Apr 11, 2016 - 09:52 PM
Now a days, SAM or ITAM tool selection is a good fat RFP. Most important is to have a good selection criteria and deal breakers written down. So 80-20 rules come into play and best reference point for me in the years has been itAssetManagement.net. Most important aspect after this is the POC or POV that the vendor can provide. Proof of Concept (POC) proves if the tool is best fit for your, however, the Proof Of Value (POV) assures you on the Quality of Service and Support that the vendor can provide. Most of the time, the vendor will be able to prove this in a regional or local perspective, but not on a Global Perspective. All in all its a partnership mode that we as enterprises need to develop with the SAM Tool Providers and we should not consider them as vendors.
Some of the questions to the SAM Tool Provider:
1. Is the tool a verified or certified tool. Let’s say by IBM or Oracle or Microsoft
2. Does it have a module to cover, track and report all on premise and on cloud software titles/options/appliances/Digital Assets
3. What type of scan is used, its better, if it has a hybrid scan mode
4. How intelligent is the tool, does it give all the info that a SAM Manager and SAM Analyst need. There is no tool that gives everything for gap analysis, so, please be smart in asking what you really want
5. Ask questions that can give you a good idea on how easy or tough it is for the SAM Tool implementation. Some tools, are real easy and some are crazy. The time taken for a tool to become stable, is about 1 to 2 years after implementation
6. How the tool handles the data, how it stores it and how it can report it to you is a very vital part, so make sure the questions you ask gets you this info. Sometimes, in a global company, language becomes a challenge, for example, if a tool report me a software installation details and if it is in mandarin or Cantonese, I may not understand,
7. Be clear on your Employees Behavior, company network and even your external users. This is what really challenges a SAM tool, its tricks the tool on DMZ kind of zones and external environment network, which connects to your backbone. Make sure your questions covers them
8. How is the SAM tool licenses and sold is what you clearly need to understand, as a SAM guy, you should be clear on how it affects your CAPEX/OPEX and you might be the one who will be asked to convince your CIO/CFO. So, it’s good to have some questions around this
9. No tool is of use, unless your own people are good at it. So, the shadow support that the vendor can provide and the technical training and handholding that the vendor can provide in every important office where your team or SPOC is becomes a good question. Figure this out.
10. How good is their R&D team and how are they investing in the near future for the tool's development is a very good question for you to ask. So, frame one or two that gives a good idea about the history of the tool and the future of the tool. Anyway, you will have to get some references of present customers for reference checks.
Apr 15, 2016 - 12:29 AM
My question to the tool vendor would be "How easy is it to monitor and report on these areas and what tools are in place for helping to troubleshoot problems with data integrity?"