ITAM Education and Certifications: An Interview with Keith Rupnik of IAITAM

Steve Sidwell:

On this episode we interview Keith Rupnik, the Director of Education at IAITAM. Keith shares the purpose behind ITAM, the growth of the IT asset industry, road shows, and so much more. Brace yourself, you’re now entering The Tech Bench Podcast. Keith can you tell me a little bit more about your background and what your role at ITAM is and just generally if you could introduce yourself for our listeners that’d be fantastic.

Keith Rupnik:

Sure. I originally started off in the technology field, I was a software engineer by education and by job and got started into asset management, but we didn’t call it that back in the ’90s. I was brought on board here at the association back in… Well, actually 2005 to set up their network so I’m the IT guy here, we’re a small company. In 2006, I came on board full time and I’ve been teaching the certification classes since then. I’m also responsible for content development, as I mentioned earlier the network and the IT operations here and the course asset management as well.

Steve Sidwell:

Okay, cool. So you’ve been there for quite a while, how long has the organization itself existed?

Keith Rupnik:

The organization was founded originally in 2002, we’ve been around for quite a while.

Steve Sidwell:

I guess I should start at the very beginning, what is it ITAM? What’s the mission of the organization?

Developing IT Asset Management Professionals

Keith Rupnik:

The mission is to basically bring together all the information and knowledge that a IT asset management professional would need in order to successfully implement and manage an IT asset management program. You have to keep in mind that IT asset management as a profession is younger than IT itself even though the function of ITAM was being performed probably from day one. A splintering occurred when the desktop computer came into play and all those disciplines and best practices that went into managing the mainframe computer didn’t quite follow technology as it was advanced.

Steve Sidwell:

A lot of that stuff went out the window as the technology went out to the masses I imagine and the education didn’t right?

Keith Rupnik:

No. I was one of those guys when I started I didn’t want to work in the mainframe environment, because those guys were really stiff. They had white shirts and clip on ties and polyester pants and what became known to me as change management was very strict. And the other benefit was nobody went out and bought a mainframe computer and then expensed, so the PC and its affordability really created havoc.

Steve Sidwell:

Oh, I imagine there must have been so much stuff all over the place at that time, that it seems like the necessity for ITAM is only grown over time and it was about when… You said 2002, is that right?

Keith Rupnik:

Correct. We were coming out of the millennial project where everybody was worried about Y2K and software audits started appearing. So our first certification course was the software asset management course and people looked at us like we were crazy when we were teaching it. They didn’t understand that there was I’d bought it, I own it so I should be able to do whatever I want. They didn’t understand licensing agreements or the fact that they could actually negotiate their own licensing agreement.

Steve Sidwell:

Well, that must have been a really big part of it then. This is 2002, but you didn’t come on until a few years later. So tell me more about how did you get involved with the organization, you said that you came on board to initially like to set up their networks is that right?

Keith Rupnik:

That’s correct. So they’d purchased a new office, they were moving into new office and they needed somebody to set up their networks, but my technical career I’ve always been very, very interested in the business side of IT and how technology solves problems for companies. So this was a really great opportunity for me to actually get involved in the business side of IT. And so that’s how I got and in fact the first company I started working with was going through a very miserable software audit.

Steve Sidwell:

Oh, man. What’s involved with that? What is a software audit?

Keith Rupnik:

Well, a software audit is any organization that uses software pretty much is under the responsibility of responding to an audit request by the software publisher. Software falls under copyright law-

Steve Sidwell:

Is that one of those things that you sign in the agreement that you don’t read, that you just kind of click through? That they have to audit you at any time?

Keith Rupnik:

Yep, absolutely. They don’t have to say they can audit you any time, copyright law and precedent and legal gives them the right to audit you.

Steve Sidwell:

Sure.

Keith Rupnik:

So they come in and audit you on your use of that software, are you essentially paying for what you’re using? And that’s a multi billion dollar industry.

Steve Sidwell:

Oh, yeah. And especially like in that sort of timeframe, in the ’90s it was there really wasn’t nearly as much copy protection, what copy protection there was, was kind of weak, but after like the all of the various CAZ and all the rest of the debacles, I think the main populace started seeing a lot of more of a litigious aspect to an end user life of software and all the rest of it. I’m kind of going back in time here in my memory of what the feeling was like at that time as far as software and anything that could be effectively pirated or just used more times than you were supposed to. And that if you’re able to get audited, how do you demonstrate that you have something without a proper procedure in place? So ITAM brings that to the end users, is that right? Basically the training of everything.

Keith Rupnik:

Yes and it’s the processes that go into it. We train people that you want to be there when somebody says, “I think I need something.” And you need to help them through the entire process from actually evaluation, the acquisition, negotiation, acquisition, receiving and then use of that asset, and of course finally the disposal of the asset. And the other thing about ITAM is it’s a horizontal operation or function of any organization. So we interact with the departments like finance and legal human resources, IT of course, IT security, vendor management, and then of course the business unit owners and the end users.

Steve Sidwell:

Interesting.

James Patrignelli:

That was going to be my next question. My question is there a specific target audience within an organization or is it across the board, multi departmental?

Keith Rupnik:

The target audience within an organization is typically the person that’s been assigned, either willingly or unwillingly the role of IT asset manager. Now, the asset manager, the title itself is still being adopted so you will find IT specialists, now we’re seeing procurement people. So it all depends on the motivation behind adopting or implementing ITAM, which all too typically is a failed software audit, lost assets, or budget cuts required.

James Patrignelli:

We see at least in a lot of our clients, we see that these functions are kind of split up in user computing and data center hardware. Do you work with in both worlds? Is it across all technology?

Keith Rupnik:

Yes, it’s across all technology, all departments and the materials that we present and the architecture that we provide applies to any size organization. I’ve worked with companies that are 10 people, all the way up to the largest employers in the world, I’ve worked with companies from every single industry. We as an association have taught people from six out of the seven continents. So it is all encompassing and it doesn’t even have to be tangible, so we typically think software and hardware assets or cloud assets, subscriptions would be an asset for example.

James Patrignelli:

So I’m assuming then with all the migrations now to cloud with Amazon, Google and Azure, that that’s probably a growing part of your organization.

Keith Rupnik:

Yes and no, it’s kind of strange because in some ways because we’re looking at the business level and business process, you look at the invoice process for example, the invoice processing and how old is this thing? Decades, ever since the creation of the invoice so the process doesn’t change that much, the technology that’s used changes, but an invoice has been an invoice forever. But the cloud certainly has introduced its own challenges and one of the major challenges is that you’re outsourcing your IT services to a third party, who better have ITAM practices that are as good as yours if not better.

Expanding ITAM Certifications

Steve Sidwell:

Okay, that makes a lot of sense. So in the certification set up, can you tell me what kind of certifications do you guys offer?

Keith Rupnik:

We offer certifications in software asset management, hardware asset management and the overall it’s kind of an introduction to the foundations of IT asset management. We have mobile asset management, we have IT asset disposition, we have asset management and security or IT security. And then we have the overall certification for managing and growing the IT asset management program.

Steve Sidwell:

And of those, which do you feel are probably the most important? Obviously, they all are, but where does it become the most?

Keith Rupnik:

It’s been certainly the hardware and software classes certifications have been probably the most popular.

Steve Sidwell:

Yeah.

Keith Rupnik:

The CITAM course is a four day course that’s really looking at the IATM program independent of IT asset type and so we see people in there that has a greater responsibility for at a higher level the actual program. So while the number of people attending may be a little bit smaller, the impact is significantly more.

Steve Sidwell:

Well a four day course is something that’s pretty good, that’s more I think than a lot of organizations offer.

Keith Rupnik:

Yes and it’s an intense course. It is a course where attendees will learn about the asset management program architecture that we have documented and then map that to their own asset management program [inaudible 00:12:07]. I’m not afraid to say that I’ve had a couple people leave the course and saying, “ITAM is a lot of work, I think I need to find a new career.”

Practical and Actionable Best Practices for ITAM

James Patrignelli:

Keith, for the people that attend that what do you think their end goal is? Is it more about determining ways for cost reduction, increased security, better process for tracking hardware? Do you find that people are looking for a certain thing when they go into those classes to come away with?

Keith Rupnik:

Certainly they are. With everything said and what I love about working here is the interaction that we have with our members and our customers. All the material that is presented to people wasn’t created in a vacuum, but a bunch of people that were sitting there pontificating over how things should work. We present what we call best practices, but they’re actually practical. So we aggregate what works across the globe, independent of company size, private or public and we put that into our materials. So people really are learning the how tos, they are learning the whys to those questions and they’re learning how to communicate and educate and advocate asset management within their own organization. When I talk to vendors such as you guys, it’s I’m still hearing this and in fact, I just came back from the roadshow last week and vendors are still having to educate the customer on the value of IT asset management before they can actually go in and educate on their own solution offering. And that’s a tough racket, tough business to be in when you have to educate the consumer and make them aware of their weaknesses.

Steve Sidwell:

When did ITAM in general and as your industry specifically come more into public consciousness? I feel like this is something that has even in the last like 10 years, in the last five years became so much of a not just a bigger deal in general and more important, but something that people actually talk about. Your website has evolved so much and it’s just fantastic now of what’s been this kind of like a recent growth drivers?

Keith Rupnik:

I think certainly the software audits has pushed a lot of people. I’ve talked to people in the past three years that have been experiencing 5, 6, 7 software audits in one year which is insane. The runaway budgets and the not knowing what to do with cloud has been a major issue. When I first started teaching in 2006, I would have people that had 5, 10, 15 years experience with managing hardware assets. In my software class, I typically would have a receptionist or secretary or an admin, who was given a responsibility for managing software assets for two, three hours a week [inaudible 00:15:06] and that has changed dramatically since I started teaching and in the past five years, it’s changed dramatically. There’s more of an emphasis on not just controlling costs, but reducing risk whether it’s through IT security and cyber attacks or the risk of an audit. And also the efficiencies that come into play by instead of having 100 people doing things 100 different ways, having 100 people doing things one way. So there’s been great benefits there as well.

Steve Sidwell:

How much of that do you think has been driven by recent motion towards software as a service? Where the companies who have the budgets to hire teams of lawyers and accountants to do these software audits that are offering relatively affordable cloud offerings. Do you feel like there’s a some kind of tie in there?

Keith Rupnik:

Unfortunately, I think it’s been the opposite. I think that companies feel that they’re outsourcing IT and IT services and they’re outsourcing the risk that comes along with it. So for example, one of the things that I’ve been talking to people a lot about when it comes to hardware disposal is you go with software as a service for cloud, you have your application and data being run by that provider of that cloud service. What is their disposal process? How do they dispose of the assets? And compared to how you would dispose of the assets how do you know?

Steve Sidwell:

Right, because you guys are not just dealing with the software, it’s the entire… And that’s one of the things I find so interesting is it all comes under lifecycle analysis of from why do you want to do this project? To what are you going to need to do this project? To what is it going to run? To what’s it going to run? To who’s going to manage it? To who’s going to be ultimately responsible for the exit strategy from this?

Keith Rupnik:

Yep.

Steve:

Yes, that’s-

Keith Rupnik:

And then when you look at it too, IT is focused on service delivery typically and that’s in the context of the asset that’s in play or available. From an asset management perspective, if I dispose of the hardware asset, the lifecycle of that asset is ended, but I have something called certificate of destruction or transfers of ownership data destruction audit trails that I keep forever,-

Steve Sidwell:

And how you keep those so that’s all part of it right? It’s just keeping track of all of that stuff is just… The unit of hardware is replaced by the unit of this hardware doesn’t exist anymore, that information.

Keith Rupnik:

Correct. Those are artifacts, every asset it creates artifacts and asset managers have to identify the artifacts that are important, the ones that have to be maintained and kept. And when you go to a document retention person and say, “I need to keep this forever,” a lot of times the reaction is, “What?”

Steve Sidwell:

Its like, “Okay cool, keep, but keep do you ever need to see it again keep or?”

Keith Rupnik:

Right.

IT Asset Management and the Internet of Things

Steve Sidwell:

We could just bury it in a mountain, right? How does the Internet of Things that we’re hearing is much better? How does that impact this industry?

Keith Rupnik:

So the Internet of Things has me very concerned. I had worked in back in the day in the early 2000s we call them smart systems and now they’re the Internet of Things, but the Internet of Things is going to be… And it’s here, it certainly is here, but the growth will be probably exponential. There are some really amazing cool things that are going to be able to be done with the Internet of Things. However, the asset manager now, that that nice little clear line of what is an IT assets and what isn’t is going to become very, very fuzzy. You’re going to see assets that are embedded in other assets so let me give you an example.

I was talking to a police officer not too long ago and he’s because he says to me, he goes, “I have $60,000 worth of technology in my car, my police car.” And we can’t afford to look at that police car as well, there’s IT and there’s non-IT because the officer sees that as a single asset and their life can depend on that asset. So they don’t care if it’s IT or not IT, they care that it’s there, it’s working when they need it. So we’re going to have to evolve to understand that these lines of being able to say, “Well, that’s not an IT assets we don’t have to worry about it,” are becoming more and more blurred.

Steve Sidwell:

What’s an example of something like that?

Keith Rupnik:

Of the blurring?

Steve Sidwell:

Yeah.

Keith Rupnik:

So I was talking to someone that worked for a company that manufactured automated teller machines and they discovered that the automated teller machines were being shipped to customer sites with Commercial off-the-shelf software installed on it. The Commercial off-the-shelf software wasn’t licensed or it’s licensing wasn’t being reported. So here you have an asset and a lot of times we think internal assets, we think of operations and IT, but we now have to start expanding our thinking beyond that to assets that our company own, purchase, resell, or originate with, bundled with other solutions that we have to start being accountable for.

Steve Sidwell:

Right. It’s all about reaching out into the other departments where you don’t really want to go, you don’t want to step into their turf necessarily because people have little fiefdoms in large companies, but when you start looking at smart filing cabinets that are… Like in hospitals, they have the thing that knows how many pairs of gloves it has inside of it and hold the rest of them, right? So all of a sudden it’s like what used to be a cabinet that was a piece of furniture is now is that an IT asset? Oh, absolutely, because it’s constantly talking to the database.

Keith Rupnik:

And the basic premise that you just mentioned is a good one is our telephone systems. The phone sitting at your desk was never an IT asset until the day it became an IT phone and it was sitting on the network.

Steve Sidwell:

Mm-hmm (affirmative).

Keith Rupnik:

You had a telecom group, but they were separate from IT. Now they’ve merged because technology has changed.

James Patrignelli:

Well, I’m just thinking about I’m going to the airport tomorrow, I’m getting picked up at 4:45 by specific car ride sharing service that’s built on the Internet. I’m going to go in directly at the kiosk at the airport that’s going to be on the network and then I’m going to be on a plane that’s going to be on a network with hundreds of other people working on their work laptop and it’s just continually growing that cycle.

Keith Rupnik:

Look at the kiosk, how secure is the kiosk? Whose securing it? Who manages it? Who disposes of it?

James Patrignelli:

And I put my credit card in there to get my ticket.

Keith Rupnik:

Right. And the thing is that the IT asset management and the program concept is not new. Whether your company has products, services or both you have somebody in your company that has like… I was in the world years ago as a product manager. When my company was releasing a new product my responsibility was to coordinate the activities of sales, and marketing, and engineering, quality assurance, customer help desk, finance, executive teams. Now those people report it to me, but without that coordination that product doesn’t get launched. When you think of the services that you guys provide and the planning that goes into it and the coordination that goes into doing that you just can’t say one day, “Hey, I want to provide the service and launch it.” You have to coordinate these activities across different departments. So ITAM is a horizontal function very similar to product management and service management.

Steve Sidwell:

Do you feel like that’s a trend that has stayed very similar over the years?

Keith Rupnik:

Sure, yes.

ITAM Keeps Up with Tech Industry Trends

Steve Sidwell:

And the industry overall for the ITAM Industry, what do you feel are the biggest trends outside of that are?

Keith Rupnik:

I think the biggest trends is keeping up with the new technology. Again, technology can change drastically, but every time something new comes along with throw it at our architecture and it stays true. Emphasis changes a little bit, it shifts from one area to the other in our architecture, but the things that you’re doing managing these assets pretty much stays consistent. So Internet of Things certainly and big data, what does big data mean to asset managers? More software, more hardware, more contracts. Certainly, the cloud and I think with the cloud there’s a couple things that I’m watching closely that haven’t happened yet. One is right now cloud is cheap and I worked for a company for 12 years that was subscription-based and there’s no better model in my opinion than that because you can start tweaking how people pay for what and what we had back then we called plus ones.

So you want this, it’s an extra five bucks a month, you want that it’s an extra three bucks a month. And if you look at your cell phone bills, or your cable or satellite dish bills you probably have seen this type of thing occur. And it’s Showtime for free for six months and then after that $5 a month. So the expense hasn’t been really realized yet, the next thing is CapEx versus OpEx. I’m waiting for finance to wake up one day and say, “Wait a second. What happened to our capital expenditures?” They’ve been replaced by OpEx and that’s the cloud. So it’ll be interesting to see the companies how they react to that. And then I think bringing it back in-house, I don’t think all of its going to be brought back in-house, but let’s face it another word for cloud is outsourcing and every time we outsource, we go over and then we come back and so.

Steve Sidwell:

What do you feel the biggest challenges are right now?

Keith Rupnik:

Still executive management buy in and support.

Steve Sidwell:

Yeah, I think that probably goes with everything. I feel like everybody will agree that getting upper level management on board with what you want to do is always tough because they have their own I’m not going to say agendas, but they have so much to deal with.

Keith Rupnik:

And yes. And I ask people, I take a poll on every class in the U.S and I ask, ” Raise your hand if you own stock in your company.”  And pretty much everyone owns stock either for 401k or individually. So I ask the next question, “If your stock crashes tomorrow is the first thought in your mind, oh my God their ITAM program’s failing?”  And everyone laughs and they’re like, ” Well, no.” And I say, “So what makes you think the executives are concerned about it?”

Steve Sidwell:

That’s a very good question.

Keith Rupnik:

So what I spell out to people and I’m doing this on our road shows now is what I call the one degree of separation. If you’re an airline company, airplanes are important to your revenue and the executive recognizes that. If you’re a manufacturing company the machines in your plants are important to the revenue stream, you recognize that. But IT is typically at least two degrees of separation from the revenue, and it gets lost, but yet name a company that can be successful without IT.

IT Asset Management Trade Shows

James Patrignelli:

Keith you mentioned your road shows can you tell us a little bit about the types of trade shows and what the trade shows are versus the road shows and what you’re doing with those?

Keith Rupnik:

Well, in trade shows we have our annual conference and exhibition which the U.S one is in spring typically and we have two in the fall, one in Japan and one in Europe. So those are our three major conferences. We do trade shows with different organizations or different industries as invited certainly in disposal industries, the technology industry, security industries as well. The roadshows are an attempt to reach out to those people in areas that may not have the budget or the ability to go to our conference. It’s a one day event with six topics, 35 minutes each and it’s a rapid fire tons of information that we throw at the audience. And then at the end we have one major session where the audience really gets to know each other and work well with each other. So I just got back from last week and will be traveling next week for the next road shows. We did pre-road shows in the spring in Europe as well, they were incredibly well received, they’re small, intimate gatherings. Again, they’re just one day and they get a lot of local attention.

Steve Sidwell:

Just to say-

James Patrignelli:

Like-

Steve Sidwell:

Sorry.

James Patrignelli:

No, no go ahead.

Steve Sidwell:

I was going to say basically, it’s like a summit is that sort of….

Keith Rupnik:

No, the six topics that we’re talking about now is selling ITAM, hardware and software asset management, IT security, contracts, management tools, management and… God I forgot the sixth one, I’m sorry. But they’re timely topics, they’re topics that everyone is talking about, concerned about, working with. So it’s that level of interest and it’s not, “Well, you have to be here let’s design this process.” It’s more presenting information on what to consider and take into consideration with your ITAM program and I won’t lie to you it boosts people’s energy too.

Steve Sidwell:

So far if I wanted to go to one of these events what will be the best way to find out when they’re coming?

Keith Rupnik:

Our website. Our website has the information on it so you can check that out as well.

Steve Sidwell:

That’s awesome.

Keith Rupnik:

Our website is a good place and of course if you’re subscribed to our emails you’ll get information from that announcing these events. We also do a bunch of webinars and in December of every year we do IT Asset Management Awareness Month where folks like you will present something that’s educational every single business day and our members attend and listen and hopefully learn.

The Future of the ITAM Industry

Steve Sidwell:

Keith, what do you feel like is the future of the ITAM Industry?

Keith Rupnik:

Based on the feedback that we’re seeing and the complexities the contract regardless of its hardware, software, or cloud has always been critical. But the drafting of the contract and the agreements has typically been in the hands of people who really don’t get IT let alone asset management. And so especially because of the cloud, but certainly with software the license and the contract is everything. You cannot manage the asset without access to and clarification in the contracts. I mentioned earlier your software as a service and how do they dispose of their assets? Well, it’s got to be expressed contractually.  And then how do you keep an eye on what it is that they’re doing?

How do you validate and verify that, yeah they said that they use this disposal process and they use Liquid Technology, but how do we know they’re actually executing it? So you have to have reporting structures in place that you’re getting that information, the trust but verify steps. We’re seeing this trend not just from our prediction standpoint, but we’re seeing more and more people from procurement getting into our classrooms and totally shocked by what asset management is. I’ve worked with organizations where vendor management is the purchasing of IT and then ends after the agreement is signed. That’s certainly not sufficient for managing cloud assets.

Steve Sidwell:

So part of this then becomes best practices for foundations and structure of contracts, contracts language to try to have in your contract, stuff to avoid all that kind of stuff that’s really in many ways is so foreign to IT professionals. Frankly we don’t deal in contracts all the time, it’s obviously something that we have to do, but how to get contracts written that are friendly towards good asset management practices. I imagine that’s something that they really come through in the courses and certifications is that?

Keith Rupnik:

That’s absolutely correct because again, if you look at your Standard Software Licensing Agreement or any of these contracts there are very poorly written for the person that’s making the purchase, the consumer. They don’t tell you what is the definition of compliance or definition for purchase, they don’t tell you how they’re going about managing the assets for which your data resides on. So it’s something that’s left up to the consumer and the consumer has to be aware that you just can’t write it off as, “Okay, well I’m paying them therefore I must trust them.” I have a saying there’s trial by jury and there’s trial by public opinion and trial by public opinion can be significantly more costly than trial by jury. And you see the privacy laws that are coming into play right now for example in Europe you have the GDPR.

You’d be surprised of the number of people that have customers in the European Union, but aren’t aware of GDPR yet there is a significant risk if they are not following that particular laws. That’s the other piece that we look at too is we educate people on look at your organization what legislative requirements are applied to your organization? You’re a hospital system so you have HIPAA, you’re publicly traded so you have Sarbanes-Oxley. What does the ITAM Program do for those compliance requirements? Privacy is massive, everyone’s worried about being hacked these days and it’s goes well beyond just securing the assets that you’re currently using, but securing the assets that you’re moving around from building to building, from office to office and of course disposing of it. Disposal has always been a major component to protecting information before it goes out the door and so that’s a critical component as well.

The asset manager doesn’t care who does what, they just cares how it’s done and the other thing is speaking of IT, IT has gotten a bad rap in my opinion. Name another functional group in your organization that’s required to know what everyone else does.

Steve Sidwell:

HR.

Keith Rupnik:

Theoretically you’re right HR, but if you look at the stereotypical org chart of an IT department you have the CIO, the vice presidents, the directors and the managers and then you quickly go to specializations. People who write C++ code, web programmers, network administrators, database administrators. I’ve managed these people in my past life and I’ve managed I think some of the best people in the world that did that kind of stuff. And some of them I would never put in front of another human being, but when you look at the asset manager, the asset manager has their one foot in the business side and one foot in the IT side.

They understand both well enough to bring the two groups together they bridge that chasm and my entire career I’ve been seeing articles to this day how do we align IT with the business? And the answer is IT asset management. Now, the other thing is that replace IT with cloud because that’s what’s trending. We’re going to outsource our IT organization to the cloud, the Chief Marketing Officer says to the CIO, ” You guys are slow I’m going to the cloud.” Those assets have to be managed as well.

Steve Sidwell:

Well, in many ways that’s just outsourcing your IT department, right? That was a big thing back in the what? Lat ’90s, early 2000s. I think if I remember correctly there were teams that could come in and manage your IT department and cycles through your office on a basis and I don’t think any of that… Does that still exist? Is that still a thing?

Keith Rupnik:

It’s called cloud.

Steve Sidwell:

Yeah I guess so. It’s just none of it comes through it comes through.

Keith Rupnik:

I was at a major hospital systems a few years ago and I was talking to a guy in the IT department and he goes, “Well, I’m getting fired on Friday.” And I’m like, “Oh, my God, really?” I said, “Why?” He goes, “Well, Monday, I’m coming back and I’m working for this vendor now and all the operations stay the same, my desk stays the same, but I’m working for a new company. I’ve been outsourced.”

Steve Sidwell:

Wow.

Keith Rupnik:

Exactly. And I was at the Microsoft Partner Conference with Steve Ballmer years ago, there were 16,000 people in this arena and he said, he goes, “If you’re a small to medium sized business. You have no reason to have an IT department go to the cloud.”

Steve Sidwell:

That’s just stunning to me. I feel like so much as it yeah makes sense, but at the same time, it makes sense for them because in a little while they’re going to be pushing Office Live 365 and Azure and all these other products that you should totally be migrating to by myself. But then again it all comes back to that contract which is we have all the rights, you have no rights, click here to play.

Keith Rupnik:

Right, exactly.

Steve Sidwell:

But that’s can I click? What are my responsibilities to the people who work for me, to the data that I have to house, to my own infrastructure, to legal compliance and just to the various case law and all the rest? Is that something that I can even do? And how do I find that out?

Keith Rupnik:

That’s correct and again you have to assess your own business requirements both from a compliance standpoint and from a customer perspective. And of course if you’re publicly traded from a shareholder perspective.

Steve Sidwell:

I feel like that’s something comes right in line with IT asset management, it’s this right there in that thought process of just the whole lifecycle of what’s involved with it? Who has to do what? When it comes in and how do we use it and how do we get out?

Keith Rupnik:

No, it’s maximizing the value of the investment in your IT portfolio.

Steve Sidwell:

Yeah.

Keith Rupnik:

And the other thing that asset managers do is that we represent the interests of all parties when it comes to the acquisition of IT. If parties are legal, the end user, IT security, vendor management, executive management, finance all of those we bring them to the table.

Training for Proactive IT Security

Steve Sidwell:

If you had to pick a couple of things, what would you say? What are you working on next?

Keith Rupnik:

Working on next it’s again, the infrastructure of our architecture has really held up well. So the things that we’re doing is refining some of our content, our materials to talk more about cloud and Internet of Things certainly. I think the other thing is just more emphasis on financial risk and efficiencies too. IT security is a hot topic, we’ve been saying all along an asset manager’s best friend is IT security and one of the things that I’m a bit concerned about is with all the emphasis on IT security. IT security is just one pillar of the many requirements that an organization has to fulfill. Again, if you’re a hospital system you’ve got the HIPAA requirements and you cannot implement an IT security initiative that violates HIPAA or vice versa.

So those things have to play together, Sarbanes-Oxley is another example they have to play together. So there’s all of these different requirements on these organizations, they all have to be managed and balanced just like the verticals that I mentioned earlier of the departments, it’s a horizontal function for ITAM. So I think that’s going to be a big, big piece to that and really… Sorry, but really bailing out IT because as I said earlier IT is getting such a bad rap, too much is expected from the people that are there. And I think balancing whether things are done in source or outsourced, and what makes the most sense should be a business value question that is answered once all of the different data points and all the information is collected and understood.

Steve Sidwell:

It sounds like building that crosswalk between all the various types of requirements and things rules to which organizations have to adhere, it’s so different for each organization that’s it’s almost seems like that it’s almost part of a different department it seems like. Like it’s something even more generalized than IT.

Keith Rupnik:

It definitely is because you’re again, you’re looking… IT, a lot of IT focuses on the technology administration of an asset whereas we’re focused on the business administration of the asset. Certainly, your CIOs and your managers and IT are focused all on the business administration, but again, that population’s small, they have a skill set that’s a bit different and they’re overloaded.

Steve Sidwell:

It sounds like what a lot of it comes down to at the end of the day is so much of all of the individual IT departments are overloaded, they’ve got so much on their plates because they’re dealing with things on such a granular level, but IT as a management to me it just has to be a relatively slow and thought out process. Where everything just has to fall into place and we have to figure out what that place is going to be beforehand.

Keith Rupnik:

That’s correct it is definitely and this is the one of the major benefactors for IT security, is the proactive approach that we’re taking. A lot of times unfortunately security is in the reactive mode. “Oops, something showed up on my network how it got here?” A good ITAM program is going to say to security, “Something’s going to be showing up on your network and this is how it’s getting there and what do you think about it, can we secure it?”

Steve Sidwell:

That sounds like a pretty good challenge.

Keith Rupnik:

Oh, it is. It’s a challenge. People ask me all the time, “How long does it take to get to a world class ITAM program? My answer is, “I don’t know, 10, 15, 20 years.” I said you can do it in 18-months all you have to do is one simple thing and that is get rid of all the people.

Steve Sidwell:

Shit, right? Well, that’s the single biggest point of failure.

Keith Rupnik:

Sure and you’ve got to realize that and going back to my comment about the mainframe computers, managing mainframes was easy go do physical inventory, you open up the door to mainframe you count to one and you’re done. It’s much more complicated now, but if you look at it from an organic perspective we’re out of shape. We’ve been sitting on the couch drinking beer, watching TV and eating ice cream for 20, 30 years now. The expectation to get off the couch tomorrow run a marathon is not going to be met. In fact, it’ll probably result to some deaths. So we’re out of shape from decades of bad practices.

Steve Sidwell:

Yeah, it’s a lot to come back from and I feel like… So the training is just so key to that. You can’t get there without trying to figure out how that’s going to be and then deploying it in pieces.

Keith Rupnik:

The only true way to change of culture is through education and communication.

Steve Sidwell:

Absolutely. Keith, I just want to say thank you so much for coming on and talking with us today. Is there anything that you wanted to touch on? I’m getting the signal that I have been in chat for way too long which is I got to say it’s been really great talking with you. I know I’ve learned so much.

Keith Rupnik:

Thank you so very much for the opportunity. We love working with you guys, your services that you provide are critical to the success of any organization out there and it’s evolving, it’s getting better, it’s getting bigger and it’s all to the benefit of that customer so thank you for the opportunity. I really appreciate it.

Steve Sidwell:

Thank you so much. So again, been talking with Keith Rupnik, he’s the director of education over at IAITAM which is iaitam.org. And with me today, James Patrignelli as always James, thank you so much for coming on I really appreciate it.

James Patrignelli:

Thank you, Steve and thank you, Keith it’s been a pleasure.

Steve Sidwell:

Gentlemen. Thanks.

Keith Rupnik:

All right. Thank you take care. Bye.

Steve Sidwell:

You too. Bye.

 Thank you for joining us for another episode of Tech Bench Podcast. Next time, we’re going to be speaking to Richard Green from Liquid Technology. If you enjoyed this episode, please make sure to subscribe and follow us on Instagram, Twitter, Facebook @LTTBPodcast. If you have any questions, comments, or show ideas please feel free to email us at techbench@liquidtechnology.net. For show notes visit liquidtechnologies.net/techbench.