SlideShare a Scribd company logo

LDITSITAM WebinarSept2016

Download as PPTX, PDF
Y
Yvette Mathews
1 of 15
Ten mistakes not to make when implementing ITAM/SAM Yvette Mathews | @itam4life Senior Consultant, ITS Partners Patricia Adams | @patriciaadams ITAM Evangelist, LANDESK
Section heading hereMistake 1: Governance • Align program to C level goals • Involve key stakeholders – ITSM, Security, EA, Business units • Gain consensus on problems, roadmap, timeframes, deliverables
Let’s talk about process…
Mistake 2: Not documenting your processes Let’s talk about process… ●Lack of reproducible activities ●Nothing to share with those inside/outside of your team ●Nothing to work from as a baseline to make improvements
Key Productivity Indicators Financial based metrics: Purchase price, Maintenance, Discounting, Evaluate total cost of ownership, Timeframes and associated costs, Value of inventory, Asset depreciation, Forecast future spend, Track lifecycles, Mismeasurement can lead to mismanagement. Mistake 3: Not Putting in Place Metrics to Measure Effectiveness
Mistake 4: One process does not fit all Let’s talk about process… ●Processes should be standardized but not inflexible ●Processes should be adjusted based on specific requirements ●Exceptions to the process should be expected and documented
Effective policies? What exactly does that mean?
Section heading here ●Policies reflect current business environment and need to be revised when business changes ●Create policies that apply to third parties and contractors ●Ensure ITAM is included in security policies too ●IT policies should be accessible and not buried in HR manual ●Revision and updates should be noted on policy Mistake 5: Never Revise Policies
Mistake 6: Not socializing your policies Effective policies? What exactly does that mean? ●Communicate your policies within your organization ●Not knowing the policies does not exempt people from following them ●Communicating policies enables buy-in within your organization
Define ITAM Policies ●IT, Third party contractors, Temporary workers, Vendors, Suppliers, Service providers ●Acceptable use ●Purchasing ●Loss/theft ●Asset and data security ●Adherence to ITAM process Mistake 7: Create Policies that Apply to End- Users Only
So you have a tool…now what?
Mistake 8: Confusing your asset repository with your CMDB So you have a tool…now what? ●An asset repository contains the physical, financial and contractual data around an asset ●A CMDB contains information about Configuration Items currently in use ●Assets are tracked from dating to haunting ●CI’s are tracked while in use
Mistake 9: Relying on Discovery Data From a Tool that Isn’t Fully Deployed Now where did it go? • Define which assets are in scope • Ensure agent is deployed on all assets and credential level access for agentless • Use bar code scanning, RFID, sensors to detect assets not on network • Have a process for tracking new and used spare parts • Track assets by user, location, project, cost center
Mistake 10: Never normalizing your data So you have a tool…now what? ●Review for duplication: oFoundational Data: Users, Departments, Locations oAsset data: Models – SW/HW
Thank you! Yvette Mathews| @itam4life Senior Consultant, ITS Partners Patricia Adams | @patriciaadams ITAM Evangelist, LANDESK

Recommended

How organisations can_avoid_data_breaches_and_thus_meet_their_security_obliga...
How organisations can_avoid_data_breaches_and_thus_meet_their_security_obliga...How organisations can_avoid_data_breaches_and_thus_meet_their_security_obliga...
How organisations can_avoid_data_breaches_and_thus_meet_their_security_obliga...Ronald Harrison
 
Ron perris compliance-v-security - atlseccon2011
Ron perris compliance-v-security - atlseccon2011Ron perris compliance-v-security - atlseccon2011
Ron perris compliance-v-security - atlseccon2011Atlantic Security Conference
 
5 Models for Enterprise Software Security Management Teams
5 Models for Enterprise Software Security Management Teams 5 Models for Enterprise Software Security Management Teams
5 Models for Enterprise Software Security Management Teams Cigital
 
Esm application management version 1.0
Esm application management version 1.0Esm application management version 1.0
Esm application management version 1.0PaVan G Jakati
 
Practical insights in the day-to-day routine of an information security officer
Practical insights in the day-to-day routine of an information security officerPractical insights in the day-to-day routine of an information security officer
Practical insights in the day-to-day routine of an information security officerGetting value from IoT, Integration and Data Analytics
 
Technical Services eBook
Technical Services eBookTechnical Services eBook
Technical Services eBookIdeba
 
Information Security Project
Information Security ProjectInformation Security Project
Information Security Projectnovemberchild
 
How to Manage Your Security Control's Effectiveness
How to Manage Your Security Control's EffectivenessHow to Manage Your Security Control's Effectiveness
How to Manage Your Security Control's EffectivenessRapid7
 

Recommended

How organisations can_avoid_data_breaches_and_thus_meet_their_security_obliga...
How organisations can_avoid_data_breaches_and_thus_meet_their_security_obliga...How organisations can_avoid_data_breaches_and_thus_meet_their_security_obliga...
How organisations can_avoid_data_breaches_and_thus_meet_their_security_obliga...Ronald Harrison
 
Ron perris compliance-v-security - atlseccon2011
Ron perris compliance-v-security - atlseccon2011Ron perris compliance-v-security - atlseccon2011
Ron perris compliance-v-security - atlseccon2011Atlantic Security Conference
 
5 Models for Enterprise Software Security Management Teams
5 Models for Enterprise Software Security Management Teams 5 Models for Enterprise Software Security Management Teams
5 Models for Enterprise Software Security Management Teams Cigital
 
Esm application management version 1.0
Esm application management version 1.0Esm application management version 1.0
Esm application management version 1.0PaVan G Jakati
 
Practical insights in the day-to-day routine of an information security officer
Practical insights in the day-to-day routine of an information security officerPractical insights in the day-to-day routine of an information security officer
Practical insights in the day-to-day routine of an information security officerGetting value from IoT, Integration and Data Analytics
 
Technical Services eBook
Technical Services eBookTechnical Services eBook
Technical Services eBookIdeba
 
Information Security Project
Information Security ProjectInformation Security Project
Information Security Projectnovemberchild
 
How to Manage Your Security Control's Effectiveness
How to Manage Your Security Control's EffectivenessHow to Manage Your Security Control's Effectiveness
How to Manage Your Security Control's EffectivenessRapid7
 
What AT CM Can do for you (Color Apothocary)
What AT CM Can do for you (Color Apothocary)What AT CM Can do for you (Color Apothocary)
What AT CM Can do for you (Color Apothocary)Kendall Gill
 
Advantage ppt data breaches km approved - final (djm notes)
Advantage ppt data breaches km approved - final (djm notes)Advantage ppt data breaches km approved - final (djm notes)
Advantage ppt data breaches km approved - final (djm notes)Dan Michaluk
 
Getting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramGetting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramCigital
 
FullyManaged
FullyManagedFullyManaged
FullyManagedJames Horvath
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business ContinuityStephen Cobb
 
Get Your Board to Say "Yes" to a BSIMM Assessment
Get Your Board to Say "Yes" to a BSIMM AssessmentGet Your Board to Say "Yes" to a BSIMM Assessment
Get Your Board to Say "Yes" to a BSIMM AssessmentCigital
 
2 ppt final dan shoemaker dd1 stockholm presentation
2 ppt final dan shoemaker dd1 stockholm presentation2 ppt final dan shoemaker dd1 stockholm presentation
2 ppt final dan shoemaker dd1 stockholm presentationGlobalForum
 
The Missing Approach for Threat Detection
The Missing Approach for Threat DetectionThe Missing Approach for Threat Detection
The Missing Approach for Threat DetectionCDXAdmin
 
Master Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolMaster Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolHernan Huwyler, MBA CPA
 
20180528 reflex presentation
20180528 reflex presentation20180528 reflex presentation
20180528 reflex presentationJavier Núñez, CAIA
 
Acuity Sos Overview
Acuity Sos OverviewAcuity Sos Overview
Acuity Sos Overviewdavidwells
 
Boosting Your Small Business's Cybersecurity
Boosting Your Small Business's CybersecurityBoosting Your Small Business's Cybersecurity
Boosting Your Small Business's CybersecurityW. Patric Gregory
 
ManagedAntiVirus
ManagedAntiVirusManagedAntiVirus
ManagedAntiVirusJames Horvath
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Physical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentPhysical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentVidSys, Inc.
 
Data-driven crime prevention using AI
Data-driven crime prevention using AIData-driven crime prevention using AI
Data-driven crime prevention using AIDoreen Loeber
 
Practical Measures for Measuring Security
Practical Measures for Measuring SecurityPractical Measures for Measuring Security
Practical Measures for Measuring SecurityChris Mullins
 
Safety System Process
Safety System ProcessSafety System Process
Safety System ProcessEdward Jones
 
How to Choose the Right Security Training for You
How to Choose the Right Security Training for YouHow to Choose the Right Security Training for You
How to Choose the Right Security Training for YouCigital
 
08 july 2016
08 july 201608 july 2016
08 july 2016Tamil sgbc
 
Euniceninick
EuniceninickEuniceninick
EuniceninickEunice Tapispisan
 
Las 10 reglas básicas de la
Las 10 reglas básicas de laLas 10 reglas básicas de la
Las 10 reglas básicas de lacamila mejia
 

More Related Content

What's hot

What AT CM Can do for you (Color Apothocary)
What AT CM Can do for you (Color Apothocary)What AT CM Can do for you (Color Apothocary)
What AT CM Can do for you (Color Apothocary)Kendall Gill
 
Advantage ppt data breaches km approved - final (djm notes)
Advantage ppt data breaches km approved - final (djm notes)Advantage ppt data breaches km approved - final (djm notes)
Advantage ppt data breaches km approved - final (djm notes)Dan Michaluk
 
Getting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramGetting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramCigital
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business ContinuityStephen Cobb
 
Get Your Board to Say "Yes" to a BSIMM Assessment
Get Your Board to Say "Yes" to a BSIMM AssessmentGet Your Board to Say "Yes" to a BSIMM Assessment
Get Your Board to Say "Yes" to a BSIMM AssessmentCigital
 
2 ppt final dan shoemaker dd1 stockholm presentation
2 ppt final dan shoemaker dd1 stockholm presentation2 ppt final dan shoemaker dd1 stockholm presentation
2 ppt final dan shoemaker dd1 stockholm presentationGlobalForum
 
The Missing Approach for Threat Detection
The Missing Approach for Threat DetectionThe Missing Approach for Threat Detection
The Missing Approach for Threat DetectionCDXAdmin
 
Master Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolMaster Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolHernan Huwyler, MBA CPA
 
Acuity Sos Overview
Acuity Sos OverviewAcuity Sos Overview
Acuity Sos Overviewdavidwells
 
Boosting Your Small Business's Cybersecurity
Boosting Your Small Business's CybersecurityBoosting Your Small Business's Cybersecurity
Boosting Your Small Business's CybersecurityW. Patric Gregory
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Physical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentPhysical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentVidSys, Inc.
 
Data-driven crime prevention using AI
Data-driven crime prevention using AIData-driven crime prevention using AI
Data-driven crime prevention using AIDoreen Loeber
 
Practical Measures for Measuring Security
Practical Measures for Measuring SecurityPractical Measures for Measuring Security
Practical Measures for Measuring SecurityChris Mullins
 
Safety System Process
Safety System ProcessSafety System Process
Safety System ProcessEdward Jones
 
How to Choose the Right Security Training for You
How to Choose the Right Security Training for YouHow to Choose the Right Security Training for You
How to Choose the Right Security Training for YouCigital
 

What's hot (20)

What AT CM Can do for you (Color Apothocary)
What AT CM Can do for you (Color Apothocary)What AT CM Can do for you (Color Apothocary)
What AT CM Can do for you (Color Apothocary)
 
Advantage ppt data breaches km approved - final (djm notes)
Advantage ppt data breaches km approved - final (djm notes)Advantage ppt data breaches km approved - final (djm notes)
Advantage ppt data breaches km approved - final (djm notes)
 
Getting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramGetting Executive Support for a Software Security Program
Getting Executive Support for a Software Security Program
 
FullyManaged
FullyManagedFullyManaged
FullyManaged
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business Continuity
 
Get Your Board to Say "Yes" to a BSIMM Assessment
Get Your Board to Say "Yes" to a BSIMM AssessmentGet Your Board to Say "Yes" to a BSIMM Assessment
Get Your Board to Say "Yes" to a BSIMM Assessment
 
2 ppt final dan shoemaker dd1 stockholm presentation
2 ppt final dan shoemaker dd1 stockholm presentation2 ppt final dan shoemaker dd1 stockholm presentation
2 ppt final dan shoemaker dd1 stockholm presentation
 
The Missing Approach for Threat Detection
The Missing Approach for Threat DetectionThe Missing Approach for Threat Detection
The Missing Approach for Threat Detection
 
Master Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolMaster Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines School
 
20180528 reflex presentation
20180528 reflex presentation20180528 reflex presentation
20180528 reflex presentation
 
Acuity Sos Overview
Acuity Sos OverviewAcuity Sos Overview
Acuity Sos Overview
 
Boosting Your Small Business's Cybersecurity
Boosting Your Small Business's CybersecurityBoosting Your Small Business's Cybersecurity
Boosting Your Small Business's Cybersecurity
 
ManagedAntiVirus
ManagedAntiVirusManagedAntiVirus
ManagedAntiVirus
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit
 
Physical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the GovernmentPhysical Security Information Management (PSIM) Solution for the Government
Physical Security Information Management (PSIM) Solution for the Government
 
Data-driven crime prevention using AI
Data-driven crime prevention using AIData-driven crime prevention using AI
Data-driven crime prevention using AI
 
Practical Measures for Measuring Security
Practical Measures for Measuring SecurityPractical Measures for Measuring Security
Practical Measures for Measuring Security
 
Safety System Process
Safety System ProcessSafety System Process
Safety System Process
 
How to Choose the Right Security Training for You
How to Choose the Right Security Training for YouHow to Choose the Right Security Training for You
How to Choose the Right Security Training for You
 
08 july 2016
08 july 201608 july 2016
08 july 2016
 

Viewers also liked

Las 10 reglas básicas de la
Las 10 reglas básicas de laLas 10 reglas básicas de la
Las 10 reglas básicas de lacamila mejia
 
Klodt a project_basedlearning_soe115
Klodt a project_basedlearning_soe115Klodt a project_basedlearning_soe115
Klodt a project_basedlearning_soe115Ashley Klodt
 
JONES-DISSERTATION-2015
JONES-DISSERTATION-2015JONES-DISSERTATION-2015
JONES-DISSERTATION-2015Aaron Jones
 
Radiometrische datering
Radiometrische dateringRadiometrische datering
Radiometrische dateringArvind Dwarka
 
Klodt a project_basedlearning_soe115
Klodt a project_basedlearning_soe115Klodt a project_basedlearning_soe115
Klodt a project_basedlearning_soe115Ashley Klodt
 
Aprendizaje autonomo y significativo
Aprendizaje autonomo y significativoAprendizaje autonomo y significativo
Aprendizaje autonomo y significativoGUADALUPE MARTINEZ
 
Aprendizaje autonomo-diana-lizbeth-guzman-guzman
Aprendizaje autonomo-diana-lizbeth-guzman-guzmanAprendizaje autonomo-diana-lizbeth-guzman-guzman
Aprendizaje autonomo-diana-lizbeth-guzman-guzmanDIANA GUZMAN
 
OpeningDoorsEndingHomelessnessInBristolConnecticut
OpeningDoorsEndingHomelessnessInBristolConnecticutOpeningDoorsEndingHomelessnessInBristolConnecticut
OpeningDoorsEndingHomelessnessInBristolConnecticutTravis Londen
 
2. divulgação arquitetônico
2. divulgação arquitetônico2. divulgação arquitetônico
2. divulgação arquitetônicoAriana Gonçalves
 

Viewers also liked (16)

Euniceninick
EuniceninickEuniceninick
Euniceninick
 
Las 10 reglas básicas de la
Las 10 reglas básicas de laLas 10 reglas básicas de la
Las 10 reglas básicas de la
 
FCSO Paper
FCSO PaperFCSO Paper
FCSO Paper
 
Klodt a project_basedlearning_soe115
Klodt a project_basedlearning_soe115Klodt a project_basedlearning_soe115
Klodt a project_basedlearning_soe115
 
Encyclopedia-Fun
Encyclopedia-FunEncyclopedia-Fun
Encyclopedia-Fun
 
JONES-DISSERTATION-2015
JONES-DISSERTATION-2015JONES-DISSERTATION-2015
JONES-DISSERTATION-2015
 
Catedra ecci
Catedra ecciCatedra ecci
Catedra ecci
 
Radiometrische datering
Radiometrische dateringRadiometrische datering
Radiometrische datering
 
Instrumentos musicales
Instrumentos musicalesInstrumentos musicales
Instrumentos musicales
 
Klodt a project_basedlearning_soe115
Klodt a project_basedlearning_soe115Klodt a project_basedlearning_soe115
Klodt a project_basedlearning_soe115
 
Actividad Mi Vocabulario
Actividad Mi VocabularioActividad Mi Vocabulario
Actividad Mi Vocabulario
 
Aprendizaje autonomo y significativo
Aprendizaje autonomo y significativoAprendizaje autonomo y significativo
Aprendizaje autonomo y significativo
 
Aprendizaje autonomo-diana-lizbeth-guzman-guzman
Aprendizaje autonomo-diana-lizbeth-guzman-guzmanAprendizaje autonomo-diana-lizbeth-guzman-guzman
Aprendizaje autonomo-diana-lizbeth-guzman-guzman
 
OpeningDoorsEndingHomelessnessInBristolConnecticut
OpeningDoorsEndingHomelessnessInBristolConnecticutOpeningDoorsEndingHomelessnessInBristolConnecticut
OpeningDoorsEndingHomelessnessInBristolConnecticut
 
2. divulgação arquitetônico
2. divulgação arquitetônico2. divulgação arquitetônico
2. divulgação arquitetônico
 
scan0001
scan0001scan0001
scan0001
 

Similar to LDITSITAM WebinarSept2016

GDPR | Cyber security process resilience
GDPR | Cyber security process resilienceGDPR | Cyber security process resilience
GDPR | Cyber security process resilienceRishi Kant
 
It implement-it-asset-management-executive-brief
It implement-it-asset-management-executive-briefIt implement-it-asset-management-executive-brief
It implement-it-asset-management-executive-briefVisal Thach
 
Future Proof Your DAM
Future Proof Your DAMFuture Proof Your DAM
Future Proof Your DAMjflorance
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientAccenture Operations
 
Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018Interset
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...AIIM International
 
Preview: 3 Steps to Monitoring in a Connected Enterprise
Preview: 3 Steps to Monitoring in a Connected Enterprise Preview: 3 Steps to Monitoring in a Connected Enterprise
Preview: 3 Steps to Monitoring in a Connected Enterprise xMatters Inc
 
Flight East 2018 Presentation–You've got your open source audit report, now w...
Flight East 2018 Presentation–You've got your open source audit report, now w...Flight East 2018 Presentation–You've got your open source audit report, now w...
Flight East 2018 Presentation–You've got your open source audit report, now w...Synopsys Software Integrity Group
 
Data analytics software selection and implementation
Data analytics software selection and implementationData analytics software selection and implementation
Data analytics software selection and implementationJim Kaplan CIA CFE
 
Security metrics
Security metrics Security metrics
Security metrics PRAYAGRAJ11
 
A successful GDPR Program
A successful GDPR ProgramA successful GDPR Program
A successful GDPR ProgramAlberto Canadè
 
Ditch the Surplus Software and Hardware Spend that's Weighing you Down
Ditch the Surplus Software and Hardware Spend that's Weighing you DownDitch the Surplus Software and Hardware Spend that's Weighing you Down
Ditch the Surplus Software and Hardware Spend that's Weighing you DownIvanti
 
It asset management_wp
It asset management_wpIt asset management_wp
It asset management_wpwardell henley
 
2016 Risk Management Workshop
2016 Risk Management Workshop2016 Risk Management Workshop
2016 Risk Management WorkshopStacy Willis
 
AppSphere 15 - Transforming the Business: The Role of DevOps
AppSphere 15 - Transforming the Business: The Role of DevOpsAppSphere 15 - Transforming the Business: The Role of DevOps
AppSphere 15 - Transforming the Business: The Role of DevOpsAppDynamics
 
Identifying Your Agency's Vulnerabilities
Identifying Your Agency's Vulnerabilities Identifying Your Agency's Vulnerabilities
Identifying Your Agency's Vulnerabilities Emily2014
 
Data Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringData Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringJim Kaplan CIA CFE
 

Similar to LDITSITAM WebinarSept2016 (20)

GDPR | Cyber security process resilience
GDPR | Cyber security process resilienceGDPR | Cyber security process resilience
GDPR | Cyber security process resilience
 
It implement-it-asset-management-executive-brief
It implement-it-asset-management-executive-briefIt implement-it-asset-management-executive-brief
It implement-it-asset-management-executive-brief
 
Future Proof Your DAM
Future Proof Your DAMFuture Proof Your DAM
Future Proof Your DAM
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber Resilient
 
Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018Data Connectors San Antonio Cybersecurity Conference 2018
Data Connectors San Antonio Cybersecurity Conference 2018
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
 
Building cbis, mis, csvtu
Building cbis, mis, csvtuBuilding cbis, mis, csvtu
Building cbis, mis, csvtu
 
Preview: 3 Steps to Monitoring in a Connected Enterprise
Preview: 3 Steps to Monitoring in a Connected Enterprise Preview: 3 Steps to Monitoring in a Connected Enterprise
Preview: 3 Steps to Monitoring in a Connected Enterprise
 
Flight East 2018 Presentation–You've got your open source audit report, now w...
Flight East 2018 Presentation–You've got your open source audit report, now w...Flight East 2018 Presentation–You've got your open source audit report, now w...
Flight East 2018 Presentation–You've got your open source audit report, now w...
 
Data analytics software selection and implementation
Data analytics software selection and implementationData analytics software selection and implementation
Data analytics software selection and implementation
 
Security metrics
Security metrics Security metrics
Security metrics
 
A successful GDPR Program
A successful GDPR ProgramA successful GDPR Program
A successful GDPR Program
 
Ditch the Surplus Software and Hardware Spend that's Weighing you Down
Ditch the Surplus Software and Hardware Spend that's Weighing you DownDitch the Surplus Software and Hardware Spend that's Weighing you Down
Ditch the Surplus Software and Hardware Spend that's Weighing you Down
 
It asset management_wp
It asset management_wpIt asset management_wp
It asset management_wp
 
2016 Risk Management Workshop
2016 Risk Management Workshop2016 Risk Management Workshop
2016 Risk Management Workshop
 
Tentraps
TentrapsTentraps
Tentraps
 
AppSphere 15 - Transforming the Business: The Role of DevOps
AppSphere 15 - Transforming the Business: The Role of DevOpsAppSphere 15 - Transforming the Business: The Role of DevOps
AppSphere 15 - Transforming the Business: The Role of DevOps
 
Identifying Your Agency's Vulnerabilities
Identifying Your Agency's Vulnerabilities Identifying Your Agency's Vulnerabilities
Identifying Your Agency's Vulnerabilities
 
Data Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and MonitoringData Analytics for Auditors Analysis and Monitoring
Data Analytics for Auditors Analysis and Monitoring
 

LDITSITAM WebinarSept2016

  • 1. Ten mistakes not to make when implementing ITAM/SAM Yvette Mathews | @itam4life Senior Consultant, ITS Partners Patricia Adams | @patriciaadams ITAM Evangelist, LANDESK
  • 2. Section heading hereMistake 1: Governance • Align program to C level goals • Involve key stakeholders – ITSM, Security, EA, Business units • Gain consensus on problems, roadmap, timeframes, deliverables
  • 3. Let’s talk about process…
  • 4. Mistake 2: Not documenting your processes Let’s talk about process… ●Lack of reproducible activities ●Nothing to share with those inside/outside of your team ●Nothing to work from as a baseline to make improvements
  • 5. Key Productivity Indicators Financial based metrics: Purchase price, Maintenance, Discounting, Evaluate total cost of ownership, Timeframes and associated costs, Value of inventory, Asset depreciation, Forecast future spend, Track lifecycles, Mismeasurement can lead to mismanagement. Mistake 3: Not Putting in Place Metrics to Measure Effectiveness
  • 6. Mistake 4: One process does not fit all Let’s talk about process… ●Processes should be standardized but not inflexible ●Processes should be adjusted based on specific requirements ●Exceptions to the process should be expected and documented
  • 7. Effective policies? What exactly does that mean?
  • 8. Section heading here ●Policies reflect current business environment and need to be revised when business changes ●Create policies that apply to third parties and contractors ●Ensure ITAM is included in security policies too ●IT policies should be accessible and not buried in HR manual ●Revision and updates should be noted on policy Mistake 5: Never Revise Policies
  • 9. Mistake 6: Not socializing your policies Effective policies? What exactly does that mean? ●Communicate your policies within your organization ●Not knowing the policies does not exempt people from following them ●Communicating policies enables buy-in within your organization
  • 10. Define ITAM Policies ●IT, Third party contractors, Temporary workers, Vendors, Suppliers, Service providers ●Acceptable use ●Purchasing ●Loss/theft ●Asset and data security ●Adherence to ITAM process Mistake 7: Create Policies that Apply to End- Users Only
  • 11. So you have a tool…now what?
  • 12. Mistake 8: Confusing your asset repository with your CMDB So you have a tool…now what? ●An asset repository contains the physical, financial and contractual data around an asset ●A CMDB contains information about Configuration Items currently in use ●Assets are tracked from dating to haunting ●CI’s are tracked while in use
  • 13. Mistake 9: Relying on Discovery Data From a Tool that Isn’t Fully Deployed Now where did it go? • Define which assets are in scope • Ensure agent is deployed on all assets and credential level access for agentless • Use bar code scanning, RFID, sensors to detect assets not on network • Have a process for tracking new and used spare parts • Track assets by user, location, project, cost center
  • 14. Mistake 10: Never normalizing your data So you have a tool…now what? ●Review for duplication: oFoundational Data: Users, Departments, Locations oAsset data: Models – SW/HW
  • 15. Thank you! Yvette Mathews| @itam4life Senior Consultant, ITS Partners Patricia Adams | @patriciaadams ITAM Evangelist, LANDESK