As a company grows, so too does the number of IT assets that it owns. ‘IT assets’ is a general term that can include data, software, mobile phones, laptops, networking equipment, and servers, both in-house and within data centres. Managing these assets, keeping track of them and making certain they are secure and used properly is the aim behind IT asset management.
Why IT asset management is important
Asset management fills the gap between the processes, people and policies that a company has in place. You might have rules on how many hours staff work and how many holidays they get but where are the rules about how to handle secure IT disposition when a laptop reaches the end of its lifecycle? You may have customer onboarding processes, calendar processes and policies around using company equipment but where’s the policy about updating the software?
The aim of asset management is to improve compliance, ensure software is up to date and increase the control the company has over IT assets. It ensures that everyone knows what to do with IT related matters and reduces the risk of data breaches. If there is a problem, it also makes it easier to recover data and ensures a swift resumption of business.
It can also help with overall cost reduction, ensuring that equipment is updated, serviced and marking when it is time for a replacement. This helps with budgeting and strategic decision making by ensuring assets are logged, dated and have a clear lifespan. It also makes it easier to handle security, both physical and online.
Software asset management
Software asset management is about three clear areas that connect together – compliance issues, optimisation of software and saving of time and money. Therefore the aim of software asset management (SAM) is to maximise savings while handling issues such as software licenses, staff usable and also the automation of procurement as needed.
The three main challenges for successful SAM are:
· Licenses – managing software licenses to ensure that these are up to date
· Auditing – this looks to ensure that software is being used correctly in line with compliance issues
· Optimisation – making sure that software is updated but also that it is still relevant and the best option
The goals of the SAM policy is to help to reduce the software needed by the business and also look at negotiating volume contract agreements – in other words, you pay for what you use rather than a larger block of licensed you don’t need. It also looks to enforce staff compliance with security policies to avoid problems while getting staff to use the right assets to improve productivity.
The policy will also look at setting up procedures for the acquisition and documentation of software assets. It can be used to consider the deployment and usage of them as well as retirement of software when a better option is found.
Hardware asset management
Perhaps the most crucial area of IT asset management is the hardware asset management (HAM) section. This looks at the physical equipment used within the business and covers the main areas of concern around it.
HAM is important in monitoring the hardware used in the business, how it is deployed and what happens to it at the end of its life cycle. It allows businesses to plan ahead to see when equipment will need to be upgraded and to arrange end of life services to securely handle obsolete or surplus equipment.
IT lifecycle services are a key part of this. This starts with pre-life services – this is anything from having a comprehensive audit of your IT assets through to configuring new equipment and introducing it into the workplace. It can also handle the issues involved with a relocation of equipment.
Mid-life services are often used during a relocation or simply to audit the assets that the company has and if changes are needed. It may incorporate repair and refurbishment for equipment as well as considering new data centre solutions as the business grows.
End of life services
End of life services is what happens to IT assets when replaced or they reach the end of its useful life. There are several key areas to consider in this part of hardware asset management:
Secure IT disposition – IT equipment presents a security risk when it leaves the premises unless it is handled in specific ways. Having a company handle secure IT disposition means you don’t need to worry about unauthorised persons accessing your data. You can get both on-site and off-site logical erasure and/or physical destruction of data – look for certified standards such as ADISA (Restore Technology has Distinction with Honours), ISO 9001, ISO 14001, ISO 27001 and e-stewards.
Secure logistics – if you do opt for off-site disposal, you want to use a company that offers secure logistics. This means that hardware is transported to a secure facility with GPS tracked vehicles, so the company knows their location at all times. This also provides audit trails should you ever need to present them.
Resale and rebate – most IT assets can be remarketed (once data is erased), resulting in sizeable rebates to be used in other projects, you can also work with companies to donate old equipment safely to charities or to raise donations for charities.
Recycling – once all data is destroyed, and if the asset has no value, then you want a company that has a zero landfill policy for recycling of WEEE. This means that all components are recycled or disposed of in a safe, environmentally friendly way.
Mobile asset management
One of the new additions to the realm of IT asset management is the mobile asset management. As the use of smartphones and tablets increases, it has become a stand-alone area that requires specialists’ policies and information to ensure that all mobile assets are handled correctly.
Many businesses make use of general smartphone and tablet devices while others have more specialist equipment such as in warehousing, logistics or wholesale trade. Retail businesses may also use a range of mobile devices such as hand scanners in supermarkets or tablets in the shop for customers to view online products.
Mobile device issues
Top of the list of mobile asset management issues is keeping track of the various assets. This includes who owns them, what condition they are in and what happens if they fail. It would cover areas such as service and support for devices that are malfunctioning and also update issues. Matters around ‘bring your own device’ policies where staff use their own devices should also be considered.
Mobile asset management can also be incorporated as a part of mobile device management programs. This can cover matters such as configuration management, integrity control, back up and also provisioning. MDM will look at the software within the devices as well as the actual devices themselves.
As with other types of asset management, mobile asset management looks at key areas such as:
· Purchase history
· Device warranty
· Service history
· Maintenance and upgrades
· Breakdowns and other problems
· Application history
· Usage record
These help to understand the lifespan of the device. It can also help with future purchasing decisions. Has a particular device proven to be more or less reliable than others? Have staff found issues using other software within the business via a particular operating system? Records of these issues and usage problems can help make informed decisions about future purposes.
Record keeping is also important when staff use their own devices. While these are not assets of the company, they still play a part in the overall security issues faced by the business. This means there should be clear use and requirement policies that govern things like the security used on the device and how it connects to the internet to access company data.
One very mobile issue is the permissions involves with the systems built into mobile devices. This can include Wi-Fi and Bluetooth, GPS tracking and low energy beacons. Being able to know at any moment where a device is can be beneficial and permissions should be established to allow this. However, these need to be offset against privacy issues, tracking staff when not on company time. So a clear and carefully considered policy should be instituted for this area.
Cloud asset management
On paper, cloud asset management should be the easiest of the main areas of IT asset management because there seems to be less to do. But there are new dangers involved with cloud assets that require clear processes to handle.
The nature of cloud software means that you don’t need costly storage in the office and that savings can be made. It also means that cloud providers know what you are doing – all of the time. Because your business lives on their servers, they can see a lot more about it than you might realise. This means that businesses need to consider the challenges from cloud software.
Cloud services come in three main varieties and businesses need to understand the licensing and use issues with them:
· Software as a service (SaaS) – browser-based service that you might use on a daily basis where you log into the website and work there. Examples include the Google Apps, Salesforce and HubSpot.
· Platform as a service (PaaS) – a virtual server environment that gives you raw computing effectively renting servers that are off-site. Examples include Amazon EC2 and Microsoft Azure.
· Infrastructure as a service (IaaS) – lets you run custom applications without the need to operate the platform under it. Examples include Microsoft Azure, Google AppEngine.
There is also a fourth variety, known as Hybrid Cloud, that combines elements of the three into one. Examples of this might be Microsoft Office 365 or the Adobe Creative Cloud program. Programs can be on a subscription model where you pay monthly, pay as you go, and by instance or bring your own license where you have an unending license.
IT Asset management
While managing licenses is a primary issue for cloud asset management, there are a few other matters to consider. It should look at the accurate discovery, inventory and use of the cloud software and also the limitations of cloud portals. It should also consider the security issues around the use of cloud software including by hardware and mobile devices.
IT asset management can be used in daily working life for a variety of ways. But when it is most crucial is when it comes to IT relocation. This may be when the entire business is moving to a new location or simply that the IT department is locating somewhere new. It is crucial to understand what assets are available, what work is needed to relocate them and to anticipate potential problems.
It is definitely best to work with an expert in IT relocation when it comes to moving your business. Armed with the information from your IT asset management system, they can identify the potential problems such as with older equipment – it no longer has manuals, information on how to install and may not even be in production any longer. This can make it tricky to get it working again at the new site and may mean that a new purchase ahead of the move is going to be the best option.
It will also look at online backup facilities and mobile technology to see what changes are needed both in terms of existing assets and anything new that will be required for the new location. And it will include business continuity management to identify and offset potential risks to the business and keep it operating as smoothly as possible during the transition.
IT Asset management - a key process
There’s no doubt that asset management is a key process. While businesses have many policies governing everything from staff behaviour to client onboarding, it can be easy to overlook the very equipment that is used for these things. From mobile devices used while staff are visiting clients through to SaaS cloud software that is used to integrate everyone’s work day, assets come in many different forms and managing them is an important step for any business.
And lurking behind it all is the threat of cybercriminals and hackers. These can be devastating if they gain access to your business and outdated hardware, software that hasn’t been updated or old devices that need an upgrade can be an invite for these criminals to try and access your business.
By having the right plans in place, you can reduce this risk and stay on top of security at all times.
For more information about our secure IT disposition & IT asset management, get in touch with our team today. You may also be interested in taking a look at the other services Restore offer, such as Datashred, Digital, Records Management and Relocation.