Use automated workflows to govern IT at the speed of business
This article is a collaboration by AJ Witt, The ITAM Review, and Ryan Wood-Taylor, ServiceNow
Modern businesses create value anywhere and everywhere, enabled by the technology we as IT Asset Managers govern. However, as we move away from the traditional model of on-premises IT, we have less direct control over assets and this creates a governance gap that we need to close. Assets are distributed, they’re in many cases running in datacenters we don’t own, on ephemeral virtual devices that in some cases “live” for minutes rather than years. This pace of change will only continue to accelerate and we as ITAM managers need new processes, tools, and techniques to keep up. In this article we’ll put forward the case for automation and a single source of verified trustworthy data accessible to all stakeholders to equip ITAM managers to deliver against their programme goals.
Evolution, not revolution
IT organisations led and staffed by experienced professionals need to change the way they think and operate to cope with the speed of digital transformation. The on-premises approach to IT they cut their teeth on gave them the ability to see much of what they needed to govern, and there was a top-down approach to Service Management. IT owned most of the technology and it ran on their own network with strict access controls and watertight governance procedures. This worked up to a certain scale but is somewhat unwieldy and today doesn’t work well for bottom-up IT – as evidenced by long-term governance concerns around Shadow IT. The explosion in SaaS spending over the past few years and 2020 in particular is a case in point. Typically, IT now control less than half of all SaaS spending. Over 25% of the IT budget1 is now consumed by software and cloud. With SaaS and cloud spend increasing how does IT remain relevant and meet technology governance standards around cost and risk management?
Data & Automation enables Cloud Governance
Governance in a cloud-first digitally transformed organisation needs great data to support corporate culture and behaviour changes. Furthermore, IT Governance needs to move at the speed of business to ensure it doesn’t get seen as a blocker. It must be easier to comply with governance standards than to subvert them – governance needs to be agile.
To be agile, governance in digitally transformed organisations must be governance by consent, governance by setting guard rails, and “nudging” users to do the right thing. Being overly prescriptive will get in the way of business being done and simply result in an increase in Shadow IT. Departments and users will find ways of subverting rigid processes in order to get their jobs done with the tools they like to use. We discussed this recently on our Radio Show – how employees may make use of personally-owned SaaS services to help them be more productive and potentially not even claim the cost back from their employer. Great for productivity & employee experience, not so great for ensuring we’re complying with regulatory requirements such as data privacy or industry-specific regulations such as HIPAA. Let’s get into what we mean by Data and Agility in more detail.
Modern IT Governance starts with discovering what services are being consumed by employees and business processes. Centralised, automated discovery of technology usage across distributed estates enables multiple stakeholders to meet differing demands and objectives. Critically, when we’re all working from the same trustworthy data, we can make accurate decisions that span siloes and minimise missteps caused when stakeholders working in isolation are unaware of the requirements from other governance domains.
Agility through automated workflows
The explosion in asset growth and reduction in lifespan of those assets means that we simply have too much to manage manually. Think back to the days before virtualisation. Your corporate email server was likely a cluster of fully populated 42U racks in your datacenter, running a bunch of disks in a RAID array. You could visit your email server and say “hi” to it. You could do a physical audit. You could see which disks had failed in the array because a physical light was flashing. You probably even asset-tagged it with an adhesive barcode. And, perhaps, you admired the beauty of the structured cabling job done by your network team. Those email servers likely had a lifespan of 3-5 years. They were easy to track from an asset management perspective, and worthwhile to track because they were a big capital investment.
Fast forward 20 years and your email server most likely lives in the public cloud, potentially entirely hosted and provided by a third-party. There are great benefits, not least that it’s scalable, reliable, and more secure than trying to keep an on-premises server patched and running smoothly. But how do you govern it? How do you know that it’s been shifted to a new instance size (and therefore cost has increased) in response to increased capacity or performance demands? And how at scale do you handle the churn of user accounts driven by the joiners, movers, and leavers process?
The key is automating workflows. Automated discovery, inventory, and normalisation. Automated alerting of proposed configuration changes which may impact licensing. Automated onboarding and offboarding to keep up with user changes. Automated workflows to direct ship laptops to remote users. Automated workflows to reclaim unused licenses. Automated workflows to turn off idle clouds. This is the only way to keep pace with perhaps a 10-fold increase in the pace of asset change. More assets, living shorter useful lives, in environments where control is limited.
The benefits of workflow automation & a single source of truth
With trustworthy data at our fingerprints and key governance processes automated, what are the benefits? When stakeholders are working with the same dataset the cost of gathering and maintaining that data is shared and minimised. For example, an IT Security team will use discovery data to uncover potential vulnerabilities. Procurement will use that same discovery data to build an accurate renewal proposal. IT Operations will use it to select which widely used applications should be onboarded into the corporate Single Sign On solution.
It would be easy – in fact it’s standard practice in many organisations – for each stakeholder to gather their own data to deliver against their objectives and plan. The sheer complexity of modern estates means that it’s certain that such an approach will result in each stakeholder generating a different asset register. That doesn’t scale from a time and cost perspective – data acquisition and management is expensive – and does little to help organisations find the truth about their estates. For example, it immediately prompts the question “Well, which of you is right?” when working with senior stakeholders, and that means everyone ends up looking unprofessional and the seeds of uncertainty are sown in the minds of decision-makers. Far better to invest in verifying and authenticating a single version of the truth that’s then available to everyone who needs it to make business decisions.
Trustworthy data enables automation
Once all stakeholders use the same trusted, verified source of truth – automation is enabled. Take SaaS spend optimisation as an example. To optimise a SaaS renewal, we need to know how many users are using a particular application and what they’re using it for. By building a rich view of usage it’s possible to automate a workflow to remove unused accounts, immediately reducing costs. For some applications it will also be possible to automate downgrades based on feature usage – for example moving Zoom Pro users down to the free tier.
Another area where data-driven automation can play a key role is in provisioning or onboarding a new employee. With many employees using upwards of 30 SaaS apps, manual onboarding is a costly and time-consuming process which impacts productivity and employee experience. In our personal lives we’re all used to downloading and installing applications immediately from mobile app stores. Enterprise App Stores and onboarding workflows enable that same seamless and efficient experience at work. Critically, this self-service approach directly supports governance requirements. Applications listed in the Enterprise App Store will likely have gone through an approval process – they’re “official” corporate applications – and that cuts down on Shadow IT. Employees are encouraged to do the right thing because IT can fulfil their request quicker than they can search, download, and evaluate a shadow IT solution themselves.
Trustworthy data made available to all relevant stakeholders is foundational to governance of modern IT estates. Stakeholders working with a single source of truth use that source to make the correct decisions in the context of all stakeholder requirements. Once those decisions are made, advanced automations and workflows then enable governance to run at the speed of business. For more on the future of Software Asset Management from ServiceNow see https://workflow.servicenow.com/guides/the-future-of-software-asset-management/.
Sources & Further Reading
1 Infographic: Automate IT Workflows to reduce IT spend
ServiceNow eBook: Modernize & Automate ITAM
- Tags: automation · Governance · ITAM · ServiceNow · workflow