CleanSlate Presents at the 2017 IBSMA SAM Summit

CleanSlate Presents at the 2017 IBSMA SAM Summit

The International Business Software Managers Association (IBSMA) is the world’s largest nonprofit association of business-focused Software Asset Management (SAM) licensing and compliance professionals. The organization is focused on the continuing education of software asset managers and provides a series of IT Asset Management (ITAM) professional development courses and certifications.

In addition, the IBSMA brings together professionals with the resources they need to manage software assets within their organizations, and gives them tools to expand their knowledge base while providing a forum for advancing SAM innovations.

CleanSlate was recently approached by the IBSMA to speak in two sessions during their annual SAM Summit at the University of Chicago School of Business. These sessions were focused within the IBM track and provided a deep dive into the process for the IBM License Metric Tool (ILMT) upgrade as well as tips on using BigFix and ILMT technologies to better manage the Enterprise License Agreement (ELA) renewal process.

One of the high points of these sessions was a client success story presented by TransUnion as they talked about leveraging the IBM License Metric Tool (ILMT) and the services of CleanSlate that significantly reduced their software compliance expenses within their ELA. By leveraging these tools and services, TransUnion got an extensive view of their software footprint and compared that to current entitlements to set an accurate software position. Because they had access to this detailed information, they were able to make intelligent decisions on purchases made in their upcoming ELA renewal, literally saving them millions of dollars.

At CleanSlate, our team is excited to play an integral part in these types of client success stories—and we have many similar stories, too. We look forward to continuing our relationship with the IBSMA and helping to advance the latest knowledge, tools, trends, and processes within the ITAM community.

If your business is looking to implement a new SAM strategy, CleanSlate can help. For more information about all the ways we can help your business become more efficient and more profitable, contact us today.

Using IBM Detect to Protect Your Business

Using IBM Detect to Protect Your Business

Cyber-attacks are becoming more sophisticated by the day, and unfortunately, they’re becoming more frequent. According to IBM, “Five of the eight largest healthcare security breaches since the beginning of 2010—those with more than 1 million records reportedly compromised—took place during the first six months of 2015. In fact, over 100 million healthcare records were reportedly compromised in 2015.”

That’s a scary statistic. And it’s not just health care—any industry that maintains sensitive records should be ready to handle these threats, especially in the financial and government sectors.

As part of IBM’s BigFix suite of products, Detect is a critical component of keeping your business safe from potentially devastating cyber attacks. It provides endpoint detection and response solutions for threat analysis, and has capabilities far beyond your typical endpoint detection and response tool.

Detect specializes in assessing and remediating Indicators of Compromise (IOC) and analyzing Indicators of Attack (IOA). IOCs are pieces of forensic data that identify potentially malicious activity on a system or network, while IOAs are a series of actions that an attacker must complete to succeed. Detect helps you get a complete understanding of these threats, and will show you how to take immediate action to mitigate the spread and effectiveness of an attack.

Some people think that because they have a small- or mid-sized business, they don’t need to worry about IOCs and IOAs. While it’s true that a large company has a higher volume of traffic to keep an eye on, small- and mid-sized businesses are also vulnerable—and in many cases, even more vulnerable, because their security measures aren’t current.

A great example of this is the recent WannaCry ransomware attacks. These attacks affected thousands of businesses, and many of them were smaller companies. Unfortunately, because proper security measures weren’t in place, many of these businesses ended up paying the ransom because it was cheaper than overhauling their systems and recovering the ransomed data. This is exactly the type of threat that Detect is designed to identify, isolate, and remediate before it spreads.

Detect integrates seamlessly with QRadar and many other IBM tools on the BigFix platform. Like Detect, QRadar is designed to ensure that endpoints are free from attack, and that policies are set, maintained, and enforced. By working together, QRadar and Detect can also show you whenever key security information—like passwords—are changed, so that you’ll never run into unexpected surprises.

Protecting your business from cyber threats has never been more important. Detect—and the IBM BigFix suite of security products—will help make your endpoint management simple and easy. But more important, it’ll make your business secure, and will allow for immediate identification and remediation of threats that can cost your business lots of time and money.

Our team at CleanSlate works with Detect every day, and we know how to leverage it to make sure your business is ready to handle any cyber attack. If you’re interested in learning more about integrating Detect into your business’s cyber security strategy, contact us today.

ILMT upgrade: The Good, the bad, and the ugly.

ILMT upgrade: The Good, the bad, and the ugly.

IBM recently discontinued support for the legacy License Metric Tool version 7.x (as of April 30, 2017). Companies running any versions of ILMT prior to version 9.2.x will no longer receive product updates, patches, or software catalog updates. Continuing to run these legacy versions of ILMT will likely lead to non-compliance with the latest security patches, and will also lead to non-compliance with IBM for PVU-based software usage/reporting.

Here are the good, bad, and ugly points regarding the ILMT upgrade:

The Good – The latest version of ILMT comes packaged with the BigFix endpoint management platform—one of the industry leaders for enterprise endpoint management. BigFix comes packaged with many different modules that may be enabled to expand your organization’s endpoint management capabilities, including lifecycle, security & compliance, patching, and software inventory/usage for all vendor products.

The Bad – Companies that do not currently use ILMT or are operating off a legacy version are not capturing usage metrics to allow them to effectively manage software compliance and recognize savings and/or compliance risks. If your company falls into this scenario and you are audited, get ready for big fines and a potential loss of the reduced PVU-licensing costs.

The Ugly – Organizations not on an updated ILMT platform are living on borrowed time. IBM requires companies that do take advantage of the reduced pricing offered through PVU-based licensing to stay on the latest-and-greatest version of ILMT. IBM is strict about these requirements and is serious about enforcement and penalties for those that do not adhere to their PPA agreements. Those that are not currently in the process of an upgrade are putting themselves at risk as there are indicators within Passport Advantage that serve to tell a company’s position with ILMT, as well as the version they are operating on.

Don’t delay in preparing for and implementing ILMT, or the upgrade of your existing ILMT platform. Whether your company is just in the exploratory phase or is starting to plan for deployment, you are not alone.

CleanSlate is currently upgrading ILMT for clients of all sizes. Whether your organization manages 100 or 100,000 endpoints, we have the experience as IBM’s go-to partner to assist you with your deployment and reporting. You can contact us for more information, or learn more by viewing our most recent upgrade webinar.

 

Over-deployed? Self-reporting Keeps You Compliant.

Over-deployed? Self-reporting Keeps You Compliant.

There’s nothing wrong with self-managing your software assets. But if you do, it’s important that your company knows what to do if you discover an over-deployment of licensed products. When that happens—and it happens to the best of us—here’s what you should do next.

Figure Out What Happened—And Why

When your company has over-deployed licensed software, it’s important that you understand why it happened. The difference between a one-time fluke and something more systemic in your company will have an impact on how you go forward.

Here are a couple of questions to ask yourself before you decide what to do next:

  • Is the overage due to additional project work or company needs?
  • Is the company’s infrastructure itself responsible for the overage?

If the overage can be tied to specific project work, especially new projects, your best bet is to work directly with the software reseller. They can work with your company to figure out an action plan to manage the next steps. This approach will also help you get the best rates for your licenses, and ensures a good relationship with your vendor.

If the overage is tied to something systemic about your company’s infrastructure, that’s considered a true over-deployment. In that case, the best thing you can do is to maintain transparency and work with the software reseller to self-report the overage. By being open and transparent about the overage, you can avoid raising red flags that could otherwise lead to a vendor audit.

Good Communication is Key

Over-usages happen. Your vendor understands that and has almost certainly seen it before. By maintaining good communication and transparency, you’ll show your vendor that you’re acting in good faith to correct the situation. That will help reduce the risk of an audit, and ensure you get the best pricing for your organization.

And if you have any questions about software entitlement needs or your current license position, we’re here to help. Email our software asset specialists, or call us at 866.885.3249.

Trip Report: IBM InterConnect 2017

Trip Report: IBM InterConnect 2017

IBM InterConnect is one of the industry’s premier Cloud conferences, and several of us from CleanSlate had the chance to attend this year’s event in Las Vegas. We had a great time—but more important, we learned a lot about new solutions and innovations that will help us be an even smarter, more versatile company.

With hundreds of different presentations and open labs for hands-on experience, InterConnect can be a little intimidating without a focus. Our team spent most of our time learning about security and asset management, which meant attending lots of discussions and labs about IBM’s BigFix platform. We went to sessions covering topics like QRadar, Detect, and Resilient that were full of information about useful ways these applications can work together for a seamless BigFix experience.

Since there’s so much going on at InterConnect, it’s impossible to see everything. But a great thing about the conference is that IBM makes the majority of the lectures and materials available for attendees right on their website, so you’ll never miss a second of content. For many people, access to this huge library of knowledge is worth the price of admission alone.

One of the best things for us about the InterConnect conference is the networking opportunities. We got to meet all kinds of people this year, many who could closely relate to our business and the challenges we face. We were also fortunate to meet with IBM product development team members and senior management members—a great benefit CleanSlate enjoys as an IBM Platinum Partner. These connections are incredibly valuable to our business, and leveraging them effectively is a big reason we have so much insight into what’s going on in our industry.

The chance to speak with product developers in particular is important to us because it’s a rare opportunity to talk directly with the people responsible for creating the applications we use every day. We love that they listen to feedback from us and our peers, because they integrate it into future product development—and that can make our lives a lot easier.

While we went to lots of panel discussions, we also helped host one: Our own Chris Konow spoke about how BigFix can help with software audits and contract negotiations. It was a well-attended talk, and we’re happy we could contribute some of our own knowledge to help businesses protect themselves against costly audits and unnecessary software purchases.

If you work in IT and want to learn all the latest and greatest information about Cloud technology, you can’t afford to miss the InterConnect conference. The endless networking opportunities and wealth of information are useful for anyone in this business—and the potential to help influence future IBM product development is a bonus that you probably won’t find anywhere else.

If you’re interested in finding out more about all the useful stuff we learned at InterConnect 2017, be sure to contact us. We’d love to share our knowledge with you!