Case Study: A Collaborative Approach – Implementing a new ITAM/SAM Program and Solution

By George Fields & John Tomeny, Visteon & Sassafras

In a world of highly competitive industries, choosing the right technologies and partnerships is a necessity for IT organizations. While many highly capable tools and tool providers are available, it is obviously best to choose those that fit your organization’s particular requirements. What is not so obvious, though, is the importance of divorcing one’s organizational requirements from the popular feature checklists in order to be more insightful. When the tool and provider evaluation process is done well, you may not always find yourself choosing the most popular or the most obvious option, but you should end up with one that’s right for your company.

Uncharted Territory

Visteon Corporation found itself in that very position when it made the strategic decision to in-source IT Operation’s asset management responsibilities. Visteon is a leading global supplier of automotive systems, modules and components to global vehicle manufacturers. The company was initially formed in 1997 and became independent in 2000 after spinning off from Ford Motor Co. Shortly thereafter, Visteon’s IT organization was outsourced to a single company for a majority of its infrastructure. Additional partners were retained to support the network and telephony. For more than eight years, the outsourcing partnership brought both benefits and challenges, particularly with Visteon’s tight budgets. One example of an ongoing challenge was in the area of IT asset management.

The outsourcing partner leveraged its own tools and personnel for scanning and doing a physical inventory of the Visteon environment. This was a source of revenue for the partner company, but a cost savings opportunity for Visteon. The scan tool agent that was deployed only covered about 40 percent of the 30,000 assets. Physical inventories took an average of one to two weeks per site and had to cover more than 150 buildings located across the globe. Extra costs were triggered by deploying the agent to more devices or by conducting more physical inventories.

With the U.S. automotive industry downturn, starting in 2008, Visteon had to re-focus on core businesses and continued to aggressively restructure the company. Tight budgets and a smaller corporate footprint required Visteon’s IT team to once again in-source the operational work. This change drove the creation of a new IT asset management activity, formed from the ground up.

A small team of three people led the initial effort to understand the scope of assets to be accounted, what was required to replace the outsourced asset management tools, and what tools were available. The team had limited knowledge of the processes required to perform asset lifecycle management of hardware of software. The initial objective was to transfer ownership of the existing processes and toolsets from the outsourcing partner until they could bring someone in with ITAM knowledge and experience to create a more expansive plan. The interview process for an ITAM professional was long and tedious, but patience paid off when Visteon hired someone with solid ITAM experience – including firsthand knowledge of two of the leading ITAM toolsets. Shortly after joining the team, this professional confirmed that the environment and the asset management practices would continue to be fairly dynamic due to the enormous amount of change occurring within the auto industry.

As the team began to develop the Visteon IT Asset Management (ITAM) strategy, they discovered that despite a significant reduction in global facilities (down to just over 100) and number of employees (to around 27,500), the complexity of the global infrastructure and diverse operational requirements remained essentially the same. It became clear that focus would be necessary to avoid trying to “boil the ocean.” Some of the challenges to be considered included:

  • Firewalls would continue to be used extensively to protect critical plant floor computers and those devices would not be able to report scan data to centralized servers. Audits would still be needed, so local scanning of some nature is necessary, unless provisions could be established to allow for access through the firewalls.
  • Replacement of the software distribution tool that was part of the former outsourcing agreement would take time. It would be important to leverage more than one method to deploy the scan agent.
  • The global nature of the locations meant that the network topology and hardware was not consistently at the same levels. The scan tool’s footprint had to be small and virtually non-intrusive.
  • Tools that would be necessary were considered proven, but not restrictively “mature.” The tool manufacturers needed to be willing to partner with a customer company fairly new to the processes and technology.
  • Visteon had maximized the useful life of most of its computers. The company needed to identify computer model, age and location to support forthcoming computer refreshes. The hardware configuration scanning would be a priority, and software scanning would be an additional benefit.

After the requirements were understood and options considered, the ITAM expert recommended the K2-KeyAuditor and KeyServer SAM/ITAM toolset by Sassafras Software, Inc. The ITAM expert had experience with the tool and the company support staff and he was very confident that the products met Visteon’s requirements including small footprints and functionality aligned with ITAM industry best practices. These tools were chosen and the vendor company engaged. The most important part of that engagement was the involvement of the Visteon IT vendor management team. Although the project process required IT Vendor management sign-off at various stages, the asset management team held dedicated tool reviews and conference calls to address all questions in a direct, timely manner. Work flow and case scenarios were leveraged during the writing of the contract; this was pivotal in ensuring that the needs of both companies were well-defined contractually, and the interactions could be tested prior to sign-off. Within a relatively short amount of time, an agreement was finalized and Visteon was ready to use the new toolset.

Implementing the ITAM Tool Deployment Project

With the new tool in hand, the asset management team kicked off an internal project to manage its implementation and deployment. Visteon’s project management process would help ensure that due diligence was followed in deploying the agents and setting up the server environment. Since the asset management team as a whole had little experience with the new tool, and limited time for external training, roles and responsibilities were aligned so certain members could focus on the project and others on the tool.

While there were many steps in the project, the ones that proved most beneficial included:

Requirements Definition: Identified devices that needed to be in scope, server specifications and reporting needs.

Logical Design: The layout of the solution design, from a logical viewpoint, defined interactions between the server and deployed computers and the resulting network activity. It was extremely important for both the network and security teams to approve the design.

Physical Design: Layout of the solution design, from a physical viewpoint, provided actual hardware specifications during pre- and post-implementation. This helped validate for stakeholders that the approved local design was followed and, in cases where it was not, the reason for the deviation.

Implementation: Set up development and production environments to ensure that build out and pre-launch testing could be performed without impacting the network or any other steady-state production environments. The scan agent was packaged for consistent and customized delivery and tested on several computer models. Training was provided to users of the administration tool and the companion reporting tool.

Failsafe: Final readiness review (“go or no-go”), to confirm all systems were ready and that any manageable issues had remediation actions either underway or planned.

Steady State Handoff: Ensuring that the infrastructure, help desk, network and security support teams were informed of the launch, the necessary documentation was added to the knowledge base for future reference.

While the project management process could have been time-consuming and challenging, the “out-of-the-box” nature of the tool required almost no customization and this helped speed up the project process. Also, as anticipated during the tool selection phase, all involved parties realized that it was important to have a strong original equipment manufacturer (OEM) support team (supported by the original publishers). This scenario played out many times during the project and the interactions went extremely well with the tool vendor – in large part due to having experienced ITAM experts on both teams.

The SAM/ITAM agent deployment was the most challenging part of launch. The agent was initially deployed via login scripts and manual installations. Where the login scripts worked, hundreds of PCs were successfully updated with the scan agent and they immediately began reporting into the administration tool. Unfortunately, login scripts where not applicable to many computers. For the unreachable computers, manual efforts were leveraged and the success rate of the manual efforts was a different story. Some sites had thousands of computers spread out across campuses, cities, states and countries. On a good day, one site might get 25 devices manually loaded with the scan agent while others only a handful. The challenge was leveraging existing resources, many of whom were supporting several other projects simultaneously. Also, there was not a reliable count of devices in the environment prior to the project, so it was often difficult to accurately measure progress. Thankfully, as deployment progress was made, the K2 administrative tool helped confirm successful installs and scans across the many locations. The multiple deployment approaches were successful; within a couple of months, the number of scanning computers had surpassed the counts obtained by the prior framework.

Outcomes

During the deployment, additional benefits surfaced. As expected, helpful hardware data was now obtained and shared with the support teams. Many teams had projects under way that benefited from the captured data. The Active Directory (AD) migration project could now identify which devices were on old domains and which were on the new domain – and track the progress of their AD migration. On-site support teams could see how many devices were successfully reporting in, who was using each one, and whether each device was still in its original location. This information helped substantiate support staffing needs and identify devices that had been reallocated without IT’s involvement. Also, the IT security activity had a major project in the works to ensure that all devices were properly protected with virus scan agents. Since the virus scan software management tool was not yet in place, the K2 tool’s software audit functionality was used to discover scan agent installments and build remediation lists for the IT security group.

The benefits of the SAM tool were already being realized even though deployment was still in process. Eventually, as the active directory migrations gained momentum, so did deployment of the scan agents. Most of the manual deployments were eventually replaced with automated AD deployments. Where manual deployments were still required, the support teams stepped up the pace, realizing the value of the data.

A few other organizations also began to show interest in the tool set, especially the scanned software data. The IT vendor management team began receiving increased audit requests from major software publishers. The scan data provided evidence of software installs and usage per device, all the way down to a specific location. The content-rich software install data was used to satisfy audit requirements and generate estimates for software true-ups and maintenance costs where the entitlement data could not be confirmed. The controller and finance functions were also able to use scan data to obtain key information on specific fixed assets – information useful in updating annual valuation assessments. All-in-all, the SAM tool was becoming an integral part of the IT organization’s key resources.

Over the course of the second year of tool usage, the environment continued to change, introducing new opportunities and challenges. Software and hardware harvesting became a key initiative to support various cost-savings directives across the globe. The asset management team used a combination of data from the K2 tool and from Visteon’s configuration management database (CMDB) to identify devices that were no longer active and that could leveraged for redeployment. Software harvesting opportunities were realized by manually comparing scanned software install counts against “manually tracked” entitlement data. Although automated processes were not yet in place, the results were positive both from a financial standpoint, and in terms of increasing corporate-wide participation.

“First Fruits”

Four months after initial deployment, Visteon realized the following results for optimization of software licensing and hardware allocation:

  • Less than 10 percent of Microsoft Office users utilize Pro tools. Visteon subsequently modified its Microsoft Office agreement to license the standard edition for the majority of the installed base – thus reducing Microsoft Office costs.
  • Seven applications in the Visteon environment had more than 1,200 unused installations. The company began harvesting the unused software, realizing a significant savings.
  • Since the same seven applications had over 2,200 rarely used installations, the option of application kiosks was leveraged for additional savings.
  • Two other applications which were licensed for over 8,000 users showed concurrent use of less than 10 at any one time. The licensing terms were renegotiated to include concurrent use licensing for those applications which resulted in further savings.
  • The true location and movement of deployed hardware was now centrally traceable. Physical audits were reduced to include only non-connected equipment. Improvements in resource allocation and priorities were realized.
  • Harvesting and refresh opportunities increased based on new visibility into deployed and audited assets. Hardware model types could be identified by location and targeted for refresh. Reported software installs were compared against entitlement counts which resulted in harvest opportunities and cost avoidance savings.

Thus, within roughly four months, the team was able to identify and generate real cost reductions and operational efficiencies.

Next Steps

As our asset management processes matured, additional challenges resulted from changes to the asset management team and the expanded use of the SAM/ITAM tool. Advanced usage of the K2 tool was now required to continue along the ITAM maturity path and to keep in step with increasing audit and reporting requirements. Visteon’s ability to successfully work through the constant change continued to be a result of the strong partnership between Visteon and its partners on this project, particularly with the sharing of knowledge and open dialogue with Sassafras leading to continuous improvement.

The SAM/ITAM tool has now been in place at Visteon for about two and a half years. While it is currently being used for hardware identification and tracking, hardware ownership identification, software controls and ITAM harvesting, opportunities for broader utilization remain. This is becoming more and more evident as the business and IT requirements grow. Two areas of potential growth are IT virtualization and global expansion. IT virtualization and cloud computing is a necessity for Visteon to create streamlined data center footprints and reduce desktop deployments. The ongoing global expansion creates a complex blend of global data and processes and that require integration. These accelerated growth areas create numerous initiatives, projects and tasks which must be efficiently fulfilled by the IT resources. And, much like the philosophy applied to the plant floor assembly lines, the Visteon IT organization itself must be “quick and nimble” to support these initiatives. This is true for all levels of the IT organization and their respective suppliers – especially asset management, which serves as one of the foundational IT elements. So, new tools and processes will be introduced to support growth in virtualization and data integration.

These changes, with support from Sassafras, will require Visteon’s IT team to continually expand its knowledge – to quickly address new challenges and stay aligned with the company’s growth strategies.