Ivanti Blog: Posts by

A Guide for Starting Out - My Epiphany to Modernise Knowledge and Service Delivery with Automation & Bots

Tue, 08 Jun 2021 12:50:50 Z

Whether you are part of the Service Desk, or the broader IT Department, there is an expectation that you can fix all problems, quickly and without using those words that end users dread - “have you rebooted yet?”

Ever reliable reboots and remote control have been a staple in the way IT can help to diagnose and resolve an end user’s (or your families right!) technology problem, but have you looked beyond the remote control session at the latest and greatest alternatives?

Buzz words like self-healing, bots and machine learning are everywhere, but how does that help you, how can you put these new alternatives into practice to improve the service you provide to your end users? I am going to share a few ideas on how you can practically start to gain value out of these alternatives, my goal in this blog is we find a way to get more time back in your day and your end users have a better experience in each interaction with IT.

Service Management in the Past

Now, I might be really behind the times here because this only occurred to me recently, but there are a lot of use cases where we can now replace or augment knowledge articles, work instructions or incident templates with self-healing and AI bots. When I was working on a Service Desk over 15 years ago, we had templates to help us log incidents and work instructions for how to fix common problems. There were dozens per customer and sometimes we could remote control the end user’s device to fix the issue, sometimes we would have to talk the end user through remediation steps otherwise we had to escalate it to second level.

Today instead, I am looking at ways we can automate these work instructions, knowledge articles and incident templates by using bots for self-healing available in the Ivanti Neurons platform. It does not have to be a scary thought, to come up with and define complex workflow, the goal is to start small, and keep it simple. Here are three ways you could identify common tasks to automate:

Review Knowledge Article Usage: Review reporting to understand what knowledge articles get viewed the most (from both a Self Service & Support perspective) and which knowledge articles have a high number of related incidents.
Review Incident Management Trends: Review the incidents logged for the past 12 months to identify the top three issues that end users have raised. To take it one step further, find the top three issues that required the use of remote control or had to be escalated to second level.
Review Work Instructions: Review work instructions or other, leverage your own experiences and identify the top 3-5 remediation steps that you do at least once a day for an end user.

Service Delivery Now with Automation and Bots!

I touched earlier on the concept of replacing or augmenting knowledge articles, work instructions or incident templates with self-healing and AI bots. This is where I had my epiphany. When I was planning a recent customer meeting, looking for new ways Ivanti Neurons can deliver value, it hit me that there must be hundreds of small, simple tasks that the Service Desk still do today, that might still consume 5-10 minutes each, we can automate these with Ivanti Neurons, the few I came up with:

Mapping Network Drives
Start / Restart the Print spooler
Flush DNS / Release or Renew IP Config

Face it, network drives drop, printers fail, and network issues persist, but looking at the above three things, if you receive one each of those today, that consumes 15-20 mins conservatively through either talking the end user through the steps, or remote control… or you suggest that ever useful fix of all fixes, the reboot!

But with Ivanti Neurons for Workspace, you can click the ‘Map **Corporate** Drive’, ‘restart print spooler’ or ‘flush DNS’ button and have those issues sorted within 1-2 minutes, there are multiple points of value here:

The end user does not have to reboot or find their way to My Computer… Map Network drive… and can get back on with their day fast!
The Service Desk does not have to jump through sometimes multiple terminal servers or confirm the end user’s device name to start a remote-control session, meaning they get onto the next call faster.
The Security team is happy as we are reducing the risk of Service Desk and even end users requiring elevated administrative rights.

Create the Service Desk of the Future!

Now that you have five to ten topics to focus on, it is time to get to work in Ivanti Neurons. There are dozens of actions available “out of the box” (like actions for my three tasks above), and where we do not currently have an action (we add more all the time!) you can get creative and embrace your inner nerd like I do and come up with a simple or complex PowerShell or Bash script to achieve the result, you really are only limited by your imagination.

In the past I would have to write a work instruction or create ‘knowledge’ to share with the Service Desk team on how to fix a common issue, the future is creating an Ivanti Neuron’s bot to automate the fix.

I have focused on the Service Desk in this blog, but second and third level teams you can get in on the action too - if there are incidents escalated that you think the Service Desk can fix, invest some time to create an Ivanti Neurons bot and you will save yourself from a mundane incident next week!

I hope you have enjoyed my epiphany and more importantly you have had your own epiphany on what you could automate with an Ivanti Neurons bot in your organisation. This is just the first step towards fully automating and introducing self-healing for these common issues and further ‘shifting left’ your Service Delivery function.

So a little challenge for you reader, come up with the top 5 knowledge articles, incident trends or work instructions where you work, then contact Ivanti so we can work with you to automate them.

Or if you’re ready to see a demo of Ivanti Neurons in action then book a demo today.

3 Time Savers You Will Uncover With Ivanti Neurons for Spend Intelligence

Wed, 18 Nov 2020 16:01:23 Z

Software Asset Management (SAM) is a very complex discipline, but I am sure I do not need to tell you that right?

Most customers I talk to about SAM are familiar with ITIL and the challenges that it brings when implementing processes & procedures into their organisation, I often use ITIL as a comparison to ITAM but the way I see it, ITAM is a whole other level of pain above what most organisations experienced with ITIL processes, which I think is why it doesn’t get a lot of focus or dedicated resources.

Time’s the Enemy

Anecdotally I often find that those responsible for SAM in their organisation also have 2-3 other hats and that SAM (and more broadly ITAM) takes a back seat or is put in the too hard basket and even at a basic level they struggle to get visibility into what software is installed across the organisation.

At the same time, a lot of customers are coming to us for help with SAM due to a security control (such as ACSC Essential 8) or security standard they’ve been directed to comply with, this control can often be as simple as being able to demonstrate they can show an inventory of what software they have in their environment.

Whether you do wear the SAM ‘hat’ or are responsible for security in your organisation, I’m sure that spending time working with other teams to extract software reports, and then manipulating them in in excel for a meaningful output is not the best use of your time!

How to Win Time Back

Let me introduce Ivanti Neurons for Spend Intelligence, one of the newest capabilities in the Ivanti Neurons platform that has been designed to provide instant insights into your software landscape, and insights into your software spend. For me though the key with Spend Intelligence is the easy and intuitive interface for those of you with limited time to quickly get the information you need without having to deal with other teams and spend hours in excel.

I have put together three use cases of how you can leverage Spend Intelligence to quickly and easily get visibility into your environment to provide answers to help you address security risks, unauthorised software or to save money.

1. Identify End of Life Software

End of life software is a security concern, if you have end of life software, is it being patched? If not, it becomes an unnecessary risk, so the software needs to be either upgraded or uninstalled. Ivanti’s content team do a fantastic job of keeping the Software Library up to date so using the ‘End of Life’ chart in Software Insights we can quickly get a list of software installed in your environment to target for upgrade or removal, including the name of the end user who is using the device. The ‘Upcoming End of Life’ chart also provide a resource for you to get ahead of future issues before they become end of life.

2. Unauthorised Software Use

At its core, Software Insights allows you to view, filter and categorise the software in your environment. Meaning you can quickly see the top software categories, software vendors and then drill further into each individual software title and see exactly what device it is installed on and who is using it. Lastly, you can then classify software titles as prohibited or allowed to make it even easier to filter these out in the future. Additionally, using this data security teams can be provided software titles that should be denied or controlled through policy.

3. Understand Where You Can Reclaim Licenses to Reduce Cost

Leaving the best till last, my third use case will allow you to save money. Based on the data being collected on each device we gather usage information on the software that is installed across your environment. We then use that data to provide the ‘Reclamation Opportunities’ view, here you can see the ‘days since last used’ for each software title on a device, along with a determination on the chance of reclamation, for example a software title that hasn’t been used in the last 90 days might be classified as a high chance for reclamation. Once you have decided to go ahead with reclamation you can then create a ticket in the Service Management platform for the support team to action. By removing the software from the device, you are reducing you license count which can allow you to reduce the entitlements you own, thus saving money!

What’s the Value?

By spending a few hours weekly or fortnightly to review these 3 Software Insights dashboards, you will:

Reduce your security exposure
Keep on top of unauthorised software that has appeared in your environment
Save some money.

Plus, you have a source to go to when you need to answer or provide evidence you have a handle on the software in your environment and lastly this is a great first step in establishing and maturing your Software Asset Management practice, positioning you to adopt a full SAM solution in the future such as Ivanti License Optimizer to manage Enterprise License position and Audit defence.

If you are responsible for the SAM ‘Hat’ or security and interested learning in how Ivanti Neurons Spend Intelligence can help, without taking up all your time, check out our website for more information here and feel free to reach out to us if you would like more details or a trial.

Choose Your Own Adventures in Unified ITxM

Mon, 02 Dec 2019 22:29:50 Z

As the dust settles on 2019, I decided to look back to my session from our Sydney & Melbourne Interchange events and share some of the ideas that the attendees suggested on the benefits of a unified ITSM & ITAM platform.

Aside from a few product updates my goal for the session was to talk about the benefits you can realise once you have proactive discovery scanning and feeding the data into a normalised, reconciled asset repository.

Now the extent of the benefits your organisation will realise will grow along with the ITAM maturity, for example let’s talk about the Asset repository for a minute, day one it may not be a repository that supports all ITAM processes - read another SILO - you can just start with the CMDB being populated with an automated discovery tool and extend it to support ITAM process later, in fact IAITAM best practice supports the benefits of having a tightly integrated CMDB/AM database. This is one of the key reasons Ivanti chose to build the ITAM platform on the Service Manager platform, it allowed the extension of the existing CMDB module to support ITAM processes such as Financial, Contractual & Vendor management.

But back to Interchange and some of the great ideas from our customers. I thought I would map these out into a mini maturity model of where your ITAM processes need to be to realise the value from the below reports when combined with ITSM data, so here goes.

Level 1

At level 1, we assume discovery is in place and the data is being automatically update to a repository, for existing Ivanti Service Manager customers the repository is the Configuration module, even at this level we can still see the benefits from ITSM processes though relationships between CIs and ITSM processes:

Report and trend assets (CIs) with high level of incidents / problems
Report on users with multiple devices (based on discovery data of logged in users)

Level 2

At level 2 we need to introduce the full ITAM modules into the Service Manager instance, then start developing ITAM processes & procedures. Initially we will focus on creating a Product Catalogue, so we have details of manufactures, models as well as assigning assets to users & locations. For reporting we can then:

Report and trend asset related incidents and problems by manufacture or model
Develop asset model specific knowledge to enable Service Desk to better support customers
Report on differentials between Assets assigned users & discovered ‘logged in user’
Report on differentials between Assets assigned location & discovered location
Report on manufactures or models that will are impacted by a Change control (eg. Bios upgrade)

Level 3

Level 3 we look at introducing Vendor management processes so we can start linking the assets and incidents back to the vendor, such as:

Report and trend asset related incident and problems by vendor
Ability to review number of incidents against assets as a metric when managing vendor relationships

Level 4

Time to introduce Contract management processes at Level 4, like level 3 the benefits of relating contracts to incident and problem reporting will be visible through:

Report and trend asset related incident and problems by Contract and Contract Line Items
Ability to review number of incidents against assets as a metric when reviewing contract renewals
Use reports as a metric to support contract renewal process

Level 5

Level 5 introduces some of the complicated processes to support management of cost and other financial aspects. If you are at this point, you will be mature across most of the 12 key process areas as defined by IAITAM best practice. Combining this with ITSM data you can start reporting on:

Total cost of ownership (TCO) of an asset manufacture model, including repair costs and even add average costs of time spent resolving incidents related to these assets
Report on asset costs for each business unit (if you are cross charging within your organisation) and include incident costs

So that is some of the report idea that I produced and what the Interchange attendees suggested, if you have any other ideas, I would love to hear them so please contact me.

While it might seem aspirational to be at a level of maturity in your ITAM (or ITSM even) journeys to start realising the benefits, as an organisation you will start seeing the benefits even at what I’ve described as Level 1, of course Ivanti can help with this with through our Discovery capabilities, combined with our unified Service Management and Asset Management solutions and support your organisation maturity journey.

Discovery: Do You Take the Blue or Red Pill to Ease the ITAM Woes?

Mon, 25 Nov 2019 22:21:03 Z

A great quote from one of my favourite movies and despite the fact it is used a lot in different contexts, I like how relevant it is to the topic of Discovery:

“You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland, and I show you how deep the rabbit hole goes. Remember: all I'm offering is the truth. Nothing more.”

Back on topic, we can take the blue pill and stay in the dark, blissfully unaware that we lack visibility into the IT landscape which leaves us exposed to license audits, financial accountability, as well as security risk and compliance. We are hampered from a finance perspective as we are not empowered to make informed decisions on future spend, and budgets. In addition the ability of IT to be proactive when delivering services to its customers is reduced.

Enter the red pill, (Discovery), now this is no magical red pill, it won’t solve all your problems (it did after all introduce all sorts of other problems for Neo) but it will start you on a journey to Wonderland, towards visibility, accurate security compliance and proactive service delivery and the nirvana that many customers want - Enterprise Fiscal Accountability, the ability to cross charge within the organisation.

Discovery is seen as too hard because the fact is to obtain meaningful data, proactive discovery of your network and devices needs certain access to the network and endpoints which means allowing exceptions for the discovery tool to be effective, but the benefits this returns to the organisation are many, four such areas that directly benefit are:

ITAM (SAM) - proactive discovery ensures you have accurate data to feed into the SAM tool, meaning correct license position, reduced exposure of non-compliance and identification of cost savings.
ITAM (HAM) - accurate data also supports hardware life cycle management and allows you to forecast and budget future spend when you know warranty or maintenance end dates.
Service Management - knowing what devices are in use / assigned to users can speed up troubleshooting or request fulfillment when users contact the Service Desk.
Security - ensuring accuracy of security posture reporting, reducing risks, and increasing compliance because “you know what you have”.

Another important aspect is what the experts say, at Ivanti we follow the Australian Signals Directorate (ASD) Essential 8 framework when we talk about Security. As far as Discovery goes, there are several professional organisations we reference:

IAITAM (International Association of Information Technology Asset Managers), identify discovery as the first tool that organisations should invest in when starting an ITAM program.
ASD (Australian Signals Directorate) is also very relevant to discovery, they say before even starting to implement mitigation strategies, organisations need to “Identify their assets”.
NDB (Notifiable Data Breach) laws, introduced this year under Australia’s Privacy Act. Organisations need visibility over the devices in the organisation to know if/when a data breach affects them, for example if someone leaves their laptop in a café or it is stolen.
GDPR (General Data Protection Regulation) came into effect this year in the EU and the relevance to Discovery is similar to the NDB and can certainly affect Australian organisations if they are storing data on EU citizens.
ISO (Internal Organization for standardization) developed ISO 19770-1 specifically describing for an IT Asset management system, this maps quite closely to ISO 27001 and both standards reference the fact that “you can’t manage what you don’t know” which you cannot do without Discovery!

“You can’t secure (or manage) what you don’t know about” is a sentence you’ve no doubt heard many times, because it is a (not so) well-known fact, businesses need to be aware of what they are trying to manage, secure and support. Someone once said to me that monitoring of IT environments is the lowest priority in organisations (which at the time due to my background I found odd as I’d always felt like Service Desk was given the lowest) but I think that Discovery is actually seen as the lowest priority, yet it provides huge return on investment!

So, which pill do you choose? Blue or red? If you are keen in the adventures of the red pill, read more about Ivanti Discovery here and jump on in.

The Importance of Discovery for Success in Several IT Areas

Wed, 24 Oct 2018 21:46:17 Z

Discovery, do you take the blue or red pill?

A great quote from one of my favourite movies and despite the fact it is used a lot in different contexts, I like how relevant it is to the topic of Discovery.

“You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland, and I show you how deep the rabbit hole goes. Remember: all I'm offering is the truth. Nothing more.”

Take the blue pill and you stay in the dark, you lack visibility into the IT landscape which leaves you exposed from a Security and compliance perspective. You are hampered from a finance perspective as you are not empowered to make informed decision on future spend and budgets and finally the ability of IT to be proactive when providing service to its customers is greatly reduced.

Enter the red pill, (Discovery), now this is no magical red pill, it won’t solve all your problems (it did after all introduce all sorts of other problems for Neo) but it will start you on a journey to Wonderland, towards visibility, accurate security compliance and proactive service delivery and the Nirvana that many customers want - Enterprise Fiscal Accountability, the ability to cross charge within the organisation.

Achieving success with IT Service Management

At Ivanti’s local Interchange Unplugged events, I presented a session on “It starts with Discovery”, I talked a lot about why Discovery is important and why it is the foundation for success in several areas of IT, for example:

Security - ensuring accuracy of security posture reporting, reducing risks, and increasing compliance
ITAM (SAM) - proactive discovery ensures you have accurate data to feed into the SAM tool, meaning correct license position reduced exposure of non-compliance
ITAM (HAM) - accurate data also supports hardware life cycle management and allows you to forecast and budget future spend when you know warranty or maintenance end dates.
Service Management - knowing what devices are in use / assigned to users can speed up troubleshooting or request fulfillment when users contact the Service Desk.

Complying with the Australian Signals Directorate

Another important aspect is what the experts say, at Ivanti we follow the Australian Signals Directorate (ASD) security controls when we talk about Security. As far as Discovery goes, there are several professional organisations we reference:

IAITAM (International Association of Information Technology Asset Managers), identify discovery as the first tool that organisations should invest in when starting an ITAM program.
ASD (Australian Signals Directorate) is also very relevant to discovery, they say before even starting to implement mitigation strategies, organisations need to “Identify their assets”.
NDB (Notifiable Data Breach) laws, introduced this year under Australia’s Privacy Act. Organisations need visibility over the devices in the organisation to know if/when a data breach affects them, for example if someone leaves their laptop in a café or it is stolen.
GDPR (General Data Protection Regulation) came into effect this year in the EU and the relevance to Discovery is similar to the NDB and can certainly affect Australian organisations if they are storing data on EU citizens.
ISO (Internal Organization for standardization) developed ISO 19770-1 specifically describing for an IT Asset management system, this maps quite closely to ISO 27001 and both standards reference the fact that “you can’t manage what you don’t know” which you cannot do without Discovery!

In future blogs I will explore each of these professional organisations in more detail and their relevance to Discovery and more broadly IT Asset Management.

So, which pill do you choose? Blue or red?

Zapping Your Way to LiveChat Integration

Fri, 17 Aug 2018 17:37:59 Z

Last month we released a new integration for our Ivanti Service Manager (ISM) with the online platform, Zapier. For those of you who don’t know, Zapier is an online automation platform that can integrate over 1000 different cloud applications. By adding our ISM platform to Zapier we’ve opened the door to thousands of different use cases you can take advantage of.

Below is a small snapshot of the applications available for ISM to integrate with:

I thought I’d get my hands dirty to test this out and see what use cases I could come up with. So far, I’ve created Twitter and Slack Zaps, but in this blog, I’m going to focus on my LiveChat Zap.

A lot of customers I speak to would like a way to better manage the interactions from their online help application. I’m sure you’ve come across LiveChat before, or something very similar to it when you visit a website. It ‘dings’ and a floating image of a person in the bottom right hand side of the page asks if you need any help. (Ivanti uses a ChatBot named Ivy. Read more about her here.) So the use case I created with LiveChat was to create an Incident ticket in ISM when the analyst can’t solve a customer’s issue via LiveChat. Below is an example:

For LiveChat there are several different triggers. I went with ‘New Ticket’ so I can control when the incidents are created.

Once you’ve specified the connection to ISM, you can then create the template,using the attributes available from LiveChat to pre-populate the summary, description and a few other fields when the incident is created.

And that’s all there is to it! The result is an incident created in ISM with all the information you specified in the template. You can treat the incident as you would normally or create specific workflows and quick actions for this type of incident.

As I mentioned, this is just one of thousands of possible uses cases and I plan to explore more of these myself in the coming months. In the meantime, I’ve also created a video of how this integration works in practice. Let me know if there’s any use case you’d like me to investigate.

LiveChat to ISM with Zapier from Ivanti Software on Vimeo.

Software Audits: Why Are We so Blasé? How Ivanti Gets You Prepared

Fri, 20 Apr 2018 04:32:31 Z

Organisations can be audited on many fronts. Different industries have specific regulations that may prompt audits. For example:

PCI for any organisations who handle credit card information.
HIPAA in the USA for organisations in the healthcare industry.
ISO 9001 for organisations looking for compliance on quality management.

While I haven’t been through these personally, I can imagine that they are all treated with the importance that they deserve. The organisations who are audited should be prepared and be able to produce any documentation required by the auditors. Certainly my wife — a financial accountant — treats audits with a high priority and has said in the past when the auditors have visited that she was able to easily provide the documentation as required.

Relating that back to the topic of this blog, why do you think organisations are so blasé about software audits? These audits have the potential to cost thousands or even millions of dollars in settlement costs alone, not to mention the time and effort it takes to prepare documentation. Yet a lot of the organisations I talk to have the view that “we just pay the settlement if/when it comes around because getting Software Asset Management right is to costly/difficult”.

I’m not here to try and convince you that Software Asset Management is easy. It’s not, but I will explore three points that in my opinion demonstrates why Software Asset Management should be given a higher priority by organisations.

1. Security

In the last 18 months since I’ve worked at Ivanti I’ve learnt a lot about the importance of some basic cyber security measures that go a long way to preventing ransomware, hacking and security breaches. The first and seemingly obvious lesson was to stop using an account on my PC with local administrative rights. This will stop a lot of ransomware from being able to run if you accidentally click on something you shouldn’t. An added benefit is that if your users don’t have local administrative rights they can’t install software that they’ve found online which may well need to be licensed.

The Australian Signals Directorate (ASD) lists "minimising administrative privileges" in their top four strategies to mitigate cyber intrusions. Two of the other strategies are OS patching and application patching. This is where Software Asset Management plays an important role. You can’t realistically patch OS and applications when you don’t know what software you have in your environment. You need Software Asset Management to provide a catalogue of the software installed in your environment so you can report on the associated patch levels and ultimately maintain compliance.

2. Reputation

An organisation's reputation is everything. Without a solid reputation, your customers will go elsewhere. The reason I link reputation with this topic is (as I said earlier) because if you don’t know what software you have in your environment, you can’t be sure of your patch compliance levels and a breach will have a huge effect on your organisation's reputation.

A good example of this is the Equifax breach that occurred in May 2017 (Discovered in July 2017), which was a result of a software vulnerability that had been not been patched, despite the patch being available a week after it was identified in March 2017. Time reported that Equifax had lost four billion dollars (so far) because of this breach.

An ITAM Review article explored this topic recently asking a number of industry experts (including our own director of ITAM Phil Merson) for their views. The consensus was if Equifax had leveraged Software Asset Management data, they’d have had more visibility over what software was in their environment and, in my opinion, would have been able to react quicker to prevent the breach.

Another element that must now be considered is the Data Breach Notification laws which came into effect in Australia earlier this year and the GDPR law coming into effect on May 25 this year in the EU (and yes this may impact Australian businesses). Both laws mean that organisations may be required to notify the public about data breaches which could have significant impacts on reputation. This adds more weight to the argument as to why Software Asset Management can’t be considered too costly or difficult and why we need to think beyond at the wider implications of not investing in Software Asset Management .

3. Investment

The average software audit can take 7.13 months to complete and consume 194.15 hours of the IT department’s time.
an ITAM Review survey showed that 76.4 percent of organisations admit to over licensing because they fear audits.
Organizations can cut spending on software by as much as 30 percent by optimizing application configuration, recycling software licenses, and by using SAM tools.

You have probably seen those statistics before, but I think they are worth repeating. Demonstrating ROI for Software Asset Management is certainly a challenge up front. Your best bet is to be realistic. At the end of the day you won’t know the full ROI until all the policies, processes and tools are in place and you’ve been able to reclaim licences, renegotiate contracts with vendors and stop them in their tracks when they knock on your door. A customer who’s on the journey of choosing a Software Asset Management tool recently said they are estimating a 10 percent saving in software spend in their business case which to me is realistic. I’m sure they’ll get greater savings but that’s difficult to quantify.