The ITAM Roundup: 2/5/24

roundup Feb 5, 2024

📰

News

Microsoft Licensing Update February 2024

LicenseQ has provided a nice summary of the updates for Microsoft licensing in 2024. It announces the discontinuation of new "From SA" licenses for both Microsoft 365 and Dynamics 365, with existing licenses being allowed to continue. Microsoft plans to introduce a new promotional migration offer for customers still using on-premises licenses for Dynamics 365. Additionally, updates to product terms, including changes related to privacy and security terms, Microsoft Copilot, and Azure services, are mentioned. Microsoft also announced Windows Server 2025, which is available for testing via the Insider program.

Flexera One FinOps: Cloud Cost Optimization year in review

Flexera has enhanced their Cloud Cost Optimization tool with improvements like Rule-Based Dimensions for better cost allocation, Cloud Budgets for multi-cloud budget management, and a variety of dashboard updates to streamline user experience and improve financial reporting. Throughout the year, Flexera also expanded its offerings with features such as AWS Realized Savings dashboard, Azure Cost Management data ingestion, and Cloud Migration and Modernization improvements. Check out the article from Flexera:

SAP offers big discount to lure on-prem S/4HANA customers to Rise

SAP is offering on-premises S/4HANA users a 60% credit on their first year's fees if they migrate to its cloud-based offering, Rise with SAP. The credit, to be used for other SAP services, can offset around half of the total cost of migration, encouraging customers to move to the cloud after criticism of its cloud-only innovation strategy. In Q4 2023, the offer was offered on a case-by-case basis, and it persuaded many customers to migrate, leading to the wider offer in 2024.

What’s New at Snow Software: January 2024

Snow (soon to be a part of Flexera), has added some new features and enhancements across its product range, including batch editing of agreements and improved filtering options in Snow License Manager v9.33, as well as enhancements to the SaaS Management home page for better information organization and accessibility.

SHI study reveals the top 3 barriers in public sector cybersecurity

An SHI study conducted in the public sector cybersecurity domain identified the top 3 barriers, with 36.1% of respondents highlighting the growing complexity and sophistication of cyberattacks as the most critical challenge. The study also delves into insights regarding funding, visibility, legacy transformation, and security maturity journey in state and local governments. Check out the link below to access the full report:

Intel to make chips in US for Taiwan’s UMC

Intel's agreement with Taiwan's UMC to produce chips in Arizona aligns with the US CHIPS Act, aiming to boost semiconductor manufacturing capacity in the US and address supply chain concerns. The partnership focuses on developing new manufacturing technology for networking, mobile, and communication infrastructure, diversifying the semiconductor supply chain.

📖

Tips

SAM market on the move: What this may mean for future tools and services

The ITAM and SAM landscape is undergoing significant changes, with acquisitions like LeanIX by SAP and Snow Software by Flexera reshaping the industry. Factors to consider when evaluating SAM tools include whether the functional scope meets requirements, the quality of delivered data, utilization of the SAM tool's potential, data sovereignty requirements, and the tool's future development and updates. Changing SAM tools should be a last resort, preceded by a thorough requirements analysis, as success depends on proper implementation and alignment with organizational needs.

Why You Should Conduct Regular Entra ID Assessments

Sean's article for Practical365 discusses the importance of conducting regular assessments of Entra ID configurations in Microsoft 365 tenant management. Entra ID is a critical component, and validating its configuration periodically is necessary to prevent issues caused by changes over time. The article also explains the Azure AD Assessment tool, which can assess and report on Entra ID configurations, helping administrators identify and address any gaps or issues in their setup.

8 dos and don’ts to consider when developing BYOD policies

Developing a BYOD policy involves key considerations, like creating a formal policy to set expectations, prioritizing security with measures like passcode enforcement and updates, and more. In general, the advice is to avoid intrusive control, address mobile app licensing, and don't expect cost savings. Recognize the prevalence of BYOD and establish a policy to enable secure access and accommodate employee preferences.

10 master data management certifications that will pay off

Master Data Management (MDM) certifications provide valuable qualifications for professionals seeking to Excel in data management (no pun intended). MDM is crucial for ensuring consistent, high-quality data across organizations. They are also highly relevant to ITAM, as they equip ITAM pros with essential skills in data accuracy, data governance, and data quality, all of which are crucial for managing technology assets effectively. Additionally, MDM certifications provide insights into integrating asset data, ensuring compliance, and aligning asset management strategies with business goals, further enhancing the capabilities of ITAM specialists.

How to calculate TCO for enterprise software

Calculating the Total Cost of Ownership (TCO) for enterprise software is crucial for making informed IT decisions. TCO encompasses not just the initial purchase cost but also factors in installation, ongoing operation, maintenance, and eventual retirement of the software. A thorough TCO analysis helps identify hidden costs, ensures software performance meets expectations, and considers aspects like data migration, employee training, and process re-engineering, providing a comprehensive framework for evaluating software investments in alignment with business goals.

🐛

Bugs & Exploits

Agencies using vulnerable Ivanti products have until Saturday to disconnect them

Federal civilian agencies have been ordered by the US Cybersecurity and Infrastructure Security Agency (CISA) to disconnect all Ivanti VPN software by midnight Saturday (2/3) due to mass exploitation of three critical vulnerabilities. Ivanti disclosed two critical vulnerabilities three weeks ago and added two more recently, with one being actively targeted, making the total number of exploited vulnerabilities three.

Cloudflare hacked using auth tokens stolen in Okta attack

Cloudflare disclosed a breach of its internal Atlassian server by a suspected nation-state attacker, who accessed its Confluence wiki, Jira bug database, and Bitbucket source code management system after initially gaining access on November 14. The attackers utilized an access token and three service account credentials from a prior Okta breach in October 2023, which Cloudflare had not rotated, to establish persistent access and attempt to penetrate further into Cloudflare's systems.