Connecting the dots on IT Asset Management
Dot 1: IT Asset Management as a discipline has been around for quite a while. As an industry trend it is (surprisingly) receiving less attention than it used to – Gartner, for example, no longer tracks it as a Magic Quadrant. However, not only are IT assets still in play, there are far more of them. Because of continued mobile device growth and the rise of IoT, devices that numbered in the millions are pushing rapidly through billions, and are very soon going to hit trillions. This is asset management on a completely different scale.
Dot 2: Scale aside, these assets are also tightly interconnected when it comes to day to day use. People transition from their PC to their phone, to their watch, to their car, all while moving in and out of the cloud, and the process is nearly contiguous. Having that kind of seamless experience requires deep integration from a workflow perspective, because all these assets are interdependent. This also means if there is a failure in the process workflow, the entire system could be at risk, something hackers have become particularly adept at exploiting.
Dot 3: The entire global IT ecosystem has just shifted on a massive scale as everyone works or studies remotely. Twitter effectively went from 35 to 4600 offices in the space of a few weeks. This trend is hitting everyone everywhere, all at once. That is what real digital transformation looks like, and no one was ready for it.
Dot 4: (connecting 2 & 3) Process interdependencies coupled with an expanded attack surface opens up a whole different level of risk for business. Are your employees accessing secure company data from a home wifi? Do your security policies address personal device use for company work? This was a challenge to control when most people worked from a centralized location, the risks IT asset management faces now are on a whole different level.
Dot 5: Compliance. Just in time for a pandemic coupled with accelerated digital transformation comes new regulations. CCPA (California Consumer Protection Act) just became enforceable, and it applies to anyone doing business in or with California residents (and considering the companies that are based here, that’s nearly everyone). CCPA is about data protection, all of which resides on IT assets, most of which have just left the office and are now operating in an unsecured environment. The regulators are not going to accept “I thought my wifi was secure” as an excuse for a data breach. CCPA is just one framework, and the other broad ones (such as GDPR or SOC 2) are constantly updated to make sure their edges are nice and sharp.
Dot 6: Audits. Close on the heels of compliance are IT audits; people looking for the slightest excuse to hit you with an out-of-compliance fine, and the fines can easily hit seven figures. No one enjoys going through an IT audit, but if you’re prepared, it can actually be a great opportunity to prove that you do in fact have your act together. Knowing with precision what asset is where, and who it is associated with essentially takes the wind out of an audits sails – you’ll still get audited, but instead of getting spanked you’ll get a pat on the back.
Dot 7: Integrated IT Asset Management. Given dots 1-6, this is critical. Most businesses track their IT infrastructure across a variety of management tools; CMDBs, SAMs, MDMs, UEMs, etc. These systems are all siloed, even though employees’ use of devices (IT assets) can span activity across all of them. It is incredibly important to have a holistic and current understanding of what is going on in the entirety of your IT estate. This is where integrated ITAM shines, and given everything that is going on, now is very much the time to expand your IT capabilities to include it.