Ditch the Surplus Software and Hardware that's Weighing you Down
January 31, 2019
Phil Merson | Ivanti
Todd Hogan | Product Manager | Ivanti
Mareike Fondufe | Ivanti
Advance your ITAM Program with these Top 6 Best Practices
Are you still struggling to keep tabs on your software and hardware with spreadsheets? Break free in 2019! Spreadsheets are cumbersome and difficult to maintain. Let Ivanti ITAM help you to go beyond spreadsheets and basic inventory and asset tracking.
Join our ITAM experts to explore the top 6 Things to think about when starting or advancing your ITAM program to better help balance costs and risks in your organization.
Mareike: All right. Hello everybody and welcome to today's webinar, "Ditch the Surplus Software & Hardware That's Weighing You Down." My name is Mareike Fondufe And I'm part of the product marketing team here at Ivanti. Before we start, just couple housekeeping rules. You are currently muted during the webinar. But if you have any questions, please feel free to use the Q&A on the panel here on the right side in WebEx and send us your questions. So we will do our best to answer them at the end of the webinar.
With me today is Darren Wilensky. And he is part of the product management team here at Ivanti, and has over 20 years of experience with IT Asset Management and Service Management, or ITxM solutions as we call them. So hello, Darren?
Darren: Hi, Mareike. Thank you for that. So let's get right into the webinar. We're gonna talk to you today about, you know, the top six best practice approach to IPS management. Talk a little bit about, you know, what we're seeing in the market today and where IPS event. We can address a lot of the issues and gaps we find in our current organization. So what we're looking at on this first slide is some feedback from a large regional company. There are around 5,000 endpoints, 500 servers, pretty diverse portfolios, enterprise, and client applications.
And these are some things we notated because we see this often with customers. You know, some customers are still, you know, trying to do some asset tracking using spreadsheets. And Excel is a powerful tool, but it's really difficult to do any type of asset management or anything that's really need to be scalable in a spreadsheet. Anything that requires kinda manual input and intervention doesn't normally scale.
We hear a lot of times, you know, there's a fear of lost or stolen assets. It's a major concern. So how do we get a handle on that? You know, not having a dedicated software asset manager, you know, so being forced to over purchase a lot of times and fear of being audited, things around security. The security team really needs detailed asset information. So where are my assets, you know, who they allocated to, how are they being used, and things of that nature. So asset management plays an important role with security.
And also integration that there is no integration existing between, you know, service management and then being able to fulfill a request around whether someone being on boarded or someone need to be refreshed, you know, there's no integration between an asset management systems. So it's very difficult process of getting someone on board. And sometime it can take, in this case, up to three weeks. So I'm not sure if any of this resonates with any challenge you're currently have, but it's something we've heard from quite a lot of customers.
So what is the current state of IT Asset Management today? And what we did here is we took some statistics from several research organizations. And some of these numbers are quite startling, you know? We see that at least 25% of organizations are still using spreadsheets to do some type of asset tracking. And that's really, really hard to have accurate information across the board when you're relying on spreadsheets that someone has to manually update, or even if there's some type of automated method of updating spreadsheets, a lot of times, there's different symbols or characters that corrupt the spreadsheet or CSV. And it's just not a good approach to getting accurate data.
You know, the second, statistics stating that 30% of fixed assets go missing or can't be found, you know, whether they're truly missing or an organization just doesn't have an ITAM program in place where they can understand and have visibility into where things are. In either case, 30% is a lot. And that could be quite startling for someone in an industry that they really have to have a handle on where their data is at, how it's being used. You know, if you're in the healthcare industry or financial industry, there's different regulations, you know, whether it's HIPAA or GDPR.
You know, anytime an asset that goes missing, that could be a tremendous risk. And the rest of the statistics are talking about, you know, amount of time spent doing kind of manual things, you know, resolving data accuracy issues, because there is no automated or formal policy in place for getting this information, and normalizing it and reconciling it. So someone has to manually go out and resolve some accuracy issues, and not having complete information. So these numbers definitely tell us that ITAM is an important part of any organization, and really, you know, can help in many areas.
Continuing with the current state of today, you know, we see a lot of new devices coming into the environment. You know, we've heard of the Internet of Things, but more and more every day, there are new devices that are connecting to our networks, to teams, everything connects to WiFi. I was recently at a healthcare company and they were looking to start tracking a lot of the medical-type devices. They even had small little things, you know, that connected to WiFi, you know, things like a bedpan, you would think we'd never be connected. But more and more, these devices, you know, they wanna have alerting and things of that nature. So they wanna be able to take action and make things a bit more efficient.
So everything seems to be connecting to the internet these days. You know, Gartner has a few different statistics on the screen here. You know, they're saying that by next year there will be over 20 billion devices connected. That's a lot of devices. They also have a statistic here that regarding a recent client inquiry, they're showing 60% more devices were discovered than they knew. So 60% is a very large number. And if you're not sure what these devices are and aren't able to have that visibility, then there is tons of risk. So this is telling us, you know, if you don't have something in place to reconcile, you know, what do I own, what do I need to manage, what is there, you know, from a security perspective? And it's something that everyone really needs to start taking a look at.
So software audits. It's a fun topic. Well. It's not a fun topic. And really, it's something that we're all very aware of, and most of us have gone through. It's not typically a pleasant experience. So with software audits, it's not really a question of if you'll be audited, it's really more when and by how many vendors. So 66% of clients surveyed were audited at least by one of these vendors. And that 66%, that is per year. So on average, you know, over 60% of all organizations will be audited.
And in many cases, once you get audited by one vendor, it's kind of a red flag that others then audit you, especially if the word gets out that you failed on audit. So it's something you really need to be prepared for, and it's probably one of the most difficult things to be prepared for in IT. You know, IT Asset Management really helps you get more prepared. But when you look at the subset of ITAM and Software Asset Management falls under that, it's probably the most complex discipline of anything in the ITAM space just because of the amount of data you need. You need all of your procurement data, and contract data, and understand your licensing, and inventory data, and then be able to get to a effective license position.
And it's really quite challenging, especially if you're starting off or you just have spreadsheets for your hardware data. So audits are here. They're real. People are getting audited every day. It could be very, very costly. They can cost you more than just, you know, financial, more than just money. It also can cost you, you know, your reputation. If you've failed audit horribly or you have to go to court, it's not something you really want out in the public.
So knowing all these challenges and things, and somewhat great risk and great ROI, only 32% of organizations we found have a formal ITAM program. So we're looking down at the breakdown. You know, there were certain questions asked by Gartner. You know, 14% said they didn't know if they had one or not, 32% said they do have a formal ITAM program, and 23% said that they're planning on, you know, getting in and starting an ITAM program. So we're looking at this, you know, more than three quarters are really not tackling this challenge. Though it's only a matter of time before you're really forced to implement an ITAM program if you don't have one today, there's just too many initiatives and objectives most organizations are trying to achieve. And without ITAM in place, it's really not possible. So, you know, I imagine by the end of this year, this number will probably eclipse, you know, 40% if not higher.
So, you know, what is IT Asset Management? Well, it's really a set of business practices or policies, you know, that empower you and manage your hardware and software to help you gain the most from your IT investments. So ITAM has been around a long time. It's really become a critical part of any IT or really organization over the past probably five years especially, but really from existence. It just wasn't something as critical. You know, in the last 5, 10 years, software audits had really been picking up in the U.S. especially, you know, more and more regulatory obligations are now present in the environment. There are many more security risks. So, you know, as time goes on, ITAM will just become more and more critical. And more from, you know, in just IT, it's also critical for security, and for HR, and finance, and contracts department. It really touches, you know, all parts of an organization.
Let's change gears a bit. Let's talk through, you know, some of the challenges organizations face. You can also say these are kind of the objectives you're looking to solve. So let's talk about what the problems are, then we'll go through and kinda talk about what the answers to those problems could be. So the first challenge is visibility and performance. Now, without visibility, you really don't know what you have, and therefore, you don't know what you need to manage. So if I don't know these are the assets I purchased, how do I know I need to manage them? You know, I may discover, I've got 10,000 devices on my network. But how do I know those devices how many I've actually purchased? How many are contractors, just temporary contractors? How many are customers on one of my sites that are connected?
So I don't wanna try to manage anything that's not mine. I wanna be aware of what's there. But when it comes to true asset management of understanding, you know, who is this asset supposed to be allocated to, where is it supposed to be used, what software should be on it, what type of configuration should it have, I only wanna be managing those things that I own. I also wanna understand, you know, did I purchase something? Do I own them something? And it's not found on the network. So, you know, having that visibility is really critical.
Next is lifecycle management. So being able to track your assets really more than just hardware, but any asset through its lifecycle is critical. So, you know, having an understanding of I requested this particular asset. Again, this asset came from stock where someone purchased it. And I wanna now validate, you know, whatever was purchased or pull from stock is what I requested. And then I wanna make sure whenever I receive it, it's what was ordered or pulled from stock. And then now, it's been put into use and allocated to someone. I wanna verify that's the right person who's using it. And if something happens to the asset through its lifecycle, whether it gets sent back for repair, or it was dead on arrival, or maybe it just got transferred a few times to different people, maybe it was refreshed, and re-imaged and repurpose for a different department, I wanna be able to track that all the way through the time it needs to be disposed of.
And in many cases, there are legal obligations to how you dispose of an asset. So being able to prove, you know, this is where the asset was, this is what was on it, this is your user, and then this is how it was disposed of can be, you know, a critical piece, and could be something you need to be able to prove. So having that understanding not just protects you from different liabilities, but it also gives you insight into how assets are being used, how they're performing, and you start to aggregate that data over time, you can make much, much better decisions. So lifecycle management is really about the heart of ITAM.
So next is compliance. And with compliance, we typically we think of, you know, software compliance and, you know, being able to manage your software, and be prepared for an audit before it becomes an issue. So if you have a good understanding of what software licenses you're using and what you've purchased, you're in good shape if you do get audited. But there's also, you know, compliance around hardware, and there could be compliance from, you know, internal compliance from your organization. There could be initiatives your organization has where, you know, there's different mandates in place. Maybe you have to do a manual inventory once a year. And there's certain threshold to have to meet.
You know, I was out at a client just over a year ago, and they were looking to really build on our ITAM program because of internal audits, because that particular company took them very seriously, and they had failed one the year before. And their biggest issue was not knowing where assets were. So they didn't have a good way of being able to validate actual locations then assign them to assets. So they went through an audit the previous year. And what they came back with was they were...it was around 35% of assets after they went through their manual inventory had [inaudible 00:17:44] locations they could track. All the others either didn't have a location, or had something like, you know, state level, Idaho or Georgia, versus an actual location where someone can find. And that was a really big concern because they were...if they fail the second audit, they had rules in place, some things were gonna change. So that that was, for them, the internal compliance was an issue. So compliance is really more than just software. It's really anything that you're mandated to do.
So now, we're looking at optimization. So, you know, how I really optimize my assets? How do I use my money the most efficient way, and get the most out of my assets? So this could be, you know, we think about optimization. It's, you know, making sure on the software side that, you know, I don't have applications I don't need. So I don't have everyone, you know, getting Visio as part of the base image if no one's really using that. And for the people who are using it, maybe there's more of a freeway or something that gives them the same functionality, you know, making sure that if I already have Office 365, I also have an Office 2016 still installed legacy because if I get audited, I'm gonna need a license for both. So being able to kind of optimize and streamline exactly what's installed.
This also goes on the hardware side in terms of, you know, are my assets being optimized in terms of...do I have, you know, 15 agents running? And the CPU is close to 100%. And my amount of memory, because of all these different agents, and maybe their agents from disparate systems I don't really need that I consolidate and, you know, really improved the end user experience that people using those machines. So that's one side of it.
And then optimization around spend, whether it's hardware or software. It's really being able to have insight into what have I purchased, you know, what vendor gives me the best deal, the best service. So unless I start capturing that procurement information and can make some decisions around things like quality of service and price, I'm not gonna be able to make decisions, understand, you know, where I can optimize.
Next is security. And really security and risk management kinda go hand in hand. So we talked about reduce security issues within the business. This could be where, you know, ITAM can really add a lot of value for security. So if we had understand who has this asset, where the asset is, you know, who is this person's manager, what business unit should this asset reside, and, you know, would who bought it, where did it come from, when's the last time it gets scanned in. This is all the information that can be reported to security so they can understand, you know, if someone running something, they shouldn't be...if someone using this computer, who shouldn't be this person is allocated to it.
And then that ties in with risk management because, you know, if you have a breach of security, well, now, that's a risk. And now, if that gets out into the public, you've now hurt your reputational risk. And we've seen this over the past couple of years with companies like Equifax who had a major data breach. I mean, we've seen things with Facebook not being compliant with GDPR and how they're handling data. And the outcome has been quite significant. They both took very heavy hits. You know, their stock has dropped. They had to lay off people, you know, just more than the financial risk was the reputation of the organizations. And that's something that is really key nowadays because with the flow of information, if something happens, everyone knows about it. So I think we're really, you know, changing in terms of the environment of, you know, the real risk is really more reputational than financial.
So let's break these sticks down and figure out, you know, what questions do we need to ask ourselves to understand where we are with ITAM and with each of these different kind of pillars. So, you know, do know your assets inside and out? And here's some ways you can better understand and better understand if you do need some type of program, or place, you know, or if what you're doing now is working for you.
So do you know what assets you have? And I know we've touched on this a bit before, but it's really important. So it's not just, do I know what assets I own? Do I know where they're at? Do I know who's using them? Do I know what's been lost or stolen? But also, do I know the condition of the asset? Do I know whether my asset is 9, 10 years old and hasn't been refreshed? These are important things to know. And if you can answer these questions, and there's a lot of risk because without that visibility, you can't improve performance. You can't be prepared for an audit, whether it's internal, external. You really are just have to hope. And when we need an asset repaired or, you know, someone opens a service ticket for something, you know, they have to go and figure out, you know, where is this asset, what are the configuration details, I'm not gonna have that information readily available. So it ends up costing you a lot more time and in the end, money. And at the same time, you're, you're really at risk.
So the next one is, do you know what your assets cost? Without procurement information, you know, if you're just relying on say discovery or spreadsheets, you're not gonna understand what your asset costs, you know, what is the total cost of ownership of this asset? If I'm not tracking the cost from the time that I purchased it through its lifecycle, then I don't really know what that asset costs me and why is that important?
Well, if I've been purchasing assets from one vendor and let's say I've been purchasing assets from Dell in a particular model, Dell 123, and over its lifecycle, I've seen that I have all the procurement data lifecycle in data. I see that over its life cycle, you know, 40% of them have had to go for repair 3 or more times over the 3 years they've been in the environment, whereas I have a Lenovo 456 model, which only 10% went to repair, and they may have a higher initial costs, well, I may figure out, well, these HP laptops are much more affordable and they don't break as often, and I know what they cost me. The same could be said for, you know, if you're purchasing from different vendors or resellers, you know, you wanna be able to be to look at historical cost of these things, so you can make decisions about who gives you the best price. Also, things like depreciation, you know, do you have fixed assets or you could be depreciating and actually save money off your taxes that you didn't know about.
And that's really the main [inaudible 00:25:58] of cost, you know, as well as, you know, do you…if you're on a budget, or project, or something, are you able to really do that efficiently and understand, "Okay. I wanna bring up a new data center? Do I know what that's gonna cost me? Do I have any insight into what these assets how would need would cost, and whether or not their inventory, or I need to purchase them?" So understanding what things cost you can really save you a lot of money going forward and really help you make better decisions of what you purchase.
Another question to ask is, you know, are you concerned about security and compliance? And if you ask yourself or your organization, you know, the answer should be yes. I think everyone should be concerned because every day, there's just more and more gaps, and more risks, and we're just more vulnerable. And we see it on the news, we see it internally, things happen. So, you know, are you worried about regulatory compliance, protecting against the data breach, and especially if you're in a sensitive industry such as finance and banking or healthcare, you know, there are a lot of obligations that impact you.
We talk about security and compliance. We're also talking about software, you know? And if you don't have something in place to understand, you know, these are the entitlements I've purchased, and this is the software I'm using, and it can be quite complex. Well, then you're probably a bit concerned about being audited. And, you know, for some people, software compliance might be pretty simple and not complex than for others who have a lot of enterprise software install across the data center, things like Oracle or SQL server installed on a VM, part of a cluster with virtual tools and things of that nature. Well, now your compliance just became really complex. And there are a lot of different scenarios that impact how that's calculated. So without proper policies and procedures in place, as well as the right technology, it's extremely hard to be prepared and probably, you know, gives you greater concern not having that best visibility.
So next question is, you know, are you concerned about end user satisfaction? And this is something that really is becoming more and more important to organizations and IT. And I think back to, you know, 15, 20 years ago, and I feel like software wasn't really designed for end user satisfaction. It was more about functionality. So when new software came out, it wasn't about how nice it looked or easy to use it was, "Oh, well, this new software came out and now it has this additional functionality I can use to do whatever I needed to do."
But nowadays, it's really about making it about a pleasant experience for the end user. So I know here at Ivanti, it's something we worked very hard on with our UIs and just process and implementation of software. It's something we really try to improve as much as possible. And from an ITAM perspective, you know, end user experience could be, you know, someone starting a new role, an organization. And, you know, they need new equipment whether that's a laptop, mobile, whatever it may be. And you know, are they getting that right away when they start day one, or you know, we think back to the first live for a customer we have, they've didn't have a good ITAM program in place, and they said they can take up to three weeks before a new hire gets their equipment.
And for someone starting a new company, that's not the best way to start. They're going to be frustrated. You know, people are usually very eager to get started. And if you have to wait, you know, several weeks to get your equipment, well, that's not a very good experience. The same could be said if you're not getting the equipment that you need. So if your laptops or five, six years old, seven years old, not being refreshed, then you're probably not as productive as you could be. If you have to sit and wait while, you know, something runs on your computer because your CPU is at 100% or you're out of memory, it's just not a pleasant experience.
So, you know, understanding whether or not being able to answer, whether or not your assets are meeting the needs of the users, it's quite important because it seems, you know, IT is always blamed for everything. So when you could be proactive and provide a good end user satisfaction, you know, you're normally able to move forward the initiatives in IT you're looking to. If your end user satisfaction is poor, well, then typically, you're not able to do that, and your budgets gonna be a cut, and then you have to really have a good ITAM practice in place to do more with less.
And that brings us on to the next question, which is do you need to scale the business? You know, do you need to do more with less, reduce some of the complexity in your environment? And you know, many people on this call are working for organizations, which have gone through mergers and acquisitions. And, you know, we talked about scalability. We also talked about, you know, how do we bring in new organizations? How do we get rid of disparate systems and really streamline? You know, do we have ways to automate processes?
You know, we have thinking about spreadsheets, well, that's a very manual non-scalable process, but we're able to introduce integrations into things like our HR system into, you know, deploy discovery tools to get inventory, and then integrate that into our asset lifecycle system, you know, being able to go into vendor portals and pullback purchasing data automatically, not having to have to have something emailed and manually entered. You know, these are the type of things that really can have a lot of value, reduced cost, reduced risk, reduced time spent from skilled employees doing manual tasks by being able to have that technology and process in place. So being able to scale a businesses is really critical. And it's really where ITAM can help.
The last question is, you know, can you achieve enterprise fiscal accountability? So what we're talking about here is being able to understand, you know, who's actually using what and buying what. Many cases, we see organization that don't have any type of chargeback model in place. And what happens is all the costs just go to IT. And so when you're not fiscally responsible or don't feel you are, you are much more prone to just, you know, request something maybe you don't need, maybe there's a cheaper model, maybe there's something already in the inventory.
But when you're able to charge…putting a chargeback method where whoever's repressing something would be liable for that fiscal charge. Well, that changes things. It also gives you a lot more visibility into who's spending and spending it on what. So this can really help you not just your expensive but put in budgets and things of that nature. Then when you have that information, you're able to then take the historic view and be able to use it towards forecasting and budgeting going forward.
So without having all that information we spoke up from contract, from procurement, from HR, you know, you really aren't able to allocate costs to a certain business unit and kinda follow who's buying what. So, you know, enterprise fiscal accountability is really important. And I can't tell you how many times I've been on-site or talking to a customer who doesn't have a chargeback model in place. And IT is always being hammered. They're always getting their budget cut. And they're having the scrambling, try to figure out, you know, what do I approve, what I don't. So it really makes everything a lot easier and really holds different business units accountable.
So looking at those, those top six concerns or objectives we just looked at, what we've done is kind of broken out, you know, these different concerns with the best practice approach, the type of functionality or discipline needed to satisfy that. So when we're looking at the first objective of, you know, I don't know what hardware and software assets are out there, you know. We needed things like discovery. We need integration into procurement. And we need some policy or workflow to enforce that in place. So being able to do that gives us a way to proactively manage that going forward. So those are kind of the three best practice disciplines or functionality we would recommend.
Number two, we're talking about understanding our cost and cost allocation. And again, we're gonna need that that purchasing information. So we don't currently have any linkage between assets and their acquisition, so I don't know what was purchased, I don't know if this was part of a contract, if this is part of a master agreement. I don't have any of that information so I can't track those costs. I can't report, you know, business unit 1 spent $5,000 on hardware this quarter versus business unit 2, you know, spend $1,000. I just don't have that visibility.
So, you know, from a best practice perspective, we need the integration into procurement. We need the breakdown of the organization structure, you know, how the business units broken out could be by departments, could be, you know, division, company, department, call center. It just depends on however you can break that out. So that's the type of best practice approach we would recommend.
Number three is being concerned about security and compliance. And now, we're talking about things like being able to accurately capture your entitlement, so being able to do contract management. We look at the software side of compliance, you know, the ability to produce effective licensed position or ELP. And that require having the ELP calculation somewhere in one of your system's ability to do that. And what that is would be not just understanding what the products are, but also how their compliance is calculated. And it could be very simple for a subscription-type license or a user-based license. Simply, you know Joe Smith is assigned this Office Professional Plus license. And that's how it's calculated.
Or it could be an example of, you know, we've got DB2 on a logical partition that's part of a cluster. And now I have to understand how many cores are on that cluster. Is it a capacity-based product where it depend on what have been turned on that cluster. You know, I have to understand what is the actual CPU model because that will change their PVU factor for IBM. So there's a lot of things that go into those calculations. So you really need some type of tool to be able to facilitate that. We think about being able to save costs and support growth, you know, wrote about optimization.
And so, you know, from best practice approach, it's really being able to do business planning, you know, being able to put some type of strategy in place to meet your needs. And lastly, you know, being able to proactively enhance security to be proactive in trying to stop things like data breaches or lost assets. And really from the best practice approach, it's security and regulatory obligations, being able to meet those, even understand what they are.
So continuing down, number four is being concerned about, you know, the end user experience. And again, we talked about onboarding and off boarding. We talked about being able to provide a self-service. And just the fact that users can be frustrated with either not having a machine to start, not having a proper equipment, you know, working with something that's quite old and outdated. And really, all these things are around operational efficiency. And with ITAM and technology, you could have different policies in place to address this. You could say, "Okay, machine should be refreshed after three years for this model. And you're tracking the end of life in the system. And you can have notification sent." It's really all about visibility. So that's the true power of ITAM is taking all these things together and being able to provide that visibility so you can make decisions.
Number five. You know, we talked about not being able to scale the business. This is really all about process automation. So technology needs to play a very big role with this, along with process and procedure. And then finally, number six is, you know, not having the ability to achieve financial accountability. And again this is business planning but it's also around automation and having the right tools to facilitate, you know, the proper approvals and things of that nature once you start being able understand who should be accountable for what. So that's really around business planning.
So in terms of Ivanti, these are our five pillars or products. And this really could be, you know, said for any company providing this. But, you know, we see ITAM right in the middle, it's really the glue that holds everything together. And it really supports all the other pillars. So we talked about service management, we talked about endpoint manage and security, identity management with onboarding, off boarding, and things that nature in managing entitlements. You know, asset management sits in the middle for a reason because it really is that glue that holds everything together. It really plays a vital role.
When we look at asset and service, and how they're kinda unified, you know, there are several things that are found in both disciplines, things like a catalog on, you know, you've got service catalog items, you have asset catalog items. So in the end, it's one catalog. The same thing for the request process, whether you're requesting a service or requesting an asset, it's still request management and things like onboarding, self-service, security, you know, these require both. And really, there's a big intersection here. Also, when you're thinking of things like who your users are, where your locations are at, what your business units are, those also are shared by both service and asset management. So there are many synergies between the two disciplines.
So continuing with unified IT, with asset and service, you know, we see asset manager, your life cycle tool in the middle of things like assets, and depreciation, and contracts, and stock management, what software is installed, you know, computer information. And then we look at our software asset management compliance tool, license optimizer, and we see, "Okay, there's an intersection here where installed software, and computers are important." But now, we're also on the license optimizer side, looking at things like our effective license position, being able to do scenario modeling, the kind of what if analysis, you know, what savings around software.
And then we pull in service manager, and we can see again, you know, where there's an intersection between request management, catalog management, users, again, locations, business units, there's a lot of synergy between these three tools and how they how they work together. So there's a lot of shared data that once you have in one system, you can leverage in another. And that's really we've been working very hard on at Ivanti is being able to create those synergies and make it much easier once one tool is set up to now leverage all that great data into the other tools. So whether it's service support, asset management, you know, software compliance, these free tools handle that for you.
I know we're getting short on time and I definitely wanna leave some time for questions, so I'll try to speed up the last few here. What we're looking at here is a scenario that we've created, showing kind of how the unification if IT takes place with Ivanti tools. So this is a scenario that could be demoed if you'd like to see it. It's something that we actually showed our customers last interchange, how to actually build this out with our tools in a lab. And what the scenario is, is there's a user who is on a shared machine, they're trying to launch Visio. But when they try, they get an error message saying, "Access denied." So they log in to Ivanti service manager and open a request. So using the self-service portal, they open a request to get access for Visio.
And next, what happens is there's the API call out to ILO to see if there's an available license. In this case, there wasn't one but we have the usage information, so we're able to identify a user on a machine no longer using it. So we call EPM to uninstall that that installed Visio on the machine that wasn't being used to free up a license. And then we now have an available license next through API. And this is fully automated. Our application control product who's able to create a profile update, it gets sent out to that shared machine to now allow that user to access Visio.
And after that point, the user is able then double-clicks on Visio. And now, it opens without error message. So basically, they were able to resolve their access issue just by opening a self-service ticket. And when we built this last year, you know, we can even make it more automated through a chatbot or another method. But this is really unifying all these products. This is just one scenario. We've got many others who were able to really automate IT, really bringing all these things together to facilitate something.
And from the end user, the experience was great because they didn't have to call anyone. They didn't have to ask for permission. They simply open the request. And what they're requesting was already approved. Now, if it was something else where they were requesting, an expensive piece of software, there would have been approvals or something else. But in this case, that end user was really happy because just in a matter of minutes, they got what they needed without having to interact with anyone.
So switching gears. These are the top five CSC controls. And CSC is Critical Security Controls. So this is what security, you know, leverages and looks at for what's most critical. And it's really interesting that the top two controls are really about hardware and software. So number one is inventory of authorized and unauthorized devices. Number two is the same for software.
So from a security perspective, being able to have that visibility of what should be there, what shouldn't be there in terms of hardware and software is number one on the list for security. So this is where ITAM really can add a lot of value to security. And I think it's something that's quite often overlooked, you know? A lot of people think of ITAM of, "Okay, I can save money. I can get better visibility, but really improves my security." So just something we like to point out because it is so high on the list. And that was it. So thank you very much.
Mareike: Thank you so much, Darren, for taking us through it. We do have a couple of questions that I'd like to read to you. If you could listen to those, so the first question is about, "From a government perspective, how do we track assets that are not connected to the network? For instance, external offices, items in stock and the like?"
Darren: So that's a very good question. There are a few different approaches. So they're obviously, you know, not just government but there's also, you know, laboratories and other development instances where there's labs setup that aren't connected to the rest of the network. And there's a few different ways to get that information. One is a manual inventory, leveraging some type of barcode scanner technology. And the second is, you know, with our EPM solution, we're able to lay down an agent. And it doesn't have to be connected to the network at that time, it just at some point if it can connect to any network, they can report that information back, or you can install the agent and then just manually, you know, take those files from that closed-off site and report that back to your asset management tool. So there are a couple ways of getting that information.
Mareike: Thank you, Darren. So your next question is, "Does Ivanti service manager have more than two levels of location that has to be built manually? You mentioned before that intersection with ITAM and ITSM, are all those data from location perspective coming over into service management?"
Darren: Could repeat the first part of that question?
Mareike: Was it there a more than two levels of location. The example here was location, and the city, the headquarters, and then third floor of where the actual asset is located.
Darren: So are there more than two levels? Yeah, there definitely could be. It really depends on how you're able to…what level you're tracking the devices at. So if you track something to a cubicle, or to a floor, or just a building, obviously, the more granular you get, the more easily it is to find the asset. I've worked in asset management systems where there was actually coordinates, and they could punch that in and just get...MapQuest would come up. There was a workflow that would give them directions because some of other offices were quite complex and kind of like a maze.
And so there was one project that I worked on where the people coming to service, the printers, couldn't find them, and so they actually put in GPS coordinates. And they were tracking it down to that level. So really it depends on what your needs are. If your technicians who go out to fix the assets or, you know, have a good understanding of where things are and they only needed down to the building, or to the person, or, you know, it really just depends on your needs. But you could get as granular as you need to with our tools.
Mareike: Thank you. The next question is about tracking software for SQL server virtual machines and VMware. How is that done? Could you share some insights around that?
Darren: Yeah. It really depends on the exact version and product. So for example, if you have SQL server Enterprise edition, if that SQL server is installed on VM as part of a cluster, it really depends on your contract as well, your enterprise agreement. But more times than none, SQL server is licensed a few different ways. It's licensed by its core. And core-based licensing is number of cores times number of CPUs times a core factor depending on the CPU model. But there's also licensing. There's a server license, there are different CAL licensing. So CAL is a Client Access License. So there's actually four different metrics potentially with SQL server.
Now, depending on the version, and product, and your agreement, many times, if it's on a VM, and it's part of a cluster, many times, you have to license it across the entire cluster. So if you had 50 machines with 100 cores, you know, you'd have to license it across the entire cluster, similar to Oracle. And there's a famous picture that shows a parking lot that's completely empty. Every spot is empty except for one, one person parked their car. And a good way to think about it is, you know, in some of these instances where it's on a VM part of a cluster, the cluster is that the garage and you have to basically pay for parking for every possible spot.
You could have parked your car instead of just the one you parked in. So that is how it's licensed. But again, it depends on your contract and the exact version and product. Many times, you know, I mean, you could purchase an academic license, which may be licensed a bit different. So it's really important to understand the exact product you purchase, which can only be identified by the actual skew or park number but that really will determine how exactly it's licensed.
Mareike: Great. Thank you for that visual as well. The other question was regarding the presentation. So yes, we will do the follow-up email. And you will get the presentation as well as the recording from today as well. And we'll also include Darren's contact detail, if there's any other question, if you have any follow-up questions that weren't answered today. So we'll stay on two more minutes. And we're at top of the hour. Are there any more questions people on the phone that we can answer today?
Mareike: So I'm not seeing any more questions come through right now, Darren. So I think we are okay to close for now. But as I mentioned, please feel free to reach out to us if anything comes up that you think of that we can help you with regarding IT Asset Management. And thank you for attending today's webinar. Thank you, Darren, for walking us through best practices. Thank you, everybody, and have a great rest of your day.