The challenges of a physical hardware inventory in a multi-location, large corporate environment are many. Timing, cost, manpower, accuracy and mobile clients are just a few. So how does a large company practically execute a physical inventory while balancing the different challenges? To quote an ancient saying – “very carefully”.
In order to understand how to balance these challenges, we first need to understand them. So, let’s look at each of these different challenges more closely.
Timing is a crucial piece of the physical inventory. The longer the inventory takes per location, the greater the opportunity for changes to take place within the environment. Challenges of timing may include devices which have been physically scanned could be removed and replaced with devices not scanned, new devices may be added, or devices might be returned before or after being scanned. To be able to do a physical inventory at a location, each of these issues must be addressed.
Cost is impacted in multiple ways. First, there is the hard dollar cost of paying someone to do the inventory, whether this is a vendor or company personnel. When company personnel are doing the inventory, they are not completing others tasks. So, while there may not be an increase in bottom line expense (unless they are paid overtime), the cost of other tasks being delayed has to be considered as an expense.
A second cost is the expense of getting to the location. This would include mileage, car rental, hotel, air, food, etc. I have yet to find a vendor who can reach every location without these expenses. And, the vendor will have it built into their price. If you are using employees, unless you recruit someone at each location, you will incur some of these costs. We will talk about recruiting employees under the manpower section.
A third cost is the necessary equipment needed. If bar code scanners are used, then each person will need a scanner. If tracking information on a laptop, then that is required. If writing to a flash drive or a network drive, all the processes need to be in place. And no matter how it is being gathered, there must be a mechanism to centralize the data.
A fourth cost is the impact on the customer downtime. While this should not be long per individual, every device impacts a person. Only so many of them can be done over lunch hours or breaks. Part of this downtime includes closing/opening everything which may be impacted or is customer sensitive, especially if the process is running a scan and extracting information to a local or network drive.
A third challenge to understand is manpower. Manpower was identified in the cost section; however there are a couple additional areas to consider. First would be skill level. Doing a physical inventory does not require a master’s degree. However, it does require a clear understanding of the actions to take and how the actions fit into the bigger picture. This is where attempting to recruit employees at each location may be much more expensive than initially expected. One example of having a clear understanding would be to know what a valid asset number looks like, so if a bar code for the part number is scanned by mistake, or if the number keyed in is invalid, there is the understanding to recognize that it is incorrect. This understanding of what a valid asset number is prevents many issues down the road. The phrase “garbage in – garbage out” really applies here. If the person does not understand what they should be gathering, then the chance of errors greatly increases, regardless of the method employed.
A second issue is the quantity of manpower. In order to cover multiple locations, you need enough manpower to quickly handle the sites simultaneously or the necessary manpower to address the issues raised by requiring more time to complete. For example, one person in a building holding 1,000 employees will require several days to complete. One person covering 50 locations in a 300 mile radius would also take several days to complete. The longer it takes to complete the inventory, the greater the issues and exceptions which will have to be addressed. Conversely, the greater the number of people you have doing the physical inventory, the more robust the centralized gathering process must be.
Accuracy is one of the most crucial challenges. If it is not accurate, the exercise is of very little value. There must be methods of validation and methods of verifying the physical device number to the device number seen on the network. To inventory without validation at each point will result in additional trips and poor assumptions made later regarding the data. For example, numbers which are being manually read from devices require excellent eye sight. As the years fly by, I find my ability to read serial numbers or tag numbers becoming more of a challenge. A validation tool which checks against the vendor records or asset records can flag immediate discrepancies.
A mobile client is the final challenge to be discussed in this article. Mobile clients can be at other locations, in a plane, at home, or in the client’s office. Communication with the user, business line, or department can assist, but timing can create issues. At times, the mobile client cannot be available during the scheduled time of the physical inventory. It is necessary to track those who were missed, and to circle around again to catch them. Communicating with them and completing their physical inventory requires considerable time. Completing a mobile client inventory can easily take 2-5 times as long as their stationary counterparts.
A Balancing Act
Balancing these challenges and others unique to each environment will allow for a more successful physical audit. Keep in mind, even with a balanced approach, a large corporation will need to implement other processes to assist in a physical inventory. For example, it is usually deemed cost prohibitive to do a physical inventory within a snapshot of time at 4,000 locations with 100,000 workstations. Therefore a rolling physical inventory is necessary.
Some opportunities for a rolling physical audit can be found in the daily processes. Deployment processes of new/used equipment, return of equipment, break/fix tickets, and move/add/change requests all provide an opportunity to validate physical hardware. Using all these opportunities to update the asset management record provides continual “eyes in the field.” Projects are another opportunity to provide hardware validation. Being aware of the many different projects may allow for some successful opportunities.
Two other possible ways of doing hardware asset validation involve users. The first way is an email to the user when a device disappears from the network for a set timeframe. The email would provide the expected information concerning the device and requests/requires a response. Part of the process requests the user to validate the information and place the device on the network or return the device where the daily process of returning equipment provides the validation.
Another possibility would be a yearly sign-off by the department manager acknowledging that they have in their possession the devices assigned to their name. Through the sign-off, they are acknowledging they have verified the asset numbers and are responsible for both the physical devices and the software assigned to the device.
There are definite concerns in involving users; however there are some steps which can be taken to reduce these concerns. For example, if an email request were used, users who ignore the request could be sent a second email copying the user’s manager and eventually, if no response is received, notify the company’s risk department to report the “possible risk of missing information.” The possible “corporate risk” brings attention to a situation which even their manager’s awareness does not. As for the sign-off by a manager, I have found that the responsibility tied to depreciation costs and software license cost encourages the manager to improve their validation. However, both of these examples only reduce, not eliminate, the concerns from involving users.
Bottom line, until every device can be cost effectively equipped with a GPS device which can identify its location at all times, large corporations have to use every method at their disposal in tracking and validating their hardware assets. It may require some creativity and problem solving analysis, but certainly there is more than one way to “skin a cat.”
The SPLA Licensing Program from Microsoft – The not so new, but often misunderstood SPLA, Jim Shepard – Software One
Just when you thought you knew everything you possibly could about Microsoft licensing within your hosted environment, your friendly advisor knocks on your door to talk to you about SPLA. You scratch your head and say what is SPLA, and why on earth would I need yet another licensing program? As subscribing to a service to host things such as websites, applications, collaboration and messaging services has become more popular as an alternative to building out your own infrastructure, more and more vendors are offering such services to customers. A look over this program might serve you well if you host Microsoft technologies for your customers.
What is SPLA?
The Services Provider License Agreement (SPLA) is a licensing program from Microsoft that allows an organization to license Microsoft products to provide software services to your customers. The SPLA model was introduced over ten years ago, but many organizations were not properly informed of its purpose, and some ended up licensing technologies incorrectly. Perhaps you didn’t understand how to license these technologies and your software provider was not aware either or not authorized to offer these services. The result often was a customer may have incorrectly and unknowingly licensed their environment, utilizing one of the traditional licensing programs offered by Microsoft such as an Enterprise Agreement.
SPLA licensing agreements may be very beneficial to your organization if you host services to individuals outside your organization. Utilizing this type of licensing agreement allows you to deliver a customized service tailored to your customer’s need via a hosted environment. It also allows you the flexibility to pay as you go; your subscriber base can fluctuate from month to month, and this program is designed to allow for that and only asks that you pay for the active subscriptions to your service where applicable. This often alleviates the need for high startup costs and long term licensing program commitments. Just like some of the other licensing programs available, you still have the availability to gain access to the most current product versions and also the ability to test and evaluate a product prior to offering a service to your customers. One important thing to keep in mind as you are planning out such services is to be sure to include a mechanism to allow you to validate and report your utilization according to the program you choose as you may be subject to different levels of reporting requirements.
SPLA Licensing Models
As with any licensing program from Microsoft, there are several different license models within SPLA for your consideration. The three types of licensing models in SPLA are Subscriber Access License (SAL), Processor License (PL) and Core License. So, how do you know which program to use, you ask? Well, let’s look a little deeper. The Subscriber Access License (SAL) model is designed to license a unique individual, granting them access to authorized software. Some of the benefits of this model include the ability to scale your solution with a low startup cost and to allow your subscribers to access any number of servers without an additional license being needed. The Processor License (PL) model requires that you acquire one license for each processor on the server that will be used in the hosting of a solution. With this model, you have an unlimited number of end users accessing the software, creating less administrative overhead to monitor and count active users. The Core Licensing (CL) program is only available for licensing SQL Server 2012 at this time. It’s important to know that not all products are offered under each licensing program. It is best to consult with your trusted licensing advisor to validate the best programs for your needs.
Consider the Options
If you are a service provider, it is imperative that you review the licensing options available to you to ensure that you have been properly guided to select the most appropriate program for your situation. In my experience, I have seen many organizations that were misinformed and found themselves struggling to validate compliance during an audit. So, how can you tell if this is something you should be reviewing within your organization? Consider the following statements and whether they ring true for you:
- Do you facilitate your customer’s business transactions including any third party transactions through your services?
- Do you give your customer access to use any application that either runs on a Microsoft Server product, or interacts with a Microsoft product?
If so, you most likely should be licensed to host these technologies utilizing the SPLA licensing programs.
What About Being the Customer?
So, you’ve read through this article and so far, you don’t offer services today such as these. Great. But, do you subscribe to any? In my opinion, as the person responsible for acquiring these commercial services within your organization, it’s just as important to make sure that when subscribing to these types of services that your preferred vendor is properly licensing the technologies. This step minimizes your risk as a customer utilizing those technologies. As a software asset manager, you strive to ensure that your organization upholds compliance within, and it’s just as important to ensure that when doing business with vendors that they also operate under the same guiding principles.
When acquiring such services, it is always important to ask a few key questions to ensure that you are subscribing to a service that does not leave you exposed to any potential non-compliance risk. Some considerations should be things such as: how is the service licensed on the back end? Am I responsible for any add-on licensing through my service agreement? It’s always good to know the different types of programs available to organizations in case you are ever asked to assist with a project within your organization to offer such solutions to customers. In that case, you are prepared to design an effective license model to support the business.
Understanding your options for licensing your environment is just as important as developing the plan to offer such services. It’s key to let a trusted advisor help you to determine the best route to consider.