Four Best Practices for Asset Management
How to think about scope, virtualization, mobility, compliance, and distributed workforce in tracking equipment and applications.
By Cameron Laird, Vice President, Phaseit, Inc.
You have your data centers humming nicely: well-designed physically, with good policies for refreshes and maintenance, explicit designs for storage growth and disaster recovery, and tidy cabling practices. It's all working according to plan -- except that keeping track of all the parts remains a time-consuming exercise in tedium. Isn't there a better way than laboriously entering hand-written notes in spreadsheets copied haphazardly depending on who last worked in the area?
Yes, there is a better way: "asset management" (ITAM, for information technology asset management, sometimes known as computer inventory management) applications have tackled exactly this situation for decades. Here's what you need to know to make the most of the offerings in enterprise-scale asset management:
A Clipboard in Your Server Closet is Not an Effective Management Tool
Understand clearly that "hand-maintenance" does not work, even when it's assigned as the single highest priority to one dedicated employee. If the answer to, "which hosts are licensed to run a database instance?" or "what operating-system releases are connected to the 111.222.17 subnet?", involves tracing your finger through a hand-drawn Visio diagram, you're fighting a losing battle. Rather than explain all the pitfalls of this and related approaches, the focus here is on what can be successful. Make your computer assets work for you, not the other way around.
What's the alternative to "manual" tracking of assets? Although any realistic solution still involves plenty of human effort, you must identify a technology that at least makes it relatively easy for your asset repository to validate itself, and "scale" with your operations. In ITAM vernacular, you need "agents" configured on each asset to report "live," current conditions. At a practical minimum, this means a reliable database manager connected to tools with the power to interrogate those agents and ensure the accuracy of the database contents. Network-attached resources generally can be configured to run SNMP (simple network management protocol) agents; at that point, it's natural for tools to report, for example, "this subnet has eighteen computer hosts, four printers, one VoIP server, and two storage arrays active; the printers are named ..."
Best Practice #1: Determine the Scope
The first challenge of your ITAM effort is to decide on its scope. You must have an explicit policy or project for ITAM, and it must be online. If you do anything less -- if you just assume you can ask your front-line users when a need arises, for example -- you'll create more frustration than you’ll save. An explicit statement is a minimum.
What's the maximum? On the "high end" you'll eventually have the opportunity to extend ITAM to integrate hardware and software, to integrate it with accounting for financial measurement and planning, and to tie in to such enterprise-level functions as inventory and life-cycle management (including refreshes, acquisition, and disposal), disaster recovery, compliance, logistics or supply-chain rationalization, strategy, and process improvement.
Most organizations are probably best served by starting with modest goals: tracking computing units and networks. With basic ITAM in place, the organization will be in a better position to judge more comprehensive and complex projects; at that point, expertise at the level of the International Association of Information Technology Asset Managers becomes worthwhile.
What product do you buy to start with ITAM? Perhaps none; even though fundamental architectures have changed little in 30 years, and there has been an active market of ITAM offerings throughout that span, no dominant commercial off-the-shelf (COTS) product has emerged in a convincing fashion. At least since the '80s, it has been possible to purchase slick graphical user interface (GUI) consoles that purport to map all IT assets, allow "real-time drill-down" to technical details, and even, in the best cases, are sufficiently programmable to integrate with other decision-support applications. The diversity of engineering practices in commercial operation is one reason this sector has never been "commoditized" as one might expect: every substantial data center in my experience ends up essentially writing and maintaining its own ITAM solution.
A good milestone, therefore, is to download and install a no-charge product such as SysAid Asset Management, an evaluation version such as Express Software Manager, a SAAS ITAM solution (for example, SAManage), or one of the open-source software suites. Experiment to learn what ITAM features matter in your organization.
Best Practice #2: Keep Virtualization in Mind
Virtualization presents one of the biggest current challenges--and opportunities!--for ITAM. Fifteen years ago, organizations used ITAM to solve problems such as: which servers are under-utilized and due for retirement, or overloaded and performing poorly? Now we worry: what virtual machines are due to be culled because they no longer provide useful services? What does our historic use of virtual resources project for physical requirements? What access paths are there between physical and virtual environments, and how are they firewalled?
In assessing proprietary ITAM software, make sure it adequately accounts for your organization's requirements to track virtualized machines, which are often deployed and recycled a hundred times or more as quickly as physical assets.
Best Practice #3: Incorporate Your Mobility Needs into your ITAM Evaluation
Mobility is the other great contemporary trend in computing, along with virtualization, and it also directly affects ITAM and our requirements of ITAM. Instead of a relatively sedentary population of servers and desktop hosts on our networks, organizations now have responsibility for laptops and handhelds which move around daily, and sometimes from minute to minute. Just as with virtualization, this is both a challenge and an opportunity: not all ITAM solutions have in the past handled mobile elements correctly, but, when they do, the result is a big improvement over what manual asset tracking can achieve.
A robust ITAM that integrates with security and accounting contributes to management of such questions as:
- How should costs for support of an intranet application be allocated?
- Can we identify which endpoints are currently accessing private customer data?
- Is it feasible to write rules that "lock out" a remote handheld immediately when it exhibits a pattern of usage that suggest it has been lost or stolen?
Best Practice #4: Incorporate ITAM into Your Compliance Initiatives
The pervasive managerial pattern that all organizations share nowadays is compliance: are employees acting in accord with process-expressed requirements? ITAM has plenty to contribute here. A necessary step for legal control over all archival data is to be able to inventory all storage, for example. A second example: correctness of licensing crucially depends on the completeness of the inventory of installed licenses and products. These examples are only the beginning; essentially every compliance proposition will need to be informed by current results from ITAM.
A Final Word
ITAM is a great investment to make: you're already inventorying your computing assets somehow, and ITAM is just a structure for making those efforts pay off. Account for the four best practices as they apply in your specific situation, and you're well on the way to a rewarding project.
Cameron Laird is vice president of Phaseit, Inc., where he implements software projects and publishes articles about the results. A long-time developer, manager, and author, his current work emphasizes back-end performance and security in integrations with HTML5 as the Web explodes onto mobile devices. You can contact the author at firstname.lastname@example.org