According to the 2024 IT Priorities Report, 75% of IT leaders felt there was a risk of visibility gaps within their IT ecosystem. But a lack of visibility isn’t the only obstacle facing IT executives: Decentralized purchasing patterns, the rise of generative AI tools — like ChatGPT — and black holes created by SaaS sprawl all present their own unique challenges.  

It’s not that IT leaders are unaware of these dynamic forces. In fact, integrating AI into their operations was the top priority for IT leaders in 2024 (35%), alongside reducing IT costs (28%) and security risks (28%).² Nonetheless, they make it harder for decision-makers to plot a clear course ahead.  

To make sense of today’s extragalactic technology landscape, we created three roadmaps to help IT leaders:  

• Expand the remit of IT asset management (ITAM)  
• Make cloud adoption a central part of their strategy  
• Navigate the meteoric rise of SaaS applications  

Let’s lift off. 

The year of ITAM expansion  

Can ITAM deliver greater value in an always-evolving market? With the ITAM universe projected to reach a value of $1.3bn (USD) by 2024, there’s a clear opportunity within reach.³ 

However, uncertainty caused by trends such as GenAI, predictions of mergers and acquisitions spiking, and lengthy implementation timelines for SAM tools are giving IT leaders pause for thought — no matter the potential benefits of ITAM expansion.⁴ 

If you’re looking to rewrite the role of ITAM within your organization and deliver enhanced cost transparency and risk mitigation, download our 2024 ITAM Roadmap.  

A SaaS supernova  

When it comes to SaaS, IT leaders will need to take proactive, confident steps if they are to balance application sprawl with security and innovation goals.  

This might seem like having a destination without a map, when you consider that two-thirds (67%) of IT leaders suspect employees are buying more cloud and SaaS than IT knows about.² However, IT leaders can’t afford to be complacent; Gartner® predicts that businesses will overspend by 25% if they do not have visibility into their SaaS lifecycles.³  

Our 2024 SaaS Roadmap gives you the intel you need to create a team to manage SaaS adoption, governance and education – and select the right tool to empower them.  

Ending cloud cost combustion  

Although SAM and FinOps can work in “magnificent desolation”⁴, integrating these teams will empower organizations to speed ahead as cloud becomes an increasingly strategic IT play. In fact, according to Gartner, “by 2026, organizations that merge SAM and FinOps into a central function will report 60% less financial waste from software and cloud investments”.⁵ 

Do you want to reduce wasted cloud spend and optimize your strategy through a unified view of SAM and FinOps? Our 2024 Cloud Roadmap will show you the way.  

Achieving holistic visibility of your entire technology infrastructure can help your organization chart a course to a brave new world, one that mitigates the risks of visibility gaps, reduces wasted cost and creates more space for IT to innovate.  

It’s been a long way, but you’re here.⁶   

Attributions/ Disclaimers:  

1. Paraphrased from John Swigert, Apollo 13 Mission, 1970. 

2. “New Release: 2024 IT Priorities Report.” Snow Software, 14 Dec. 2023, www.snowsoftware.com/resource/it-priorities-report/  

3. Cipolla, Tom; Kalay, Jaswant; Mariano, Joe and Dan Wilson. “Gartner® Market Guide for SaaS Management Platforms.” Gartner, 2022. 

4. Paraphrased from Buzz Aldrin, 1969 

5. Transparency Market Research. “It Asset Management (ITAM) Software Market Is Projected to Reach a Value of US$1.3 Bn by 2024.” Digital Journal, 23 May 2022, www.digitaljournal.com/pr/it-asset-management-itam-software-market-is-projected-to-reach-a-value-of-us1-3-bn-by-2024#ixzz8QVJUmkAa.  

6. Paraphrased from Alan Shepard, Apollo 14 Mission, 1971.  

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.   

Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. 

The post IT Visibility: Mission-Critical for 2024   appeared first on Snow Software.

Mature organizations are excited about the multitude of ways they can help their organizations with the intelligence they have on their technology assets. Here are a few examples:

• Understanding how technology is actually being used so they can buy the right amount of licenses
• Reporting on application versions to identify devices that need to be updated
• Determining where there are overlapping technologies used in the organization and where some applications and costs can be eliminated
• Finding applications that are end-of-life or soon to be deprecated
• Identifying applications in use that haven’t been vetted by security
• Quickly reporting on effective license position

Less mature organizations understand the potential value of their IT asset database but find getting other departments to leverage their data repository is like pulling teeth.

The least mature organizations are typically using an ITAM tool for one use case. These organizations don’t have a good owner of the tool (it’s often someone’s part-time job) and resulting data. The potential for using this data set never sees the light of day.

“Data and analytics leaders who share data externally generate three times more measurable economic benefit than those who do not.”

data sharing is a key digital transformation capability by Gartner^®

6 ways to advocate for your data

So, how should less mature organizations advocate for their data? Here are a few tips:

• Communicate the quality of your data. How is the data collected, how often, how is it normalized, and enriched? How will you validate the data accuracy?
• Understand the process others are using for capturing data today. It is possible your colleagues are ignoring you because they think they already have the answers? Have a sit down and get a detailed understanding of how they capture the IT data to do their jobs. It’s likely they are doing a lot of manual work or have big gaps in their data that you could help them with.
• Use tools for sharing data already familiar to the organization. Many of our customers feed their IT asset data into their analytics tool of choice (PowerBI, Tableau, etc.) where most in the organization already have access. The other benefit of this approach is users can join technology data with other datasets to solve additional problems (e.g. reporting on sustainability initiatives, etc.).
• Leverage AI. With generative AI technologies, there are now more ways to further democratize data insights. Now, your colleagues can simply ask your dataset questions like, “Are there any inactive computers in our inventory?” Or, “How many new servers have been discovered in the last 90 days compared to the prior 90 days?” You can experiment with these sorts of innovations with Snow Copilot, an AI assistant, that will allow customers to query their details on Software Asset Management (SAM) computer data securely, receiving insights and conversational responses directly within the Snow Atlas platform.
• Make data actionable. Provide the data in a format that can be used by your stakeholders. For instance, it would be best to provide data via API if your stakeholder is planning to use this information in automating processes.
• Leverage forums owned by your leadership. Your leadership likely has an all-hands meeting, newsletter, or some other kind of forum where you can communicate the rich dataset your organization has, its accuracy and some examples of how it could be leveraged by various stakeholders. Involve your leadership to understand what they think are the most impactful use cases you should pursue with others in the organization.

You can learn more about how other customers are using Technology Intelligence and the benefits they are realizing through our case studies.

The post How to Advocate for Your Data appeared first on Snow Software.

In this blog post, I will show you the driving factors behind why we need sustainable IT asset management (ITAM) practices, how to implement them into your business, how they can reduce the impact on the environment’s capital whilst increasing your organization’s capital, and deliver on what your customers and employees want to see from a sustainable viewpoint.

There are many factors why this area of ITAM is gaining more focus, however, there are two universal goals under the United Nations Sustainable Development Goals (SDG) that are driving this:

• Goal 12, Responsible Consumption and Production
• Goal 13, Climate Change

A deeper dive into sustainability goals for greener ITAM

SDG Goal 12: Responsible Consumption and Production
Goal 12 is about ensuring sustainable consumption and production. The reason the UN named this as a global goal was that our planet provides us with an abundance of natural resources. However, we have treated Earth as an endless supply chain, and we currently consume more than what the planet can provide. In fact, every year there’s a day called “Earth Overshoot Day,” which occurs when humanity’s demand on nature exceeds Earth’s biocapacity. This year, Earth Overshoot Day was on August 2. In simple terms, by the second of August this year, we had already consumed the earth’s compacity for what it could produce for the whole of 2023. A negative compounding factor of this abundance of consumption is the outcome. In 2022, the estimated e-waste produced was 59.4 million metric tons. To put this in perspective, that’s the weight of the Great Wall of China, which is 13,171 miles long.

SDG Goal 13: Climate Change
The aim of this goal is to take urgent action to combat climate change and its impacts. The motivation behind this goal is to achieve a climate neutral world by 2050 and to limit global warming to below 2°C (35.6°F) — with an aim of 1.5°C (34.7°F)— compared with pre-industrial times. All organizations should be setting plans and targets to reach net-zero emissions aligned to 2050. This is across all scopes (both direct and indirect).

So, how can we achieve greener ITAM?

Step 1: Get a baseline position of your current assets.
Before we can make a plan, we must first understand what our baseline position is. To do this, you will need to gather an inventory of all your IT assets (laptops, desktops, services, mobile devices, etc.). If you have an asset register or an inventory solution like Snow Atlas, this can help speed up the process and establish a baseline, as you can discover and report on all your IT assets automatically.

Step 2: Assess the environmental impact of your current IT assets.
Devices consist of a number of minerals and materials that had to be mined and processed before entering the manufacturing process. When evaluating impact, you should assess not just tangible, hardware materials, but the entire lifecycle of the device, from factory conditions, to the percentage of recycled plastic and energy consumption of the device. Manufacturers and third-parties can provide sustainable factors and ratings associated with devices, so that you can start to rank the most sustainable and energy-efficient devices in your organization. This is how we can start to support Sustainable Development Goals (SDGs) 12 and 13. Getting visibility of the environmental impact of all your devices can be a large undertaking. However, there are solutions to assist with this, such as Sustainability with Snow.

Step 3: Prolong the lifespan of your assets to reduce emissions.
If you prolong the lifespan of a laptop from four years to six years, you can reduce its total emissions by 28%. This is due to the highest proportion of emissions being created in the manufacturing process. What’s more is you could potentially reduce the cost of ownership also by 28%. This does come with a maintenance aspect with the possibility that in order to prolong an asset, you may have to replace the memory, hard drive and battery.

Step 4: Setting a sustainable procurement strategy.
Now that you have established a baseline and understand the sustainable credentials of your devices, you can now strategize how to improve your position moving forward. You can achieve this by replacing devices that no longer support the business user’s role with sustainably procured assets. This can be:

• Via third-party, sustainability-certified devices that have met the threshold to be awarded certifications of sustainable assets
• By procuring from eco-friendly IT vendors, for example, vendors that remanufacture laptops
• By vendors who use circular frameworks for their designs
• Via responsible leasing, where there are multiple lease cycles for a device

Greener ITAM is achievable with these steps. They can help your organization meet your sustainability goals, as well as the global goals. You can contribute to SDG 12 by purchasing IT assets ethically and extending their lifespan, and have a positive impact on SDG 13 by selecting devices that are more energy-efficient and have lower carbon footprints in their creation and operation. It’s time for greener ITAM.

The post It’s Time for Greener IT Asset Management appeared first on Snow Software.

In the third blog of our FinOps and ITAM series, we explore more use cases where FinOps and ITAM intersect, providing a comprehensive overview of how they can work together to optimize resource utilization, manage costs, and ensure efficient cloud management. These use cases are from the framework the FinOps Foundation has established on how ITAM intersects with FinOps capabilities.  

Resource utilization and efficiency

FinOps activities: 
FinOps professionals seek to understand cloud service providers’ (CSPs) and their associated costs to inform utilization and cost-efficiency analyses. They also collaborate with other teams like Finance, Procurement, IT, Engineering and more as needed. 

ITAM activities: 
ITAM plays a crucial role in assessing and adjusting licensing requirements, working alongside FinOps during right-sizing or resource cleanup efforts. ITAM ensures that resources are used efficiently, licenses are allocated appropriately, and keeps a watch on governance and security to know who is accessing what and if they have the proper rights to do so. 

How ITAM and FinOps intersect: 
Collaboration between ITAM and FinOps is essential to achieve the right balance between resource utilization and licensing optimization. Together, they can ensure that cloud resources are used efficiently, leading to cost savings and improved management of cloud assets.  

Measuring unit costs

FinOps activities: 
FinOps professionals work with stakeholders to develop and report unit economic metrics, aligning cost allocation with organizational strategy. They use data and analysis to understand changes in unit economics and assess whether cost variances are favorable or unfavorable. Unit economics in FinOps is a way of measuring the revenues and costs of cloud spending in relation to one unit of business. It helps FinOps teams to correlate cloud spending growth to overall business growth, and to optimize profit based on objective metrics. Unit economics can be applied to different units, such as a customer served, a unit sold, or a feature delivered. 

ITAM activities: 
ITAM evaluates the use of licenses, identifying underutilization or overuse to manage resource deployment efficiently. ITAM also assesses the costs of licenses, including maintenance, contributing to the cost-per-customer calculation. 

How FinOps and ITAM intersect: 
Collaboration between ITAM and FinOps is crucial when calculating unit costs. Including licensing costs in unit cost calculations ensures that all aspects of cloud management are considered, promoting transparency and cost optimization. 

Chargeback and finance integration 

FinOps activities: 
FinOps professionals implement systems for expenses, identify costs based on the allocation strategy, and integrate financial data into internal reporting systems. They maintain visibility and accountability for expenses at the department or product level. Accountability for expenses may look different, depending on the organization. The person most likely accountable for expenses is a financial controller, who may or may not be on the FinOps team, or someone who sits elsewhere, not on the cloud team. 

ITAM activities: 
ITAM oversees license costs to ensure accurate inclusion in the chargeback process. It supports the implementation of tagging strategies to allocate expenses, maintaining visibility and accountability for IT asset expenses. 

How FinOps and ITAM intersect: 
Collaboration in chargeback processes ensures that licensing costs are accurately allocated, benefiting both ITAM and FinOps. By working together, they can optimize cost allocation and improve financial accountability. 

Data ingestion and normalization 

FinOps activities: 
FinOps professionals determine the necessary data sources for reporting and operations, establish data normalization processes (tagging), reporting and clarifying line items, and maintain the accuracy of cost and usage information. Data ingestion from FinOps revolves around cloud billing services. They work with various teams to define the metrics and metadata required for official output.  

ITAM activities: 
ITAM ensures that relevant asset data is available for data ingestion and normalization (particularly when it comes to establishing and standardizing cloud and licensing terminology across the organization), contributing to the accuracy of cost management processes. The data ingested by ITAM teams includes software data running on-premises and in the cloud. 

How ITAM and FinOps intersect: 
Although data ingestion and normalization have traditionally been parallel processes, ITAM and FinOps can work together to consolidate data into a report under a consolidated view. This collaboration enhances the accuracy and efficiency of cloud cost management. 

Establishing FinOps culture 

FinOps activities: 
FinOps professionals establish best practices, benchmarks, and visibility in cloud cost management. They promote a culture of accountability, collaboration and empowerment. 

ITAM activities: 
ITAM actively participates in the FinOps culture, emphasizing the synergies between ITAM and FinOps practices. 

How FinOps and ITAM intersect: 
To promote a unified approach, ITAM and FinOps must collaborate transparently and in a centralized way, ensuring that they work together to maximize their impact and cover each other’s blind spots. This joint effort creates a cohesive, centralized, effective cloud management culture. 

Onboarding workloads 

FinOps activities: 
FinOps professionals collaborate with teams to ensure cost visibility during workload onboarding. They monitor new workloads for optimization, incorporate costs into forecasts, and engage in funding review processes. 

ITAM activities: 
ITAM reviews licensing needs for new workloads, ensuring that the necessary licenses are in place. It checks compatibility with existing IT assets and supports budgeting, license reharvesting and retirement. This also includes hybrid license management, where a bridge between ITAM and FinOps is needed to consult the ITAM team to see what cloud services have already been paid for and can be repurposed. 

How FinOps and ITAM intersect: 
Consultation between FinOps and ITAM during workload planning ensures that licensing needs are met, and the best procurement methods are selected, reducing unexpected costs and optimizing resources. 

Cloud policy and governance 

FinOps activities: 
FinOps professionals recommend and document cloud usage guidelines, monitor policy and governance, tag cloud resources, and collaborate with stakeholders on established guidelines. 

ITAM activities: 
ITAM establishes procurement policies, aids in creating unified tagging policies of on-premises hardware and software, and defines governance for policy-compliant actions. 

How FinOps and ITAM intersect: 
Collaboration between FinOps and ITAM is essential to create and enforce cloud usage guidelines, governance, and procurement policies, ensuring compliance and optimized resource usage. 

FinOps education and enablement 

FinOps activities: 
FinOps professionals educate the organization on FinOps and promote a culture of accountability, collaboration and empowerment. 

ITAM activities: 
ITAM participates in training programs offered by FinOps and collaborates on education sessions to understand the interdependencies and overlap in their roles. 

How FinOps and ITAM intersect: 
ITAM and FinOps should conduct joint education sessions for stakeholders, focusing on cloud cost management, software licensing, compliance and asset optimization. A shared understanding and common language improve communication and efficiency.  

Exploring the relationship between FinOps and ITAM teams

The intersection of FinOps and ITAM is crucial for effective cloud management. We’ve started to explore this relationship in our three-part blog series. Catch the first part, Bridging ITAM and FinOps for Success Today and in the Future to gain perspective on what this burgeoning relationship looks like in practice. 
 
And in case you missed it, we covered another set of real-world use cases on how FinOps and ITAM teams can collaborate. By working together in various use cases, these two disciplines can drive digital transformation, have organizations move quicker, optimize resource utilization, reduce costs, enhance transparency, and foster a culture of accountability. Through transparent collaboration, businesses can unlock the full potential of their cloud investments, boost profits, and drive sustainable success. 

The post How FinOps and ITAM Teams Can Work Together in Real-Life Scenarios appeared first on Snow Software.

In the past, most companies that purchased SAP could control the way they wanted to use it. From customizations and add-ons to the choice of database, hardware or any additional cloud services, customers had the freedom to select the options that were right for them.

Today, with the move to RISE with SAP, SAP is paring down these options and implementing the following step-by-step strategy for themselves:   

1. Set an end date for SAP ECC systems maintenance (2025-2027).
2. Remove the option to use old contracts when moving to S/4HANA and only offer S/4HANA contracts. SAP will not support most old agreements and specific customer terms and conditions as of July 2023.
3. Offer either the S/4HANA on-premises solution at a significantly greater cost than RISE with SAP (especially for those customers who have no existing agreement in place) or don’t offer it at all.   

If you wondered if there was a typo in Step 3, there wasn’t. SAP really is charging more for the on-premises solution than for RISE with SAP, despite the additional software, databases, services and tools that come with RISE with SAP. 

RISE with SAP is a great, comprehensive solution. It’s a complete bundle of software, processes, analytics and services. It is faster to install than S/4HANA on premises and requires fewer customer resources. This speed and convenience, however, comes at a price.

RISE is available in two different editions: Public and Private Cloud Edition. While Public Cloud Edition does not offer any flexibility at all, Private Cloud Edition offers at least some flexibility. Overall, RISE with SAP is significantly less flexible than the on-premises solution. For those organizations which have customer specific requirements or processes, RISE with SAP might not be the right option. Unfortunately, SAP will not have a solution available for all cases. The recent sale of SAP IS-Health is a great example. This solution worked quite well for many healthcare providers, and it’s no longer an option with RISE with SAP.

Additionally, RISE with SAP includes cloud services — Microsoft Azure, AWS or Google Cloud — so bundling those solutions with other services to get better prices is no longer possible. SAP makes this choice for you.

Customers can still choose between the Public Cloud Edition and Private Cloud Edition, and the Private Cloud Edition does offer somewhat more flexibility. However, SAP provides no opt-out option. This means that customers who have gone the path of RISE with SAP are stuck with this choice. SAP will be in control over your data, pricing, measurements and all future changes in the solution, including taking away solutions where SAP does not see any value or where the costs of maintenance are too high.

One additional consideration is that RISE with SAP is treated as an OPEX (operation expenditure) and S/4HANA on-premises is treated as a CAPEX (capital expenditure). In the long term, a rental is more expensive than a purchase combined with maintenance.  

What can organizations do when faced with this situation? There are companies who have experience with these transitions and financial discussions, and they can support you and give you the right insights, tips and tricks while avoiding any pitfalls in your contracts or missing any optimization opportunities. 

There are also several steps you can take yourself to ensure you are prepared:

1. Determine your current entitlements and needs. Fully understand the package you can bring into the negotiations with SAP and make sure your assessment is comprehensive.
2. Optimize your landscape. Get rid of your “shelfware” — those licenses you don’t need anymore — and don’t bring them into the new contract. Match your user licenses with the appropriate functionality to avoid negotiating the wrong package for future licenses.
3. Look at your upcoming needs and make a roadmap for the next 3-5 years. Starting with a larger package will help you negotiate better terms.
4. Simulate the pricing options upfront. Most often, the SAP offerings will be in favor of SAP. Even the STAR services simply provide a general direction for the number of licenses that could be required rather than a clear indication of what you really need.
5. Clean up your roles and authorizations. These will potentially have a big impact on your licenses in the future. It would benefit SAP for their customers to set licenses based on roles and authorizations rather than on actual usage.
6. Ask for several packages to understand the differences and find out which package best fits your requirements.

What you sign today could have an impact on your organization for the next 17 years; your S/4HANA contract or RISE with SAP contract might last until the end of life of S/4HANA in the year 2040. However, if you follow these steps, you will be in a position of strength to start your negotiations for the transition to RISE with SAP or S/4HANA and secure an agreement that will benefit your organization for years to come.

The post Who Truly Takes Control in Today’s SAP Agreements? appeared first on Snow Software.

There is some debate, however, as to how many customers have already made the switch. Just last quarter (Q2 2023), SAP removed the product conversion to SAP S/4HANA from their pricelist, stating that most customers had already migrated their contracts to S/4HANA.

However, the DSAG Investment report for Germany recently stated that of all SAP ERP solutions used, SAP ERP ECC is still clearly in the lead with 79 percent, ahead of S/4HANA On-Premises with 41 percent. This is followed by S/4HANA Private Cloud with 8 percent and S/4HANA Public Cloud with 3 percent. That leaves thousands of customers who have yet to transition and likely do not have new contracts in place.

To encourage adoption of the latest technology, SAP has quietly introduced another significant change with the release of their new Q3 2023 price lists — a gradual, time-based reduction of credits customers could receive with S/4HANA conversion.  

Converting now vs. later

Prior to the release of the latest price list, customers were getting up to 90% credit from their previous investments if they changed their contract to S/4HANA. Alternatively, customers could choose to receive 100% credit if they increased their maintenance base to 111%.

Going forward, SAP is reducing this credit to only 80% (or 100% with an increase to 125% maintenance base). Beginning in 2024, it drops to 70% (143% maintenance base). SAP customers routinely have contract values in the tens of millions of dollars, so 10% of that value results in a meaningful financial impact for those customers who haven’t yet transferred their contracts.

Plans for the future

SAP has a clear vision of where they see their customers in the future — on HANA and in the cloud — and they have a set strategy to get there.  

Their primary product will become RISE with SAP. SAP S/4HANA Cloud Public Edition and SAP S/4HANA Cloud Private Edition will still be accepted options. On-premises will not be the model for the future. SAP CEO Christian Klein made that clear when he stated that SAP’s newest innovations will be available only in these cloud options.

Your quick conversion prep plan

With the changes in credits, 2023 is suddenly attractive timing for a new S/4HANA contract. After all, 80% credit is better than 70%. Additionally, Q2 results fell short of expectations, so it’s possible the next two quarters will represent attractive timing for negotiations. 

To prepare for these negotiations effectively in the tight timeframe, it’s important to have a clear view of both your current and your desired future licensing situation. To get that view, we recommend the following steps:

1. Compare the packages from SAP. Understand how they fit to your requirements and identify any possible gaps.
2. Clean up your roles and authorizations. The licensing will be based upon the assigned authorizations rather than on usage. Eliminate any shelf-ware (unused products), and only buy what you need.

It sounds simple, but there are many potential pitfalls. Getting support with experienced consultants and tools could provide you with the right information in just a couple of days. You’ll need the extra help to get the best package for your requirements in the shortest possible time and with the most possible credits for your efforts.

The post The Clock Is Ticking: Getting the Most From Your S/4HANA Conversion appeared first on Snow Software.

In a typical example, a software vendor would offer on-premises solutions as a one-time purchase with a yearly maintenance fee, usually with an initial investment of 100% and about 20% yearly maintenance. Subscriptions, however, come with a yearly payment calculated over a mix of the initial investment and maintenance over a fixed timeframe, e.g., 4 or 5 years. This means that the customer is paying the same purchase amount for the first 4 or 5 years, but after this time, the customer does not own any license entitlements anymore and the subscription starts paying off. The difference could be 20%-25% more profit per year for the software vendor.

Like other vendors, SAP is not immune to the lure of extra profit. They may employ special tactics to convince you that cloud and subscription options are the best path forward for your organization. They could:

• Set an end-of-life timestamp on the on-premises solutions
• Increase the support costs for on-premises
• Offer the newest features only in their cloud solutions
• Increase the price for their on-premises offering (instead of lowering the subscription prices)

SAP is already speeding up the cloud transition process for customers. They’re now offering fewer credits for conversion from old contracts into their new cloud-based world, and they will keep lowering these credits by 10% per year. This means that waiting with the transition to either S/4HANA, S/4HANA Cloud or RISE with SAP will start costing you significant money — approx. 10% of the contract value per year!

This new directive could also impact those customers who only did a product conversion for their transition to S/4HANA. While these contracts keep their validity for on-premises installations, changing them could become more expensive in the future. Switching to RISE with SAP, for example, would not be possible based on old contracts and would require a transition to new contracts.   

Customers now really need to think about their current situation and where they want to be in the next 3-5 years. No matter what the customer specific answer might be, changing the contracts in 2023 might not be a bad idea at all. If you want fast support and clarity about license optimizations, contractual questions, cost estimations or any other factors for the different licensing options, Snow Software and our partners can support you in the shortest timeframe for your next SAP journey.

The post Insights: The New Era of SAP Cloud Subscriptions appeared first on Snow Software.

Cybersecurity governmental regulations and agency guidance

Recent cybersecurity regulations and agency guidance have highlighted the need for organizations to ensure an adequate IT asset management (ITAM) practice. Many of these specifically call out managing cloud providers as third-party dependencies in the supply chain. Below is a summary of recent regulations and agency guidance.

The S&P Global Ratings Agency reported this summer that creditworthiness will be impacted if organizations do not have adequate ITAM controls in place. ITAM is a foundational element of cybersecurity and security incidents are expensive and can impact organizations’ bottom lines.

At the end of 2022, the EU passed the Digital Operational Resilience Act which provides regulatory controls for financial institutes to safeguard detect, protect, contain, recover and repair against information and communications technology (ICT) related incidents. Financial institutions and third-party service providers must comply by January 2025. Failure to comply could result in a £10M fine or 5% of annual sales.

The new version of the Network and Information Systems Directive (NIS2 Directive, “NIS2”) came into force on January 16, 2023 and must be applied by October 2024. Failure to comply could result in administrative fines of £10M or 2% of annual sales of the prior year (whichever is higher).

At the end of 2022, all US federal entities were required to create a full inventory of software used to comply with NIST guidelines to improve the nation’s cybersecurity. Since then, some state and local governments have adopted StateRAMP to validate their third-party suppliers’ cybersecurity posture offering products delivered as a cloud service.

In 2021, the Texas Legislature passed Senate Bill 475, requiring the Texas Department of Information Resources (DIR) to establish a state risk and authorization management program that provides for standards of assessing, authorizing and monitoring all cloud computing services that processes data for any state agency. Essentially, any software procured needs to have gone through a standard security assessment review.

In 2021, the FTC also amended its Safeguards Rule for modern technologies to comply with protecting customer information. One of the key elements of this rule is to have a risk assessment, which includes an inventory of what and where customer data is stored, and assessing risks and threats to its security.

ITAM is foundational to cybersecurity

Armed with a deep understanding of application usage, many of our customers have formed deep relationships with their Security Operations (SecOps) counterparts to identify risk. A strong ITAM team, backed by robust tooling can aid cybersecurity initiatives in a multitude of ways, from having confidence of all assets that need securing to helping enforce security policies.

Obtain a holistic inventory of all IT assets

You can’t manage what you can’t see, and according to this article from Security Magazine, having a complete and current inventory is one of the top challenges that keep Chief Information Security Officers (CISOs) up at night.

86% of IT leaders report that business units are under significant stress because they’re unaware of all purchased cloud and SaaS.

Source: Snow Software 2022 IT Priorities Report

Unfortunately, many organizations don’t get accurate inventories because: 

• They still rely on spreadsheets and disparate data sources to get an understanding of their assets (even though frequent software updates, technology upgrades and personnel changes outdate those spreadsheets almost as soon as they’re created).
• Cloud technologies are easy for users to try and buy outside of IT’s awareness, especially now that business units and individuals conduct most IT purchasing instead of a centralized IT department.
• Many organizations have independent business units (especially those with histories of M&A) with distributed purchasing and IT asset management teams who aren’t using tools and policies for capturing inventory.

A modern ITAM platform can help you counter all this “shadow IT” by bringing together your IT asset data from end-user devices and applications, datacenter devices and applications, SaaS applications and even applications running in containerized environments.

Identifying shadow SaaS application risks

SaaS software is easy for anyone to try and buy, and it has also contributed to the move of most IT purchasing away from a centralized IT organization to business units and individuals. Though this level of self-sufficiency alleviates some of the burden on IT, it also creates an entirely new set of risks. IT must eventually face these challenges, especially when it comes to SaaS security.

Issues related to SaaS usage include:

• The risk that stems from users setting up weak and easily hackable passwords
• Trouble complying with data privacy regulations such as GDPR and HIPAA
• Software misconfiguration
• Unwieldy access control
• When employees leave the company, not knowing what other subscriptions they were using

To proactively investigate free or licensed SaaS applications used in your environment that are not going through your SSO platform, organizations can invest in a cloud access security broker (CASB) or leverage an IT asset management platform that provides this level of insight via a browser extension. The benefit of using an IT asset management platform is it can normalize software titles and provide additional insights into application redundancies.

Identifying employees using denylisted applications

Most organizations have a “denylist” of applications they don’t want to run in their IT environment. They do their best to limit employee exposure to them and educate their workforce on the risks of such applications. Despite their best efforts, there will always be users who don’t adhere to security policies. Today’s SaaS applications are generally easy to access and deploy, making governance even harder for IT departments.

Fortunately, some ITAM solutions, can report actual usage against denylisted applications, so that teams can point additional security education at specific individuals or departments.

Find assets with software vulnerabilities

PII data leaks are not only a PR nightmare, but also can get organizations out of compliance with industry and governmental regulations. ITAM solutions can collect details of vulnerable applications from the National Vulnerability Database, and compare that to where those applications are currently used. This information is valuable to help busy IT teams prioritize patching or removing the most critical vulnerable applications.

Discovering end-of-life assets

Using end-of-life assets is akin to leaving your windows wide open and your doors unlocked when you aren’t home. With end-of-life applications and devices, there are often known vulnerabilities with no patch available. One of the largest examples of this problem is the WannaCry attack; organizations were still struggling to patch for this vulnerability three years after this attack began.

A robust ITAM solution can scan your environment to reveal:

• IT assets already at end of life
• IT assets reaching end of life within 12 months
• How many devices are impacted
• Where these assets are located

SecOps can use this information to help IT Operations prioritize the most critical assets to remove from the network.

Determine application candidates for single sign-on (SSO)

With usage data for SaaS applications, you can quickly identify applications widely used throughout your organization, and bring them under your SSO platform. Taking this action will improve application security through stronger required passwords and better governance.

Likewise, when employees leave the organization, you’ll have a view of all the applications used to identify where subscriptions need to be canceled, etc.

Enabling your ISO 27001 certification

Having complete visibility of your IT assets, along with understanding of end-of-life, vulnerability and PII risks helps organizations get closer to reaching an ISO 27001 certification and complying with other internal audit policies (e.g. GDPR compliance, etc.).

The post Proactive IT Risk Assessment: Ensuring Data Security appeared first on Snow Software.

These use cases are from the framework the FinOps Foundation has established on how ITAM intersects with FinOps capabilities. 

Use case #1: Cost allocation

Cost allocation is a fundamental aspect of financial management, and it’s where FinOps and ITAM converge effectively. 

FinOps cost allocation activities: 

• Developing strategic naming standards and hierarchical groupings. 
• Defining governance standards for various groups. 
• Tagging groups such as by team, project, application, region, etc. 
• Reporting on key financial metrics such as cost per group/user. 
• Allocating costs with any associated commitment-based discounts. 

ITAM cost allocation activities: 

• Using naming standards for license allocation. 
• Applying cloud naming standards for Bring Your Own License (BYOL). 
• Developing reporting standards for BYOL usage. 

FinOps and ITAM intersection – Cost allocation: 

• Shared understanding and utilization of naming standards. 
• Overlaps in areas like BYOL and cloud service provider (CSP) marketplace, necessitating collaboration for optimal cost allocation.

Use case #2: Managing shared costs

Shared costs present unique challenges, but collaboration between FinOps and ITAM can ensure equitable distribution. 

FinOps activities with managing shared costs: 

• Identifying shared cost types. 
• Establishing mechanisms for dividing shared costs. 
• Applying shared cost models. 
• Reporting on shared costs.

ITAM activities for managing shared costs: 

• Collaborating with Finance to establish cost-sharing methodologies. 
• Agreeing on a methodology for distributing monthly costs. 

FinOps and ITAM intersection – Managing shared costs: 

• Overlaps in support costs (CSP or software). 
• Collaborating with application owners for shared cost allocation. 
• Handling products with prepaid lump sums and variable monthly usage costs.

Use case #3: Managing anomalies

Identifying and managing anomalies is crucial to preventing financial leakages and ensuring IT organizational processes are followed.

FinOps activities with managing anomalies: 

• Establishing an anomaly management process. 
• Detecting, documenting, and communicating about the peaks and valleys of cloud activity. 
• Generating alert reports to surface anomalous spending. 

ITAM activities with managing anomalies: 

• Conducting regular license compliance reviews (for example, when cloud spending spikes, it’s possible the associated license use spikes as well. It becomes a difficult situation when you don’t have enough licenses to cover the increase, leading you to fall out of compliance).
• Investigating license shortages and underutilization. 
• Addressing unauthorized/unsupported applications. 

FinOps and ITAM intersection – Managing anomalies: 

• Managing license usage, particularly overages. 
• Addressing unauthorized/unsupported use of services and products. 
• Rightsizing licenses in response to overages. 

Use case #4: Forecasting

FinOps and ITAM come together to make stronger forecasts for the business as a whole. 

FinOps activities with forecasting: 

• Collaborating with multiple teams to develop a forecasting methodology and process. 
• Leveraging historical data and future plans to create forecasts. 
• Coordinating with budget leaders to ensure budgets align with business goals. 
• Tracking and reporting on KPIs. 

ITAM activities with forecasting: 

• Projecting cost increases, reductions, and requirements based on license reviews. 
• Collaborating with stakeholders to determine license requirements and cost adjustments. 

FinOps and ITAM intersection – Forecasting: 

• ITAM engages in forecasting, particularly related to licenses, while cloud forecasting is generally outside its scope. 
• Overlaps occur in areas like BYOL, CSP marketplace, and standalone SaaS, requiring collaborative planning and forecasting. 

Use case #5: Budget management

ITAM and FinOps teams can work together to optimize budgets for greater efficiency.  

FinOps activities with budget management: 

• Planning with budget leaders for efficient budget plans. 
• Tracking and reporting KPIs to monitor cloud spend versus budget. 
• Exploring optimization opportunities and overspending by alerting teams projected to exceed budgets. 
• Communicating with leadership when underspending is expected. 

ITAM activities on budget management: 

• Advising Finance on budget expectations based on licensing insights. 
• Conducting annual reviews of renewal expenditures. 

FinOps and ITAM intersection – Budget management: 

• FinOps collaborates with ITAM to ensure license and consumption-based usage aligns with budget expectations. 

Use case #6: Workload management and automation

Workload management and automation prioritize efficient resource usage by ensuring that resources are active only when necessary.  

FinOps activities with workload management and automation: 

• Collaborating with application owners to tag resources effectively. 
• Communication of performance statistics regarding automation and non-tagged resources. 

ITAM activities with workload management and automation: 

• Establishing protocols for transparent communication of performance metrics related to resource usage and automation. 

FinOps and ITAM intersection – Workload management and automation: 

• ITAM reviews license usage and collaborated with FinOps to clean up temporary or abandoned assets. 
• Collaboration ensures that licensed assets align with elasticity and scaling considerations, factoring in license rights and entitlements. 

The intersection of FinOps and ITAM offers a powerful synergy for organizations seeking to enhance their cost management efforts. By leveraging the strengths of both disciplines, organizations navigate the complexities of cost allocation, data analysis, anomaly management, shared cost distribution, and more. This is the second post in a series exploring the intersection of FinOps and ITAM.

Read the next post in this series, How FinOps and ITAM Teams Can Work Together in Real-Life Scenarios.

The post 6 Collaborative Use Cases for FinOps and ITAM Teams appeared first on Snow Software.

It doesn’t have to be this way. Software audits are disruptive, but there are ways you can lighten the load and mitigate your risk. Before any audit notification comes in, it’s crucial to have effective hardware and software asset management processes in place to ensure your inventory and license compliance positions are current and accurate. This will smooth out reporting and reduce the risk of submitting inaccurate data. 

Common audit triggers

Before we dive into the ground rules of software vendor audits, it’s important to note the events that typically prompt most audits. They include: 

• Change in spend
  • Reducing support and maintenance spending during renewal
  • Moving support and maintenance to a third party
  • Changing licensing model
• Historical proof of entitlement (PoE) requests
• Clause in contract
  • Periodic audits usually aligned to renewal dates
  • Contact termination
• Mergers or acquisitions
• Unhappy employees notifying the vendor of compliance issues

Exercise caution when your vendor offers an assessment review. These reviews may be a veiled attempt to find you out of compliance. Rather than sending any data to the requestor, simply state your information security guidelines for not sending company confidential data to third parties. Soon thereafter, review your usage and address any known issues for that vendor because a proposed assessment review is very often a precursor to an audit.

Once the vendor has informed you of their intent to audit (sent by either letter or email from the vendor or third-party auditor to the person who last signed the contract or renewal), your internal process should launch quickly. Here are 10 steps for successfully navigating a software audit.

The 10-step process

1. Notification. Don’t ignore an audit request. Once the notification letter arrives, notify your ITAM team promptly with “private and confidential” added to the communication. All communication surrounding the audit should be marked as such to avoid any legal repercussions. Don’t make any changes to your current state — limit the deployment of new installations and do not uninstall any applications unless you’re decommissioning the device. 
2. Assemble the audit board. Gather your key stakeholders and don’t assume everyone understands the audit process. Cleary define roles and responsibilities and set timelines.
3. Put the team to work. The first step is to gather and review all license entitlements, contacts and agreements associated to the audit. Then engage with all the necessary areas of the business and review your audit objectives while considering previous audit recommendations. Set a primary point of contact toward the auditor from that point on and continuously circulate all documentation and reports.
4. Acknowledge the letter. Receipt of the request for audit is required and your agreed upon point of contact should handle this communication. Clarify which products are included in the audit at this time.
5. Propose a non-disclosure agreement (NDA). Most software publishers and auditors will typically agree to negotiate NDAs to control the handling of audit data. It protects all involved.
6. Meet with the auditor. During your first meeting, clearly define the scope of the audit, including products, legal entities, geographical locations, etc. The auditor will discuss the required data, form of evidence, and how they want you to provide it to them. The auditor may also mention scripts or tools they want to use to gather data. If they do, they should review this for you.
7. Gather the data. Only collect data that has been defined and in a form that is agreed to by all parties. Normally an audit is focused on network discoverable devices. It’s prudent to identify any standalone devices and their ownership that could be in the audit’s scope. Relay all findings back to your audit board for review and sign-off.

Note: Where possible, it’s a best practice to use tools already within your estate to gather audit evidence, e.g., Snow Spend Optimizer, SCCM, etc. 

• Submit the data. Once you have obtained and understood all the required data, prepare it for submission to the auditor. Redact or anonymize any sensitive information, and don’t omit or manipulate any data.
• Carefully review the results. The auditor will evaluate your submitted evidence against the vendor’s entitlement position and produce a reconciliation report. Never agree to the findings in the first instance — you need to validate the results first and be prepared to challenge them. 
• Settle and close the audit. Often the settlement is a considerable amount, and you can negotiate with the vendor. Once all parties agree to a final figure, you can negotiate a waiver not to audit for 2-3 years. Then, it’s time to rectify the issues identified in the audit. This reconciliation comes in the form of training and an update of centralized ITAM tools. 

Shortlist on what to do – and not do

Software audits are usually lengthy and often take between 3 and 18 months. Here’s a summary of our suggested steps to help streamline the process and position you for a successful outcome:

Additional resources

Though it can be enormously helpful, this short guide is just the starting point for an optimized and successful audit journey. Audits can be challenging (and costly) without clear visibility and manageability of your assets. Check out how our approach to Technology Intelligence can guide you through your audits while providing you with comprehensive visibility to create more efficiencies, save money and minimize risk. Contact a Snow specialist for more information and guidance. 

The post 10 Steps to Navigating a Software Audit appeared first on Snow Software.