map of connected devices on a network

Why It’s Time for a Next-Gen Solution

As organizations’ computing infrastructure expands, legacy asset management systems are becoming inadequate. To keep pace with this technological change – and remain compliant – companies must adopt a next-generation approach. Mark Gaydos of Nlyte discusses.

Imagine being charged by your cable company for movies you never watched. How about being charged an extra $100 dollars on your monthly electric bill for energy consumed by devices that are not plugged in? When these companies come after you for money, how can you prove that these charges are incorrect? Corporations utilizing licensed software or rented servers face similar situations. Without the use of asset management to identify hardware and software assets that are being utilized – or not utilized – it is nearly impossible to track and manage all your IT assets.

For foolproof corporate compliance, organizations must have in place a technology asset management (TAM) solution that will provide full transparency, enabling the company to determine if it is spending too much on maintenance or license costs, and providing insight into how many servers are actually up and running. When hardware and software vendors come knocking on your door looking for money, TAM will prove you are in the “right” and validate your defense.

Software and hardware companies are not forgiving; they make a living off renting licenses and applying maintenance fees. Corporations neglecting asset management will face stiff penalty fees for not operating within compliance. To avoid these risks and ensure companies pass vendor audits, TAM can help optimize asset usage and cut down on all those unnecessary maintenance costs by discovering what is actually being used and what can be taken off the network.

With full transparency and an in-depth view of the entire IT infrastructure, TAM can play a significant role in helping organizations define and control the entire IT infrastructure. Aside from reducing unnecessary IT spending, TAM also supports ITIL processes and identifies problems or changes to hardware and software systems. This, in turn, will help identify any impact while also assisting with the reduction of legal and security risks.

Simply put, you cannot afford the risks associated with a vendor audit. A company’s defense of “I had no idea” won’t fly. The penalties for noncompliance can be as much as $30,000 per incident, because vendors view these actions as stealing their property – a criminal activity worth prosecuting.

The key to avoiding these risks is to create a process and put systems in place that ensure full transparency and identify what assets are currently in place, who is using them and where they are located on the corporate network. With organizations’ computing infrastructure expanding beyond the data center to edge, co-location and cloud, legacy asset management systems are no longer adequate.  IT asset management is too big of a task to be trusted to an antiquated approach. Companies need to turn to next-generation technology to get their arms around this ongoing challenge and avoid the painful legal negotiations to reduce penalty fines.

The next-generation technology is all about the discovery. Technology asset management discovery is either “agent-based” or “agentless” – the difference being that an agent-based discovery approach needs to be loaded on every single asset connected or running on the network to share information with the discovery tool. For an agentless process, there are no agents loaded; instead, the tool profiles all connected devices and software running on the network to look for a match to a previously existing asset. Either way, this discovery process must ensure that all assets deemed most critical to an organization, such as servers, switches, laptops, desktops, medical devices and even IoT devices, are properly profiled. With a thorough discovery process, organizations can understand what information is necessary to avoid penalties.

In order to avoid noncompliance and recurring vendor penalties, organizations need a solid TAM reporting system that can be viewed as the single source of truth to compare what the vendor believes you have and what is actually connected or running on your network. In addition, this report should clearly document what other systems-of-record and individuals within your organization should have access to certain hardware and software items. This type of in-depth reporting provides a complete reality check so that organizations have a firm negotiation tool against any claims of wrongdoing.

Cloud services, virtualized devices, edge computing and IoT-connected devices have scaled the infrastructure’s reach far beyond the means to manually identify and keep track of everything connected to or running on the network. Significant penalties await companies who ignore their IT infrastructure to the extent they no longer have full visibility into their operations. The “mea culpa” defense can’t help organizations avoid the wrath of vendors. The next-generation TAM solutions are a “must-have” defense for organizations to automatically discover and report on all software and hardware connected to their network.

Mark Gaydos

Mark Gaydos is CMO at Nlyte, where he oversees teams that help organizations understand the value of automating and optimizing how they manage their computing infrastructure.

Related Post

Got Compliance News?

We do!  Sign up for CCI’s free weekly eBlast to get GRC news, views, jobs & events delivered to your inbox once a week.  Cancel anytime.

Click to Subscribe.