Two different surveys involving top level management respondents have independently shed some light on an alarming aspect concerning IT. The first survey was analyzing the non-compliance of software licensing by various businesses. As it turns out, shockingly 46% of the participating businesses of the survey were found to be non-complaint of the software licenses when software vendors prompted them for audits. This is despite the fact that many of these organizations had employees numbering in double digits dedicated to the IT Asset Management roles.
The results of the second survey were even more disturbing. The management boards of only one in four businesses were found to be concerned about the risks and threats arising out of use of IoTs. The rest of the businesses that were part of the survey were headed by boards who were either oblivious to the IoT threats and risks, or simply did not consider them big enough to discuss. This is despite the fact that the same survey concluded that more than 76% of the IT heads believe that there will be a DDoS attack on IoT devices within the next two years.
Both the surveys make it evident that at the highest echelons, organizations have been sloppy. This begs the answer to the question – what can businesses do to address these issues? Thankfully, no new research or solutions are required to address this question. The solution already exists and many organizations have successfully implemented it. The solution is – IT Asset Management (ITAM).
ITAM is a lot more than just handling of software licenses or managing the organization’s hardware. It entails gathering detailed information on all hardware, software, and data that is being used for business operations and improving them in a way to maximize the organization’s objectives. Here, the key is “all”, which also includes IT assets that are used and held with other departments. This includes commodity hardware and BYOD hardware too. When other departments are involved, there is a need for coordinated effort and excellent communication to achieve the common goals, in this case a seamless management of all IT assets. Inter-team communications cannot be smooth, unless strong sponsorship is available from the top management. The executives should take it upon themselves to tie the success of ITAM with the achievement of corporate goals. Also, the top management should conduct IoT training at all levels, especially the higher management, about the IoT-specific risks and threats.
The next step would be to set milestones and take one step at a time. Organizations should develop an information-based, effective path to achieving successful implementation of an organization-wide ITAM system. The path should be replete with specific, achievable milestones. Each milestone should be prioritized depending on the urgency it demands. It is best to approach this step by step. For instance, once you have set up a milestone to address the threats arising out of BYODs, then focus on only that matter. The achievement of each milestone breeds a feeling of success among the members, who are driving and participating in the ITAM implementation process.
Finally, make it a point to share the results of the process from time to time with everybody in the organization, so that they understand how this exercise is making positive changes to the organization. Remember this, the more people think that something like this will succeed, the more are the chances of it succeeding.