The Anatomy of a Service Portfolio


The Service Portfolio is one of those service management capabilities that is, generally, not well understood. There tends to be a wide variety of opinion on what it is and how to leverage it in a typical service management program. Some misconceptions about the Service Portfolio include: (more…)

Read More →

What you Need to Know Before Purchasing a New Security Tool


Speaking of nightmares… ever tried to implement a tool without a process? Does that sound crazy to you? If it doesn’t, you are not alone. Thousands of companies try to implement management platforms and other tool solutions without properly discovering, defining, and maturing processes that are designed to direct and streamline their organization.  Usually tools are acquired to improve a process.  Without a process for the tool to act on, all you could be doing is (more…)

Read More →

Laying the Groundwork for a Successful Engagement


Organizations, throughout multiple industries, are striving to successfully manage their IT environments. Many even find it necessary to invite assistance from some form of professional services organization to help them achieve their goals. I have worked at several of these firms over the course of my career. When we host internal discussions amongst ourselves about the progress we are making (or the lessons learned from working with our customers) we’ve noticed some common themes that, if addressed preemptively, can make our work together much more successful. (more…)

Read More →

Vulnerability Nightmares: SCREAMING for Automation


Missing a critical vulnerability mitigation can be a nightmare, and if the unmitigated vulnerability is exploited…that could be like a dream of falling and never hitting the bottom because the impact can ripple through an organization with effects unimagined to the business and its reputation. The job of managing vulnerabilities and maintaining a secure environment is one of high stress and uncertain success.

Many environments today cope with the never ending cycle of monitoring, managing and remediating vulnerabilities through a combination of automated tools and manual processes. These manual processes are usually siloed, disjointed, and require face-to-face interactions, hindering real time responses to current threats. The process may go something like this: (more…)

Read More →