If you could choose only one area to focus your SAM efforts on, what should it be? If you’re a large organisation with process-based approaches to IT & Project Management Barry Pilling of Cortex Consulting argues in this video that it should be Datacenter Change. You can hear more from Barry on this subject at our Australian Conference or our US Conference 2019.
In short, it is where most of the risk and complexity lies. Your Datacenter has many stakeholders, not least architects, project managers, and the infrastructure specialists who maintain and configure it. Many hands hold the keys to the kingdom and can make large-scale changes quickly and easily using automation tools. Infrastructure teams are struggling to keep up with the pace of change, facing demands to be Agile and participate in DevOps initiatives whilst still grappling with ITIL requirements such as Change Management. Inevitably things are done quickly and license checks may be bypassed or overlooked.
So that covers the dynamic nature of the modern datacentre. When this is coupled with the cost and complexity of licensing metrics for datacentre software your non-compliance risk increases. Not only that but there is also a risk of incurring unnecessary costs through missing opportunities to optimise license deployment in your Datacenter.
Many large organisations are embarked upon huge Datacenter change programs at present – getting their infrastructure Digital-ready, ensuring compliance with legislative and regulatory requirements, and moving workloads to the Cloud. And that’s before we get to containerisation and serverless!
Every change brings with it the need to assess the impact on license requirements. A small change can have a big impact. Decisions made for valid architectural or service availability reasons may be inefficient from a licensing perspective. It is vital that license checks are embedded in your ITIL Change Management process ensuring that changes aren’t made that create a non-compliant position. An example of a common pitfall is moving an Oracle database to a general purpose cluster rather than one dedicated to Oracle. Moving VMs about is such a routine task that it is often fully-automated and may be covered by a Standard Change, yet the result can be a very large non-compliant license position that could easily be discovered under vendor audit conditions.
Our challenge as ITAM managers is how we can move from the perception of being “the team that buys licenses” to a stakeholder with a say in strategic decision-making. Barry outlines in his session how there can be push-back from PMO who see ITAM as a blocker to progress, and this is certainly something I’ve experienced. He covers how to move towards being seen as an enabler and a partner. When I started thinking about stakeholder management it soon became clear that ITAM processes weren’t engaged early enough in the delivery lifecycle. If a project has got to Delivery without license requirements being considered all that happens is you end up with a PM seeing her budget being eaten up by big and unexpected costs. I have seen a project’s cost triple due to a lack of early ITAM involvement and when that happens there are no winners. Uncomfortable questions are asked at C-Suite level and projects can and do get shelved.
The solution I found was to engage with architects, business analysts, and infrastructure specialists early. You need to be able to speak their language and model license costs in a way they’ll understand.
Once you’ve reached out to these stakeholders you need to ensure that the process continues to be followed. Project Management often tends to be a resource brought in on a short-term basis so there is a constant struggle to educate new PMs. I would argue that this is a losing battle – work with staff earlier so that the PM is presented with a fully-budgeted license requirement so all they have to do is approve the PO. Get a license check added to your PMO process if you have one, and verify that it is done. PMs are ruled by their budget and their critical path, if you’re not a gate on that path you’ll be bypassed.