Posts tagged with "IT management"

Cyberattack, IAITAM, tech, 360 MAGAZINE

IAITAM v MICROSOFT

Association of IT Asset Managers (IAITAM) CEO Dr. Barbara Rembiesa issued the following statement today:
 
Microsoft’s announcement that it will let end-users buy some of their own apps and licenses through Office 365 should be regarded with great concern by business owners, financial officers, and IT Asset Management (ITAM) program heads.” 
 
“This is the road to chaos and monumental waste, particularly if other software makers follow suit.  By basically bypassing all controls on licensing and purchases within companies, it will be incredibly difficult to know what has been purchased, who has purchased it, when it needs to be renewed, what needs to be ‘patched’ and which software is no longer being protected against hackers.  The result will be a rat’s nest of confusion, bad records and huge fines.”
 
“For years now, I have emphasized that you cannot manage what you do not know you have. For that reason, IAITAM developed a centralized ITAM model that incorporates 12 Key Process Areas (KPAs) and a set of best practices that assists IT Asset Managers with executing those processes. These identified best practices allow the ITAM program to be centralized, while the people they manage have appropriate empowerment and decentralized control.”
 
“For the model to work, the ITAM Program Manager has to be able to set up a program that tracks and stores information about specific IT assets with a centralized view of those assets as needed and required for future planning and compliance purposes. This includes being able to identify what software is in the environment and ensure that the software is licensed properly. The program begins with Acquisition Management and ends with Disposal Management. During that lifecycle, a Software Asset Manager needs to know that what the organization has in its environment remains compliant.”
 
“However, Microsoft’s announcement will change all of that.”
 
“Microsoft has said that on Nov. 19, 2019, it will begin allowing end-users to purchase Office 365 Power Platform low-code services, PowerApps, PowerBI and Flow. The user would be responsible for paying for the transaction and the applications themselves would be licensed to the user. The specific services are meant for business users and not IT administrators nor developers. The way most prior and existing licenses have worked, users would have to get permission from their administrators (to include the IT Asset Manager) to add those services.”
 
“Under the new way of doing things, if an organization receives an audit letter from Microsoft, the software publisher will have information on what is installed or supposed to be installed in the environment as an outgrowth of the business-driven transactions. Because the end-user would be in control of the license, the IT Asset Manager would have no way to prove what licenses are in the IT environment. This could lead to huge fines, as well as a security issue. If Microsoft finds that the organization or its end-users cannot prove software license compliance, the publisher could receive millions of dollars in penalties because the organization would be out of compliance.”
 
“The job of an IT Asset Manager is to protect an organization from losing control over its IT assets. Remaining in compliance with software license terms is a major money-saving aspect of a mature ITAM program. Without being able to prove compliance, the program’s core competency would collapse, and its value would become severely diminished.”
 
Following ITAM best practices is a roadmap for organizations to protect and get the most out of their IT assets. IAITAM offers courses and training opportunities throughout the year for agencies and businesses seeking to strengthen their cybersecurity and IT management.

ABOUT IAITAM
The International Association of Information Technology Asset Managers, Inc., is the professional association for individuals and organizations involved in any aspect of IT Asset Management, Software Asset Management (SAM), Hardware Asset Management, Mobile Asset Management, IT Asset Disposition and the lifecycle processes supporting IT Asset Management in organizations and industry across the globe. IAITAM certifications are the only IT Asset Management certifications that are recognized worldwide. For more information, visit www.iaitam.org.