just about new tools — it's a mindset/cultural change. Common hurdles include:

Defining experience — What counts as a “good” experience? It can be subjective and varies across roles.
Cultural buy-in — XLAs need sponsorship from leadership and buy-in from front-line IT teams.
Continuous improvement — XLAs aren’t static. They require regular review and recalibration as user needs evolve.
More than surveys — Surveys are just one method of measurement. Ensure that DEX tools are enabled to capture real technology metrics.

Organizations leading the XLA charge invest in regular feedback loops, co-design goals with business units and link experience outcomes directly to ITSM performance reviews.

The future: Why XLAs matter

In practice, XLAs and DEX are more than buzzwords — they’re the next evolution of service management. As technology becomes ever more entwined with business success, experience is the product. IT teams empowered by XLAs move beyond “keeping the lights on" to driving employee engagement, customer loyalty and strategic differentiation.

For any organization focused on ITSM transformation, embracing XLAs means listening harder, acting faster and thinking bigger about the real purpose of technology: enabling people to do their best work.

Read the Digital Experience Report to understand how DEX impacts productivity, satisfaction and retention.

How to Measure the Business Impact of Digital Employee Experience (DEX)

Wed, 08 Oct 2025 13:00:00 Z

Not long ago, digital employee experience (DEX) was just a line on an IT report — something to track uptime, device issues and help desk tickets. Those metrics matter to IT, but they don’t always resonate with the C-suite. But behind the numbers is a larger story: every slowdown, every frustrating login, every delayed ticket chips away at productivity, engagement and business results. Today, DEX isn’t just an IT metric — it’s a measure of how well your organization performs, yet too few leaders are connecting the dots.

Put simply, DEX makes it easier and more enjoyable for employees to use the technology they rely on every day. When employee technology interactions are seamless, organizations move faster and innovate more easily. When they’re full of friction, the costs — both financial and human — add up quickly.

This shift gives CIOs a powerful opportunity: to move beyond being viewed as service providers and instead be recognized as strategic leaders. By relating DEX to business KPIs — not just operational metrics — they can show how IT directly fuels productivity, innovation and long-term business growth. When metrics speak the language of business outcomes, DEX becomes a strategic lever, not just an IT initiative. 

The data tells the story: DEX strategy must evolve

In 2025, CIOs can build a strong DEX strategy by tying it directly to measurable business outcomes. That’s why we launched the 2025 Digital Employee Experience Report: Next-Level DEX, talking to over 3,300 IT professionals and end users worldwide to see what’s working, what’s not and the biggest barriers to better digital experiences.

The results reveal a striking DEX maturity gap. While 67% of organizations rate their DEX maturity as high (level 3 or 4), many fail to implement foundational best practices. Companies often confuse owning DEX tools with delivering an improved digital experience.

Our research shows that while most IT leaders recognize the importance of DEX for employees and company culture, many still struggle to measure its impact and prove its value. In fact, 77% say they track DEX and 85% call it a high priority, yet only 23% have advanced strategies with comprehensive monitoring and automation. Despite investments, many teams continue to face challenges with automation, endpoint visibility and digital sprawl.

The cost of getting DEX wrong is rising. Every lagging process, redundant tool or unresolved tech issue slows the enterprise, raising both financial and cultural costs. Digital friction — slow apps, poor connections and complex workflows — continues to frustrate employees and erode productivity.

Many organizations still struggle to track DEX

Our 2025 DEX Report shows that less than half of organizations use DEX scores to monitor employee experience — with only 48% of IT professionals reporting using them and just 24% tracking traditional satisfaction metrics like CSAT.

This points to a bigger problem we’ve likely all felt: many organizations aren’t measuring digital experiences or connecting them to meaningful outcomes. This, in turn, makes it more challenging to clearly point to which IT investments are making work easier and more satisfying.

While device performance (42%) and ticket resolution speed (39%) get nearly as much attention as DEX scores, the focus for improvements often leans toward operational efficiency rather than a holistic view of the employee experience. That means employees can feel frustrated, overlooked and demoralized — and the business misses out on the productivity and engagement that a more seamless experience could deliver.

Measuring what matters to the C-suite

If we want to quantify DEX metrics, we need to tie it to outcomes the business is already tracking. In my experience, there are four key areas for executives to focus on:

1. Productivity gains

Consider the impact of everyday tech interruptions. On average, employees tell us they experience 3.6 disruptions per month from IT issues and 2.7 from mandatory security updates. If it takes roughly 15 minutes each to resolve each issue, that adds up to 1.6 hours lost per employee every month. Hypothetically, for a 2,000-person company with a fully-loaded hourly cost of $100, the annual productivity loss approaches $4 million — showing how even small friction points scale into major business costs.

Digital friction also drives burnout. Nearly 1 in 4 IT professionals (23%) report a colleague has resigned due to workplace stress.

2. Cost savings

DEX uncovers wasted resources and hidden inefficiencies across the organization. Many organizations see IT problems but rely on manual fixes, leading to downtime and wasted effort. Key opportunities for improvement include:

Optimized endpoint management: automating patching, provisioning and device maintenance lowers support costs.
Process automation: reducing routine IT tasks frees staff to focus on strategic initiatives.
Risk reduction: fewer security incidents and improved compliance through accurate asset inventories reduce potential financial losses.

Self-healing systems automatically detect, diagnose and fix issues before users notice, letting analysts and admins focus on strategic challenges. When quantified, these efficiencies produce measurable savings and a clear ROI that speaks directly to finance and operations leaders.

3. Stronger security and compliance

A complete asset inventory helps enforce policy and reduce risk. Poorly managed systems lead to employees resorting to using shadow IT to address their issues — our report showed that 27% of employees use unauthorized apps and nearly 40% bypass traditional IT-provided support channels (often because it’s faster than waiting for IT). Automated monitoring allows IT to maintain compliance, patch systems and reduce friction for employees, which ultimately protects the company and enhances security. Key experience and security metrics include eNPS, satisfaction surveys, patch compliance and asset inventory accuracy.

4. Employee retention and advocacy

It’s 2025 and organizations must think beyond traditional IT metrics. Employees now expect seamless, intuitive tools that make their work easier and more productive. A strong DEX strategy drives higher eNPS, lower turnover and stronger employer branding.

Reducing digital friction doesn’t just make work easier — it helps retain talent, prevents costly turnover and fosters a more connected, productive culture. Prioritizing DEX also bridges gaps between HR and employees while strengthening your employer brand through more positive reviews on platforms like Glassdoor. After all, employees are the lifeblood of any company. Improving their experience isn’t just good for the people — it’s quantifiably good for business.

A practical measurement framework

Only 23% of companies report having advanced DEX strategies — those that combine monitoring, security, remediation and HR integration. Yet the payoff is clear: by tying metrics like mean time to resolve (MTTR), automation rates, license recovery and vendor savings directly to business outcomes, IT leaders can show that DEX isn’t just an IT initiative — it’s a driver for growth and innovation.

The organizational imperative

The hardest part of DEX isn’t technology — it’s organizational buy-in. Gartner predicts that by 2027, 80% of DEX initiatives will fail if they remain siloed in IT.* Optimizing the employee experience requires HR, operations, finance and security all collaborating at the table. For CIOs, that means translating technical wins into a strong DEX strategy with business results:

Today, a strong, measurable DEX strategy isn’t optional — it’s a competitive advantage.  As CIOs, we must translate operational wins into business results:

“We reduced MTTR by 30%” becomes “We gave employees back 12,000 hours of productive time last quarter.”
“We reclaimed unused licenses” becomes “We saved $1.2M in hard-dollar costs.”

When metrics speak the language of business outcomes, DEX becomes a strategic lever, not just an IT initiative. 

The bottom line

DEX has moved far beyond IT. It’s a lever for productivity, cost savings, security and employee retention. By treating DEX as a business performance driver and connecting tools like UEM, ITSM, ITAM and AI-driven personalization into a cohesive ecosystem, organizations can reduce friction, accelerate innovation and deliver measurable business results.

The future of DEX isn’t more data — it’s measurable impact. By tying metrics to business outcomes and optimizing the employee experience, organizations can unlock productivity, growth and innovation. Organizations that tie every metric to business outcomes, act proactively and optimize the employee experience will gain a decisive competitive edge.

Ready to take your DEX strategy to the next level? Explore the full 2025 Digital Employee Experience Report for more insights and best practices.

_{* Gartner® Magic Quadrant™ for Digital Employee Experience Management (DEX) Tools, Dan Wilson, Stuart Downes, Tom Cipolla, Autumn Stanish, Lina Al Dana, 10 January 2025}

Your Windows 11 Migration Is Looming – but There’s a Bot for That

Mon, 28 Jul 2025 19:31:10 Z

I recently spoke with a CIO who had committed a large amount of IT resources to manually migrating computers from Windows 10 to Windows 11. The process required months of planning, device assessments, compatibility testing and hands-on coordination to avoid disruptions to day-to-day business operations. While their dedication ensured their rollout was on track for the looming Windows 11 end-of-support date, it highlighted the strain such projects place on internal teams.

My conversation with this CIO isn’t unique. Before becoming an Account Technology Strategist here at Ivanti, I worked in various roles in IT support and still bear the scars of the Windows XP to Windows 7 migration. I also spent years helping organizations plan, execute and troubleshoot OS upgrades — often under tight timelines, with limited resources.

Automation is key to any major upgrade project. It improves overall IT efficiency, reducing labor costs and human errors. In this blog, I’ll show you how you can use automation in your Windows 11 migration and where Ivanti Neurons bots can help.

Assess the fleet

Before starting any project, asset discovery is key: you can’t upgrade something you don’t know exists or isn’t really there. One Ivanti customer discovered that they had 30% more assets than they expected on their network! This echoes a study from Gartner that found 30% of IT fixed assets are "ghost" assets, or missing and can't be found, which further complicates the task.

Data that exists outside of the device, such as device warranty, is important too. Perhaps upgrading a device with three months’ warranty left isn’t really worth it — it may be replaced through a refresh cycle soon anyway, leaving more disruption for users.

A step you can automate is evaluating whether each device meets Microsoft’s minimum hardware requirements, which you can do in Ivanti Neurons using the Windows 11 Upgrade bot. Then, devices that don’t meet the necessary criteria can be flagged with an automatic ticket in your service or asset management solution. This helps provide the right data to IT-adjacent teams like Procurement for financial planning and purchasing new hardware.

Create a baseline for end-user experience

Creating a baseline helps IT measure the impact of the upgrade, identify potential areas of improvement to review post-upgrade and ensure that the new operating system meets or exceeds current performance levels. It also provides a point of reference for troubleshooting should any issues arise post-upgrade. This data is gold dust for the service desk team, who will be on hand to support users.

One way to create a baseline is with a DEX, or digital experience, score (which you can do in Ivanti Neurons). This quantifies the quality of an employee’s digital experience by aggregating data from various indicators like CPU usage, memory performance, application crashes, disk space and battery health. For example, excessive CPU usage or frequent application crashes can lower the score, while optimal performance in these areas contributes to a higher score. Sentiment analysis of service management incidents can also provide qualitative data that impacts the DEX score.

Surveying the end user bolsters telemetry-based metrics in the DEX score. Surveys provide IT with an early indicator of problems — but you can’t ask too many questions before the end user hits the dreaded mute button! A simple emoji response via Microsoft Teams gives you an empirical response, and a free text field gets user sentiment feedback.

So how do you analyze the data at scale? Feeding these insights into AI for sentiment analysis lets you interpret the tone and emotion to detect frustration or satisfaction levels.

One big takeaway from any migration is its impacts on end users. IT should want the end user to feel part of the process, if not own it!

Put the user at the center of the W11 migration

At this stage, we have devices suitable to upgrade and know our baseline. Now it’s time to interact with the end user.

IT leaders are all too aware of the potential impact that changes like system upgrades or new software deployments can have on end users, but this awareness doesn’t always translate into action. In the push to beat pending deadlines like Windows 10 End of Support, user experience considerations can be overlooked, leading to disruptions, frustration (reduced CSAT) or decreased productivity.

You can use automation, like the Windows 11 Upgrade bot, to keep the user in the loop, providing them a reason for the change and allowing them to schedule the upgrade at a convenient time.

Validate changes with end users

When changes like system updates are made to their computers, end users often face disruptions to their familiar workflows. A major change like upgrading to Windows 11 can lead to confusion, reduced productivity and frustration, especially if the upgrade was unexpected or poorly communicated. Users may struggle to find previously accessible features, encounter compatibility issues, or experience slower performance, all of which can create a sense of being unsupported.

Surveys have shown that knowledge workers experience such issues 3–4 times per day and often don’t raise support cases. A bot like the Ivanti Neurons Survey bot can be used here, capturing end user sentiment and feedback. So far, automation has done much of the hard work in your Windows 11 migration, but there will always be humans … as it stands anyway! A survey offers an opportunity to bring a human into the loop where applicable.

Software updates – and more! – with Ivanti Neurons bots

So, you’ve read a little of how the Windows 11 bot works. This is just one use case for an Ivanti Neurons bot. The same principles can also apply to major upgrades of any software, but also to a wide array of automation use cases on devices:

Reduce IT operational costs by automating manual steps.
Limit opportunities to introduce human error through manual processes.
Ensure the user is engaged and, crucially, happy with the process and their new operating system.

Neurons bots help IT teams proactively identify, diagnose, and resolve issues across endpoints and devices, often before users even notice the problem. Bots communicate with devices in real time, run queries and perform actions to keep systems healthy and secure.

You can check out some of the ways our bots help automate, accelerate and enhance IT operations, freeing up time for you to work on what matters, by visiting the Bot Library.

Why your IT team needs to upgrade its digital employee experience (DEX)

Mon, 24 Feb 2025 16:47:42 Z

Republished with permission from CIO.com

Business and IT leaders agree that improving the “digital employee experience” (DEX) results in better productivity and workplace morale. But recent research by Ivanti reveals an important reason why many organizations fail to achieve those benefits: rank-and-file IT workers lack the funding and the operational know-how to get it done. They don’t prioritize DEX for others because the organization hasn’t prioritized improving DEX for the IT team.

There are enormous benefits in improving digital employee experience, and DEX remains an area that executive leaders are optimistic about. But there is a disconnect when it comes to its practical application across IT teams. IT professionals remain extremely skeptical, in part because they are being left out of the benefits of DEX. This has led to problematic perceptions: almost two-thirds (60%) of IT professionals in the Ivanti survey believing “Digital employee experience is a buzzword with no practical application at my organization.” Clearly IT leaders need to do more for teams to realize the full benefits of DEX.

DEX best practices, metrics and tools are missing

Nearly seven in ten (69%) leadership-level employees call DEX an essential or high priority in Ivanti’s 2024 Digital Experience Report: A CIO Call to Action, up from 61% a year ago. Yet the same report confirmed that DEX best practices are still not widely implemented in and by the IT team.

Barely half of the Ivanti respondents say IT automates cybersecurity configurations, monitors application performance or remotely checks for operating system updates. While less than half say they are monitoring device performance, or automating tasks.

This indicates few IT teams are systematically investing in DEX tools and practices to monitor the spectrum of user interactions and respond automatically to emerging problems before they disrupt employee productivity and satisfaction.

Without these practices and tools, IT workers themselves struggle to cope with their coworkers’ “tech friction.” IT workers are over-burdened with the volume of DEX issues and hamstrung by manual resolution processes. Most of all, IT workers are “flying blind” because they lack detailed data about the real DEX issues plaguing themselves and the organization at large.

Lack of DEX data undermines improvement goals

This lack of data creates a major blind spot, says Daren Goeson, SVP of Product Management at Ivanti. “Accurate DEX data illuminate what are the real technology challenges that the organization is facing,” he says. “And the data enable IT to get at the root cause of the DEX issues.”

Most IT organizations lack metrics for DEX. These include digital experience scores (only 48% do this), device/user analytics (42%) and speed of ticket resolution (39%). Without metrics, IT workers can’t discover the scope, scale and severity of DEX issues. They can’t prioritize DEX problems or measure progress toward DEX goals.

Ivanti’s research shows the extent and costs of these chronic, endemic DEX problems and the toll they take:

Office workers have to cope with an average of four technology-related issues every day, such as poor application or device performance, slow networks, and many more.
60% of office workers report frustration with their tech tools.
55% of them say negative experiences with workplace technology impact their mood and morale.
A higher percentage of executive leaders than other information workers report experiencing sub-optimal DEX.

To improve digital employee experience, start with IT employees

“IT leaders can use the IT organization as a test bed to prove the effectiveness of proactively managing DEX,” says Goeson. Managed, measured DEX will ease IT’s workload and make staff more productive.

How IT leaders can improve DEX for IT professionals

Ensure IT staff have the updated tools they need to work anywhere. Nearly one-quarter (23%) of IT workers say that their current toolset is not as effective in off-site work.
Establish DEX metrics and equip IT with the DEX management processes and tools to monitor, collect, analyze and present this data.
Deploy automation processes and accurate knowledge bases to speed up help desk response and resolution.
Leverage AI and machine learning capabilities — through endpoint management and service desk automation platforms — to detect data “signals” such as performance trends and thresholds before they become full-blown problems. And to automate routine tasks, such as installing a new patch or remediating slowed app performance.
Prioritize automating help desk responses to trouble ticket requests by using self-service portals, AI/machine learning capabilities for routing and analyzing online and telephone ticket requests.

The bottom line

IT leaders can demonstrate the impact of managed, measured DEX for the enterprise. But that means starting by optimizing DEX for the IT organization.

For more information, see Ivanti’s 2024 Digital Employee Experience Report: A CIO Call to Action.

Work Flexibility: It’s About More than Being Remote

Mon, 23 Sep 2024 12:00:01 Z

Have the concepts of “work” and “workplace” ever seen as much change as they have in the past five years? These changes have driven a corresponding shift in employee attitudes toward work.

The Great Resignation may have been the first highly visible indication that something organizations and workers had never experienced was afoot. It laid to rest any notion that every employee was grateful to be tethered to a desk in a locked-down location from nine to five.

There were many explanations offered for the Great Resignation, from burnout to wage stagnation. But the fact it happened on such a large scale was evidence of a real sea-change in peoples’ attitudes toward work.

For many of them, hybrid and remote work presented a welcome new option. Everywhere Work had arrived, bringing with it a wave of change in how we perceive and define workplace flexibility.

But what does flexibility really mean in the modern workplace? How are employees and employers navigating this new paradigm?

Work flexibility: What do employees want?

Make no mistake, workplace flexibility is more than just a buzzword. It's becoming a core aspect of employment that workers are demanding.

Employees have always expected competitive pay, strong benefits, time off and more. But now flexibility has become a key factor in the employment equation.

In recent Ivanti research, a staggering 40% of office workers and 49% of IT workers said they’re willing to quit their jobs for more flexibility, highlighting just how valued it's become.

The message is clear: To attract and retain top talent, offering flexibility is no longer optional – it's fundamental. But this extends beyond working from different places – whether the office or at home or that favorite coffee bar up the street. This isn’t about where we work anymore – the focus has shifted to when and how we work. And that’s where there’s a looming disconnect that employers need to bridge.

The flexibility disconnect and workplace adaptability

Despite the overwhelming desire for flexible working conditions, there's a significant gap between what employees value and what employers offer. Our research found that while 80% of employees say flexible working is highly valuable to them, only 25% describe their current work situation as “highly flexible.”

A discrepancy this large represents a serious flexibility disconnect between employees and employers, raising questions about the readiness of workplaces to adapt to what workers want.

Employers need to confront it, though, because a high level of work flexibility is non-negotiable for many professionals – often more important to them than working remotely. They're demanding control over their work settings and circumstances, from their daily schedules to the option to knock off early or work from wherever they choose.

Managers need to realize that employees don't view these as just desirable perks they should be expected to justify or earn. They're baseline expectations among high-value professionals. Employers must be ready to accommodate them.

Learn more: 2024 Everywhere Work Report – Empowering Flexible Work

The gender divide in workplace flexibility

The demand for flexible work also spotlights the importance of diversity, equity and inclusion in the workforce, particularly when considering the divergent priorities of men and women. Sixty-five percent of women in our report told us they highly value flexible work hours, versus 54% of men.

This gender divide underlines how employers should have plenty of latitude in how they deliver flexibility to accommodate the diverse requirements of different employees. For even a flexible work environment to be inclusive, how it defines flexibility can’t be one-size-fits-all.

Beyond this, using the right tools to enable flexibility via better digital employee experiences helps bring different groups of employees together in positive ways by solving their respective remote/hybrid work challenges.

Independence, respect and the future

Look long and hard at the expectations of knowledge workers and it’s obvious they have a strong desire for greater independence and respect from employers.

For instance, a remarkable 81% of them believe that the location of their work shouldn't matter as long as it's done well. But 46% view an employer's inflexibility about their schedule as a sign of disrespect, and that’s an issue companies need to deal with if they value those workers.

The overwhelming consensus among those workers (79%) is that allowing people to work anywhere is not just a trend, it’s the future of professional employment.

What part does IT play?

HR professionals know they play a key role in enabling the flexibility employees expect. They also know it can only become a reality with a progressive IT department. By using current and effective technology to keep the company and its data safe and secure, IT can empower seamless Everywhere Work – and help HR improve its own service delivery, too.

A company’s tech stack must integrate solutions that let employees, IT and security teams enjoy secure, productive remote and hybrid work no matter where, when and how it’s being done. When an enterprise lacks that strong IT backbone, it also lacks a fundamental building block of post-COVID productivity, competitiveness and worker acquisition and retention.

To sum up: It’s not entirely accurate to say the future of work is flexible. For many professionals, the flexible future is already here – and it’s going play a big part in driving their decisions about where they want to take their talents.

Step Into the Cloud-based Workspace Management of the Future

Tue, 10 Sep 2024 19:00:00 Z

Cloud-based solutions like Ivanti Neurons offer your organization the latest capabilities, scalability and flexibility for software security and endpoint management. To maintain the most modern portfolio of solutions possible, Ivanti announced the retirement of Ivanti Workspace Control (IWC) on Jan. 31, 2024.

That decision was rooted in our dedication to your success and the pursuit of innovation. Ivanti chose to discontinue IWC because Ivanti has a cloud-first strategy – and User Workspace Manager (UWM) is natively better suited for cloud deployment. As both products have similar outcomes for most use cases, the decision was made to use the technology in UWM to help Ivanti in the move to the cloud.

If you decide to stay on IWC until the end of life date of December 31, 2026, please ensure that you under take the necessary architecture migration to address the recently disclosed vulnerabilities. For more information, please review the Security Advisory.

Your organization, like Ivanti, is evolving with the demands of your users and advancements in technology. This is a suitable time to re-evaluate if your current Ivanti solution is still the correct one – just as when you start your career with a small car, evolve to a more spacious car when you start a family and, when the children leave the nest, maybe go for something smaller and sportier.

Scenarios to help you migrate

To aid your journey to elevate your Everywhere Work environment, we have defined a handful of scenarios for you that can help to realign Ivanti solutions to your current and future needs:

Option A: You still rely on on-premises software. Whether you cannot move away from on-premises software or have another reason, you still must reduce workload and increase workspace stability as you have with IWC for a long time. Ivanti's UWM solution is as flexible and reliable as IWC and offers similar outcomes as IWC to manage and secure your workspace.

Option B: You’re thinking of expanding option A to work from anywhere, supporting the Everywhere Work lifestyle. Perhaps you are serving an employee with a laptop who needs the same management but doesn’t come into the office that much anymore. Or, you have remote sites that also need management, but the cost of adding management components is too high. For this we have Ivanti UWM Hybrid: Ivanti UWM combined with management of your endpoints through our Ivanti Neurons cloud platform.

Option C: You are moving to so-called “modern management” of your endpoints, with a cloud-based solution using the APIs in the OS like Ivanti Neurons for MDM. This approach has different requirements and needs to be as effective as IWC. To adapt to this new way of working, Ivanti developed the Neurons platform – more specifically Neurons for DEX – to allow for everywhere support of the user and endpoint. Get full visibility with remote control and proactive healing. Combine this with option B in case you need to set application settings, still want to map printers when employees come to the office or need better protection on the endpoint like an application allow/deny list or privilege management.

Option D: As an add-on to option C, change to a fully integrated platform in which you can discover, manage and secure the device through Ivanti Neurons. This will create full visibility for your assets, making sure they are healthy and getting all updates and correct software while supporting the endpoints wherever they are. Depending on where you are moving with your strategy, Ivanti can help find a proper path forward. We can make it easier for you to switch to a new solution by supplying a fit-for-purpose licensing structure and technical support through our professional service department and our partner network. And if you need training on how to implement and use the new Ivanti solution, you can access high-level technical training courses on our Ivanti Advantage Learning website. For more information, please read our knowledge base article “Product Life Cycle Policy for Ivanti Workspace Control and Ivanti Virtual Desktop Extender.”

WWDC 2024: What IT Admins Need to Know About Apple’s Announcements

Mon, 05 Aug 2024 08:00:00 Z

Apple's announcements at this year’s Worldwide Developers Conference have surprised everyone with new capabilities designed to make the IT admin's life easier for managing and securing devices.

As we expected, Apple kept expanding declarative management configurations and capabilities for securing iPhones and iPads and robust management of macOS in the enterprise. There was also a significant emphasis on device management for Apple Vision Pro, adding the ability to enroll visionOS devices via automated device enrollment. Also, there were new configurations and commands announced that will be supported by MDM, which will make the enterprise use cases more robust.

Here are the main announcements in Apple Business Manager, iOS18, macOS15 and visionOS 2.0 that IT admins should be aware of:

General WWDC announcements

Apple Intelligence

Perhaps the biggest announcement from Apple this year was Apple Intelligence, the new AI introducing Writing Tools, Smart Reply, Reduce Interruptions, Image Playground, etc. Apple Intelligence runs on-device and in Private Cloud Compute, which does not store customer data and protects user privacy. For certain requests, Apple Intelligence has been integrated with ChatGPT.

Apple has shared that MDM restrictions will be available for Apple Intelligence, including the ability to restrict Siri, Writing Tools, Image Playground, and the ChatGPT integration. IT teams will be able to choose which restrictions best fit their organization.

Refer to your Appleseed for IT developer program for more information and updates on what's new for IT.

Apple Business Manager

For customers leveraging Apple Business Manager, they will be able to take advantage of new capabilities that streamline some operations.

First, Apple has been pushing to move enterprise use cases to adopting managed Apple IDs instead of Apple IDs. Apple IDs are now called Apple Accounts, and Managed Apple IDs are called Managed Apple Accounts.

Apple has released a new process to streamline the recognition of the domain so customers can seamlessly convert Apple Accounts to Managed Apple Accounts with low impact on end users. Any Apple Account using a corporate domain can be set to migrate automatically to a managed account. The end user will need to accept this migration. If the end user doesn't accept migration after 30 days, the account will be automatically transformed into a managed account, and the personal Apple Account will be renamed.

The second feature specific to Apple Business Manager is the ability to manage Activation Lock on devices that are in an organization’s Apple Business Manager account. Previously, when a device was locked and retired from MDM, the only way to repurpose the device was to call Apple service. Now, if the device is enrolled in Apple Business Manager, the IT admin can unlock the device directly from the Apple Business Manager page.

Lastly, Apple has added the new Apple Vision Pro to the devices that can be onboarded by organizations via automated device enrollment. This new feature will allow devices to be supervised during activation and will simplify the initial device setup.

Software update enforcement enhancements

Last year, Apple released new software update enforcement with the ability to set a deadline for all devices to upgrade to a specific version. In this workflow, the end user receives notifications starting 14 days before the deadline. This year, Apple has moved the existing management controls over to declarative device management to give the IT admin much more detailed command over the behavior of the update, similar to what the admin had in the previous model.

IT admins can control:

Automatic software update behavior.
Rapid Security Response behavior.
Deferral of software updates (one to 90 days).
Whether local administrator authorization is required to update macOS.
Enrollment into beta programs (support for macOS later this year).
Default notification behavior when enforcing software updates.
Visibility (recommended cadence) of software upgrades (iOS and iPadOS only).

These new settings are meant to be a complete replacement of the previous workflows for software updates via MDM.

Streamlining OS beta testing in the enterprise

For customers with rigorous beta testing for each new OS version from Apple, Apple has released an easier way to manage the installation of versions on devices. Enrolling devices into the beta program and controlling the upgrade behavior for those devices can be streamlined and updated as needed.

First, all devices will need to leverage a feature released last year to allow for automated device enrollment into the beta program. Now, with this year’s release, all the Software Update settings will also be applicable for those devices in beta versions.

Safari extensions managed via MDM

For a long time, IT admins have been asking for a way to manage and approve Safari extensions to improve the user experience when opening domains. In this release, Apple has made available a new payload that allows or excludes some domains for Safari extensions.

iOS and iPadOS

Cellular networks updates

As with last year, Apple continues to make cellular networks more flexible and robust for customers. Last year, we saw more flexibility in configuring private networks for eSIM devices and creating specific slices on cellular bandwidth for dedicated application network traffic. This year, Apple has added the ability to support multiple private networks and leverage cellular slicing at the per-app VPN level.

New eSIM management keys include the ability to preserve the eSIM information even when the end user wipes the device and the ability to set up an eSIM with a link or a QR code on the device.

App Management Security

Apple added a feature for end users to hide or lock an application. This means the application will require Face ID, Touch ID or a passcode to open and can be hidden from the home screen. Apple will release application-level controls to configure these options via MDM.

Starting with iOS 18, proprietary in-house apps manually installed without using MDM will require a device restart to complete the trust of the provisioning profile.

macOS improvements

More flexible management via MDM

In macOS 14.5, new management tools have been released to manage files via MDM. These include sshd, sudo and PAM.

In macOS 15, executables, scripts and launched configuration files can be installed using MDM and are stored in a secure and tamper-resistant location, similar to service configuration files introduced last year. This provides an easy way for organizations to deploy and control managed services.

Better user experience during authentication

Authenticating via passwords is always problematic in the enterprise, as users forget passwords and devices get blocked. Leveraging new improvements to the platform, single sign-on and extensible single sign-on with Kerberos, Apple is simplifying the authentication process for enterprises while providing secure access and streamlining the authentication process for the end-user. New login policies are available via FileVault, login window and lock screen.

More security via disk management configuration

In the last release, Apple deprecated the media restriction payload. This year, Apple announced a new declarative device management payload to manage external and network storage. This new disk management configuration will define the mount policy to allow, disallow, or set volumes to read-only, making access to external storage secure and robust.

Apple Vision Pro improvements

In the visionOS 1.1 release, enrolling devices into MDM required devices to be registered via Account-Driven Device Enrollment or Account-Driven User Enrollment using a Managed Apple Account. With the announcement of visionOS 2.0, customers will be able to enroll devices via Automated Device Enrollment, allowing them to be supervised and simplifying the initial device setup. Another important improvement is the addition of more commands and payloads for visionOS management, including configurations such as device lock, activation lock, passcode management and others.

Additionally, Apple released a new set of APIs for visionOS application developers aimed at enhancing the enterprise use case. These new APIs will allow applications to integrate live feeds, screen sharing and QR code scanning, enabling new use cases for support teams to assist remotely with tasks and requirements.

While the most significant and impactful capabilities released by Apple center on Apple Intelligence, it's clear Apple is also making substantial progress in enhancing enterprise use cases by simplifying the adoption of Managed Apple Accounts for enterprise customers; introducing more granular controls for a robust macOS management experience; and expanding Apple Vision Pro support for Automated Device Enrollment and other enterprise use cases.

Healing Bots Take Charge of Solving IT Problems to Enhance Employee Satisfaction

Mon, 17 Jun 2024 13:00:00 Z

Imagine an Everywhere Work environment in which IT problems seem to magically resolve themselves before end users even realize there were issues. Printers miraculously start working again. Login issues vanish. Access to critical applications is seamless.

Before anyone starts believing in digital fairy godmothers, let’s give credit where it’s due: To the rise of healing bots: intelligent hyperautomation tools that proactively identify and address employee IT woes to improve employee experience.

Those woes abound as networks become more complex, with more devices connecting from more locations. Yet helpdesk automations like chatbots aren’t necessarily a panacea:

According to Ivanti research, poor digital experiences are much too common: 57% of IT professionals, execs and users report “serious friction with work tech at least weekly.”
61% claim negative experiences with work tech impacts morale.
Even when employees could call upon a chatbot/automation that’s as helpful as using a human, 58% still preferred human interaction.

This poses a quandary for ITSM teams: How can they shift left to tackle a multiplying miasma of incidents and issues and maintain good digital employee experience (DEX) when some users dislike digital remediation tools?

Self-healing automation bots provide an answer. When bots are fixing problems so there’s no visible issue to complain about, employees simply get on with their jobs. Meanwhile, your IT team can apply itself to more strategic and challenging work.

Employees who can do their jobs without interruptions are more engaged, more productive and more positive in their outlook. That contributes to how they serve customers, who in turn reward a vendor with loyalty and revenue.

The world before self-healing bots

Prior to self-healing bots, IT support followed a reactive approach. Employees running into problems submitted tickets to the help desk and potentially endured a protracted wait time before seeing a resolution. This approach is the culprit behind several issues:

Increased ticket volume: Help desks become overwhelmed with backlogs of tickets for common, repetitive issues.
Delays and frustration: Employees are forced to impatiently wait for resolutions while their work and productivity are disrupted.
Limited proactivity: IT teams lack the resources to identify and prevent problems, so they’re trapped into being reactive.

All these highlight the need for a more proactive approach to IT support and their ability to enhance employee experience. Enter healing bots.

How healing bots are transforming IT

Since the earliest days of their introduction, self-healing bots have improved with multiple key advancements. Healing bots leverage automation and machine learning to anticipate and address employee IT problems before they occur. Their functionalities include:

Real-time monitoring: Healing bots continuously monitor IT infrastructure and user activity.
Predictive analytics: They analyze historical data to identify potential issues and predict user needs.
Proactive prevention: Through issue detection and analytics, bots can not only identify problems but also take action to fix them.
Cyber threat protection: Ensure secure access and protection against cyber threats without compromising employee flexibility to work from remote locations.
Incident escalation: For complex issues they can’t address themselves, they can escalate them to the IT team with relevant data for faster resolution.
Data and sentiment collection: Interactive ITSM survey bots can collect qualitative data and quantitative employee service ratings.
Enhanced ease of use: Setting up and managing healing bots has become simpler for IT teams.
Template libraries: Pre-built templates help in quickly deploying bots for common issues.
ITSM integration: Seamless integration with existing IT service management ticketing systems allows for smoother workflows.

The ROI from using bots

One of the biggest concerns about any new technology is the return on investment you’ll get and the time it takes to realize that value. In solving for how to improve employee satisfaction, self-healing bots offer a clear path to value creation:

Proactive efficiency: Bots handle routine issues and cut ticket volume and backlogs, freeing the IT team for more complex tasks so you get the best value from their skillsets.
Cost reductions: Taking manual issue management off the IT team’s plate cuts process costs.
Accelerated resolution: Incident management and resolutions are supercharged now that they're automated – and largely invisible.
Better DEX: Faster resolution times and proactive problem-solving lead to happier employees.
Increased productivity: Less downtime due to IT issues translates to increased employee productivity.
In-depth monitoring: Bots’ comprehensive diagnostics can detect and notify IT of previously unreported issues and changes.
Data-driven insights: Self-healing bots provide valuable data on user behavior and IT infrastructure health.

Implementing bots in your organization

If you're considering deploying self-healing bots, here's a basic roadmap for how to get started – and ultimately how to improve employee engagement.

Step 1: Analyze data to identify “botworthy” issues

Before you bring your new bots into play, it's crucial to pinpoint the tasks they can handle early on. Why? So you can learn and refine their capabilities and demonstrate success to stakeholders or management. Here's how:

Examine past support ticket data: Utilize analytics and reporting tools to spot the most common and repetitive problems. These represent your "low-hanging fruit" ideal for initial automation efforts.
Identify patterns: Look for recurring issues such as login troubles, requests for password resets or software setup inquiries that appear frequently.
Choose based on potential impact: Consider not just how often issues occur, but also their impact on user efficiency. Automating resolution of widespread but simple problems permits your human staff to focus on more complex challenges.

Step 2: Set priorities by selecting the optimal tasks for bots

Not every issue is equally suited for self-healing bots. The "low-hanging fruit" are those IT problems that can be most successfully handled by automation tools.

Target routine tasks: Automation tools like bots are most effective with tasks that are consistent and repetitive. Identify tasks that have straightforward procedures and definite outcomes.
Assess complexity: Complex issues that require nuanced human judgment should remain with your skilled IT personnel. Automate issues that have a clear set of steps and solutions.
Evaluate the impact on DEX: Ensure your bot deployment truly improves the employee experience. Opt for automating issues where consistent, accurate responses are key.

Step 3: Run a pilot program before full implementation

Launching your first bot rollout tool is a trial run that lets you fine-tune your approach and pinpoint any possible problems before widespread adoption.

Begin at small scale: Select a narrow, manageable problem for automation. Your aim is to facilitate learning and adjustments, not to create the ultimate tool from the get-go.
Solicit feedback from users and IT staff: Actively seek opinions on the tool's effectiveness. This feedback is crucial for identifying improvements and ensuring a smooth transition.
Monitor important indicators: Track resolution speed, user satisfaction and ticket volume managed by the tool. This information is vital for evaluating the feasibility of broader automation.

Step 4: Optimize, refine, enhance, repeat

You bot may be great from the start, but it still requires regular attention and updates to flourish.

Understand its learning capabilities: Some AI-powered self-healing bots are designed to learn based on user interactions. Monitor these capabilities and their success.
Leverage user feedback: Their insights are endlessly valuable, so constantly review this feedback to spy opportunities for enhancing your bots. Update responses, tweak decision-making processes and ensure they keep learning and growing in capability.
Regularly review and adjust: Continuously evaluate the tool's impact on issue resolution times, user satisfaction and the workload of the IT team. Use this data to refine your bots and extend them to tackle additional tasks.

Healing the future of Everywhere Work

Self-healing bots are a big leap forward in helping IT teams support Everywhere Work and the goal of shifting left and can be a key tool in how to enhance employee engagement. By proactively resolving issues, expediting shift left and supporting seamless DEX, they can have impact across the length and breadth of your organization. That's an impressive contribution from these invisible but tireless workers.

As self-healing bot technology keeps evolving, expect even more advanced capabilities and deeper integration. Eventually, they’ll help unlock a future in which IT support becomes almost invisible – prescient and proactive, but unintrusive in how it enables Everywhere Work.

How ITSM Automation Improves DEX at Scale

Wed, 28 Feb 2024 13:11:04 Z

As your organization grows, manual processes that were once convenient become increasingly inconvenient. They’re now cumbersome, slow, plainly inefficient and hinder opportunities for innovation.

This is worsened by the rapid onset of digital transformation. Some organizations report that this transformation was accelerated by three to five years since 2020 by the pandemic.

In the era of Everywhere Work, where the average employee uses 2.6 devices to complete tasks and 73% of IT and security professionals report increased workloads due to remote work, IT service management automation makes life more manageable for your organization.

Some examples of ITSM automation include:

Automating ticket assignment based on user roles.
Automating service requests and approvals.
Automating alerts and notifications.
Automating workflows and processes.
Automating reporting and analytics.
Automating policy and procedure enforcement.
Automating resource allocation and management.

Why ITSM automation matters

Reducing workloads for employees is more important than ever. Our expanding, complex digital landscape and hesitation on the part of some C-suites and corporate boards to make major technology investments have left many IT professionals overwhelmed.

Leadership’s reluctance may be understandable. According to an EY study, 30–50% of first-time automation projects fail — making some organizations leery of new attempts. But as we’ll see, this hesitancy has profound negative effects on IT personnel who are essential to modern growth and competitiveness.

Ivanti’s 2023 Everywhere Workplace Report surveyed 8,400 office workers, IT and security professionals and C-level executives across the globe and uncovered concerning trends, particularly among IT teams.

Of the IT workers surveyed:

28% lacked motivation.
35% said burnout from their workloads was a reason they'd consider quitting their current job.
21% would consider quitting due to burnout from long hours and unreasonable demands.

These low levels of employee engagement are apparent across multiple departments as well – one in three office workers under the age of 40 admit to “quiet quitting,” and more than one in four say they might leave their job in the next six months.

Yet, Ivanti research found that just 8% of organizations were prioritizing automation of repetitive tasks in 2023, despite how this would alleviate the workload pressures faced by IT teams.

Clearly, organizations must adjust to keep workloads under control, improve employee morale and create flexible working arrangements, or they risk losing employees to competitors who can promise better DEX.

Benefits of service management automation

Service management automation offers plenty of benefits, including:

1. Quicker response times

Slow response times are one of the most common complaints regarding helpdesks. ITSM automation of the service management process helps determine the priority of the incident, assign it to the correct worker and can send updates to the user. These improvements will speed up your response times and make sure IT workers aren't bombarded with helpdesk tickets.

2. Better visibility

Only 47% of IT professionals say they have complete visibility into every device that attempts to access their networks. In fact, 32% reported they still use spreadsheets to track their devices. This expanding endpoint environment isn't only incredibly challenging for IT professionals to maintain, but it also puts your organization at risk.

IT service management automation can provide full visibility into your IT estate. Your service desk will always have access to comprehensive information on all your IT assets, allowing them to quickly identify issues and fix them without laboring through multiple spreadsheets.

3. More room for strategic initiatives

Eliminating these time-consuming and obsolete work processes with ITSM automation means your IT teams won’t be bogged down in manual processes. Instead, they’ll have more time to invest in strategic initiatives that'll elevate IT as a strategic partner in your organization.

4 ways ITSM automation streamlines work to reduce IT burnout

Utilizing ITSM automation enables you to streamline and simplify various processes associated with IT service management. Beyond making these processes more rapid and effective, it also reduces the amount of time needed to perform previously manual tasks, resulting in reduced workloads and a lower chance of burnout for your IT team.

1. Incident management

Addressing issues in real time is a constant concern for IT teams. To ensure high-quality DEX, even as hybrid and remote work models add complexity to their jobs, IT teams must respond faster and resolve incidents in fewer interactions.

An automated self-healing solution can proactively detect, categorize and resolve device performance issues. This boosts IT staff efficiency and allows them to spend less time on manual tasks. For example, South Star Bank used automated, self-healing technology to resolve up to 80% of endpoint issues before users even reported them.

2. Problem management

Problem management — discovering and remediating the underlying causes of IT issues — is essential to stemming incidents. However, a 2023 study by ITSM.tools found only 38% of organizations had implemented problem management processes, due to a lack of understanding of how important they are and the difficulty of executing them manually.

Automating problem management processes — such as root cause analysis of device failures or risk management — using an ITSM solution allows Problem Managers to quickly detect and isolate similar recurring incidents, link incidents with known problems, organize problem management metrics, assign problem ownership and quickly escalate problems to Request for Change (RFC) status.

3. Configuration management

Configuration management across an entire organization is extremely hard to pull off using manual means, especially for a business of any notable size. But service management automation can make it far more achievable.

By automatically discovering all assets and devices across the network, a service management automation solution allows change managers to identify every CI (configuration item) that will be impacted by a proposed change, understand what the impacts of the changes will be and quickly uncover the root causes of incidents for faster resolution. ITSM automation also enables IT teams to see which known problems affect CIs and devise quicker, more efficient workarounds or fixes.

4. Change Management

As touched on in the previous section on configuration management, automated asset discovery helps ensure the changes IT implements are more effective and successful. This is accomplished by identifying potential risks up front.

For example, an automated asset discovery process can provide readily available insights so a Change Advisory Board (CAB) can review and easily answer key questions about matters like license allocation and the need for hardware or software updates. Importantly, having more complete asset information can accelerate emergency change requests where resolution time is crucial.

Want more on the benefits of automating ITSM?

If you'd like to learn more about the benefits of modernizing your ITSM approach, dive into our ITSM+ Toolkit.

And to explore more insights into the state of modern work environments, download the 2023 Everywhere Work Report.

How DEX Benefits IT & Security Operations: 5 Top Use Cases

Tue, 13 Feb 2024 12:58:49 Z

I was recently explaining the importance of digital employee experience (DEX) management to a consultant who is a self-described "digital nomad" and works from wherever he pleases. The connection to DEX may not have entirely been clear, until I explained that his ability to easily do his work remotely using online tools exemplifies what good DEX is all about in the era of Everywhere Work.

Improving DEX delivers benefits for IT efficiency, employee productivity and retention, unified endpoint management (UEM) and even cybersecurity. Based on our work in implementing digital employee experience management over the years, here are five top use cases we've seen where improving DEX can drive benefits for IT and security operations.

Enable discovery and visibility for your IT estate

The first use case we should explore when it comes to digital employee experience management is enabling discovery and visibility. It might not seem like it's related to DEX management. But it's essential for delivering quality digital experiences.

Unless you can discover and transparently monitor all the devices, assets and connections that are part of your IT estate, you're never going to be able to maximize DEX or reap other benefits, such as remediating vulnerabilities or delivering effective UEM. It comes down to this: to improve digital experiences being delivered via digital endpoints, you need to know what and where your endpoints are.

In our own research, we found that 31% of IT professionals were still using spreadsheets to track IT assets. When COVID-19 hit, IT departments were forced into a fast pivot to enable remote work. They took whatever measures they could to cope with the new work paradigm forced on them by the pandemic. This also meant providing the devices and tools employees needed to work from anywhere.

But afterward, many organizations throttled back on post-COVID IT spending. And now the challenge is how to best rein all this back in and gain control over your IT estate. One customer in the travel industry implemented an endpoint management solution because they needed to know what's actually going on in my environment? How many remote devices do I have? Where are they? Where are they connecting from? Where are they accessing information? Who's doing it?

They'd been relying on spreadsheets to track IT assets, but they knew that was unsustainable for a business with any significant number of distributed devices and apps. I've found that customers who adopt a solution that automates identification of all the assets on their network are nearly always surprised — sometimes shocked — at the results.

One transportation provider using our discovery solution was amazed to find there were 30% more devices on their network than they had expected.

There can be serious, costly conconsequences from not knowing all the assets on your network. For instance, an IT infrastructure's "ghost assets" can create a scary variety of compliance risks. Those can range from regulatory issues to inadvertently violating vendor contracts. Or maybe there's a networked fish tank thermometer somewhere that will let hackers breach your casino.

One transportation provider found it had 30% more devices on its network than expected.

Reduce the burden on your IT team

"Can you help me retrieve my password?" That's one of the most mundane — and common — requests to devour the time of an IT helpdesk. Only 34% of IT organizations have automated more than half of their network provisioning and change management tasks, meaning that a tremendous amount of IT tasks are still done manually. This is obviously a big drain on their time and a major expense for the organization. Plus, it drags them away from more strategic, high-value work.

What can lift this burden off their shoulders? A digital employee experience management platform that employs intelligent data collection and analysis with automated remediation. The root causes of the most common user experience issues can be automatically identified and resolved rapidly.

However, Ivanti's 2023 DEX Report finds that only a limited number of organizations are looking into self-healing technology to proactively solve IT issues. This frees administrators for more important work. Better yet, this improves the job satisfaction and morale of your IT team. They're spending less time firefighting, more time focused on more interesting and strategic projects.

Optimize device and app management

The average business user employs 2.6 connected devices during their workday. This gives them flexibility while creating challenges for IT teams. At many companies, those teams must support a minimum of four different operating environments — Windows, macOS, iOS and Android — to serve all employees. Each has its own unique configurations, applications, services and security protocols.

The arrival of the Internet of Things (IoT) is only making this more of a challenge. This means IT departments will absolutely need to automate as much of the monitoring and management of their device estate as possible to protect DEX, because when a device fails, doesn't integrate properly or isn't up to date, it drags down the user experience and stalls productivity. It's also why it's vital to deploy a digital employee experience management platform to help optimize user experiences across all those devices.

Kingston University in London realized that they were seeing battery failures on certain devices. They used endpoint management to monitor battery lifecycles and set thresholds so that when a battery was nearing end-of-life, a process was automatically triggered to send the user a replacement.

It's a case where proactively heading off a potential issue for a user before it affects them improves DEX.

How can you get outstanding DEX while improving IT operations?

Enhance security and compliance

How does adoption of a digital employee experience platform to improve DEX enhance security? The connection is obvious, when you consider it: when security measures are automated and don't interfere with employees' workaday activities, many compliance headaches simply vanish.

An Harvard Business Review survey found 67% of employees said they’d failed to fully adhere to cybersecurity policies at least once.

For example, by automatically installing a security patch on a remote device, you avoid the chance an employee might neglect a manual update. Patching will be smarter, faster and more efficient because your system will automatically prioritize vulnerabilities. Responsible DEX solutions reduce friction when workers need to access business resources, too.

Digital employee experience management should be able to spot potential IT and security issues before they impact the organization. It should also make recommendations on actions to remediate them and improve DEX. This way, problems get headed off before they even reach the proverbial pass.

Another benefit of automating these processes? Reducing the overall costs of security and compliance. This is attractive at a time when compliance managers are predicting higher costs, with nine of 10 respondents to an Accenture survey saying they expected "evolving business, regulatory, and customer demands to increase both their compliance-related and compliance operating costs by up to 30%" over 2023–24.

Streamline costs

Procurement is always a time-consuming and resource-intensive task for IT teams. Whether they're acquiring new devices, retiring older ones or trying to gauge whether they should sunset applications, it's a process where they're constantly dealing with a deluge of tasks like new user onboarding, license renewals and more.

A digital employee experience management solution that uses conversational AI and collaboration tools can solicit real-time, interactive feedback from users to track DEX and device/application performance.

This data can provide great guidance for answering key questions like, which devices or apps are being used most productively? What licenses are really being used, and which ones should we let expire? Is somebody requesting a device that we might reallocate instead of buying new hardware and software?

This way, an organization can optimize its hardware and software procurement budget while elevating DEX by supplying employees with the most appropriate and effective tools available.

Investing in digital employee experience (DEX) presents a powerful opportunity for IT to become a true strategic partner across the entire organization. Find out how to advocate for DEX in IT by checking out the fireside chat video below.

How Better DEX Benefits People + Performance: 3 Key Use Cases

Fri, 09 Feb 2024 14:00:00 Z

Adopting a digital employee experience (DEX) solution delivers benefits for everyone in an organization, from the C-suite on down.

A DEX solution provides contextual insights and intelligent automation capabilities that allow an IT team to proactively detect and resolve security vulnerabilities and other IT issues. This improves IT operations and an organization's cybersecurity and compliance posture. Just as importantly, a DEX solution can improve work culture, employee engagement and performance, enhancing an enterprise's resilience and competitiveness.

Before I go through the use cases that support DEX adoption, let's look at just some of the problems that arise with a poor digital employee experience.

The dangers of bad DEX

Knowledge workers who use digital technology to perform job tasks face an endpoint management challenge an average of 919 times per year, or approximately 3.67 problems per business day. Moreover, whenever a user is distracted from a job task, it can take them up to 20 minutes to re-focus on the work at hand even after an issue has gotten fixed. All of this can have a domino effect on their performance and that of their teammates.

A high frequency of employee experience issues also hinders the performance of IT administrators. About 40% of employees reach out to the helpdesk each week to resolve digital problems. Some of those issues are minor but so repetitive they become excessively time-consuming for IT staff, driving up IT costs and reducing productivity.

And if employees seek help from their peers instead of experts, they may unintentionally worsen a problem and obscure the root cause. This can drive an endless loop of recurring issues.

So how can a digital employee experience solution help solve these problems? Here are key use cases where I've seen it can drive major improvements.

Poor DEX can contribute to digital burnout and disengagement, poor performance and workforce attrition.

Remediate IT issues before they impact performance

When Forrester examined the real-world ROI a company could see from using our endpoint management software, it found one area where there were significant gains was by deploying automated self-healing to detect and remediate DEX issues.

A digital employee experience solution with self-healing capabilities enables automatic remediation of endpoint issues without manual IT involvement, so all endpoints can run without disruption. The 2022 commissioned Forrester Consulting Total Economic Impact™ study found a three-year benefit of over $560,000 for organizations that deployed such a self-healing environment.

As one interviewee for the study explained:

By doing some of the self-healing — updating old profiles, rebooting computers if they haven’t rebooted in seven days, patching in the evening — that work has helped our end users become more productive because the computers are getting back some of the resources that were being hogged up before…There is a financial benefit to the end-user side because of every minute they are able to save.

The benefit to IT helpdesks? Automating the resolution of these issues (even before users realize they exist!) frees IT from having to address them.

Boost employee engagement and retention

I'm particularly passionate about talent retention because it's so critical to business success, and it's really linked to DEX.

Post-pandemic, 45% of employees told us they're facing more technical issues than before COVID. 49% of knowledge workers felt the digital tools and environment provided by their organization were frustrating, and 65% believed they would be more productive with better technology at their disposal.

Additionally, a quarter of them felt a lack of suitable tech to be a contributing reason for quitting their jobs. These figures are even higher among IT teams and the C-suite. Even so, 30% of IT leaders have no process or metrics at all in place for evaluating DEX, and 38% still rely on HR engagement surveys.

This lack of visibility into DEX is bad news, since good DEX supports employee engagement, which is vital to business productivity and profitability:

Employees who are not engaged or who are actively disengaged cost the global economy $8.8 trillion in lost productivity in 2022, according to Gallup.
Recent data found 45% of US employees were looking for a better position elsewhere, and almost 23% of US employees left their jobs in 2022.
Even before the "Great Resignation," Gallup estimated poor retention was costing US companies $1 trillion per year.

Just 21% of IT leaders consider the end user experience to be the main priority when selecting new tech tools.

This is where a digital employee experience solution becomes essential. That's because it automates the process of gathering employee usage data and feedback so an organization can accurately assess its own DEX performance.

With contextual visibility into its digital environment in real time, it can capture intel and insights and focus on the most important DEX KPIs. Constantly gathering this data and analyzing it helps IT leaders quickly identify potential DEX issues. This allows you to calculate and eventually elevate the most important metric of all — your DEX score.

It's taken some time, but I've encountered more situations recently where IT departments are being brought into conversations with other teams, including Human Resources, to discuss the value of DEX in employee retention. HR and IT may be siloed on DEX issues, and there's an opportunity for synergy and collaboration to improve employee engagement and retention. More and more organizations are testifying about those benefits.

Another benefit? Better employee experiences can result in better customer experiences, which can have ripple effects on sales and profitability.

Let's also not forget how the tools used to improve DEX and HR service delivery can also make life easier for overburdened HR teams, too!

Foster cross-functional collaboration

Another sign of how companies recognize the need to improve employee experience is the growing number of senior management roles focused on employee experiences — whether called chief employee experience officers, chief workplace experience officers or even chief happiness officers.

Part of that job is about elevating DEX, because that solves a range of problems for the entire organization. We've already touched on how a digital employee experience solution can help with employee satisfaction and retention, benefiting HR. But better DEX drives other improvements for multiple departments and disciplines across an organization

At a recent Gartner IT Symposium, Chris Goettl, Ivanti’s Vice President of Product Management, discussed how to use technologies like this to reduce the friction between IT and corporate security teams. They often don’t speak the same language or gather the same data, but there are overlaps and they should be on the same page: They’re both interested in standardizing and automating processes, proactively detecting issues and remediating them before they affect the organization.

Live Webinar: Shattering Silos: Practical Ways to Align Security and IT

A digital employee experience solution that can detect potential IT and security issues and make immediate remediation recommendations helps both these teams succeed in unison.

In another example, a digital employee experience solution can improve the job of the procurement team by giving visibility into what devices or apps are being productively used by workers — and which aren't. This informs decision-making about license renewals, hardware and software purchases, cloud services consumption and budgeting.

A digital employee experience solution is indispensible

Boosting DEX by adopting a digital employee experience solution drives across-the-board benefits, not only operationally but for cybersecurity. It also supplies the kind of seamless, from-everywhere work environment that employees find more satisfying and that some research indicates has made them more productive.

As Andrew Hewitt, principal analyst at Forrester sums it up in a 2023 blog post:

So while DEX may seem like a “nice-to-have,” it’s an absolute must, especially when degraded employee experiences negatively impact customer and business outcomes.

In today's business landscape, it's imperative to hold onto talented employees while maximizing their productivity, and a best-in-class DEX solution is key to making that happen.

Ethics of Telemetry Collection for Employee Experience Improvement

Tue, 05 Sep 2023 14:16:43 Z

Data collection has become an increasingly essential tool for businesses, allowing them to gather insights about their customers and employees. But it also raises the question of ethics: what data should be collected, how should it be used and who should have access to it?

In this article, we'll explore the ethical implications of collecting employee experience data through telemetry. We'll also examine the legal framework surrounding data collection and telemetry, as well as the benefits and dangers associated with it. Lastly, we'll discuss how to develop and implement an ethical workplace telemetry collection protocol that ensures employee rights are protected and privacy is respected.

Some examples of data that can be collected in this manner include:

Installed applications.
Running or stopped processes and services.
Firewall and antivirus compliance.
Default browser detection.
Disk space and profile size.
Application faults/crashes.
Local event information.

Understanding the legal framework of data and telemetry collection

The European Union's General Data Protection Regulation (GDPR) sets out the legal framework for collecting personal data from individuals within the EU. It states that employers must obtain consent before collecting or using any personal data from their employees, including telemetry data.

The California Consumer Privacy Act (CCPA) also imposes restrictions on collecting employee information in California. These regulations provide a basis for businesses to ensure that they are collecting data in a responsible manner that respects the privacy and rights of their employees. Businesses must take steps to ensure they are compliant with these regulations, such as implementing data security measures and providing employees with clear information about how their data is being used.

In addition to GDPR and CCPA, there are other laws regarding employee privacy that employers must consider when collecting telemetry data. For example, some U.S. states have laws that require employers to provide notice of any monitoring activities they conduct. It's important for employers to understand these laws and ensure they're compliant with them when developing their telemetry collection protocols.

When considering the ethics of collecting employee experience data through telemetry, there's a distinction between data privacy and employee privacy:

Data privacy is focused on protecting an individual's personal information from being misused or shared without their consent.
Employee privacy protects employees' rights in the workplace, such as freedom from surveillance or discrimination.

Employers must consider both perspectives when implementing a telemetry collection protocol to ensure they remain compliant with all relevant laws and protect employee rights in the workplace.

The employee experience impacts of collecting their data

Collecting employee experience data through telemetry can have a number of positive employee experience impacts for businesses.

It allows employers to gain valuable insights into how their employees are performing, what areas need more support and attention, and how the working environment is affecting employee engagement and morale.

Measuring employee engagement and satisfaction is one of the main advantages of collecting telemetry data. For example, employers can track changes in productivity, efficiency, and performance over time to determine whether any improvements need to be made. This helps to ensure that their employees are motivated and engaged in their work, as well as identify any areas where they may need additional training or support.

Additionally, collecting this type of data helps employers understand which processes or practices are having a positive effect on job satisfaction and which ones might be creating issues for employees.

By understanding these dynamics, employers can make adjustments to ensure that their workplace remains an enjoyable environment for all staff members.

Another of these employee experience impacts comes in how collecting employee experience data through telemetry enables businesses to protect the rights and privacy of their workers at all times.

The dangers of collecting employee experience data

The utilization of employee experience data via telemetry carries with it several possible risks which must be managed carefully.

Employers must take the proper steps to ensure that any private information gathered is securely stored and protected from unauthorized access or use. Companies should also consider how long such data should be kept on file to avoid collecting unnecessary information.

They need to assess the balance between monitoring employees' activities for the purposes of fostering positive employee experience impacts and driving performance optimization without workers feeling as if they’re being constantly monitored and judged.

It's essential that an open dialogue exists between employer and employee. That way, everyone can agree on what metrics will be tracked while also allowing workers to provide meaningful feedback if needed.

It's important for employers to recognize the potential impact that collecting this type of data may have on employees' morale. If not done properly, it could create resentment towards management and high turnover rates if individuals feel their work isn't valued for anything beyond its output metrics.

Companies should always remain cognizant of any legal ramifications associated with collecting employee experience data without obtaining prior approval from workers beforehand. To ensure that privacy is maintained and regulations such as GDPR are adhered to, any identifying data can be anonymised to ensure that users remain incognito and no PII (Personal Identifying Information) is stored.

Developing an ethical telemetry collection protocol

Creating an ethical framework for collecting telemetry data from employees is essential to protecting their rights and privacy. It requires employers to take the proper steps and adhere to legal frameworks while considering the potential risks associated with this type of data collection.

To build trust with their employees, employers should conduct a thorough data audit to determine what information is necessary for monitoring performance and measuring engagement.

They should also create policies outlining how personal information collected via telemetry will be stored securely and only accessed by those with appropriate authorization levels.

Involving employees in decisions about telemetry protocols is equally important. Employees should be consulted, given the opportunity to provide feedback (such as via an employee survey, forum or council) on how their data is being used, and informed of any potential impacts on morale or comfort levels related to its collection.

Ensuring that any agreement with employees is documented and always accessible will help to ensure that the agreed rules and boundaries are maintained. Whenever a disagreement or grievance is lodged, being able to refer to a documented policy will help both parties familiarize themselves with the telemetry protocols.

Taking into account these considerations can help employers make informed decisions about how best to use telemetry while still taking advantage of its benefits for employee experience improvement.

Implementing the telemetry collection protocol in the workplace

Once a telemetry protocol has been drafted and agreed upon between the business and employees, it’s important to take the right next steps to ensure that it’s implemented.

The initial step towards implementing a telemetry collection protocol is assigning personnel who are accountable for handling the gathered data, setting clear expectations for how the information will be used, and making sure employees understand their rights when it comes to safeguarding their personal information.

Employers should develop internal regulations outlining how employee experience data will be safeguarded securely and what measures will be taken to protect employee privacy.

Ultimately, businesses must provide transparent communication about accumulating employee experience data through telemetry. Again, the point is to generate positive employee experience impacts, not dissension and distrust. They also need to guarantee that all gathered data always remains confidential and secure. Plus, they should outline any potential consequences for failing to adhere to established protocols or misuse of access privileges granted via telemetry usage.

These consequences would be specific to the business implementing a telemetry protocol but could include disciplinary action or even termination of employment.

The employee experience impacts of telemetry-based data collection can be significant and beneficial for the organization and its workers. By following these guidelines and staying aware of the consequences and legalities, you can ensure its success for everybody.

How Consolidating Your Tech Stack Drives DEX Outcomes

Thu, 29 Jun 2023 15:25:35 Z

Every month, it seems that a new “must use” tool hits the market. What ends up happening is IT teams are gifted a hodge-podge of tools — snowballing into unnecessary frustration and increased workloads.

“The issue is there are so many technologies and ways you can have this experience, and it is very easy to fall into a trap of having too many tools and that will dilute your experience and lead to frustration. We have information on multiple SharePoint sites, Teams, Yammer, Service Now, One Drive and who knows what else exists, so we have a very bad experience as you do not know where to find things, and if you do not follow any of those channels, you will miss stuff. Pick your standard and do not fall into the trap of implementing the flavor of the month.”

- Team Lead, Emerson Electric Co

Growing digital environments with too many disparate tools has created a scenario where optimizing digital experiences across various devices and locations is falling short, preventing your organization’s ability to effectively adapt to Everywhere Work.

When laying the foundation for an improved digital employee experience (DEX), consolidating your tech stack is a crucial component.

Why unmanaged tools and assets are hurting your DEX

Some organizations have reported their digital transformation being accelerated by three to five years since 2020. Unlike a few years ago, assets no longer live just in the office. They are scattered across the globe and increasing in quantity. Recent reports show the average employee uses 2.6 devices to get their job done.

But with more assets come more problems. 45% of employees have experienced more tech issues since 2020, with the average employee running into 3.67 endpoint issues a day.

This volume of daily issues means that valuable insights are growing fast and in different places.

Being able to navigate this complex environment in a timely manner to address all issues proactively poses a challenge when your tools and systems don't talk to each other.

A more complex environment without the proper tools has IT and security professionals feeling the heat. 73% report an increased workload since their organization adopted hybrid/remote work. In fact, nearly 1 in 3 IT and security professionals report losing at least one team member due to burnout.

And these types of work environments aren’t going away anytime soon. According to our Everywhere Work research:

71% of office workers want to work either hybrid (with control over which days they come to the office) or remote.
66% of employees say they have experienced no negative side effects due to remote work.
71% of C-Suite admit hybrid working has had a positive impact on employee morale.

Some organizations are already taking action. A recent survey conducted by EMA, found that a resounding 86% of respondents are looking to consolidate asset-related tools and 18% are actively planning to manage all asset types on one platform.

“Centralization is critical. Having too many tools is an issue for us.”

- System Administrator, CFCU Community Credit Union

Consolidating your tech stack lays the groundwork for automation, which helps decrease workloads and ultimately deter digital burnouts for your IT and security teams. With technology becoming more entwined with the daily operations of employees, making sure you provide efficient ways to manage, secure and support this environment for your IT teams is crucial to delivering improved experiences.

Space for video

Benefits of consolidating your tech stack

Consolidating your tech stack aids DEX initiatives in many ways, including: 

1. Reducing complexity for your IT staff

It's time to kick manual processes and inefficient workloads to the curb. Connecting and simplifying your organization’s workflows streamlines and automates your IT environments. This removes unnecessary complexity and enables improved experiences for your IT teams.

2. More responsive and efficient IT support

28% of employees wish for a more responsive service desk. When IT has all the information in a single place, they can address and resolve tickets quicker and more effectively.

3. Preventing issue before they happen

Quickly resolving issues and, ideally, preventing issues in the first place, creates betterexperiences. Research shows it can take up to 20 minutes for workers to refocus on a task. When you simplify your tech stack and enable access to valuable insights in one place, preventing issues becomes a breeze. You get to keep employees out of the service queue and focused on their jobs, reclaiming thousands of hours of lost productivity across your organization.

When looking to create better employee experiences in the Everywhere Work era, consolidating your tech stack is a step you can’t afford to skip. Simplifying and streamlining your IT structure makes life easier for your IT and security teams — freeing up their time to understand employee sentiment, track and optimize experiences over time and prevent issues before they occur.

To learn more about DEX, watch our on-demand webinar to get A step-by-step guide to planning and measuring digital employee experience.

How Cloud Migration Helps Improve Employee Experience

Mon, 26 Jun 2023 15:06:19 Z

The old saying goes, “practice what you preach.” When Ivanti started its "Customer Zero" initiative, Bob Grazioli, Chief Information Officer, saw it as a perfect opportunity to test the products and services consumed by customers.

For example, during Ivanti’s move to the cloud, Grazioli and the team experienced the same issues that customers would’ve experienced in their migration process. This first-hand experience allowed them to make improvements along the way. Listen to Grazioli go into detail about other crucial findings in the Customer Zero initiative and how expanding ITSM helps elevate the employee experience.

Key learnings from Ivanti’s "Customer Zero" program

"That's great to call out our Customer Zero program because we're really proud of it, actually. We are the first customer in Ivanti. We take every one of our tools that are obviously applicable to IT or SaaS and we implement them first, before the customer,  to provide the feedback to our product managers, our engineering team and make sure that that feedback either makes it into the product or eliminates any potential problems that our customers might experience if something obviously wasn't discovered during our testing.  

"But having said that, we have learned an awful lot about actually moving from on-prem to SaaS. If you look at what we've done with Customer Zero, our focus now has been to take a look at the Ivanti on-prem products and move ourself to the cloud. Obviously, I manage SaaS, so I'm very biased towards being in the cloud and that is our focus right now. So, we've taken patch, we've moved that from on-prem to cloud.

"We now have taken our ITSM converged product with workflow management, with all of low-code, no code, we moved that into IT for ITSM. We have our own CMDB that we're running against Discovery. Going out to our data centers, we have close to what, 40 different geos globally that we manage — thousands and thousands of assets across all of those data centers. Those are all being discovered placed in our own CMBD and managed.  

"We're now deploying GRC for our compliance. We were like a lot of, you know, companies struggle through our SOC 2, SOC 2 type 2, where artifacts are put into certain repositories. We managed those assets. Now we have GRC, where all those artifacts get managed to ITSM. They're linked to the proper controls. It makes the audit process so much simpler, so much easier for us to get through every year for compliance.   

"We’re learning that through the efficiency of moving to cloud from on-prem to SaaS, we're learning those efficiencies do save us time, have a great ROI in terms of the OpeEx - CapEx equation, if most of you CIOs that go through that, there is a big advantage on the Capex-Opex side."

Using ITSM to support a broader organization

"And then, just having all of our data in the cloud in ITSM, as I said earlier, becoming a single source of truth for Patch, Discovery, RiskSense [now known as Risk-Based Vulnerability Mangement] vulnerabilities. And obviously, the main focus, all the tickets that are created on the customer facing side, giving us insight into the customer, into what they're using or what they're not using. So really, adoption, big part of obviously what you need in SaaS to manage, the real true user experience.  

"It really has been eye opening, moving all of our products from on-prem to SaaS, leveraging those SaaS products in our own cloud, gaining that experience, pushing it back to product managers, pushing it back to engineering to produce a better quality product and a better service for all of our customers as they migrate to the cloud.  

"So, we kind of blunt any particular problems that our customers would have experienced when they move from on-prem to cloud. Customer Zero - it's definitely eliminating a lot of issues that customers would have had if they move on-prem to SaaS. And we're providing valuable telemetry to help improve our product and improve the quality and service to our customers."

Important takeaways from Ivanti’s Customer Zero initiative

"Well, so we've improved our catalog for service requests and so on. That is the evolution of what ITSM should do. But DEX is the key. Having all of those tickets in ITSM that show customer issues or customer successes or what they're using in our product, etc.

"That is the game changer because now, as I said earlier, having DEX out there, looking at all those tickets, analyzing the tickets and then proactively either anticipating a problem with their device or potentially the way a customer is adopting certain technologies that we pushed out into the environment.

"Those tickets are gold for that level of telemetry that allows us to gain the insights we need to provide the customer with a better experience. I think ticket management is really, it's tough — you don't want a lot of tickets, obviously, because sometimes that's not a good thing. But what these tickets represent in terms of knowledge of the customer, it really is instrumental in us making things better, making the service better and having the customer have a better experience."

How to use DEX to drive cultural change

"I mean, we use the word culture, but let's face it, the generation of customers that are out there today growing up with technology and having the ability to control a lot of that technology right at their fingertips, that's really what you're trying to accommodate.

"You don't want someone to come into your company as an employee and have them not have that same experience. Not have them engaged with technology the same way they can engage at home or anywhere else out in the market. That's what we're trying to get to and be for that customer.  

"And we're doing that because today, with the proactive nature that we're creating within our products. Proactive nature, that's DEX.

"That's having all that intelligence to engage the customer with empathy and with a proactive approach to giving them a solution to whatever issue they have. It’s empathy to what they're going through and then proactively providing them with a fast, reliable solution to whatever experience they're calling in on.

"I think that's our goal and I think ITSM is evolving to that because again, of the amount of information it's able to collect and use with all of the AI and ML that we're applying to it, to really create that more proactive experience with a very intelligent, very tech savvy customer that we have both in and outside our company.  

"And that’s happening. That's the culture, if you will, that I see, that I'm engaged with, and we want to make sure our products can satisfy."

Broadening ITSM to support other areas brings with it new levels of proactive troubleshooting and empathy, helping you drive a better digital employee experience.

If you’d like to learn more, dive into our ITSM + toolkit and listen to this on-demand webinar on Expanding your ITSM: key learnings for building connected enterprise workflows.

8 Attack Surface Reduction Best Practices for Organizations

Tue, 20 Jun 2023 14:32:34 Z

Increases in attack surface size lead to increased cybersecurity risk. Thus, logically, decreases in attack surface size lead to decreased cybersecurity risk.

While some attack surface management solutions offer remediation capabilities that aid in this effort, remediation is reactive. As with all things related to security and risk management, being proactive is preferred.

The good news is that ASM solutions aren't the only weapons security teams have in the attack surface fight. There are many steps an organization can take to lessen the exposure of its IT environment and preempt cyberattacks.

How do I reduce my organization’s attack surface?

Unfortunately for everyone but malicious actors, there’s no eliminating your entire attack surface, but the following best practice security controls detailed in this post will help you significantly shrink it:

Reduce complexity
Adopt a zero trust strategy for logical and physical access control
Evolve to risk-based vulnerability management
Implement network segmentation and microsegmentation
Strengthen software and asset configurations
Enforce policy compliance
Train all employees on cybersecurity policies and best practices
Improve digital employee experience (DEX)

As noted in our attack surface glossary entry, different attack vectors can technically fall under multiple types of attack surfaces — digital, physical and/or human. Similarly, many of the best practices in this post can help you reduce multiple types of attack surfaces.

For that reason, we have included an attack surface reduction checklist along with each best practice that signifies which type(s) of attack surface a particular best practice primarily addresses.

#1: Reduce complexity

Digital attack surface	Physical attack surface	Human attack surface
X	X

Reduce your cybersecurity attack surface by reducing complexity. Seems obvious, right? And it is. However, many companies have long failed at this seemingly simple step. Not because it’s not obvious, but because it hasn’t always been easy to do.

Research from Randori and ESG reveals seven in 10 organizations were compromised by an unknown, unmanaged or poorly managed internet-facing asset over the past year. Cyber asset attack surface management (CAASM) solutions enable such organizations to identify all their assets — including those that are unauthorized and unmanaged — so they can be secured, managed or even removed from the enterprise network.

Any unused or unnecessary assets, from endpoint devices to network infrastructure, should also be removed from the network and properly discarded.

The code that makes up your software applications is another area where complexity contributes to the size of your attack surface. Work with your development team to identify where opportunities exist to minimize the amount of executed code exposed to malicious actors, which will thereby also reduce your attack surface.

#2: Adopt a zero trust strategy for logical and physical access control

Digital attack surface	Physical attack surface	Human attack surface
X	X

The National Institute of Standards and Technology (NIST) defines zero trust as follows:

“A collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised.”

In other words, for every access request, “never trust, always verify.”

Learn how Ivanti can help you adopt the NIST CSF in The NIST Cybersecurity Framework (CSF): Mapping Ivanti’s Solutions to CSF Controls

Organizations taking a zero trust approach to logical access control minimizes the attack surface — and likelihood of data breaches — by continuously verifying posture and compliance and providing least-privileged access.

And while zero trust isn't a product but a strategy, there are products that can help you implement a zero trust strategy. Chief among those products are those included in the secure access service edge (SASE) framework:

Software-defined wide area network (SD-WAN)
Secure web gateway (SWG)
Cloud access security broker (CASB)
Next-generation firewall (NGFW)
Zero trust network access (ZTNA)

And though it’s not typically viewed in this manner, a zero trust strategy can extend beyond logical access control to physical access control. When it comes to allowing anyone into secure areas of your facilities, remember to never trust, always verify. Mechanisms like access cards and biometrics can be used for this purpose.

#3: Evolve to risk-based vulnerability management

Digital attack surface	Physical attack surface	Human attack surface
X

First, the bad news: the US National Vulnerability Database (US NVD) contains over 160,000 scored vulnerabilities and dozens more are added every day. Now, the good news: a vast majority of vulnerabilities have never been exploited, which means they can’t be used to perpetrate a cyberattack, which means they aren't part of your attack surface.

In fact, a ransomware research report from Securin, Cyber Security Works (CSW), Ivanti and Cyware showed only 180 of those 160,000+ vulnerabilities were trending active exploits.

Comparison of total NVD vulnerabilities vs. those that endanger an organization

Only approximately 0.1% of all vulnerabilities in the US NVD are trending active exploits that pose an immediate risk to an organization

A legacy approach to vulnerability management reliant on stale and static risk scores from the Common Vulnerability Scoring System (CVSS) won’t accurately classify exploited vulnerabilities. And while the Cybersecurity & Infrastructure Security Agency Known Exploited Vulnerabilities (CISA KEV) Catalog is a step in the right direction, it's incomplete and doesn't account for the criticality of assets in an organization’s environment.

A true risk-based approach is needed. Risk-based vulnerability management (RBVM) — as its name suggests — is a cybersecurity strategy that prioritizes vulnerabilities for remediation based on the risk they pose to the organization.

Read The Ultimate Guide to Risk-Based Patch Management and discover how to evolve your remediation strategy to a risk-based approach.

RBVM tools ingest data from vulnerability scanners, penetration tests, threat intelligence tools and other security sources and use it to measure risk and prioritize remediation activities.

With the intelligence from their RBVM tool in hand, organizations can then go about reducing their attack surface by remediating the vulnerabilities that pose them the most risk. Most commonly, that involves patching exploited vulnerabilities on the infrastructure side and fixing vulnerable code in the application stack.

#4: Implement network segmentation and microsegmentation

Digital attack surface	Physical attack surface	Human attack surface
X

Once again, borrowing from the NIST glossary, network segmentation is defined as follows:

Splitting a network into sub-networks, for example, by creating separate areas on the network which are protected by firewalls configured to reject unnecessary traffic. Network segmentation minimizes the harm of malware and other threats by isolating it to a limited part of the network.

From this definition, you can see how segmenting can reduce your attack surface by blocking attackers from certain parts of your network. While traditional network segmentation stops those attackers from moving north-south at the network level, microsegmentation stops them from moving east-west at the workload level.

More specifically, microsegmentation goes beyond network segmentation and enforces policies on a more granular basis — for example, by application or device instead of by network.

For example, it can be used to implement restrictions so an IoT device can only communicate with its application server and no other IoT devices, or to prevent someone in one department from accessing any other department’s systems.

#5: Strengthen software and asset configurations

Digital attack surface	Physical attack surface	Human attack surface
X

Operating systems, applications and enterprise assets — such as servers and end user, network and IoT devices — typically come unconfigured or with default configurations that favor ease of deployment and use over security. According to CIS Critical Security Controls (CIS Controls) v8, the following can all be exploitable if left in their default state:

Basic controls
Open services and ports
Default accounts or passwords
Pre-configured Domain Name System (DNS) settings
Older (vulnerable) protocols
Pre-installation of unnecessary software

Clearly, such configurations increase the size of an attack surface. To remedy the situation, Control 4: Secure Configuration of Enterprise Assets and Software of CIS Controls v8 recommends developing and applying strong initial configurations, then continually managing and maintaining those configurations to avoid degrading security of software and assets.

Here are some free resources and tools your team can leverage to help with this effort:

CIS Benchmarks List – Configuration recommendations for over 25 vendor product families
NIST National Checklist Program (NCP) – Collection of checklists providing guidance on setting software security configurations
CIS-CAT Lite — Assessment tool that helps users implement secure configurations for a range of technologies

#6: Enforce policy compliance

Digital attack surface	Physical attack surface	Human attack surface
X	X

It’s no secret that endpoints are a major contributor to the size of most attack surfaces — especially in the age of Everywhere Work when more employees are working in hybrid and remote roles than ever before. Seven in 10 government employees now work virtually at least part of the time.

It’s hard enough getting employees to follow IT and security policies when they’re inside the office, let alone when 70% of them are spread all over the globe.

Unified endpoint management (UEM) tools ensure universal policy compliance by automatically enforcing policies. This fact should come as no surprise to IT and security professionals, many of whom consider UEM a commodity at this point. In fact, Gartner predicts that 90% of its clients will manage most of their estate with cloud-based UEM tools by just 2025.

Nonetheless, UEM is the best option for enforcing IT and security policy compliance, so I'd be remiss to omit it from this list.

Read The Ultimate Guide to Unified Endpoint Management and learn about the key business benefits and endpoint security use cases for modern UEM solutions.

Additionally, beyond compliance, modern UEM tools offer several other capabilities that can help you identify, manage and reduce your attack surface:

Have complete visibility into IT assets by discovering all devices on your network — a key ASM capability for organizations without a CAASM solution.
Provision devices with the appropriate software and access permissions, then automatically update that software as needed — no user interactions required.
Manage all types of devices across the entire lifecycle, from onboarding to retirement, to ensure they'reproperly discarded once no longer in use.
Automatically enforce device configurations (refer to #5: Strengthen software and asset configurations to learn more about the importance of this capability).
Support zero trust access and contextual authentication, vulnerability, policy, configuration and data management by integrating with identity, security and remote-access tools. For example, UEM and mobile threat defense (MTD) tools can integrate to enable you to enact risk-based policies to protect mobile devices from compromising the corporate network and its assets.

#7: Train all employees on cybersecurity policies and attack surface reduction best practices

Digital attack surface	Physical attack surface	Human attack surface
		X

Seventy-four percent of breaches analyzed for the 2023 Verizon Data Breaches Investigation Report (DBIR) involved a human element.

Thus, it should come as no surprise when you review the data from Ivanti’s 2023 Government Cybersecurity Status Report and see the percentages of employees around the world that don’t believe their actions have any impact on their organization’s ability to avert cyberattacks:

Do employees think their own actions matter?

Many employees don't believe their actions impact their organization's ability to stay safe from cyberattacks.

In the immortal words of Alexander Pope: “To err is human…” In cybersecurity terms: until AI officially takes over, humans will remain a significant part of your attack surface. And until then, human attack surfaces must be managed and reduced wherever possible.

Thus far, the best way to do that's proven to be cybersecurity training, both on general best practices and company-specific policies — and definitely don’t forget to include a social engineering module.

Many cybersecurity practitioners agree. When the question “In your experience, what security measure has been the most successful in preventing cyberattacks and data breaches?” was posed in Reddit's r/cybersecurity subreddit, many of the top comments referenced the need for user education:

Reddit / u/Forbesington

Reddit / u/slybythenighttothecape

Reddit / u/_DudeWhat

Reddit / u/onneseen

To once again borrow from CIS Controls v8, Control 14: Security Awareness and Skills Training encourages organizations to do the following: “Establish and maintain a security awareness program to influence behavior among the workforce to be security conscious and properly skilled to reduce cybersecurity risks to the enterprise.”

CIS — the Center for Internet Security — also recommends leveraging the following resources to help build a security awareness program:

Security and IT staff — not just those in non-technical roles — should also be receiving cybersecurity training relevant to their roles. In fact, according to the IT and security decision-makers surveyed by Randori and ESG for their 2022 report on The State of Attack Surface Management, providing security and IT staff with more ASM training would be the third most-effective way to improve ASM.

Ensuring partners, vendors and other third-party contractors take security training as well can also help contain your human attack surface.

#8: Improve digital employee experience (DEX)

Digital attack surface	Physical attack surface	Human attack surface
X		X

No matter how much cybersecurity training you provide employees, the more complex and convoluted security measures become, the more likely they are to bypass them. Sixty-nine percent of end users report struggling to navigate overly convoluted and complex security measures. Such dissatisfied users are prone to distribute data over unsecured channels, prevent the installation of security updates and deploy shadow IT.

That seems to leave IT leaders with an impossible choice: improve digital employee experience (DEX) at the cost of security or prioritize security over experience? The truth is, security and DEX are equally important to an organization’s success and resilience. In fact, according to research from Enterprise Management Associates (EMA), reducing security friction leads to far fewer breach events.

So what do you do? Ivanti’s 2022 Digital Employee Experience Report indicates IT leaders — with support from the C-suite — need to put their efforts toward providing a secure-by-design digital employee experience. While that once may have seemed like an impossible task, it’s now easier than ever thanks to an emerging market for DEX tools that help you measure and continuously improve employees’ technology experience.

Read the 2022 Digital Employee Experience Report to learn more about the role DEX plays in cybersecurity.

One area in which organizations can easily improve both security and employee experience is authentication. Annoying and inefficient to remember, enter and reset, passwords have long been the bane of end users.

On top of that, they’re extremely unsecure. Roughly half of the 4,291 data breaches not involving internal malicious activity analyzed for the 2023 Verizon DBIR were enabled through credentials — about four times the amount enabled by phishing — making them by far the most popular path into an organization’s IT estate.

Passwordless authentication software solves this problem. If you’d like to improve end user experience and reduce your attack surface in one fell swoop, deploy a passwordless authentication solution that uses FIDO2 authentication protocols. Both you and your users will rejoice when you can say goodbye to passwords written on Post-it Notes forever.

For more guidance on how to balance security with DEX, refer to the following resources:

Additional guidance from free resources

Ivanti’s suggested best practices for reducing your attack surface combine learnings from our firsthand experience plus secondhand knowledge gleaned from authoritative resources.

And while these best practices will indeed greatly diminish the size of your attack surface, there’s no shortage of other steps an organization could take to combat the ever-expanding size and complexity of modern attack surfaces.

Check out the following free resources — some of which were referenced above — for additional guidance on shrinking your attack surface:

Next steps

So, you’ve implemented all the best practices above and you’re wondering what’s next. As with all things cybersecurity, there’s no time for standing still. Attack surfaces require constant monitoring.

You never know when the next unmanaged BYOD device will connect to your network, the next vulnerability in your CRM software will be exploited or the next employee will forget their iPhone at the bar after a team happy hour.

On top of tracking existing attack vectors, you also need to stay informed about emerging ones. For example, the recent explosion of AI models is driving substantial attack surface growth, and it’s safe to say more technologies that open the door to your IT environment are on the horizon. Stay vigilant.

ITSM’s Role in Building a Connected Enterprise: The Perspective of a CIO

Wed, 14 Jun 2023 22:04:09 Z

With 73% of IT and security professionals reporting an increased workload since hybrid and remote work started, ITSM is a game changer for your organization. By automating workloads and increasing visibility, you’re able to build up the resiliency of your IT operations and proactively resolve problems.

But getting started can be hard. That’s why Bob Grazioli, Ivanti’s Chief Information Officer, sat down to share his perspective gathered over more than 25 years in the field. Not only does he dive into how ITSM improves your current operations, but he also discusses what other IT managers and CIOs have to say.

Noticeable trends with ITSM

"In Ivanti, our ITSM environment has dramatically expanded into obviously workflows, into lines of business. And, with the integration of ITSM into security products like our own product RiskSense [now known as Risk-Based Vulnerability Mangement], Patch, and Discovery, you're looking at ITSM being a single source of truth for many parts of the IT organization.

"If I have Discovery to discover all my assets, that includes data center and the devices on the edge. So, I have all my products now in my asset manager to manage. I have Patch now available to look at and patch those assets, secure those assets as they need to be secured.

"Now, with the integration of RiskSense into ITSM, we're able now to take ITSM and move that into our CI/CD. Why is that important? Because ITSM now can accumulate the type of vulnerabilities in tickets that are generated during the build process and allow us to have insights into the severity of those tickets and making sure that those tickets or security vulnerabilities are resolved before deployment of products into the operating environment.

"Now I manage both IT and SaaS for Ivanti, so it's critical for me to make sure that whatever our developers are pushing into production, it's secure, it's been validated, right, as being secure. It does not obviously impact our customers as they use our SaaS products globally and around the world."

How understanding your IT estate improves security

"Yeah, it truly, I believe is a game changer. I'll tell you why. Because before this, the IT organization was trying to go into different systems, making sure they can see these vulnerabilities. Normally the scanning systems would be the repository for these vulnerabilities.

"They would get pushed back into engineering or into SRE for them to evaluate the severity.

"But having ITSM being that single point of accumulation for all the vulnerabilities, that really is a game changer because of the awareness it creates throughout Dev, SRE and our Ops security folks.

"So, it really does change the perspective of how you can manage security vulnerabilities across the whole SDLC.

"You are basically stopping anything that could impact production from getting out into the environment. So, absolutely a big game changer for us and our customers going forward." 

How ITSM is becoming a single source of truth

"In my role, obviously, as CIO, I talk to my peers, but also I have that unique perspective because I do manage the SaaS side of the house and I do speak to our SaaS customers - IT managers, CIOs, etc. And they're very, very insightful for me to speak to because they do broaden out where they're using ITSM and how they are expanding it into other areas that I might not have necessarily thought it was even applicable.

"They're giving us tremendous insight. And one of those insights, obviously, is around security, but also around the compliance. Especially in in the SaaS side of the House, we are focused on compliance both at the federal level, like with FedRAMP, the Fed Cloud, we have our ISO standards, we have our SOC standards, We have GDPR, we have ISMAP; all these international standards that are very important for us to provide services to our SaaS customers.

"And ITSM is used really as where these artifacts are to manage the controls, to manage the flow of compliance that we need to report on as we go through different audits, etc. So, ITSM has really become a single source of truth for almost every aspect of how you need to manage IT.

"It’s not just the vulnerabilities, it's also being able to manage all the compliance artifacts and the controls that are required to certify yourself under those specific compliance standards.

"So, really important as you evolve ITSM as a single source of truth. Compliance is another big area that I hear a lot of my customers and CIOs that I talk to trying to leverage ITSM for."

From being a single point of accumulation for all vulnerabilities, to expanding into business workflows, ITSM will continue to stay prominent. If you want to dive deeper into this topic, read out ITSM + Toolkit and watch our on-demand webinar on expanding your ITSM to build connected enterprise workflows.

DEX's Role in Bringing Generations Together

Thu, 11 May 2023 09:00:00 Z

Key takeaways

There are four generations in the workforce – each expecting something else from technology.
Organizations need to find a balance between technological innovations and comfortable tools for all generations.
By integrating accessibility into technologies and methodologies, organizations can build work environments that work for everyone.
Organizations should consider implementing automation and AI to improve their digital employee experience and bring generations together.

Download the Digital Employee Experience Report and explore research results.

For the first time in history, there are four generations in the workforce:

Baby Boomers (1946 to 1964).
Generation X (1965-1980).
Millennial (1981-1996).
Generation Z (1997-2012).

This puts organizations in a unique situation – how do you make the correct adjustments for such a wide-ranging workforce? We are interacting with tech in nearly every aspect of our lives. And each generation has their own preferences, expectations and drivers for using tech.

Workers of all generations have struggled to adapt to remote and hybrid work environments, finding themselves in an uphill battle to build positive interactions with new tools and devices. This has been exacerbated by the rapid pace of technological development.

“DEX is great, but I believe we should also leave some space to the older generations who are not so familiar with new technologies and can function more efficiently in traditional environments.”

- Ivanti Innovator

By 2030, one in every five Americans will be of retirement age, with 65% of Boomers planning on working past the retirement age of 65. By 2050, people in the European Union aged 75-84 years will expand by 56.1%. Employment rates for people aged 50-69 are also expected to rise to 65% in 2035, with 12% of office workers already being 59 years or older. This can’t be overlooked as it points to more diversity in how workers interact with their technology and what they expect from their employers.

For example, Millennials in a Gartner report rated socialization and passion as strong motivators for working at an organization, giving it the highest rating of five. Meanwhile, Baby Boomer and Gen X rate these two categories at one and three, respectively.

Even though a large portion of the workforce is still over the age of 50, Gen Z is projected to make up 27% of the workforce by 2025. This growing dichotomy means that employees, even if they work for the same company or on the same team, will have vastly different work methods and expectations from their employers.

Inclusivity is the key to tapping into new growth in this era of Everywhere Work. Investing in your digital employee experience (DEX), which equips your employees with the right tools, is a great start.

The correct investment helps to foster improved workflows and help with talent retention. On top of that, the tools it brings to your organization, such as 360-degree monitoring of devices and automatic self-healing of devices, offer you the necessary insights to identify how to bridge generational divides.

A flexible and scalable employee experience for everyone

Organizations need to balance adopting technological innovations and making sure all generations can stay productive and comfortable with the tools they use. Because at the end of the day, a great digital employee experience works for everyone – regardless of their age. But, just like Albert Einstein’s saying, “everything is relative,” a “great” experience is different for everyone.

What works well for one generation may not translate equally to another. You need to make sure your IT team can cater to all their needs and monitor trends to adjust and inform your strategy and investment. For example, Gen Z and Millennials, who’ve been surrounded by tech their entire lives, might not be inclined to seek support. They’ll opt for resolving it themselves.

This type of DIY culture can eventually snowball into shadow IT – a risk growing globally. In fact, our Everywhere Work report shows there’s been a 26% increase in shadow IT because of remote work environments. In some countries, like Germany, there’s been an astounding 45% increase in shadow IT.

That’s why basing it on the context of the user and noting specific preferences and expectations, thanks to heightened levels of automation and AI, opens the door for more personalized support for all generations.

While it’s important to keep generational differences in mind, it’s equally important not to fall victim to stereotyping – sometimes referred to as unconscious bias. Rather, get a gauge directly from your employees and look at what areas need to be addressed.

Our research found that 14% of workers say their organization doesn’t even collect employee feedback on a regular basis. With 26% of employees saying they’d quit their job partly because of the tools available, taking no action isn’t an option. Asking for direct feedback from your employees is key. Additionally, you can augment this by measuring your users’ DEX score and sentiment on a continuous basis.

A common cause of employee frustration stems from lost work and interrupted momentum. In fact, 42% of office workers have spent their own money on hardware and software to help stay productive and ease frustration for themselves.

When workers lack the necessary tools to work effectively, their productivity and morale suffer. This is highlighted in a recent Harvard Business Review study where only 28% of employees feel connected to their organization’s mission. And this can lead to a mass exodus. According to our Everywhere Work report, 25% of office workers say they switched jobs in the last year because they didn’t feel engaged with the values and culture of their company.

Seeing what works for employees and what areas need to be addressed is key to improving your organization’s DEX and putting your employees in a position to succeed.

Integrate accessibility into your technologies and methodologies

As you head towards improving your digital employee experience, assessing how to make your technology flexible and scalable for everyone is a step in the right direction.

Some examples of improving accessibility can include:

Going beyond post-ticket surveys and collecting sentiment via interactive automation bots.
Offering audio options.
Tracking and optimizing experiences over time.
Implementing automation to reduce workloads and solve problems before they impact users.

Organizations have an opportunity to be trailblazers in how they run their digital employee experience initiatives. Not only will improving your DEX build work environments that cater to each employee’s needs, increase productivity levels and align them with the goals of your organization, it will help bridge generational divides – making your organization more inclusive and productive.

Improving diversity, equity and inclusion (DEI) is something C-suites can’t avoid. 56% of full-time employees say having an ethnically, racially or culturally diverse workforce is very important to them – with Gen Z and Millennial employees valuing it more than Gen X and Boomers.

Improving your digital employee experience efforts can also aid in DEI efforts by:

Building clearer connections to specific business outcomes.
Maximizing data-driven decision making.
Providing a consolidated view of DEI technology programs.

Not only does DEX create environments where employees have a choice in how they work, it breaks barriers that’ve been ingrained into traditional work settings – paving the way for a more diverse and inclusive workplace.

If you’d like to learn more about DEX, explore our eBook and watch our webinar for a step-by-step outline.

Embracing DEX: One Step at a Time

Wed, 26 Apr 2023 11:01:00 Z

Digital employee experience has become a hot topic for organizations. And understandably so, considering that 65% of employees say that they would be more productive if they had better technology at their disposal.

But to secure the investment, you need to lay out how your organization can benefit in both the short — and long-term. That’s why Chris Goettl, VP of Security Product Management, and Robin Rowe, Senior Product Manager, got together to define a step-by-step guide to planning and measuring DEX in your organization.

The importance of balancing user experience and security

Pat Ziembicka: Digital employee experience has been a topic that's been talked about for quite some time now — a solid few months, and it's really growing in importance. But, very often, it’s seen as this big initiative, something that you really need to splash out on and dedicate a lot of resources to. But it doesn't have to be. It can be just like this thread that you incorporate into your daily operations that improves your daily IT ops and security efforts.

Before we get going into laying out those steps, as to how you can actually take that staggered approach to it, let's just look at the whole conflict. One of the things that we found in our DEX report towards mid-last year was that almost 50% of C-level executives have actually requested bypassing security measures within the past 12 months. So, Chris, what are your thoughts on that?

Chris Goettl: A lot of times, these two things are at odds. Think about most of the time when you put a security measure in place, it's there to restrict or control what's going on in the environment and for good reason. I mean, these are the things that are going to be used by threat actors to attack the environment.

So, we want to put measures in place to make sure that Chris only has access to the things that Chris should have access to. He shouldn't have access to something that Robin has access to just because, there's separation of duties, there'sinformation that we want to keep separated. We may have to put in things like better controls around access to files, the ability to run things as an administrator. All of those things should be restricted because they make our environment less secure.

Think about passwords is a good example. Everybody hates passwords. They like to make them very simple, repeatable so they don't have to remember them all. If you're like me, you enforce a password policy even on your own family. My kids and my wife hate the fact that I make them actually have a different password for everything, and they have to actually manage all those things. Oftentimes, putting tighter security measures in place makes the user experience more difficult.

If I put a stronger password policy in place, I make it so that you can't reuse your password, you have to make it longer, you have to make it so you're using special characters, uppercase, lowercase; it has to be so long and you can't reuse that password and every 90 days you can have to change it. Well, that frustrates your users. So, they're going to find ways to get around that. The balance between, the user experience and how we're securing that experience absolutely has constant tradeoffs.

And I think that the one thing that's most interesting about this, like, hey, everybody, why's one of the security guys on here to talk about DEX, which is more digital experience. That's exactly the problem that we want to try to talk about as well.

As you're getting into this, the more that you do security-wise, the more potentially you could be impacting your digital experience. And one of the most interesting things I think about DEX that we'd like to talk about today is — how DEX gives us visibility into that so we can improve that security experience and the overall digital experience together.

Robin Rowe: Security and ops are horizontally opposed in terms of it. That friction can occur when the use of flexibility in productivity might be impacted by the stringent security policies or the other way around to increase that security, getting compromised by executive frustrated with productivity issues from overriding or bypassing those policies. But at the same time, security and ops are intrinsically linked with the digital experience at different levels.

And really, the first part of that is the insight. DEX really starts with the data, and the data might fall into two categories. The first category is really that the items that are going to impact the user, the things your user cares about. These are issues that are actually causing the user's impact through symptoms that they perceive — that might be things like long login times, application crashes, blue screens.

And if we think about the relationship with security, those symptoms might have been triggered by a recent security change, there might be a new patch, might be a policy change, might be some new security software rolling out with some sort of driver conflict. DEX tools can help us identify these new symptoms occurring and not only that, they can also show the scale of the issue as well, how many users are affected and help support and security teams correlate those symptoms with changes.

DEX also includes the capability to survey users and this can be really useful for picking up on unreported technology issues. So, these are things that might not have been detected automatically or the users might not raise tickets. But this will give security and ops teams early visibility, so they can potentially poll users, maybe on a recent major change, a big update roll-up, maybe part of a security shift-right strategy.

I had a conversation with a CISO recently and he's actually really excited about the potential of DEX. Security can often get the blame by default — if something goes wrong, it must be a security policy. So, it wasn't really just a way for him and his team to measure the impact of their policies, but it's also a way to deflect false positives and placate his team.

The second category of data are really things that relate to the overall health of the device. From a security perspective, that might be cyber hygiene, things, missing patches, EDR, malware software not running, missing agents and that kind of thing.

And those types of things aren't the things that users are directly concerned about. They don't directly impact users. But they're all things that you want to catch and you want to heal from a DEX perspective because if the user does experience an issue related to those things, some kind of security issue, then that could well cause them a big experience issue, either from the issue itself or as a result of the required remediation where they have to reimage or replace that device.

Chris Goettl: The fact that you're talking to a CISO about digital experiences is really good. Think of it this way; when that CISO wants to push a new policy, they're going to be able to use DEX to determine how much of an impact that policy is having. You can see that in maybe the ticket volumes that come out. So, as we're rolling out this new technology, we could be watching the pilot group that we're using for this very closely and see overall how this change is impacting that group.

If you do this well, security groups should be able to roll out new technologies, changes, policies and be able to get better visibility into that experience to ultimately avoid another challenge that a lot of organizations have, which is called Shadow IT obviously, you would start to impact users too much, they're going to then find ways around it.

So, Pat, the stat about 49% of C-level executives deliberately bypassing security measures, is a direct result of that. If a mature DEX experience would have been in play there, then that could have been avoided. You could have looked at that and made it so that you understood the user experience and you improved it.

So, going back to passwords, a great technology that's trying to improve that password experience is eliminating the password altogether. That's the weakness in that digital experience. None of us want to remember thirty passwords. None of us want to change that on a regular basis.

So, if we can eliminate the password and use other strong authentication types like biometrics or certificates, phone as a token, those things can become the authentication mechanism. And that's easy for me. Scanning a QR code, getting a push notification, accepting that I don't have to remember a password anymore.

We create a great digital experience and improve security at the same time. I like the direction that we're going and the types of conversations that are coming up.

The benefits DEX offers

Pat Ziembicka: Chris, Robin mentioned patching as a component of DEX. Can you elaborate on that and maybe shine a little bit of light for our listeners on the daily benefits to our IT security teams?

Chris Goettl: Think about the fact that this is something that all of you have to deal with on a regular basis. There's a continuous need to identify risks, prioritize what needs to be updated, and then push those changes out to the environment. So, this is crossing over into vulnerability and risk management, remediating those risks and change management.

Very few things drive as much change as patch management across the environment. One thing that I hear from a lot of organizations is that as soon as the patch cycle comes around again, they constantly become the target of blame for the next couple of weeks while that maintenance is going on. And we've had some fun with this over the years.

Like I said, I've been in this space for a while now and I've actually been out on hand, you know, onsite with customers rolling out our technologies. There's been many cases where we go and actually push patching out to a small sampling of users during the workday and then we'll go walk the floor and we'll talk to people and figure out what their reactions are.

We'll talk to one person and ask them, you know, how their experience is going, and they'll be like, 'Oh yeah, you guys must have pushed something because everything's broken right now. And we're like, you weren't in the group that got deployed to it all. So, no. And then the next person we go and talk to, it's like, 'Oh yeah, this is one of the people that we did patch. Let's go talk to them.

They're responding back, saying, 'Oh, yeah, everything's run smoothly, everything's performing well. It's all great.' They're like, 'Oh, did you realize we just patched your machine?' And they're like, 'Seriously? I didn't see anything.' Patching is not the pain of, you know, all the things that go wrong in the environment. Yet the people who are responsible for it oftentimes get blamed for everything during that time.

One of the things that's been interesting — we have a customer, one of our early adopters of the Ivanti Neurons DEX experience. They have been using this as a way to measure how well patch cycles are going within their organization. As they push out the patches, they've got everything set up — they've got a pilot group they start with, it's like 1% sampling of their environment. Then they've got an early adopters' group that's like another 9% of their environment. And then they go out into production, which is the remainder of what happens over the course of a couple of weeks. In the first 48 hours, that first 1% gets patched. They're watching that group very closely.

Using DEX, they've been able to get a much deeper level of visibility into that because it's pulling in the service desk information. I can see if any of those users are opening tickets. Were any of those tickets relating to the things we just updated? We can see that system stability type information coming back from the agent and agentless agent tree that's out there. Being able to see that, are there any crashes occurring? Are there any other things happening there?

The importance of DEX scoring to security efforts

Pat Ziembicka: How does this scoring help security? And let me add to that — does security data impact the DEX score?

Chris Goettl: Yeah, the security data can absolutely impact that DEX score. You could pull in a variety of different bits of information. Getting a little bit deeper into the patch example, we not only have information about what had a vendor release, what was the vendor severity, what were the CVSS scores for that vulnerability. We also have data through our risk-based vulnerability management platform on the real-world risks that the exposed vulnerabilities are presenting. We can tell you if there's a vulnerability in your environment that has a known exploit against it.

Here's an interesting fact — over 73% of vulnerabilities used by ransomware threat actors aren't rated as critical by the vendor. That means these vulnerabilities, if you're if you're prioritizing by traditional means, you're prioritizing by vendor severity and by CVSS score, and those can't take real world aspects into account very effectively.

If you look at 2021, Microsoft resolved 23 zero day vulnerabilities and 15 of those, while Microsoft knew full well, they were actively being exploited, because of the way their scoring algorithm works, they were only rated as important. Most organizations were paying attention to the wrong vulnerabilities.

Providing a more robust risk score in a case like that, you're able to show specifically, I've got a device that might have critical vulnerabilities exposed on them but more importantly, there's three important vulnerabilities that have known exploits against them and are trending amongst ransomware threat actors. That's actually the more dangerous of those and providing a more robust scoring algorithm around that and visibility into that. You could provide a very rich security aspect to that DEX score as I'm looking at the devices in my environment.

Now, I've got visibility into and the ability to measure more of a real-world risk to that device. And we've got customers who are actually taking advantage of that. Not only are they taking advantage of the actual risk to the environment and making sure that their SLAs are focused more on those couple hundred vulnerabilities that are actively being exploited versus the thousands that I'm never going to get to all of them, they also get that operational benefit as well to say as we're pushing updates out.

I mentioned that customer before, their number one goal was risk reduction, not operational impact. They were finding that tickets were being opened, exceptions were being made and they were exposing long-term risk in their environment because of operational impacts. DEX has provided them with the visibility to understand that.

What they're seeing isn't only a reduction in the amount of operational impacts during patching, but also a reduction in their overall risk to their environment because they're doing it more efficiently and reducing those operational impacts.

Rome wasn’t built in one day — same can be said for implementing a great digital employee experience. That's why a staggered approach to investing in your DEX is the best way to go for aiding your IT and security teams in the short-term and setting your organization up for future success.

To access all the insights, watch the full webinar on A step-by-step guide to planning and measuring digital employee experience (DEX).

The Role of DEX in Talent Retention

Tue, 04 Apr 2023 17:04:26 Z

Key takeaways

The average knowledge worker uses 2.6 devices to get their jobs done and runs into an average of 3.67 digital endpoint issues a day.
Research shows that almost a third of employees quit a job within the first six months.
87% of HR professionals say improving retention rates are among their highest priorities in the next five years.
Thanks to digital burnouts and better job opportunities, 20% of HR professionals are expecting a decrease in employee retention rates, based on current trends at their organization.
By providing the right tools for their employees, organizations can increase talent retention and reduce the risks of work-related stress and digital burnouts.

Download the Digital Employee Experience Report and explore research results.

Recruiting talent to your organization is one thing, keeping said talent is a different beast. Everywhere Work has given the workforce an increased sense of power in choosing where and how they work.

As a result, retaining employees has become a challenge for organizations. Research has shown that 31% of employees quit a job within the first six months and France experienced record-high turnover in 2021, with a rate of 24.20%. This massive employee shift, sometimes called the “great resignation”, is a worldwide phenomenon.

Recent reports are showing:

38% of Australian workers intend to leave their current employer during the next 12 months.
The US saw 5.9 million total separations in July 2022 – 20% higher than pre-pandemic levels.
The Netherlands had 1.9 million people start a new job at the beginning of 2022 – 400,000 more than at the same time in 2021.
45% of US employees are currently looking for a better position elsewhere.

Knowledge workers’ expectations have changed in the age of Everywhere Work; especially when it comes to the technology they use day-to-day. The average employee now uses 2.6 devices to get their job done and 49% of employees are frustrated with their current tools – with 26% even contemplating leaving their job partly because of it.

Therefore, a proper investment in your Digital Employee Experience (DEX) process and tools can help you both recruit and keep talent, as well as align them with the goals of your organization.

The value of DEX across your organization

Talent retention has become a topic no organization can escape. An overwhelming 87% of HR experts consider improving retention rates to be among their highest priorities in the next five years.

“I think ‘Attracts and retains talent’ has an edge at the moment since good employees are hard to come by in the current job market!”

- Mick Verbunt, System Engineer / Workspace Engineer, ACA IT Solutionsty

Over the past few years, businesses have reassessed embracing user-centric approaches to IT. In particular, the “modern management theory” postulates that job satisfaction predicates workforce productivity, rather than financial compensation. Applying this principle to the present day, the use of IT requires digital technology to serve the workers, rather than the other way around.

Today, the type and usability of the technology businesses offer to employees are chief factors for attracting and retaining a talented workforce. According to research, 41% of businesses reported they had lost IT workers because they were unhappy with having to perform excessive workloads.

Rather than focusing on delivering “user-centric” technology that solely targets the goal of making workers productive, modern management approaches address the broader objective of enhancing employee experiences to elevate both productivity and job satisfaction.

Deter digital burnouts

Everywhere Work hasn’t been just a bed of roses. It has created an always-on environment where workers can’t “plug out.” Unrestricted access to the internet and their work devices has caused a spike in digital burnouts.

Digital burnouts, a contributing factor to mental health conditions like depression and anxiety, are costing UK organizations over 15 million days of lost work. HR professionals estimate up to 50% of their annual turnover is caused by digital burnouts. In fact, 20% of organizations are predicting a decrease in talent retention based on current trends.

When workers experience digital burnout, they find themselves disengaged from the goals of their organization. That’s further confirmed by research saying only 28% of employees feel connected to their company's mission.

By providing the right tools for their employees, organizations can be proactive in reducing work-related stress and digital burnouts, leading to a more engaged and invigorated workforce. When workers feel more in line with their organization’s goals, productivity will increase.

What value do higher retention rates have?

Employees bring the most value to an organization when they’re energized, motivated and willing to take on challenges and strategic projects. None of that can start without a great relationship with their devices and tools. And workers are vocal about it – our survey on digital employee experience found that 65% of employees and 71% of IT professionals said they could be more productive if they had different tools.

There are also financial factors to consider. It’s estimated that low retention rates will cost the US economy $430 billion in lost revenue by 2030 and replacing a trained employee can exceed their salary by up to 200%. In the UK, work-related stress is costing organizations over £5 billion annually. Improving your retention rates, through the correct investment in DEX, can maximize a company's profits up to four times.

“Between reducing risk and retaining our healthcare talent, we believe improving the DEX of our employees is very important for our business.”

- Robert Garza, Systems Architect, University Health System

Investing in DEX is no longer a question of “if” or “when”. The toll digital burnouts are taking on your teams are now clearly impacting organizations’ ability to attract and retain talent. Empower your teams with great tools that drive productivity and employee engagement.

Learn more about which areas to focus on first in our Getting started with DEX eBook.

Ivanti Blog: DEX

The Rise of Experience-Level Agreements (XLAs) in Practice: A Deep Dive into ITSM Transformation

What are XLAs?

Understanding how SLA, XLA and DEX work together

How DEX enables successful XLAs

Best practices for implementing XLAs

Challenges and lessons learned

The future: Why XLAs matter

How to Measure the Business Impact of Digital Employee Experience (DEX)

The data tells the story: DEX strategy must evolve

Many organizations still struggle to track DEX

Measuring what matters to the C-suite

1. Productivity gains

2. Cost savings

3. Stronger security and compliance

4. Employee retention and advocacy

A practical measurement framework

The organizational imperative

The bottom line

Your Windows 11 Migration Is Looming – but There’s a Bot for That

Assess the fleet

Create a baseline for end-user experience

Put the user at the center of the W11 migration

Validate changes with end users

Software updates – and more! – with Ivanti Neurons bots

Why your IT team needs to upgrade its digital employee experience (DEX)

DEX best practices, metrics and tools are missing

Lack of DEX data undermines improvement goals

To improve digital employee experience, start with IT employees

How IT leaders can improve DEX for IT professionals

The bottom line

Work Flexibility: It’s About More than Being Remote

Work flexibility: What do employees want?

The flexibility disconnect and workplace adaptability

The gender divide in workplace flexibility

Independence, respect and the future

What part does IT play?

Step Into the Cloud-based Workspace Management of the Future

Scenarios to help you migrate

WWDC 2024: What IT Admins Need to Know About Apple’s Announcements

General WWDC announcements

Apple Intelligence

Apple Business Manager

Software update enforcement enhancements

Streamlining OS beta testing in the enterprise

Safari extensions managed via MDM

iOS and iPadOS

Cellular networks updates

App Management Security

macOS improvements

More flexible management via MDM

Better user experience during authentication

More security via disk management configuration

Apple Vision Pro improvements

Healing Bots Take Charge of Solving IT Problems to Enhance Employee Satisfaction

The world before self-healing bots

How healing bots are transforming IT

The ROI from using bots

Implementing bots in your organization

Step 1: Analyze data to identify “botworthy” issues

Step 2: Set priorities by selecting the optimal tasks for bots

Step 3: Run a pilot program before full implementation

Step 4: Optimize, refine, enhance, repeat

Healing the future of Everywhere Work

Related Content

How ITSM Automation Improves DEX at Scale

Why ITSM automation matters

Benefits of service management automation

4 ways ITSM automation streamlines work to reduce IT burnout

How DEX Benefits IT & Security Operations: 5 Top Use Cases

Enable discovery and visibility for your IT estate

One transportation provider found it had 30% more devices on its network than expected.

Reduce the burden on your IT team

Optimize device and app management

How can you get outstanding DEX while improving IT operations?

Enhance security and compliance

An Harvard Business Review survey found 67% of employees said they’d failed to fully adhere to cybersecurity policies at least once.

Streamline costs

How Better DEX Benefits People + Performance: 3 Key Use Cases

The dangers of bad DEX