Cherwell IT Service Management Blog
Resources, Best Practices, and Solutions for ITSM Pros


ITSM News Roundup: What’s Next for Healthcare IT?

Posted by

What’s ahead for healthcare IT in the upcoming year? Concerns about data breaches and cybersecurity are top of mind for IT professionals in this industry (as they are, most likely, for IT professionals in all industries). Increased integration of machine learning, a continued embrace of the cloud, and engaging, consumer-friendly tools are some of the positive predictions for 2017. This week’s ITSM news roundup digs into the biggest trends in healthcare IT.

Tweet this: What data breaches should CIO’s in the healthcare industry forecast for? 

How CIO’s prepare for tomorrow’s healthcare data breaches

Writing for CIO, Peter B. Nichols points out that data breaches have increased 50 percent in a five-year period, and walks through what data is captured, and how, outlining the biggest targets of attacks. With growing threats likely in 2017, Nichols recommends that CIOS “focus on mitigation, which is often just as useful as remediation.”

Find out how to prepare for healthcare data breaches.  

7 (plus 1) predictions for healthcare IT in 2017

Security is a big theme for Paddy Padmanabhan as well, who predicts more spending in that area than ever before in 2017. Plus, after two big, heavily reported healthcare startup stumbles in 2016, Padmanabhan anticipates that health-focused startups will be cautious and diligent about adhering to industry regulations.

Read 7 (plus 1) predictions for healthcare IT in 2017.

Bridging the Gap Between Big Data Science, Health IT Usability

A “gulf between theoretical data science and the harsh realities of clinical practice are at the root of the healthcare system’s ongoing health IT usability problems,” according to an article in Health IT Analytics. The benefits of big data-fueled decisions and utilizing predictive analytics are clear, but the urgent atmosphere in clinics, hospitals, and doctors’ offices often makes providers skeptical about adding another step to their workflow. Encouraging cooperation—between data scientists, health IT developers, and doctors (and other end-users)—is vital to incorporate insights from big data.

Discover ways to bridge the gap between the big data science and health IT usability.

Tweet this: What were the biggest cybersecurity disruptions in 2016 for the healthcare industry? 

10 biggest weaknesses and lessons learned from cybersecurity in 2016

What behaviors and technologies caused the biggest cyberattacks in the healthcare industry? At Healthcare It News, Jessica Davis spoke with four security experts who shared the major threats of the previous year, including human error, outdated technology, ransomware, and the rise of cybercrime as an industry.

Discover the 10 biggest weaknesses and lessons learned from cybersecurity in 2016.

10 top healthcare information technology trends for 2017

What should provider organizations expect from technology? Health Data Management consulted industry experts, who anticipate big growth for the healthcare cloud computing network, a push for consumer-facing technology, EHR improvements, and much more.

Get the full list of the 10 top healthcare information technology trends for 2017.

Don’t miss out on the latest news in IT service management. Check out each installment of Cherwell’s ITSM News Roundup.


3 Impacts of Big Data on IT Teams—And How IT Must Respond

Posted by

There’s been a lot of buzz generated about Big Data in recent years. Big Data really is a big deal, even minus the hype. Here are a few mind-boggling facts that reveal just how “big” the data really is:

  • More data has been created in just the past two years than in the entire history of humanity.
  • The rate of data accumulation will continue to accelerate. By 2020, the amount of data generated yearly is expected to equal all the data produced in 2009—multiplied by 44.
  • The accumulated data in 2020 will equal about 44 zettabytes. (One zettabyte equals 1,000,000,000,000 gigabytes.)
  • Digital storage makes the Big Data explosion possible. If all the data accumulated in a single year were written onto DVDs, all the disks, when stacked, would reach to the moon and back.
  • The internet and social media are big drivers of Big Data. With every minute of every day, there are 100,000 tweets, 11 million instant messages, 170 million emails, and 31 million Facebook messages sent out into the world.

Tweet this: Big Data is a BIG deal. How valuable is your data repository? 

The accumulation of data will only accelerate in the next few years, fueled by smart devices. Within just a few years more than 50 billion smart devices globally are expected to be feeding and growing the worldwide Big Data repository.

But what is the real value of all that data?

The Real-World Benefits of Big Data

We’ve only begun to scratch the surface in putting all that data to work, with less than one percent of all incoming data ever analyzed. But the potential is staggering.

Just a 10 percent increase in data accessibility can yield an average net income increase of more than $65 million for the typical Fortune 1000 company. Researchers at the McKinsey Global Institute calculate that retailers stand to increase operating margins more than 60 percent by fully exploiting data analytics.

Better integration of Big Data and data analytics present the healthcare industry with the opportunity to cut costs as much as $300 billion per year. And Oracle predicts that Big Data and Analytics will provide significant operational improvements in many key functional areas of finance and banking.

What Big Data Means for IT Departments

IT must bear the brunt of managing the flood of Big Data. Following are a few of the key impacts of Big Data on company’s IT departments:

  • Scalability: IT must respond much faster to the rate of data growth, and be able to more accurately predict how the organization is utilizing Big Data storage. Rates of growth must be planned to ensure that resources will meet future demand—three months, six months, a year down the road.
  • Complexity: In the past, an organization might rely upon a single, monolithic server. But in the age of Big Data, architecture has evolved. Now, a single large server might be replaced by a dozen, a hundred, or even thousands of low-priced servers. But that also multiplies the equipment menagerie that IT must monitor and maintain.
  • Disparity: Before the age of Big Data, IT staff typically focused upon collecting and storing only a few data types. A software program at a financial institution, for example, might collect and process numeric data types, and nothing more. But Big Data is disparate data, and IT must develop data-agnostic capabilities to support the storage and management of many different forms of data.

Tweet this: Scalability, complexity and disparity are 3 key impacts of Big Data on your IT department 

Big Data also offers IT the opportunity to be more prepared for market volatility. Consider the market instability that occurred in 2008: Countless IT departments found themselves scrambling to spin up additional resources to meet the demands generated by a chaotic financial landscape. Now, through the increased analytics capabilities enabled by Big Data, IT is more readily able to glean insights into users’ needs and market trends, helping to better predict and respond to market forces.

Three Musts for IT in Meeting the Big Data Challenge

How can IT manage the three impacts of Big Data mentioned above? By a symmetrical focus upon strengthening three key areas:

1. Talent: IT departments are filled with talented people. The homogenous whole of the typical IT department, in fact, represents many different sub-divisional areas of expertise: developers, testers, DBAs, etc. But most IT departments currently suffer a lack of the specific areas of expertise needed to consolidate the massive volume of Big Data into useable, actionable information for the business. Skills such as data visualization, statistical/quantitative analysis, data mining, machine learning, and NoSQL database management are among the talents that will grow in importance for IT in the age of Big Data.

2. Orchestration: By definition, Big Data incorporates many different types of data, drawn from a plethora of disparate sources. Success with Big Data requires that all sources and types of data blend into a harmonious whole. The orchestration of the process of merging and parsing the many different data inputs is an evolving discipline that should be an ongoing focus of IT departments.

3. Leadership: Most business departments at each organization will find tremendous value in the hidden connections and revelations that Big Data offers. But many of these departments are quite unaware of the potential value offered by Big Data technologies. IT departments should take the organizational lead in connecting the dots for these departments, helping them to understand and realize the value that awaits in leveraging the benefits of Big Data.

Tweet this: IT should should focus on 3 key areas to meet the Big Data challenge within your organization

It’s Not Simply the “Big” That Provides the Value

Though we’re only at the dawn of the Big Data era, it’s clear that the unprecedented explosion of data generation and storage will impact our lives mightily. But it’s not simply the sheer volume of data now available that provides value; it’s the way that data is used.

Not all data, after all, has value. That massive bulk of data must be sifted, sorted, and analyzed to tease out the nuggets of value. Distilling the relevance and extracting value from the whole is the key to transforming Big Data from big hype to insightful, actionable, real-world value.

Stay informed on hot topics in IT—watch one of our many on-demand webinars, or sign up for an upcoming live presentation.

4 Resolutions IT Asset Managers Need to Keep in 2017

Posted by

Editor’s note: We’re kicking off 2017 with a series on New Year’s resolution for IT leaders. In this post, Cherwell’s Director of ITAM Product Management puts himself in the shoes of an embattled IT Asset Manager. Read on to discover the challenges facing our hypothetical Asset Manager, as well as the best ways to resolve them. Catch up with all the entries in our New Year’s Resolution series:

It is New Year’s Day 2017, and while my family plays outside, I’m thinking about my resolutions for work. Perhaps a little background will help: Last year I was hired by a global enterprise company to manage their IT assets. Going into this role, my goal was to evaluate my organization’s IT and software asset management practices and build a plan to change and create a better process going forward.

The first thing I learned is there were no processes in place for software license compliance and managing software assets at all. Next, I found out there was no budget planned for 2016 to get the tools or staff needed to implement a plan. My final discovery was that there was no buy-in from other departments or key stakeholders to implement a new set of asset management processes that draw upon industry best practices. Procurement didn’t view it as their issue, and IT’s primary focus was getting the software and hardware to users as quickly as possible. There was no mandate at the C-level to participate.

Tweet this: Having processes in place for managing software assets should be part of your IT initiatives for 2017

The Consequences of Doing Nothing Are Grim

The picture wasn’t looking especially promising, but I was more than willing to forge ahead. Suddenly, Software Manufacturer A notified us they wanted to audit our software licenses. Everyone looked to me to solve this problem. I cobbled together what license entitlements I could find, used some inventory tools that were subpar, and finally relented and allowed the vendor to run scripts on our network to collect accurate software installation information. After a four-month audit, we owed $100,000 for licenses we had deployed without purchasing. This wasn’t all that bad in the grand scheme of things, as the vendor was friendly and levied no penalties if we trued up going forward on an annual basis.

Disaster averted! Or so I thought.

Two weeks later Software Manufacturer B notified us they wanted to audit our software licenses. This didn’t end as well. The software package is licensed per desktop and costs on average about $200 per desktop. We had licensed 3,000 copies. However, someone in IT—doing what he thought was best, no doubt—at some point had decided to make this software package part of our default image deployed with every new desktop. Thus, we had deployed this software package to 25,000 computers, and owed Software Manufacturer B $4,400,000 in licensing costs! Over six months of negotiations, our lawyers were finally able to reduce the money owed on licenses to $1.5 million (plus a $500,000 penalty for deploying a license that wasn’t purchased), and negotiated a deal preventing this information from going public.

Did anything good come of this? Yes! Now, I have budget and C-level buy-in to initiate a thoughtful and comprehensive asset management process needed to ensure 2016 doesn’t happen again.

Tweet this: 4 ways to minimize your software audit risk in the upcoming year

4 Resolutions for Minimizing Software Audit Risk in 2017

As I look ahead to the upcoming year, my New Year’s resolutions are clear: I can avoid the expenses and anxiety of 2016 by creating a process, mobilizing my team, and finding a tool to support both processes and people. Here’s my punch-list for the year ahead:

1. Develop bulletproof asset management processes.

By the end of the year, I’ll standardize procurement guidelines and policies for tracking entitlements, and establish an approval policy and a method to check available entitlements before new software is deployed. Tracking entitlements isn’t the entire process but if I can accomplish this piece, I’ll be off to a great start.

2. Define the key stakeholders and process owners from the beginning of the process to the end, so I know who owns purchasing, compliance, deployments, etc.

By the end of the year, it’ll be clear who does what. I’ll have a workflow in place so that it’s clear which staffers are in charge of deploying software—this will help prevent costly mistakes, like the ones that occurred the previous year.

3. Implement “real” asset management tools to support processes.

I need tools that can normalize manufacturers, properly identify software, software suites, components of suites, and which software requires a purchased license, and reconcile entitlements with what’s been deployed in my environment. Finally, the tool must be able to protect my organization against overspending on software that’s not being used—which means I’ll need a tool that can collect software usage data. (When we were audited, we discovered software installed on machines that very likely was not being used. Since users will be reluctant to let go of their licenses, we need usage data to confirm if it is really being used.) And of course, all these tools need to be easy to use and not take months to deploy. That’s not all I need from my new tool, but of course, walking comes before running, and this is a strong start.

4. Use IT asset data to assist with other processes in the company.

For example, if I can feed usage data to my ITSM tool, I’ll be able to create automated workflows to remove software that is not being used. I’ll also be able extend entitlement information to my IT team, so they know if licenses are available before they deploy software packages to users. Any reasonably good IT asset management tool also collects information about users that have logged into a computer and/or the services that are running on it—this information can also be invaluable to IT technicians. One last goal: I’ll get other stakeholders in the room to show them the kind of data my asset management solution provides; no doubt I’ll find others outside of my immediate team who find value in the information.

These resolutions represent only the beginning of my journey toward a comprehensive asset management program. However, they will lay the foundation for success and help me avoid expensive audit-related fire drills, while also simplifying workflows and adding value throughout the company.

Get unprecedented visibility and control over enterprise IT assets with Cherwell Asset Management—on average, customers reclaim 15 and 30 percent of their total software budget.

7 Steps to Defining and Designing an Effective IT Service Catalog

Posted by

An IT service catalog does more than simply list the IT services an organization provides to its employees or customers—the document helps IT engage with customers, building and maintaining productive relationships. Having a service catalog in place helps IT establish boundaries, set expectations, find solutions, and contribute to the bottom line of a business.

Tweet this: Having a service catalog helps IT engage with customers to build relationships for the business.

Follow these seven steps below, also represented visually on the infographic, to guide your efforts to establish and maintain your service catalog:

Infograhic: 7 Steps to Creating an Effective IT Service Catalog

Infograhic: 7 Steps to Creating an Effective IT Service Catalog

1. Select the right team: Include people from throughout the IT department to develop the service catalog—this will ensure that you have support from senior staff and the stakeholders responsible for providing each of the services.

2. Scope out services: To determine what to include in your service catalog, consider the services IT currently provides, the services IT is capable of providing, and finally, the services IT might provide in the future. Be as inclusive as possible: Speak to team leaders and managers, and all levels of support staff. Group services into service categories (such as Email, Applications, Hardware, etc.).

3. Define the services: Take the list of service categories from step two, and define the types of support available to customers in each one. You can set up workshops with customers to get a view into the required and expected levels of support—these workshops will help you gain consensus from service users.

4. Establish who supports the services: Identify the IT service owner for each service category, as well as the first, second, and third levels of support, and what support each of these levels provides.

5. Review supporting services and levels of support: The service catalog is a living document: during its lifecycle, you may need to retire a service based on feedback from support services. Always back up this decision with evidence to counteract any objections.

6. Produce two versions: The service catalog has two audiences—customers and the business. The customer version of the service catalog contains only relevant top-level information. Keep it brief, and avoid techy talk. The technical view service catalog should  include information relevant to IT and service providers.

7. Agree on a review process: Establish a process for reviewing and updating the service catalog to add and remove services and support levels as necessary.

7 Steps to Designing an Effective ITIL Service Catalog

Take a deep dive into the process of developing and maintaining a service catalog with this white paper.

3 Must-Follow ITSM New Year’s Resolutions That Will Move the Business Forward

Posted by

Editor’s note: To kick off 2017, we’re running a series on New Year’s resolution for IT leaders. For this first post, we’re taking a deep dive into the IT service management (ITSM) landscape, outlining the major issues and objectives that ITSM leaders will face in the upcoming year.

For IT leaders, there is no better time than right now to contemplate the course of the IT’s organization’s future. This isn’t hyperbole: The continuous improvements IT organizations make in 2017 will determine if they have the dexterity required to compete as a digital business.

ITSM plays a critical role in enabling digital business outcomes, and in the spirit of continuous improvement, the work of an IT leader is never done. As services increase in size, scope, complexity, and business relevance, so too do the corresponding needs for resources, capacity, security, and risk management.

Tweet this: The major issues and objectives that ITSM leaders will face in 2017 and how continuous improvement will play a role.

One factor exacerbating the issue is that as much as 29 percent of IT spending comes from business units rather than traditional IT, according to a recent Gartner survey. This trend is set to increase dramatically over the next few years. An increase in technology spending from other departments doesn’t just mean more services and dependencies to be aware of—it also means IT leaders have to build relationships with key stakeholders and ensure that IT can enable safe and secure business outcomes, regardless of who purchased the technology.

New Year’s resolutions allow you to turn dreams and aspirations into goals and objectives, simply by writing them down. What are your work-related resolutions for 2017? At Cherwell Software, we have the pleasure of speaking with countless IT organizations over the course of the year, and what follows is a list of three common objectives, along with insight into how ITSM leaders can achieve them in the upcoming year.

1. Resuscitate Knowledge Management

Knowledge Management (KM) is an on-going initiative that requires people, process, and technology integration. When done correctly, KM curates and consolidates knowledge from pockets, making it useful, purposeful, and easy to find. These initiatives typically begin with a lot of excitement, but quickly fall out of favor the first time a technician or business user finds an out-of-date artifact that doesn’t solve their problem.

Despite this challenge, there’s a lot of value in Knowledge Management. ITSM leaders should press on to understand which technology solutions can solve such challenges, and also think through new approaches to advance the people and contextual aspects required to make KM effective.

To improve Knowledge Management outcomes, ITSM leaders should look to methodologies such as Knowledge-Centered Support (KCS), which understands and recognizes knowledge as a key asset of the organization implementing it. The recognition that content should be created as a by-product of solving problems, and evolve based on demand and usage, helps to optimize resources and costs. This requires leaders to make knowledge contribution and consumption a requirement, not an option, and it’s why establishing and improving KCS’s Use/Fix/Flag/Add metric should be at the forefront of your resuscitated Knowledge Management initiative.

2. Modernize IT Self-Service

Solid Knowledge Management is a prerequisite for IT self-service, which is becoming a viable channel to support the demands of an increasingly digital and tech-savvy workforce. The promise and benefits of IT self-service remain appealing: 24/7 support, fewer contacts, lower costs, and higher customer satisfaction.

While few organizations have decreased ticket volume year over year, those who do cite the presence of a knowledge base and self-service as the top contributing factors. The reality is that many organizations have users that prefer self-service over a phone call or free-form email, yet don’t find their IT organization’s self-service portal easy to use or aesthetically pleasing—if it exists at all.

To modernize IT self-service, ITSM leaders should start by focusing on the user’s experience (and not the IT team’s). Users crave the simple, easy experience, and while that may be difficult to deliver, there are elements to draw from that can pay immediate dividends.

For example, converting the top 10 knowledge articles into “How-To Videos” can be a quick win. Ditto for automating the workflow delivery of the top three most requested services or applications. Furthermore, it’s vital to understand that promoting and marketing the self-service portal’s existence is something ITSM leaders have to take an active role in—simply building it doesn’t ensure your users will utilize it!

Tweet this: Knowledge Management is a prerequisite for #IT self-service to support the demands of a digital workforce. 

3. Mobilize the IT Service Desk

Even as solid Knowledge Management and modern IT self-service reduce contact volume, your business users will still encounter technology issues that require IT’s help to solve. Forward-thinking IT organizations understand the value of those interactions; rather than discouraging interactions, they encourage them!

In an effort to “consumerize” the IT support experience, many IT organizations are establishing walk-in/walk-up service desks, in addition to roaming IT support, where users can get face to face with technicians for help on their most pressing issues, as well as insight on how best to utilize IT services and the hardware that supports it.

The establishment of a mobile service desk can begin with a simple pilot, where a cross section of IT support blocks a conference room for an afternoon, creates signage, and communicates to business uses that any IT issues can be addressed face-to-face if they so choose. ITSM leaders can also have staffers “adopt” a certain business area or location, so that team member can gain a better understanding of the goals and challenges of the business unit, and propose new approaches or even technology solutions to aid them.

By following these three New Year’s resolutions, your IT department will flourish in the upcoming year, keeping up with users’ needs and expectations, and making future-looking improvements that will serve users well.


Looking for more insight on how you can achieve these goals in the upcoming year? Join Cherwell VP of Product Marketing Jarod Greene for the webinar New Year’s Resolutions for IT Service Management Leaders on Tuesday, January 10. 



ITSM News Roundup: Embracing and Managing Change

Posted by

To state the obvious, coping with change can be a major challenge. That’s particularly true for your IT shop: Inevitably, there are new tools, products, and technology, and it’s vital to incorporate them without disruptions to service or spikes in incidents. This week’s ITSM news roundup covers best practices and pitfalls for change management, both as an ITIL process that works to mitigate the risks associated with change, and from an organizational perspective. 

Tweet this: Managing change in any organization can be tricky. Having the right tools and technology is imperative to success

What DevOps Can Teach IT About Change Management

In InformationWeek, Susan Nunziata shares lessons from DevOps experts that can help you tackle change management, including staying connected with your team, making work visible to all stakeholders, and embracing value-stream mapping.

Discover What DevOps Can Teach IT About Change Management.

Leading Change: 6 Reasons Change Management Strategies Fail

Writing for Forbes, Brent Gleeson details why despite ample training, books, and other resources, the change initiative success rate hovers just slightly above 50 percent. Unforeseen needs and a lack of strategy are at the top of the list of contributing factors for failure.

Find out all 6 Reasons Change Management Strategies Fail.

Tweet this: How CIO’s cope with change management in the event of mergers and acquisitions 

How CIOs tackle change management amid mergers and spin-offs

Clint Boulton walks through how two CIOs rose to the occasion when tasked with supporting business-wide restructuring initiatives: When R.R. Donnelley split into three companies, Ken O’Brien, CIO, separated and rebalanced the IT departments for all three. Steve Phillpott, CIO of data storage vendor Western Digital, went through the reverse process, consolidating IT departments after Western Digital merged with two other companies.

See how CIOs tackle change management amid mergers and spin-offs.

Why Changing Your Company Culture Requires More Art than Science

In Inc., Partners in Leadership theorizes that the best approach to managing change in the workplace begins with the scientists listening to the artists. In this approach, feelings take the forefront, and change efforts are aligned with the beliefs and emotions of the workforce.

Read more about Why Changing Your Company Culture Requires More Art Than Science.

Don’t miss out on the latest news in IT service management. Check out each installment of Cherwell’s ITSM News Roundup.


5 Ways to Discourage Hacking Attacks

Posted by

Reports of hacking have dominated the news on a near-daily basis of late. These headlines are unlikely to go away anytime soon, particularly for prime, newsworthy targets like finance and retail companies. Ransomware, malicious software that holds valuable data hostage until a user or company pays up, is a growing threat that can affect any industry. But for obvious reasons—lots of lucrative data to be stolen, such as credit card and bank account information—the finance and retail industries remain particularly vulnerable to both attacks and the ensuing negative publicity.

Tweet this: Hacking has been a steady news trend in recent years, here are 5 ways to discourage retail hacking 

Target Wasn’t the Only Target

By now, it’s likely that everyone has heard of the big Target hack that occurred a few years ago. Sensitive information was stolen from more than 40 million of Target’s customer accounts, including credit/debit card numbers, expiration dates, and CVVs—that little 3- or 4-digit number you need to use your card online or over the phone. The hack attack was front-page news for several days, and left Target with a big black eye during the busiest shopping time of the year.

While the attack generated a firestorm of negative publicity for the company, many recent data breaches in retail and finance dwarf the Target attack in scope. A listing of just a few of those attacks reads like a “Who’s Who” of the financial and retail industries:

  • Walmart: Millions of customer accounts compromised in 2015 (through a third-party company)
  • JPMorgan: More than 80 million customer accounts breached in 2014
  • Home Depot: Credit and debit card information and email addresses of more than 50 million customers stolen in 2014
  • Citigroup: More than 360,000 customer accounts compromised in 2011
  • Neiman Marcus: More than one million customer credit and debit cards hacked

And an ongoing, organized series of global attacks against the finance industry has netted hackers as much as $1 billion in funds stolen from banks around the world. How can you make sure your company learns from these experiences, and doesn’t wind up a victim of a cyberattack? Every year there will be new buzzwords and evolving threats, but sticking to the basics will help reduce your exposure and make your company less attractive to attackers.

5 Tips for Increase Your Cyber Resiliency

Cybercriminals are a new breed of bad guy. Some are masterminds who display a degree of technological savvy and sophistication that, quite often, badly outclasses their targets’ cyber-defenses. Often, however, cybercriminals prey on laziness and poor system management.

Many organizations, for example, still depend upon a simple query-password system as their primary form of defense. But even at best, this is a flimsy shield against sophisticated hacking techniques such as phishing. And many passwords do little more than slightly slow down a hacker’s grab for data.

Consider this: According to Computerworld, the world’s most-used password is ‘123456.’ Millions of similarly weak passwords are all that stand between hackers and data/systems access at countless companies. It’s a good time to be a cybercriminal!

Fortunately, there are many ways that organizations can beef up their defenses against hackers. Following are five recommendations that will considerably strengthen your defenses, and most can be quickly implemented:

  1. Purge Unneeded Data Regularly: Today’s technology enables the storing of vast quantities of data. But many organizations retain data needlessly—and all of that data increases exposure in the event of a data breach, and might even make such companies more tempting targets for cybercriminals. Make it a policy to regularly purge sensitive customer information (credit card info, emails, social security numbers, etc.) from your system once it’s no longer needed on an ongoing basis.
  1. Train Employees: Hackers frequently exploit employees by probing for cracks in a company’s cyber-defenses—and with great success. And sometimes attacks originate from within. According to Vormetric’s 2015 Insider Threat Report, 89 percent of companies surveyed felt that they were vulnerable to insider threats. Though some internal threats are malicious in nature, many are simply the result of carelessness, negligence, or simple ignorance of the threats that exist. Educating employees to be alert to potential hacking attempts, and to follow best practices for security—avoiding simplistic passwords like ‘123456,’ for example—can go far in making your company more resilient.
  1. Stay Alert: Cyber-threats are constantly evolving, both in variety and sophistication. Keeping abreast of the latest threats will help to assure that you don’t fall victim to those threats. Run your scans, and patch early and often. Tune your SIEM and all of your security tools. Following security experts on Twitter can be a great and instantaneous way to keep informed about the latest threats. Regularly attending security conferences such as DEF CON and BSidesLV can help to increase both your awareness of threats and your ability to effectively respond to them.
  1. Establish Organizational Security Policies: Formulate and enforce simple and clear guidelines that provide for maintaining a secure workplace environment. While most large companies already have such policies in place, many smaller organizations do not. If you need to construct an organizational security policy from scratch, there’s plenty of guidance available for tackling that chore. The National Institute of Standards and TechnologyISO27k, and SANS all offer a wealth of useful resources.
  1. Make Identity and Access Management a Security Cornerstone: As noted above, many organizations rely upon a simple query-password system for authorizing access to systems and data. Adding additional layers of protection can provide a huge leap in security without blowing budgets out of the water, or reducing employee productivity. It’s critical to control both access to systems, and the range of permissions granted to any given user. Many vendors offer multi-factor authorization and access management solutions that are budget-friendly and can be implemented quickly if you have your requirements defined.

Tweet this: 5 tips to increase your cyber resiliency and protection against hacking

It’s Not a Time for Ostrich-Style Attitudes

Many companies have experienced data breaches that range in severity from annoying headaches to brand-tarnishing disasters. But one thing is for certain: The cyber-bad-guys aren’t letting up; the rate of cyberattacks has snowballed in recent years. Security Magazine reports that occurrences of ransomware attacks, for instance, increased almost 300 percent in less than 24 months spanning from 2013 to 2015.

If the leaders of your organization are taking a head-in-sand approach to cybersecurity, it’s time to take action. But how, and where? It’s a simple truth that absolute, organization-wide security is just not attainable. A mindset of attempting to protect everything will likely lead to protecting nothing. So make it a priority to tighten security around the most important information assets: those that drive revenue.

After all, the seriousness of a security breach is not measured by the simple fact that a breach occurred. Instead, the potential damage of a breach is calculated by the value of the data that’s stolen—as Target and many other organizations have so very painfully learned.

For Colorado’s largest credit union, Ent Federal Credit Union, reputation matters—it’s vital for customers to have high levels of confidence in their service. Read more about Ent Federal Credit Union, and how Cherwell helped their IT department move from a reactive to strategic business partner, in this case study. 


ITSM News Roundup: What You Need to Know About Software as a Service

Posted by

“Cloud will increasingly be the default option for software deployment,” according to research firm Gartner. As more and more software companies—including startups and established businesses—shift to a Software as a Service (SaaS) model, there are many benefits for IT departments. SaaS can make it easier to handle users’ multiple devices, and can also help companies scale. Learn more about SaaS in this week’s ITSM news roundup.

What you need to know about software as a service

At Beta News, Barclay Ballard breaks down the many benefits—including affordability, time savings, and scalability—to SaaS, which allows businesses and consumers to lease software from third-party distributors. 

Find out what you need to know about software as a service. 

Tweet this: Affordability, time and savings are just three benefits of implementing a SaaS model

Why the next great SaaS company will look nothing like Salesforce

Aaref Hilaly writes for TechCrunch about how newer software offerings, such as Slack, thrive by becoming the “apps that employees actually use to get their work done.” These systems of engagement—or SoE—don’t seek to become deeply embedded in business processes, but rather thrive through their strong integration and design. 

Here’s why the next great SaaS company will look nothing like Salesforce.

Tweet this: What can IT professionals expect from the next great SaaS company? 

Benefits of Licensing Software as a Service in the Cloud

SaaS is only growing, says Kim Kuhlmann at CloudTweaks. Expect companies to embrace cloud-based SaaS, which helps companies scale as projects grow and shrink, and makes it easier to manage software across multiple devices. 

Discover the Benefits of Licensing Software as a Service in the Cloud.  

Cloud computing’s next gambit: Data as a service

David Linthicum discusses how the cloud can go beyond being a storage place for data to being a vehicle to share and explore data from other organizations, and muses on the opportunities available for businesses providing both data and platform to users.  

Read all about Cloud computing’s next gambit: Data as a service. 

Don’t miss out on the latest news in IT service management. Check out each installment of Cherwell’s ITSM News Roundup. 


How to Use Customer Service Management to Keep Complaints from Going Viral

Posted by

In 2013 an Australian teenager noticed that his foot-long wasn’t—a foot long, that is. He posted a photo on Facebook showing that his sandwich only measured out to 11 of the advertised 12 inches—a full bite short!

With lighting speed, that single photo was viewed by hundreds of thousands of people, igniting a world-wide epidemic of concerned sandwich consumers measuring their subs before taking that first bite. The impact of the negative publicity was incalculable, with some customers even filing lawsuits against the sandwich chain, seeking recompense for their one-bite-short sandwiches.

Welcome to the social media age.

Customer Service Management More Important Than Ever

Customer service management has always been important in the retail business. A couple of decades ago, a dropped customer service ball would likely result in your brand’s reputation taking a hit in the eyes of a single customer. The damage might spread to a small group of people after the angry customer spread the word to friends, family, and acquaintances.

But today, an incident of bungled customer service can do far more harm than it might have just 20 years ago.

Now the angry customer might let the entire world know what she thinks of your brand. And thanks to social media, the entire world is listening, and reacting. Just one disgruntled customer can light a global conflagration that torches your brand before your very eyes—exactly the way it happened to Subway.

Tweet this: Why customer service management is more important now than it ever has been

The Social Media Explosion

Though it may seem like forever that we’ve been Tweeting and Facebooking and Instagraming and Snapchatting, social media is a relatively recent phenomenon. The first true social media site is widely regarded to have been ICQ, which launched in 1996.

Since then the use of social media has snowballed. According to the Pew Research Center, the vast majority of Americans now use one or more social media outlets on a regular basis. Nearly 80 percent of Americans with internet access use Facebook regularly—3 of every 4 Americans check the site on a daily basis. Quite simply, social media has become a part of the daily lives of most people.

What are the topics of interest on social media? Just about anything that impacts peoples’ lives, and that certainly includes experiences—good and bad—with products and retail brands.

Firecrackers Can Spark Wildfires

Forbes recently reported that social media has become a major driver of retail sales. According to a recent survey, nearly half of all social media users have purchased a product that has been favored (Liked, Favorited, Pinned, Retweeted, etc.) by other social media users. Somewhat surprisingly, social media is now driving in-store sales almost as much as online sales.

But disgruntled retail consumers are also likely to use social media to trash your brand. In fact, nearly 1 in 5 consumers will voice their displeasure on social media first, before even giving the offending company a chance to respond. And when just a single customer turns to social media to complain, all kinds of bad things can happen.

Consider Subway’s most un-excellent adventure. Twenty years ago, that lone customer complaint would have been no worse than a firecracker: annoying, but not particularly damaging. But social media provided the fuel that morphed the damage into a raging, global wildfire.

For CIOs and IT execs, the lesson is clear: Using ITSM in eliminating communication breakdowns and quickly nipping complaints in the bud can prevent firecrackers from morphing into something far more damaging.

Mobile + Mad = B-A-D

In the early days of the social media age, at least there was a bit of a buffer between your angry customer and the social media masses: Your customer needed access to a computer to share her disdain of your brand. In those days, most people didn’t carry a computer around with them, so angry customers often had a chance to cool down before accessing a computer and logging-in to their favorite social media site. Perhaps their fury would even abate enough so that they wouldn’t bother with posting.

But that buffer is long gone.

Now, virtually every one of your customers has instant access to social media through mobile devices like smartphones and tablets. They can post at any time, and from any place. They can share their low opinion of your brand while their fury is still white-hot. And when your boiling-mad customer hits send on that scathing post, potentially millions around the world will receive it instantaneously on their mobile devices.

Tweet this: The growing amount of customers with instant access to social media is changing customer service all around

Don’t Fumble That Customer Service Management Ball!

Though it certainly isn’t possible to please all the people all the time, there’s always room for improvement in the business/customer relationship. And the massive-and-growing impact of social media makes it more important than ever for retail businesses to keep customers happy. Deploying a customer service management tool that streamlines and strengthens the business/customer relationship can help prevent those social media bonfires from ever getting lit.

After all, it’s one thing to make a single customer angry. It’s quite another thing to make an entire planet of customers and prospective customers angry with your brand — even if that seething surge begins with just one disgruntled voice on social media.

Looking for examples of how an ITSM tool can improve customer satisfaction? Read how a new ITSM tool helped an award-winning deli chain boost customer satisfaction metrics and improve communications company-wide.


4 Ways to End the ITSM Software Love/Hate Cycle

Posted by

“I really hate seeing relationships filled with promise in the beginning go bad in the end.” I wrote that line in 2012, in a blog post for Gartner about the love/hate cycle between companies and ITSM software solution vendors. The relationships start strong, but ends sour and frustrated. Sadly, that very same problem still exists four years later: It’s easy to fall in love during presentations and demos, and place a new software solution firmly on a pedestal. That’s the “wow” moment, when anything seems possible—it’s easy to imagine workflows easing, problems being solved, and just about everything besides world hunger being fixed by this new, shiny solution. 

After implementation, when some time passes—maybe just a few weeks, or even a year—the shine wears off, and the tarnish sets in. That’s when the breakup process begins, accompanied by frustration with the tool and vendor. Here’s my take on why breakups are so common: 

The reality of the situation is that there are some organizations and some vendors who just don’t belong together. While they make a cute couple, that doesn’t mean that they are soul mates. The irony is that the breakups are not a result of a lack of features or functions, but because someone’s expectations were not met. Those expectations should be verbalized at the onset, but rarely ever are. 

Tweet this: Are you in a love/hate relationship with your ITSM software? Get out of the rut with these 4 steps

My message now is the same as my message in my original post: Don’t let infatuation overtake reality. When you consider a new solution, ask yourself why you want it, and what it will help you do that you can’t already do with your existing suite of tools. Here’s the thing: Some software solutions may not be as stunning as they first appear, and vendors can be challenging, but if your expectations aren’t clear, then the vendor-company relationship is doomed to fail. 

4 Ways to Ensure Your Next Software Solution Is Right for You Long-Term 

You can break free of the love/hate cycle, and get into a better relationship—a long-term, satisfied, and productive one—if you put in the legwork during the dating phase with a vendor. Try these four strategies: 

1. Know what you want. This goes back to the “e” word: Expectations. Before you shop around for a solution, you should have a clear sense of what you want to accomplish with a new solution. What can’t your old solution do, that you wish your new one could tackle? And have some self-knowledge, too, as I wrote in my original post: “Know who you are and what you bring to the table, and have an honest discussion about what process maturity gaps exist in your organization.” And then make sure to communicate what you can do currently, and what you hope to do in the future, in your conversations with vendors

2. Look for the right features. Having a sense of clarity and purpose for what you want in a solution can help you make a solid match. Don’t just fall for surface looks—dive under the hood of a solution, and check if it has the essential features and functionality that’ll help your team and your company over the long haul. 

3. Put in the time. Oh, if only relationships were as easy a single date, with a single person. Sadly, it’s rarely that simple, so you’ll want to invest some time in researching solutions and getting feedback from friends and colleagues. Here’s my still-true take on the options out there: 

There are over 100 ITSM solutions available, almost over half of which are offered in a SaaS licensing model. The key to understanding how to leverage SaaS after a break up is to think beyond a licensing and financial model and more around SaaS as a delivery model. SaaS isn’t just the way something is paid for; it’s a means to reduce the cost of innovation. That’s why we are seeing customers extend the value of their ITSM solutions and create business solutions that affect the bottom line. SaaS licensing can be the means to let you date around, but can also be something you end up forging a lasting relationship with.

Tweet this: When considering a new ITSM solution, make sure you are getting what you need from your vendor first

Always make sure to do research, and see which solutions have high retention rates—that signals happy customers. 

4. Think big picture. Don’t just focus on a solution that will be helpful this year, with your existing situation. Think about where your company is going and what it might need from a solution in the future. Keep in mind the tool’s ease of customization, too: 

New selections should be based on how well the tool matches your requirements with as little customization as possible, and rarely should requirements change to conform to a tool’s inability to do something. Customizations require costs, time, resources and sometimes services, so in vendor evaluations build better requirements and re-evaluate whether or not customization is still required.

If you really want to put on a ring on it, and have your next vendor and tool be your last one, follow these strategies to ensure long-term satisfaction.

Are you in a good relationship with your ITSM tool? We want to show you a refreshing approach to ITSM. Take the Cherwell Challenge today and see the possibilities for yourself.