The ITAM Review UK Conference 2016 The ITAM Review US Conference 2016

The ITAM Review UK Conference 2016

Introductions ITAM  Intelligence  What  we  do:  §  Provide  strategic  SAM  and  ITAM  Services  on  a  

retainer  basis  §  Our  customers  are  small  to  medium  size  enterprises  

who  need  deep  subject  ma@er  experBse  but  not  on  a  full  Bme  basis  

Kylie  Fowler  –  Principle  Consultant  Specialising  in:  §  Develop  and  implement  IT  asset  management  

strategies  and  frameworks  §  Coach  and  mentor  ITAM  pracBBoners  §  Manage  audit  defence  &  lead  vendor  negoBaBons  §  Mergers  &  acquisiBons  advice  and  support  

The ITAM Review UK Conference 2016

Microsoft Audit Defence

Kylie Fowler, Principle Consultant

The ITAM Review UK Conference 2016

You are now the CPO

Welcome to your new role….

As Chief Porcine Officer

Aka  as  Piggy  in  the  Middle  

The ITAM Review UK Conference 2016

MS SAM Review vs MS Audit

There is a difference!

But it is mainly financial

“If  unlicensed  use  is  5%  or  more,  Customer  must  reimburse  Microso7  for  the  costs  Microso7  has  incurred…  and  acquire  the  necessary  addi=onal  licenses  at  125%  of  the  then  current  price  list  and  Customer  price  level…”  

MBSA  June  2014  

The ITAM Review UK Conference 2016

How does an audit / review work?

Licenses  Owned  

License  Compliance  

Licenses  Used  

Simples, really

The ITAM Review UK Conference 2016

What to do when you receive a request?

Rule #1 – Don’t ignore it!

But you can push back… sometimes

ü   Cloud  negoBaBons  in  progress  

ü   Request  to  subsidiary  rather  than  parent  

The ITAM Review UK Conference 2016

Preparations

An audit is a project…

… it has a beginning and an end (although it may not feel like it sometimes)

The  End!  

The  End!  

The ITAM Review UK Conference 2016

The Team

The project needs a team

J   Senior  Sponsor  

J   Business  Units  

J   IT  OperaBons  

J   IT  ApplicaBon  Management  team  

J   Procurement  /  negoBaBon  support  

J   Licensing  experBse  (may  be  external)  

J   Project  manager  (you?!)  

The ITAM Review UK Conference 2016

Risk Management

You must implement robust risk management processes

You  must  manage  2  types  of  risk:  -­‐  Business  risk  -­‐  Project  risk    Communicate  risks  to  the  senior  sponsor  so  they  can  ensure  appropriate  resource  is  engaged  and  business  risks  are  escalated  

The ITAM Review UK Conference 2016

Other Preparations

Also consider

J   NDAs  with  3rd  party  auditor  

J   Timelines  and  high  level  plan  

J   Role  of  LSP  

The ITAM Review UK Conference 2016

Entitlement

Licenses  Owned  

License  Compliance  

Licenses  Used  

The ITAM Review UK Conference 2016

Entitlement

Step 1: Get a Microsoft Licensing Statement (MLS)

Step 2: Check the MLS for accuracy

Step 3: Check for other entitlement

Ask me for the Microsoft Licensing Entitlement Checklist!

The ITAM Review UK Conference 2016

Deployment

Licenses  Owned  

License  Compliance  

Licenses  Used  

The ITAM Review UK Conference 2016

Deployment

Discovery is easy….

…you must understand HOW your applications are being used

The ITAM Review UK Conference 2016

Deployment

Think about:

End  User  Estate  -­‐  Desktop  and  applicaBon  virtualisaBon  -­‐  Device  vs  User  CALs  -­‐  Mobile  devices  -­‐  Correct  OEM  versions    -­‐  Secondary  use  rights  -­‐  MSDN  use  rights  -­‐  O365  transiBon  

The ITAM Review UK Conference 2016

Deployment

Think about:

On-­‐Premise  Infrastructure  Estate  -­‐  Clusters,  hosts  and  virtual  machines  -­‐  External  facing  servers  -­‐  Development  and  test  environments  -­‐  Hot  vs  cold  DR  

Cloud  Infrastructure  Estate  -­‐  SPLA  licensed  OS  -­‐  Corporate  licensed  ApplicaBons  

The ITAM Review UK Conference 2016

Deployment

This is where you really start to feel you’re piggy in the middle….

L      Slow  response  from  techies  

L       Lack  of  configuraBon  records  

L       Poor  coverage  of  tools  

L       People  fed  up  with  constant  quesBons  and  queries  

The ITAM Review UK Conference 2016

Effective License Position (ELP)

Licenses  Owned  

License  Compliance  

Licenses  Used  

The ITAM Review UK Conference 2016

ELP

In theory, an ELP is a simple statement of licenses owned vs licenses used…

The ITAM Review UK Conference 2016

The rush to the finish

Now you’re really squeezed!

Auditor   Auditee  

The ITAM Review UK Conference 2016

Gotchas

Most companies have at least some gotchas

L      

Incorrect  OEM  OperaBng  Systems  

L      Packaging  errors  

L      Lack  of  Sobware  Assurance  in  DCs  /  Cloud  

L      

Citrix  /  Terminal  server  issues  

L      External  Connectors  L      Enterprise  CAL  requirements  

L      O365  Pro  Plus  downgrade  rights  

Ask me for the Microsoft Licensing ‘Gotchas’ Checklist!

The ITAM Review UK Conference 2016

Validate, validate, validate

The ELP is almost certainly wrong!

You need to do a deep dive into the results

The ITAM Review UK Conference 2016

Negotiate!

If you are non-compliant, you need to buy some licenses

But you can always negotiate! May be more difficult it it’s a real audit

-­‐  O365  /  Azure  transiBon  -­‐  Push  for  addiBonal  discounts  -­‐  Ask  LSP  to  lower  margin  -­‐  Consider  strategic  and  long  term  

drivers  

The ITAM Review UK Conference 2016

Never again!

The majority of significant licensing risk is the result of poor Solutions Design

-­‐  Ensure  SAM  is  engaged  at  Project  /  Programme  iniBaBon  stage  to  assess  licensing  risk  

-­‐  Conduct  SAM  Risk  assessments  at  SoluBons  Design  stage  BEFORE  implementaBon  

‘ITAM  by  Design’    Ask me for the ITAM by Design Checklist!

The ITAM Review UK Conference 2016

Comments?

The ITAM Review UK Conference 2016

The ITAM Review UK Conference 2016

Thank You