The consequences of overlooking even a single security vulnerability can be severe. If a computer on the enterprise network gets infected with malware, it can be expensive to fix, and may also prevent users from being productive while the problem is being addressed. Staying on top of security vulnerabilities and compliance requirements in today?s complex IT environments requires monitoring and management tools that can automate IT Service Management (ITSM) processes and increase visibility.
Traditionally, enterprise ITSM tools have been one of the most common ways to provide such monitoring and management capabilities. However, the cost of these enterprise management solutions is high both in terms of software licenses and the extra cost of specialized administrators and training needed to take full advantage of the tools. Some businesses have chosen to avoid these high costs by instead using point solutions for their most important ITSM needs and augmenting the tools with manual tracking and reporting methods. While this is a cost-effective way to enable some ITSM capabilities such as patch and asset management, it also puts a greater burden on IT support teams because of the manual steps involved.
Fortunately, the era of cloud computing has enabled a new approach to ITSM wherein best-of-breed tools can be used together at a fraction of the cost of traditional enterprise management frameworks. The cloud makes it easy to use multiple tools and to integrate them together, giving IT organizations the choice to deploy an industry-leading support solution along with other cloud-based ITSM tools such as patch and asset management. This avoids the high cost and increased complexity of an all-in-one ITSM tool, which would likely include capabilities that would never be used.
This paper focuses on how a cloud-based help desk solution can be deployed with a cloud-based patch and asset management tool to achieve the following business benefits:
- Reduced exposure to risk ? Proactive management of assets and an automated patch update process to help reduce the risk that security vulnerabilities will go unnoticed.
- Greater efficiency ? The integrated approach saves time and resources through automated releases of patch updates. This is also accomplished with efficient communication to IT support teams through detailed hardware and software status information that can be encapsulated within help desk tickets.
- Expedited issue resolution ? The help desk capability expedites resolution of security vulnerabilities that are identified via the patch and asset management tool. A help desk ticket can be automatically assigned, enabling a controlled measurable workflow and visibility of progress toward resolution.
- Greater management control ? Managers can have real-time visibility into the types of vulnerabilities being exposed as well as the speed with which they are resolved. Audit and compliance requirements are also simplified through flexible reporting on status of assets, software licenses, etc.
To manage IT assets and properly understand security risks, IT support teams need to have easy access to the latest configuration and status information for all of the organization?s desktops, servers, and laptops. In some cases, there are thousands of systems to monitor, making manual methods of tracking this information too inefficient to be practical.
IT support teams also need to work efficiently, and that requires real-time visibility into the following types of information for every system:
- Location and ownership or responsible party for all hardware components
- Software components installed
- Status of software licenses and maintenance contracts
- Currently installed patch levels for the operating system and key software components
- Latest security and update patches that have been made available from OS and application software vendors but not yet installed
These capabilities can be provided by a cloud-based patch and asset management environment, but in most cases, this is not enough. The patch and asset management solution can identify vulnerabilities, but provides minimal oversight for their resolution. When patch and asset management is integrated with help desk capabilities, tickets are automatically created as soon as an issue is identified, enabling issues to be tracked with the kind of visibility and control that assures proper resolution.
Why Integrate Help Desk with Patch and Asset Management?
Unlike complex enterprise management tools that include many capabilities that IT support teams won?t use, the focused approach of integrating a cloud-based patch and asset management tool with a cloud-based help desk tool provides the visibility and control needed to stay on top of security vulnerabilities without the high cost for software licenses or the extensive training that is often associated with enterprise management solutions. Furthermore, a cloud-based approach means that organizations can pay for it from their operating expense budget rather than creating a justification for a capital expenditure. And finally, cloud-based ITSM solutions can be scaled quickly and cost-effectively as the IT infrastructure grows.
Integrating a best-of-breed patch and asset management tool with your help desk solution enables a focused and comprehensive approach, giving IT support teams the ability to:
- Manage and track devices, including whether the device is remotely accessing applications and data
- Track patching on Microsoft Windows and applications, as well as third party software
- Monitor a single view of status information that presents help desk ticket information and device status details in the same dashboard
- Work remotely from mobile devices because the cloud-based dashboard offers access from any mobile device or desktop
Managers can also use the help desk reporting capabilities to watch trends over time or to monitor for improvements after making process changes. For example, it may be useful to monitor trends in metrics such as the average number of outstanding issues, time to resolution, and number of high severity issues. Patch and asset management tools don?t generally provide visibility into aggregated data for monitoring trends, but help desk tools are designed to enable management oversight.
Reducing Risk of Security Vulnerabilities
To keep security vulnerabilities under control and reduce risk, organizations need two different kinds of IT management capabilities. IT support teams need the right tools to identify security vulnerabilities, and a help desk workflow is needed to track and manage each issue so that vulnerabilities get fully resolved in a timely manner.
A best-of-breed tool for patch and asset management can simplify the process of identifying vulnerabilities because the tool is designed just for that purpose. For example, an automated scan can be run at regular intervals and set up to identify the following types of vulnerabilities and bring them to the attention of the IT support team via the help desk:
- Outdated software licenses
- Systems that have missed patch updates
- Software applications that have not been updated to the desired version
- Overdue anti-virus scans
- Systems without proper firewall protection or password/screensaver protection
For maximum efficiency, it?s best if this kind of information can be presented graphically as illustrated in Figure 1. This allows IT support teams to quickly identify the most urgent issues and also easily find the equipment that needs attention.
To illustrate how the combination of patch and asset management with help desk workflows can reduce risk, consider the following example. Suppose that a particular user?s system was powered off during a recent software update or was disconnected from the network and missed a patch update. When that system comes back online, the next patch and asset management scan would discover the problem and automatically notify an IT support team member.
Identifying the issue is a critical first step. However, ensuring timely and proper resolution requires that the security vulnerability be tracked within a help desk work-low. The automatic help desk ticketing system makes it easy for such vulnerabilities to be documented and provides a consistent process for managing their resolution.
As soon as a new vulnerability is detected, the ticket would be automatically logged for the IT support team to see within the help desk environment. In many cases, this happens before the user even knows something is wrong. Leveraging help desk workflows to manage issue resolution can help reduce the risk of security vulnerabilities by:
- Providing greater visibility to IT executives and support teams regarding vulnerabilities
- Making it easier for support teams to prioritize work according to the most critical business needs
- Enabling automated actions that speed the response to vulnerabilities
- Enforcing a consistent escalation process to help reduce average resolution time
- Simplifying compliance and audit requirements by providing visibility into ticket history, conversations, and more.
In addition, whenever a user notices that a system is behaving abnormally, or simply doesn?t work, a ticket can be generated by the user. Even though the user may not understand the issue, data can be automatically collected from the user?s system and forwarded with the ticket to help IT support teams pinpoint the exact problem.
Another example of how a combined solution helps reduce risk is by making it easier to manage software licenses, providing visibility and control over the use of unlicensed, unapproved, or unsupported software on user systems. If a user installs an unapproved software component on their desktop system, the new software component would automatically be detected by the patch and asset management tool and a warning would be immediately issued inside the help desk solution. This would result in a ticket that prompts the IT support team to act upon the issue quickly so that the vulnerability is short-lived.
Improving the Efficiency of IT Support Teams
In addition to reducing the risk of vulnerabilities, an integrated solution also helps IT support teams work more efficiently, thus reducing support costs. The proactive scanning of all assets within the organization enables IT support teams to cost-effectively monitor the environment with very little manual effort.
Detailed data about the incident can be automatically collected through agents installed on the user?s system, providing context and technical details that can be very useful to IT support teams. Crucial information such as the platform OS and version, user?s installed software applications, hardware information, and even a link to remote access control can give IT support teams a head start because they have immediate access to all the information they need as soon as they open the help desk ticket. In addition, the patch and asset management system can continue to collect more information after a ticket is logged. Thus if the status of a system changes after a ticket is created, the help desk environment can be automatically updated so that IT support teams can view the latest information right when a help desk ticket is opened.
Automated collection of device status information is especially helpful for user-initiated tickets. When users call a help desk hotline, they often lack a basic understanding of IT terminology and may have difficulty explaining the issue to IT. In many cases, the user may not even know what operating system or application versions they are running. An integrated help desk solution enables this information to be captured from the user?s system and can thus make communication easier for both users and IT support teams.
Expediting Issue Resolution
Once a help desk ticket is created, whether automatically or by a user, the ticket can be managed through a configurable automated workflow that helps speed up resolution and minimize risk. Using a help desk ticket aids and expedites resolution by:
- Identifying an owner for each issue
- Providing automatic escalation for issues that do not get addressed
- Improving management visibility into how well IT teams are doing at resolving issues
The help desk workflow makes it clear who is assigned to handle each issue and provides greater visibility for tracking progress on outstanding issues. If a help desk agent does not get to a ticket in time, the system can automatically perform an action to resolve the ticket or escalate the process.
Integration in Action
The capabilities described in this paper are not just a theoretical vision about the future. A cost-effective cloud-based integrated solution is available today from Zendesk and Panorama9. In fact, it is in use today at Ledarna, the Swedish Organization for Managers.
When Ledarna began to outgrow their homegrown internal IT support platform in 2009, they wanted to implement a cloud-based solution that would combine customer support with a patch management capability. Having had a positive experience using Zendesk for customer support, they took a look at Zendesk?s 100+ integrations and found Panorama9.
Here?s what Ledarna has been able to achieve using Zendesk and Panorama9 together:
- Average customer satisfaction rating: 98%
- Average first response time: 41 minutes
- 50% of solved tickets are resolved in less than 24 hours.
- Transformed support from ad-hoc scribbles on pieces of paper to a controlled, measurable workflow in Zendesk and Panorama9.
- Measure and report on ticket management to place a ?price tag? on support services.
The combined solution from Zendesk and Panorama9 includes an integrated dashboard where the latest information about help desk tickets is available along with status information for the IT assets. Thus there is no need for IT support engineers to flip back and forth between dashboards for accessing the information needed to resolve issues.
We are seeing enormous productivity benefits. We are getting more tickets from our users because it's more accessible for them to make requests. But we can solve tickets easier and faster because we have greater visibility on our users and infrastructure. -Alex Tsarapatsanis, IT Technician, Ledarna
How the Integration Works with Zendesk and Panorama9
The Zendesk integration with Panorama9 is accomplished by using the notification feature in Panorama9 to automatically create a Zendesk ticket. For more information about the integration and how to set it up, please refer to the Zendesk getting started guide at https://support.zendesk.com/entries/21504966-panorama9-it-monitoring-asset-management-and-more.
Technology advances with cloud computing have enabled a new approach to ITSM wherein best-of-breed point solutions can be integrated together with relative ease. The integrated cloud-based solution from Panorama9 and Zendesk provides greater efficiency in patch and asset management to reduce IT support costs while also reducing exposure to vulnerabilities. It provides greater visibility and control over security vulnerabilities and gives organizations the right tools for efficiently maintaining the IT infrastructure and reducing risk of security breaches ? all at a fraction of the cost of traditional enterprise management solutions.
Panorama9 is a cloud-based IT management platform that shows you everything you need to know about your IT ? from a single dashboard that?s amazingly easy to monitor and control. Customers in primarily the US and Europe rely on Panorama9 to monitor and update their IT infrastructure. Panorama9 was founded in 2010. Learn more at www.panorama9.com.
Zendesk is the leading provider of proven, cloud-based customer service software. For growing organizations, Zendesk is the fastest way to enable great customer service. More than 25,000 Zendesk customers, including Gilt Groupe, Box, and Disney, trust Zendesk with their most valuable assets: their customers, partners, and employees. Founded in 2007, Zendesk is funded by Charles River Ventures, Benchmark Capital, Goldman Sachs, GGV Capital, Index Ventures, Matrix Partners, and Redpoint Ventures. Learn more at www.zendesk.com.