Automate IT Asset Data Collection

Acquire and use discovery tools wisely to populate, update, and validate the data in your ITAM database.

Executive Summary

Info-Tech Insight
Focus your automation efforts by understanding what data you need before you go to market to buy a tool. Different tools will provide different data, and some data can’t be discovered at all.

Track asset data

Good asset data is foundational to strong IT operations and enhances the value of IT to the business

• Track and repurpose unused equipment and software licenses rather than buying new.
• Ensure you remain within the number of software installs permitted in your contracts to avoid costly and disruptive software audits. Provide detailed data required to calculate complex licensing requirements.
• List hardware due for replacement in the next year to support planning and budgeting. Identify deprecated software that must be retired in the near future.
• Improve your negotiating position with vendors with a better view of what you own and what you use.
• Flag devices that could present a security risk (e.g. active but unassigned, unpatched, in the wrong location, etc.)
• Support incident management with an enriched understanding of the assets involved in an incident (e.g. user, model, warranty, related support contracts, etc.)
• Provide insight into the complete IT environment to other teams to inform strategic technology decisions, including the office of the CIO, procurement, enterprise architecture, IT security, applications, and infrastructure.
• Meet regulatory and audit requirements to have a comprehensive inventory of IT assets.
• And more…

Automate asset tracking to address tough ITAM challenges

• Discovery tools are a necessary (though not sufficient) condition for creating a comprehensive and accurate view of IT assets.
• It’s critical not only to have a discovery tool, but the right tool, implemented the right way, to realize the value you expect to receive.
• Some tools will provide insight into use of installed software or use of particular features. Identifying a lack of use provides an opportunity to investigate whether the license could be repurposed or downgraded.
• Find vendors that view tracking new technologies as part of their product roadmap and can partner with you to define and develop new ways to track your evolving technology landscape.
• There’s no substitute for an experienced and capable asset management team, but relieving the team of repetitive, manual work can help address process bottlenecks and quality issues. Manual processes require regular training and typically require constant monitoring for data quality and process adherence issues.

What are your challenges with SAM? 1

Not all data is “discoverable”

Machine-generated data is just the tip of the iceberg

• Your computers can’t tell you everything.
• While machine-generated data is indispensable, you won’t be able to answer some of the critical questions the ITAM team is asked with it alone.
• Use the insights and the process outlined in this research to identify:
  • What “other” data you need to capture.
  • How it’s being collected, and where it’s being collected today.
  • Opportunities to modernize data collection (e.g. via integrations with other systems).

Start by getting your ITAM processes in order. Then,

1
DEFINE QUESTIONS
Use insights from process improvement exercises to identify the questions you need data to answer.

2
ASSESS CURRENT STATE
How do you gather needed data today? What are your current tools’ strengths and weaknesses?

3
IDENTIFY NEEDED CAPABILITIES
Review features of discovery tools. Identify capabilities required beyond discovery tools.

4
DELIVER NEW CAPABILITIES
Acquire and/or configure tools and integrations. Audit your data for accuracy.

00 Identify a working group

30 minutes

Identify a group of participants who can fill the following roles and inform the discussions in this research. A single person could fill multiple roles, and some roles could be filled by multiple people.

The core working group will consist of the facilitator, asset manager, and ITAM team.

Develop and refine ITAM processes first

Automating a bad process will give you a bad process, faster.

• Review existing processes to confirm how ITAM should be deployed in your organization to meet business requirements.
• You can then find a tool that helps you streamline a working but manual process.
• A process review should answer these questions:
  • What’s the scope of the asset program? What do we track, and not track?
  • How do we procure, receive, deploy, manage, retire, and dispose of assets?
  • How do we track purchase records, invoices, and contracts?
  • When do we need to update asset records during their lifecycle to ensure asset data remains current and accurate?
  • Where do we currently store asset records?
  • Who is responsible for updating asset records?
  • Where are there opportunities for automation?

Implement Hardware Asset Management
Develop foundational hardware asset management practices to procure, deploy, manage, harvest, refresh, and dispose of hardware.

Implement Software Asset Management
Develop foundational software asset management practices to manage licenses, deploy and harvest software, and prepare for vendor audits.

Develop an IT Asset Management Strategy
Define a coherent, sustainable, and business-aligned approach to ITAM.

01 Identify the questions ITAM is expected to answer

30-60 minutes per session

To understand what data you need to collect, start by listing the questions that ITAM needs to answer.

Most ITAM practices provide data stakeholders across the organization (e.g. IT, Finance, Procurement) and at different levels of management (e.g. technicians, business managers). Consider running this exercise multiple times with different stakeholder groups.

1. To break the ice in a brainstorming exercise, it’s useful to provide participants with examples of what you’re looking for. You will find lists of example questions on the next slide. Meet with just the ITAM team to review and refine the list of example questions.
2. Schedule and run brainstorming sessions to “identify questions the ITAM team could help you answer.” Review the list of example questions to kickstart the conversation. Record the questions as you go in simple, unambiguous language. Ask follow-up questions if you’re unclear what a particular term might mean. Don’t discount any questions as out of scope at this point.
   • Many questions will require data that’s not typically collected by a discovery tool.
   • Set the expectation that you may not be able to deliver answers to all questions and that you’ll need to investigate further to confirm if, how, and when you’ll have the data to answer those questions.
3. Repeat the exercise, and consolidate and refine the growing list of questions until you have a reasonable working list.

01 Example: Questions ITAM is expected to answer

Portfolio Management:

• How many different end-user device types do we manage across the organization? How many laptop models?
• How many devices are deployed by department?
• What cloud-based software has been purchased by the company outside of standard IT procurement processes (e.g. via company credit card)?
• How many users in a department are using a particular software title?
• How many different software titles do we have in a particular category (e.g. CRM)?
• How many license entitlements do we have? Are we over- or under-licensed?

Lifecycle Management:

• How many devices will be refreshed this year or next year? How many by department?
• How much needs to be budgeted for the refresh? How much by department?
• What software will reach end-of-support next year?
• How many licenses for this software do we own?

Cost and Financial Management:

• What’s our annual spend on software and hardware? By department?
• What’s the total cost of assets associated with a particular application?
• What costs have we avoided by re-using existing equipment and licenses?
• What is the location and operating status of IT capital assets?

Compliance:

• Are any devices or software out of compliance with our current standards?
• Which devices have not been connected to the network for the last x number of days?
• What is the current status of devices that are authorized to access highly sensitive systems or data?
• What equipment has been lost or stolen in the last year? What action have we taken to retrieve the equipment and secure company data?

IT Support:

• Who is assigned this piece of equipment? Who last logged into it?
• What hardware and software is assigned to a particular user?
• What’s the average time between request and purchase for software?
• What warranties cover this piece of equipment? What support do we have for this software?
• How many deployments of have there been in the last x days?
• How many laptop deployments took longer than the service level objective?
• How many devices or licenses of a particular type do we have in stock?

What Else?

02 What data do you need to collect?

3-4 hours

With the list of questions in hand, let’s identify the data fields (or attributes) you need to track in order to answer the questions you’ve identified.

1. Download a copy of Info-Tech’s ITAM Data Dictionary tool. The tables in this tool are intended to provide a summary view of the data that you’ll collect and report on through the ITAM program and describe how data will be collected. The tool has three tabs:
   • Hardware Attributes: Lists key hardware attributes and how data is collected and stored in the asset record.
   • Software Attributes: Lists key software attributes and how data is collected and stored in the asset record.
   • Outstanding Issues: Consolidates the issues identified on the other two tabs. Identify specific steps you could take to address those issues. This tab is optional.
2. Start by updating the hardware and software attributes tab.
3. Cross reference the list of attributes with the list questions from the previous exercise. Can you answer the questions in the list with the attributes identified in the tool? Add to the list of attributes as needed.
4. Consolidate issues and ideas on the final tab. This tab provides a summary view of data collection problems and how you could go about addressing them.

Download the ITAM Data Dictionary Tool

03 Evaluate your current tools

30-60 minutes

With context from the previous exercises, identify the strengths and weaknesses of the tools you currently use for IT asset management. Use a whiteboard to recreate the table below, or update the table directly below. Document your tools in use, their purpose, their constraints, and any opportunities you could leverage.

If possible, involve tool experts/owners in this discussion, otherwise validate your assumptions with them after the fact.

Review common discovery tool capabilities

What machine-generated data do you need a tool to capture?

Not all tools will collect the following information in enough detail to meet your needs.

Assess which of the following features are most important to you:

Integrations: At a minimum, the tool must populate your ITAM database. Consider whether discovery data needs to be fed directly into other systems, including ITSM, monitoring, or security systems.

Device types & operating systems: Different tools will capture different data based on the operating system of the device being scanned. Most tools will scan common device types and Windows (though to different levels of detail), but you may need specialized tools to gather the data you require on mainframes, Macs, smartphones, IoT devices, manufacturing equipment, medical devices, and more.

Application-specific data: Complex enterprise software agreements, such as SAP, Oracle, and SQL Server require detailed and specific information about the software and the infrastructure on which the software runs. Navigating renewals can be a challenge without a discovery tool that is designed to collect data as required to manage these software licenses.

Application use: When was this software last used? For how long? Which modules? This data can be a starting point for investigating which licenses can be discarded or reallocated.

“ITAM’s not just laptops. It’s SaaS, it’s cloud compute, it’s serverless, it’s containers, and more.”

Jason Goldberg
Solution Architect
Device42

Review common discovery tool capabilities (continued)

SaaS management and discovery: In many organizations, SaaS is the default option for new software purchases – both through officially approved IT channels as well as unofficially through one-off expensed purchases by business units themselves. Ask prospective discovery vendors how they collect data on SaaS subscriptions that have been approved by IT, and those that haven’t.

Public cloud IaaS and PaaS environments: Discovery tools provide different levels of detail on different cloud platforms, or on specific services within a given platform. Confirm tools can discover the services you use most in your environment.

Virtualization platforms: Confirm tools can capture information both about the hypervisors themselves and the VMs running on those hypervisors.

Secure environments: Consider how you’ll collect data on environments that are highly controlled, on secure and separate subnets, or fully air gapped from the rest of your environment. Some tools offer a “collector” function that lives in a secure subnet and sends data out of that subnet via HTTPS.

Historical data: Do you need to know logins past 30 days or every software title ever installed on a machine? Will archives live primarily in the discovery tool or your asset database?

Dependency mapping: Do you need to identify dependencies between IT assets? What types of associations do you need to discover or build (e.g. hosting or data flow relationships)? Between what types of assets? Dependency mapping is more associated with configuration management than asset, so confirm whether this data can be tracked in your ITAM database or whether it needs to be tracked somewhere else.

Viable tools emerged from different disciplines*

Vendors have added discovery features in ways that build on their original strengths. There can be value in leveraging one of these tools to populate your ITAM database if they’re already available to you, and can be reliably integrated with your ITAM database. Examples provided are simply examples rather than recommendations.

*There is, naturally, overlap across all of these categories, and many of the example solutions compete in more than one category.

Info-Tech Insight
A combination of agent and agent-less solutions are often required to collect required data.

Weigh the pros and cons of agent-based tools

Agent-based discovery: A small program, or agent, is installed on all endpoints. The agent will run periodically on the machine, gather data, and send data to a central server.

Identify data that discovery tools can’t capture

Some of the data you require can’t be captured by discovery tools. Identify what data you need to import from other sources and how you’ll bring that data into the ITAM tool.

Explore your options to gather undiscoverable data

B2B (business-to-business) integrations from vendors and publishers.

• Hardware makers, software publishers, and value-added resellers may offer data on your purchases in a format you can ingest into your ITAM database. This is sometimes offered free but may incur an additional fee or come as part of an additional service such as tagging or imaging equipment for you.
• Data could be provided in different ways. Some vendors may maintain an API your ITAM database can query directly for information. Other vendors may provide a CSV document, either sent after each purchase or available on-demand from a purchasing portal.
• Types of data: Hardware specs and serials, warranty terms and dates, license entitlements, PO & invoice number, price, support agreements.

System integrations within your own environment.

• Asset data can be enriched by data entered in other business systems. Identify integrations between the ITAM database and other systems.
• Types of data: user and organization data from AD; ticket, catalog and configuration data from the ITSM system; contracts in a contract management system; cost and purchase data in an ERP or accounting system.

Libraries of software signatures and licensing rules.

• Discovered software data is often messy. Understanding which discovered software corresponds to which title and how many licenses you need requires licensing rules and software signature recognition that can be complex. When purchasing an ITAM tool, confirm whether this functionality exists for your most important software contracts, how often rules are updated, and whether any special contract terms for your organization can be written into the rules.

Info-Tech Insight
If you need data quickly, resellers are often better to approach with ad hoc requests about the licenses you own than software publishers. While your reseller does have an incentive to sell more, which they could do if you’re out of compliance, they also have more to lose from a frustrated customer than a publisher does. It’s typically easier to move to a new reseller than it is to switch software.

A good reseller should see a request for asset data as an opportunity to add value by helping you better understand your software estate. A publisher might see the same request as an opportunity for an audit.

Manage expectations for discovery tools

Prepare for the following challenges:

The bottom line: Embrace the fact that discovery data will likely never be perfect. Manage expectations up front, audit data on a regular basis, and investigate and address data issues as they arise.

04 Identify missing capabilities

1-2 hours

Based on the previous discussions, and the slides above outlining what discovery tools can and can’t do, identify any capabilities you think the ITAM practice must develop in order to deliver expected value. Think about capabilities as things your organization has to be good at - and can get better at (e.g. through practice, continuous improvement, new techniques or technologies.)

Some examples are provided below to help you get started. Frame these capabilities in non-technical language.

Don’t pigeon-hole your thinking to just the types of capabilities that discovery tools can provide for the moment.

1. Brainstorm missing capabilities as a group. What do we need to do, that we can’t do today? Use the list of example capabilities on the next page as a starting point, if needed.
2. Identify which of these capabilities could be supported with better discovery features.
3. Ask your tool experts – can you deliver these discovery features with the tools currently available to you?
4. If reconfiguring existing tools is an option, list specific action items are required to reach your target state. Identify who’s assigned to those action items, the effort required, and whether you’ll be able to deliver that functionality in the short- medium-, or long-term.
5. Take this information offline, and decide: do you need a new tool? If you do, use Info-Tech’s Rapid Application Selection Framework (RASF) to guide the software selection process.

04 Example capabilities

We need to be able to:

• Compare license entitlements to software allocations.
• Create a list of unused Microsoft products to support reallocation and renewals.
• Identify the location, business owner, and user for every laptop and desktop reaching end of life each year.
• Connect deployed equipment to their original purchase order.
• Offer licensing consulting services for new development projects.
• Identify likely spend for devices requiring refresh by business unit.
• Identify unauthorized devices on the corporate network.
• List corporate equipment that’s been missing from the corporate network for more than 60 days.
• Provide a list of a user’s assigned software and hardware to technicians working on their ticket.
• Maintain a comprehensive list of all switches, routers, and access points in the corporate network, including age, warranty end date, and links to any support agreements.

What Else?

Accelerate the tool selection process

The Rapid Application Selection Framework (RASF) is a comprehensive, fast-moving approach to help you select the right software for your organization.

Review Info-Tech’s Rapid Application Selection Framework today, and book a call with our analyst team to guide you through the process.

Audit ITAM data

With tools in place, trust, but verify.

¹To learn more about discovery tool analysis, see Jeremy Boerger’s book, Rethinking IT Asset Management.

05 Outline an approach to internal data audits

1-2 hours

Review the three internal data audit approaches outlined on the previous slide, and identify which of the three approaches you’ll use. For each approach, complete the fields in the table below.

Research Contributors and Experts

Jason Schackai
Training and Communications Manager
Sassafras Software

Yama Habibzai
Chief Marketing Officer
Device 42

Olaf Diehl
Director of Product Management
USU AG

Julian Devlon
President
Sassafras Software

Jason Goldberg
Solution Architect and Director
Device 42

Julien Roemers
Sales Engineer
USU AG

Related Info-Tech Research

Implement Hardware Asset Management
Develop foundational hardware asset management practices to procure, deploy, manage, harvest, refresh, and dispose of hardware.

Implement Software Asset Management
Develop foundational software asset management practices to manage licenses, deploy and harvest software, and prepare for vendor audits.

Develop an IT Asset Management Strategy
Define a coherent, sustainable, and business-aligned approach to ITAM.

Bibliography

Balbix. “What is asset inventory management?” Balbix Blog. ND. Web. 31 Jan 2023.

Boerger, Jeremy. Rethinking IT Asset Management. Business Expert Press, 2021.

Butcher, Michael. “The False Promise of Discovery Tools – Part 1.” Blazent, 28 Sep 2022. Web. 31 Jan 2023.

Clinton, Nancy. “IT procurement and ITAM: A blossoming relationship in asset management that you can’t afford to ignore,” Spend Matters. 15 Apr 2021. Web. 31 Jan 2023.

Cognixia. “Effective IT asset management with ITIL 4,” Cognixia Blog. 13 Sep 2022. Web. 31 Jan 2023.

McCall, Alice. “A guide to tracking IT equipment,” Setyl Blog. 22 Feb 2022. Web. 31 Jan 2023.

Flexera. “Flexera State of ITAM Report 2022.” October 2022. Web. 31 Jan 2023.

Kula, Emma. “Why procurement must work with IT and software asset management.” Vector Networks Blog, ND. Web.

Thompson, Martin. “Which software publishers are currently auditing? Survey results part 2/3,” ITAM Review. 6 Jan 2021. Web. 31 Jan 2023.

Ulyanov, Oleg. “Microsoft SQL Server Licensing for On-Premises VMware vSphere Implementations – Part One.” Vmware Blog, 14 July 2020. Web. 31 Jan 2023.

Palo Alto Networks. “What is IT asset inventory?” Palo Alto Cyberpedia. Web. 31 Jan 2023.