Blog

Trends and opinions for improved IT service management and client management

Posted By: Russ Ernst
12 May 2015

Rumors of the demise of Patch Tuesday have been squelched for now, with today’s release of 13 security bulletins from Microsoft. It’s May Patch Tuesday and while last week’s announcement of Windows Update for Business (WUB) makes it clear as mud whether or not Microsoft will in fact continue to provide monthly security patches for the enterprise as they have since 2003 on the second Tuesday of every month, one thing is certain today. IT departments everywhere will have their work cut out for them this month with 13 bulletins released from Microsoft. Of the 13, 3 are critical and 10 are important. In addition, we have new critical patches from Adobe for Reader, Acrobat and Flash Player as well as Apple, Mozilla and others.

Before diving into your May priorities, it’s important to understand what Microsoft announced – and what they didn’t – during last week’s Ignite Conference. Slated for release sometime this summer, the enterprise version of Windows 10 will ship with WUB. Using a ring approach, organizations can choose to immediately install the first ring of updates issued by Microsoft as they are ready or, to wait for the patches to be vetted and install them from a second or third ring. This new approach will allow for 24/7 updates for organizations that already have a well-established patch management process, and regularly scheduled patches for others.

While I’m optimistic about WUB, many people are wondering if the as-they-are-ready patch deployments will replace the traditional Patch Tuesday updates. At this point, we can only surmise as Microsoft has not clearly articulated their strategy. What we do know is WUB won’t be your cure-all. It won’t patch Windows 7 or 8 so if you plan to continue on either or those OS, you will be at risk. (Microsoft is offering Windows 10 for free to business to address this issue.) Nor will it solve the problem of third party application vulnerabilities. We know these continue to be a popular attack vector and Microsoft’s new updater will not address those.

Back to the job at hand, the May patches. First on the list for any organization using Internet Explorer should be MS15-043. This is a critical, cumulative update to Internet Explorer that impacts versions 6-11. This update patches 22 CVEs in all – the most serious of which could allow a remote code execution when a user visits a specially crafted webpage while using IE.

Second on your list of priorities this month is MS15-044. It resolves 2 CVEs in Microsoft Windows, .NET, Office, Lync and Silverlight. The most severe of the font driver vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage. This vulnerability has the highest exploitability index for both the latest platforms and application versions, as well as older versions. Given the broad scope of impacted software and the relative ease attackers could turn around exploit code, this update should be deployed quickly.

Also, pay particular attention to MS15-051, an elevation of privilege vulnerability in Windows Kernel Mode Driver. Even though Microsoft ranks this update as important, it’s the only bulletin that addresses an actively exploited vulnerability this month. In all, it addresses 6 CVEs.

Also in your queue for this month should be an update for Adobe Acrobat and Reader – the first we’ve seen since December. A total of 34 vulnerabilities, some of which could result in remote code execution, are updated with apsb15-10. Interestingly, 11 of these vulnerabilities were discovered by a single researcher and 21 were reported through the HP Zero Day initiative. While the pay for zero-day model is our unfortunate reality, it’s refreshing to see responsible vulnerability reporting working as designed.

Adobe Flash Player has also been updated again – this time for 18 CVEs. Already, Flash Player has been targeted 7 times this year, more often than IE if you’re counting. If you’re using it, patch it quickly.

Other May Patches:

  • MS15-045 Vulnerability in Windows Journal
  • MS15-046 Vulnerabilities in Microsoft Office
  • MS15-047 Vulnerabilities in Microsoft SharePoint Server
  • MS15-048 Vulnerabilities in .NET Framework
  • MS15-049 Vulnerability in Silverlight
  • MS15-050 Vulnerability in Service Control Manager
  • MS15-052 Vulnerability in Windows Kernel
  • MS15-053 Vulnerabilities in JScript and VBScript Scripting Engines
  • MS15-054 Vulnerability in Microsoft Management Console File Format
  • MS15-055 Vulnerability in Schannel

Organizations with well-established patch management processes in place should welcome Microsoft’s WUB announcement. It will likely lead to quicker security updates and should be able to mix these more continual updates into tiered deployments. For those that don’t, the news should be something of a call to action. If you aren’t conducting strategic patch management, which includes patching outside of Microsoft, you should start now.

Posted By: Anonymous
08 May 2015

By Dennis Drogseth
EMA, Vice President

In my last blog, I talked about “IT Cultural Transformation and the Elimination of Technology Silos.” That blog keyed on four key areas of advice, which also provide a useful foundation for the topic of “Governance and Optimization.” These key areas include:

1. Standing in the middle of the storm –This means looking at the interdependencies between process, technology, and organization/culture as they impact your particular objectives and environment. Too often these areas are dealt with separately, without appreciation for how technologies such as automation and analytics may impact process, for instance, or how process best practices may impact organization and culture.

2. Defining particular versus generic objectives – Too often IT initiatives are not well grounded in clear objectives that reflect meaningful priorities specific to the unique environment at hand. Governance and optimization can only be addressed once you have adequately addressed the question, “To do what, exactly?”

3. Defining objectives with an eye to your resources This area is the focus of our blog today. We’ll look at assessing priorities and applying meaningful metrics to your initiative.

4. Promoting dialog and communication – Nothing is more critical than good communication (including listening) with both stakeholders and executives. The set of metrics you decide on for governance should be a product of dialog, executive buy-in, and ongoing socialization.

Assessing Priorities for Governance and Optimization

One of the first things you should do—whatever your initiative—is to socialize your initial plan with the executive community, and then with stakeholders. This also means listening to and documenting their priorities. You will usually find that opinions differ, priorities don’t align, and perspectives on technology resources conflict.

For instance, in a single ITSM initiative, EMA documented the following priorities across multiple stakeholders:

  • Asset and configuration management
  • Application dependency mapping
  • Change management
  • Enterprise view/portal
  • Problem management
  • Release management
  • End-user experience
  • Patch management
  • Retiring assets
  • Security
  • Compliance
  • Portfolio management
  • Virtualization

Needless to say, there’s no way to create a workable first-phase plan with appropriate metrics and objectives around such a broad palette of processes and technologies. Establishing this type of list is in itself valuable—as it provides a snapshot of IT priorities. But it needs to be whittled down based on readiness and need, and even on the willingness and enthusiasm of critical first-phase stakeholders.

Creating Metrics for Governance

Too often metrics for IT initiatives evolve out of the “politics of pleasing” as opposed to well-grounded project directions. This invariably results in disappointment, disenchantment, and misdirection. It’s critical to set meaningful metrics based on your first-phase plan.

For instance, metrics associated with asset management might be associated with the following broader objectives:

  • Cost savings from improved compliance with SW licensing agreements
  • Savings on license, support, and maintenance contract costs for devices that no longer exist or need to be licensed/supported
  • Documented improvements in the level of accuracy for costing out services to customers
  • Improved ability to integrate and retire new assets in terms of time efficiency, cost efficiency, and service impact (downtime)
  • Number of assets mapped to appropriate security parameters
  • Completeness of mapping of assets to owners

Each of these metrics is, in reality, a departure point for more granular metrics based on expectations for improved processes and enhanced technology investments. Ideally, each detailed metric should have a stakeholder associated with it, either an individual or a team that has full buy-in and is committed to both the objective and outcome. One of my favorite examples of metrics involved telephone or Internet time spent in searching for the right CI owner by Level 1 service desk employees when unplanned incidents occurred. Once CI owners were mapped to critical CIs, this company saved nearly $100,000 in Level 1 search time, which they called “mean time to find someone” or “MTTFS.”

The following are a few examples of initial planning metrics for change management:

  • Reduction in number of unapproved changes detected
  • Reduction in number of change collisions
  • Reduction in number of failed changes and re-do’s
  • Reduced cycle time to review, approve, and implement changes
  • Reduction in time to deliver/provision new application services
  • Reduction in time to onboard new employees

How to Use, and Not Obsess about, ROI

All return-on-investment (ROI) values should include OpEx (team/time) costs and CapEx (technology) costs and should map these costs to achieved outcomes in terms of IT efficiencies, service availability, improved end-user productivity, and other business outcomes.

While ROI is often the first thing people like to use to highlight effective governance and optimization, the reality is that all ROI values should evolve out of solid dialog, planning, and project management. Doing the opposite—starting with a pie-in-the-sky ROI number and then trying to backfill a plan for getting there—is a sure recipe for failure.

Moreover, most ROI is not “pure.” If you are doing a change management initiative, you should expect to see improved service uptime, improved IT efficiencies, and possibly improved asset lifecycle management savings as critical IT assets are better identified and managed and unused assets become more visible. However, trying to pretend that your core change management team and its associated technology investments are responsible for ALL of these benefits is duplicitous at best. What you’ve really done is create a better foundation for your entire IT organization to perform more effectively—a bit like installing a transit system in a major metropolitan area. Trying to claim that your team did it all is bound to make you unpopular and may even discredit you as you plan your next-phase objectives.

To Sum Up

Governance and optimization go hand in hand, and they depend on dialog, socialization, prioritization, and metrics. Moreover, governance should not be approached as a generic exercise, but rather as a highly individualized set of processes, metrics, and communications based on the unique IT environment at hand. We at EMA have seen many IT initiatives go awry by ignoring these two key points. But once the right process gets underway, you’ll find benefits at every step—as the realities and potential of your own IT organization become more solidly defined, and your ladder for improvement becomes a reality.

Posted By: Eric Aarrestad
24 Apr 2015

Take a look at the online comments section for any review of the Apple Watch, or any smartwatch for that matter, and consumer objections are immediately apparent. They may say ‘it’s ugly, it’s too expensive, we don’t need smartwatches, I like my dumb watch, I hate Apple, I hate Android’. Indeed, from a business perspective, it’s all too easy to dismiss the watch as a luxury plaything, as many have already. However, there were naysayers for the smartphone too and even IBM didn’t believe there was a market for the PC, standing by to let Microsoft dominate the market for years to come. Needless to say, people can be wrong, and it would be hard to argue that these two devices haven’t had a profound impact on the way in which virtually every modern business operates today.

While enterprise adoption might initially be limited to simple field scenarios such as arranging meeting points, alerts, quick canned/tap email responses, as well as simple project tasks and conflict notifications. However, apps and extensions of current enterprise apps could one day enable more complex scenarios and revolutionize certain business tasks. I for one wouldn’t bet against the smartwatch for business any time soon.

It’s probably not an immediate concern for most IT teams, but the implications from a Unified Endpoint Management perspective are that, over time, smartwatches essentially represent an extension of BYOD. As such, they’ll similarly require some level of management, updates and security as part of a unified endpoint management solution. This will be especially important once these devices begin enabling more complex tasks, when the volume and type of data stored on smartwatches becomes increasingly valuable.

Posted By: Anonymous
22 Apr 2015

By Steve Brasen

EMA, Managing Research Director - Enterprise, Mobile & Endpoint Management

In a perfect world, all business processes would be automated and all work tasks would be accomplished with the click of a button. This idyllic work experience seems to be the realization of Plato’s utopia…or, if you prefer, the world of the Jetsons. Regrettably, however, we clearly do not live in a perfect world. Put simply, while any repeatable processes can be automated, not every process is repeatable, so automation is not a practical solution in all cases. This is particularly a problem for enterprises since business productivity is almost entirely dependent on the rapid and accurate performance of business processes.

To begin, it needs to be understood that business processes are not just utilized by IT administrators. In fact, business processes are used by every individual in a business ecosystem—from the CEO to middle management to task workers, even the enterprise customers. A business process can be defined as any series of tasks necessary to complete a common business requirement. These might include provisioning resources, completing a service request, initiating a sales contract, auditing for compliance, or performing any other chain of activities frequently employed in normal enterprise operations. Individual tasks that require the use of computing technology can often be automated. Automated tasks are completed faster and with greater accuracy than manual tasks, ensuring consistent results and improved user productivity. Naturally, it follows that the more tasks are automated, the more efficiently a business operates. Whole workflows, consisting of multiple tasks, can be automated to perform complex jobs from single point of execution.

Unfortunately, not all workflows or individual tasks within a workflow can be automated. The requisition process for a new desktop PC may automatically determine and provision the model, operating system, hardware configuration, and base applications for the new device based on the user roles, but other elements—such as approval for the installation of additional software—may require manual inputs from a third party. Similarly, a regulatory compliance audit can leverage automation to collect the bulk of information from software elements, but a physical inspection of the hardware and surrounding environment may be necessary to complete the audit process. Complex business processes typically require a mix of both manual and automated processes performed in a particular order to complete successfully.

Most commonly, complex business processes consisting of both automated and manual tasks need to be governed from initiation through completion, executing each individual task in a workflow in a methodical fashion. If steps are missed or performed in an incorrect order, the entire process may fail and/or result in business-impacting errors. Also, the time-consuming activity of monitoring and executing each step in a workflow can undermine the value of introducing automation in the first place.

To be effective, organizations must adopt business process management solutions that are able to govern both automated tasks and manual tasks. Upon initiation, the platform executes any initial automated elements before submitting a request for manual actions to a ticketing system, a change management platform, or to any other commonly utilized service support solution. Even just a simple alert or email can be used to engage individuals to perform manual tasks. Once the manual tasks are acknowledged as completed, the governing platform executes the next set of automated steps until another set of manual process needs to be performed. In this way, complex business processes are entirely managed through completion without requiring constant babysitting. Business users, therefore, are empowered to initiate a broad range of processes without needing to understand, or be aware of, all the technical and non-technical tasks that are subsequently performed behind the scenes. Now that’s a work environment in which I expect even George Jetson would feel comfortable.

Posted By: Kevin J Smith
16 Apr 2015

As demands for IT automation, self-service, and dynamic operations grow, effective service management becomes an increasingly important facet of a company's success; yet, many IT departments are struggling to meet these demands. It's for this reason we've developed the HEAT Service Management solution, an incredibly flexible application that makes all aspects of service management, including service requests, remediation, and authorization, far more efficient than traditional manual methods.

Cloud applications have dramatically changed our market. Cloud applications deliver exciting advantages, but on-premise applications can be best for some organizations. As always, choice is good. Because having only one option isn't an option! As companies consider launching our innovative HEAT Service Management application, they'll be faced with an important question: on-premise, cloud, or hybrid application deployment? A company's answer to this question can determine the extent to which cost and efficiency are optimized. Here are 8 key questions to consider.

1. Do you focus on year 1 costs or a long term TCO?
Cloud Preferred:
• Year 1 costs are lower with SaaS (50% to 75% less)
• Save money on servers
• Prefer annual subscription model
On-Premise Preferred:
• 3+ year TCO typically favors on-premise
• Overall consulting costs similar
• Prefer perpetual license model

2. What is the state of your IT resources?
Cloud Preferred:
• Lowers requirement for IT services
• Data and application moved offsite
• System administration needs are reduced
• Upgrades managed by vendor
On-Premise Preferred:
• Will require IT support
• Data and application are local
• Plan for local system administration
• Upgrades are do-it-yourself

3. What is the nature of your system integrations?
Cloud Preferred:
• Limited number of integrations
• Well defined and understood
• Typically static and one-way
On-Premise Preferred:
• Need a number of integrations to other applications
• Evolving and complex
• Typically dynamic and bi-directional

4. Does your organization have experience with Cloud?
Cloud Preferred:
• Other Cloud application(s) in place
• Cloud understood and accepted
• Executive support for SaaS
On-Premise Preferred:
• No Cloud application(s) in place
• CRM and ERP applications have been deployed on-premise
• Executive team see Cloud applications as a risk

5. What is your history with Application upgrades?
Cloud Preferred:
• Bad history with upgrades
• No current upgrade process
• Generally lacking in-house skills
On-Premise Preferred:
• Good history with upgrades
• Established upgrade process
• The right skills available

6. Rate your readiness for ‘out-of-the-box’?
Cloud Preferred:
• Organization is ready to embrace standard applications
• Business is more standardized
• Bad experience with custom applications
On-Premise Preferred:
• Applications tend to be more customized
• Business is highly unique
• Have aptitude to sustain customizations

7. How are your users distributed?
Cloud Preferred:
• Highly distributed user base
• More complex upgrade process
• Reliable internet access
On-Premise Preferred:
• Centralized with fewer locations
• Upgrades more localized
• High quality servers

8. Are Cap Ex or Op Ex budgets more favorable?
Cloud Preferred:
• Operating Expense budget preferred
• Smaller financial impact in year 1
• Annual subscription preferred
On-Premise Preferred:
• Capital Expense budget preferred
• Larger financial impact in year 1
Purchase of perpetual licenses

At HEAT Software, our HEAT Service Management application is available with flexible deployment options: On-Premise, Cloud, or as a Hybrid, which combines On-Premise and Cloud with the ability to move seamlessly from one to the other. Each company will need to thoroughly consider their own IT needs to determine which deployment option will work best, and our HEAT Software support staff is happy to discuss these options with you. Learn more about deployment solutions for HEAT Service Management by contacting us today.

Posted By: Jim Blayney
01 Apr 2015

Service automation refers to an approach to streamline operations via automated processes. While service automation has been widely sought by companies for its ability to reduce costs and increase productivity, this technology also makes corporations more secure. How? First, let’s consider how the discovery of a security threat would be handled by a company without service automation.

When handled manually, a security threat would first be reported by users to the company’s help desk. Then, a service analyst would spend time investigating and identifying the threat, and once confirmed the company’s IT team would be notified. The IT team would in turn spend additional time searching for the correct patch to block the threat, request approval to manually implement the patch across the company’s network, and add this latest patch information to the company’s management system. Once that was completed, the IT team would then inform the help desk, which would in turn update customer records and notify customers of the solution via email. If that sounds like a lengthy and tiresome process, we agree. There’s no telling how long a customer would need to wait for confirmation that a security breach was handled with manual service.

However, with service automation, managing security is far easier. For example, were the same security threat to be present, an automated system would instantly detect and identify the new threat and immediately download the proper patch to test. The patch would be pre-approved and logged into the system’s records, and the service desk would be automatically notified of these changes. The system would in turn quickly deploy the patch, update compliance policies, and configure all items. Users would then be immediately notified of this update to security.

It’s therefore easy to see why service automation is a better option for managing corporate security. Service automation reduces the number of channels necessary to enact a security update, and therefore reduces the amount of time a network is exposed to dangerous threats.

Learn more about how service automation can improve corporate security by viewing our infographic.

Posted By: Anonymous
27 Mar 2015

By Steve Brasen

EMA, Managing Research Director - Enterprise, Mobile & Endpoint Management

IT operations managers are cringing all around the world – desperately avoiding those inevitable words from their executive management, “you need to support enterprise mobility.” The concerns are understandable. After all, IT administrators are already over-taxed with supporting desktop, server, application, and infrastructure management requirements. Asking them to layer a whole new management discipline on top of that can be a daunting prospect. IT managers finding themselves in this predicament often recognize it as an opportunity to practice the fine art of procrastination. Particularly skilled procrastinators will employ one or more of the following excuses:

  • · We don’t have the money
  • · We don’t have the time

· We don’t have administrative staff knowledgeable in managing mobile technologies

While this avoidance strategy has proven successful in many organizations, it is, in fact, only a temporary solution. Smartphones and tablets, whether supplied by a business or brought in by employees, have become commonplace in organizations across all major industry verticals. According to EMA research, 89% of all business professionals rely on a mobile device to regularly perform job tasks, requiring broad but secure access to business applications, data, and other services. Typically of greater urgency, however, is when the CEO receives a gold-plated smartphone for his birthday and wants to use it to access business resources to impress his friends while awaiting his turn on the 16th hole at the local golf club. At that point, the jig is up, and the need to deliver full enterprise mobility management (EMM) is inevitable. But this doesn’t necessarily mean IT managers must surrender to stretching their already exhausted administrative resources. After all, the purpose of procrastination is ultimately to minimize efforts (though poorly executed procrastination my actually back-fire and increase work challenges). The secret to successfully satisfying EMM requirements while at the same time reducing administrative efforts is the introduction of IT management efficiencies.

Traditional endpoint lifecycle management processes (i.e., PC management) commonly involve the complete control and management of desktops and all installed software components from initial deployment through final retirement. This approach is possible in an environment supporting a single architecture (such as Window PCs) but attempting to apply this to the broadly heterogeneous deployments necessary to support workforce mobility is tantamount to drinking the proverbial ocean. Instead, organizations should not attempt to control the entirety of the endpoints and instead focus on the optimal and secure delivery of business IT services (applications, data, email, etc.). This is not to say the devices themselves should no longer be managed, but monitoring and administration tasks should be limited to just the configuration elements necessary to secure and run business services. This approach substantially reduces the amount of required support effort while empowering end users with the ability to perform unfettered personal tasks on their devices (e.g., Candy Crush, Minecraft, and watching amusing cat videos). The secure delivery of business IT services is further simplified by introducing three core mobile management capabilities:

Automation – Any repeatable process can be automated, and the more that are, the less mundane day-to-day activities there are that need to be performed by operations. Commonly automated tasks for EMM include software provisioning, asset discovery, application/email configuration, and data loss prevention.

Role-Based Management – By categorizing users and their devices into logically segmented groups based on the users’ job function or role (i.e., accountants, salesmen, developers, etc.), a common set of profiles can be established defining access privileges, configurations, and application availability. Often, these groups are already identified in a listing service, such as Active Directory. In this way, on-boarding new users requires little, if any, administrator interaction as all settings have already been predefined.

User Self-Service – One unprecedented aspect to enterprise mobility is that employees overwhelmingly prefer self-service. This should be encouraged. By consolidating enterprise resources onto a centralized service catalog or app store, users are empowered to select and install the software element most critical to their job function. And the beauty of it is that they achieve this without having to interact with IT administrators.

So clearly, EMM practices do not need to be a challenge to adopt at all – even for the most ardent procrastinator. In fact, I would argue that the recognition achieved from introducing a service that mostly manages itself far outweighs the relatively minor efforts required for its implementation. And, of course, no price can be placed on the value of rescuing the CEO from the embarrassment of cell phone inadequacy at an informal executive summit.

Download the Whitepaper to learn more .

Posted By: Anonymous
24 Mar 2015

By Jim Frey, EMA

As with many new technologies, there are downsides and upsides to the whole cloud revolution. On the downside there is a long list of challenges that prevent the full promise of cloud from being achieved. But the upsides are significant, particularly from the cost and agility perspectives, and benefits are strong enough to warrant continued efforts to find the path to success. In order to fully appreciate the options for success, EMA’s recently published white paper titled Delivering Effective Service Automation through Cloud Technologies examines both the challenges and opportunities at hand.

As documented by EMA, some of the top challenges with the move to cloud have been security concerns, lack of staff expertise, difficulty understanding application performance, and issues onboarding/adapting legacy applications for the cloud environment. Other than the specific challenges of adapting existing applications to the cloud environment, these issues aren’t so very different from the challenges faced when deploying any IT environment. Traditionally, each of these issues would be taken on and solved using a mix of training, tools, and external services over time. But therein lies the rub. Cloud is supposed to be fast and agile, and no one wants to take the time required to do things the old way.

However, there is hope for addressing these challenges within a parallel initiative that EMA has been following among enterprise IT teams. While trying to get cloud up, working, and delivering results, IT organizations are also looking for broader techniques to automate services and bridge the gaps between technology silos. This same strategy should be applied to cloud, and in many cases this approach is being catalyzed by cloud projects themselves. In order to avoid creating even more silos that require their own expertise and management tools, cloud platforms must be integrated with existing infrastructure and work processes, and automation is the key.

Time and time again, EMA research has found that organizations that embrace automation are able to best optimize the business value and ROI of cloud services. And automation becomes even more critical when dealing with the growing use of complex hybrid environments, where systems are partly hosted on premises and partly on public or private clouds.

So how can the cloud be leveraged for automating service management? The quickest way is to use the cloud itself to host and serve automation solutions, typically using a SaaS approach. And along the way, EMA has found two important decision points. First, mixed/hybrid deployments must be supported. It might be desirable to maintain local hosting for some service management features while choosing the cloud for others. Most critical here is preserving choice and flexibility so every organization can mix and match components and hosting techniques to meet its own specific needs and objectives. Second, service management solutions must embrace and support the multi-cloud reality. Enterprise organizations already live in a world of multiple public/private and internal/external clouds. Only by embracing this reality can service management successfully play its intended role as the “glue” between heterogeneous hybrid cloud infrastructure components.

Cloud is not the only answer for the future of IT, but it certainly has become an essential building block and can serve as a much-needed catalyst for change. IT teams should take advantage of the drive towards cloud to rethink and adjust management strategies by leveraging service automation. Not only will automation improve results for mixing cloud and traditional services, it’s likely that the many promises of cloud will remain unreachable without it.

For more information on Cloud-based Service Automation, check out:

http://www.heatsoftware.com/heat/solutions/service-automation

- See more at: http://blogs.enterprisemanagement.com/jimfrey/2015/02/27/cloud-deliverin...

Posted By: Jim Blayney
17 Mar 2015

In today’s digital age, companies increasingly utilize various external platforms to store and access corporate data. In fact, according to Forbes magazine more than half of all companies in the United States now use some form of cloud computing to conduct daily operations. Executives communicate via email on smartphones, employees access corporate systems on laptops from various locations, and documents are reviewed from home with provisioned tablets. Any one of these devices could contain sensitive company data that would result in a valuable loss of time and money should information be compromised. It’s therefore imperative that today’s company—large or small—take appropriate measures to secure and retrieve corporate data across provisioned devices. But how can companies best protect such widespread data? The answer now lies with service automation.

Service automation relies on the deployment of a series of automated actions that conduct quick remediation when data loss is reported. Let’s say that a sales executive accidently left her smartphone while in transit to a client’s office for a business meeting. The smartphone contains private company emails, financial information, client records and much more that a company must keep confidential. Without her phone, the executive is confined to conducting work in the office on a personal computer; yet, the nature of her job demands that she work off-site multiple days a week. She’s therefore challenged to mitigate the numerous potential consequences of this situation, and quickly.

With service automation, this executive would be able to immediately report the lost phone to her company’s service catalog, which would then provide her access to locate, secure and even wipe sensitive information from her phone. Right from the service catalog, she can also order a new phone and once the new phone arrives restore all previous data and applications, ensuring an expedient return to business as usual.

Compared to the extended process of a manual response to data loss, which involves reporting the issue to the company service desk, creating a task to be sent to the IT department, completing a manual phone replacement order, and reporting back to the service desk, service automation presents companies with a clear advantage. With service automation, downtime is minimal, other departments remain focused on accomplishing company goals, and corporate data is secured.

View our service automation infographic here.

Posted By: Jim Blayney
27 Feb 2015

All companies strive to integrate new employees as quickly and seamlessly as possible, as a smooth onboarding process allows for greater productivity and overall cost efficiency. The sooner an employee is equipped with the devices, access, and information he or she needs, the sooner meaningful work can begin. Effective onboarding is also important because a company that fails to afford new hires an easy transition provides a poor first impression of corporate operations and imposes unnecessary delays and challenges, both of which can affect new hire retention rates.

Employee onboarding has traditionally been conducted using manual methods; however, this approach is no longer optimal as it requires the coordination of multiple departments that a hiring manager must each depend on to be timely and efficient.

For example, using manual onboarding methods, when a manager hires a new employee he or she will first need to notify the company’s human resources department. The human resources manager will then email other relevant departments, such as finance, IT, and facilities, to prepare for a new employee. Each department will in turn create relevant onboarding tasks to complete; the IT department will need to order and configure a new laptop, tablet or smartphone, the finance department will need to add the employee to the company payroll, and the facilities team will need to begin set-up of a new workstation. Each of these tasks could take multiple days to complete, and only once all are reported back to the HR department is the new employee ready to begin work.

So what does a more effective approach to onboarding look like? Onboarding can now be completed in significantly less time with innovative service automation. Using service automation software, a hiring manager will submit a “new employee setup request” which will automatically implement a hardware and software profile for the employee based on his or her position within the company. Required software applications will be automatically provisioned to each new device, and once completed the company’s service desk will confirm that each of these automated tasks meet service level agreements. From there, the service desk will ensure that the employee’s devices and access are running optimally, and the new hire is ready to begin work!

View our service automation infographic here.

Pages