Block 64 ITAM data, put to work

This report analyzes data obtained from over 300 organizations across North America using Block 64‘s ITAM management platform. The data offers a snapshot of real-life vulnerabilities, opportunities, and potential challenges across more than 200,000 endpoints. For this edition, we surveyed a new batch of 211,428 endpoints across 348 organizations in North America, providing fresh insights into the current state of IT environments.

So, let’s dive in.

A Historical Month for IT – For All the Wrong Reasons

July 2024 was a challenging month for IT leaders, marked by significant disruptions including a major outage at Crowdstrike and a notable Microsoft Azure outage. These incidents highlighted the critical need for resilience and rapid response capabilities within IT infrastructures.

Impact of CrowdStrike Outage on North American Customers:

For those living under the rocks, CrowdStrike, a leading cybersecurity firm, experienced a significant service interruption due to a technical issue in their update deployment. This outage impacted many organizations globally, highlighting the vulnerabilities even within top-tier cybersecurity providers. According to CrowdStrike, the issue stemmed from a corrupted update file that led to sensor malfunctions across multiple endpoints.

From our scan, we found that CrowdStrike sensors were installed on 43% of systems inventoried. This suggests that up to 18% of our surveyed organizations (63 out of 348 customers) were likely impacted by this outage. The incident underscores the necessity of having a robust ITAM system to quickly identify affected assets and implement corrective measures.

Microsoft Azure Outage:

The Azure outage, which lasted nearly 10 hours, was caused by a combination of a DDoS attack and subsequent internal failures. This disruption had a global impact, affecting businesses dependent on Azure services for their operations. Microsoft reported that the DDoS attack overwhelmed their defenses, leading to cascading failures within their infrastructure.

Lessons and Recommendations:

• Get proactive: Ensure your organization has a rapid response team ready to handle such disruptions. For a deeper dive into resilience strategies, check out our friends at Softchoice’s podcast about resilience and prevention.
• Follow the updates: Read Crowdstrike’s latest update – including details about resuming deployment operations and new options you can choose to decide how you want to receive automatic updates
• Modernize ITAM: Regularly update and audit your ITAM management systems to swiftly identify and mitigate the impacts of outages. Consider leveraging Block 64’s insights and tools to enhance your organization’s resilience against similar incidents.>> Related: Find out why ITAM is modern IT’s secret weapon – Read our blog

IT Leaders Being Pressured to Deliver Copilot, Need Support

As AI continues to transform the business landscape, IT leaders face increasing pressure to develop comprehensive AI adoption plans. Microsoft reports that 60% of Fortune 500 companies have adopted Microsoft 365 Copilot, but many businesses are still navigating their AI strategies.

Current Adoption and Usage:

Our latest data shows that 47% of users are not fully utilizing all Microsoft 365 products, a slight improvement from the previous month’s 49%. Specifically, 68% of users are not using Microsoft Teams, and 55% are not using Microsoft Outlook, reflecting minimal changes from June’s report. Here’s what we suggest:

• Identify key pilot groups within your organization to test Copilot’s functionalities, focusing on teams already using Microsoft 365 products extensively.
• Assess security and licensing impacts as part of the Copilot Readiness Assessment.

Ongoing Security Vulnerabilities Being Overlooked

Security remains a critical concern, with our July 29 report revealing a significant, ongoing presence of critical vulnerabilities across the North American IT landscape.

• 74% of endpoints are critically exposed: The report indicates that 74% of endpoints are exposed to at least one critical vulnerability with a CVSS score of over 9.0, a drastic increase from 60% in the previous month. This spike highlights the escalating security risks faced by organizations.
• AutoCAD Vulnerability: We newly discovered that a critical vulnerability in legacy AutoCAD versions (prior to 2023.1.4 or 2024.1.1) is affecting about 1,000 endpoints across 50 customers. This vulnerability allows maliciously crafted CATPART files to cause crashes, data breaches, or arbitrary code execution.
• SQL and Windows Server Exposures: 37% of organizations are running unsupported SQL servers, and 44% have SQL servers in extended support. Additionally, 52% of organizations still operate unsupported Windows servers, a slight decrease from the previous month’s 53%.

Bottom line: Take action. These security trends necessitate immediate action to strengthen security protocols. Organizations must prioritize regular security audits and updates to mitigate these risks, using a solution such as Block 64’s Security Reports.

Trends in IT Asset Management (ITAM) and Software Asset Management (SAM)

Effective ITAM and SAM is crucial for optimizing resources and maintaining a robust IT infrastructure. This section examines the current trends and highlights areas that need attention.

• Out-of-Warranty Hardware: The percentage of out-of-warranty hardware remains stable at 44%. This indicates that a significant portion of IT infrastructure is aging, potentially leading to higher maintenance costs and increased risk of hardware failures.
• Server Utilization: Servers using less than 25% of available resources stayed consistent at 97% on an endpoint basis. However, from an organizational perspective, there was a significant increase, with 70% of organizations running servers at less than 25% efficiency, up from 60% in June. This jump highlights a growing inefficiency that needs addressing to optimize IT operations and reduce costs.
• Java Exposure: Changes in Oracle’s Java licensing have led many companies to reassess their software usage strategies, potentially increasing expenses by up to 90%. Our findings show that 55% of customers are using a commercial version of Java, slightly down from 56% the previous month.

Putting It Together: ITAM Trends for 2024 Reveal Action Needed

The persistent issues highlighted in this report underscore the urgent need for strategic revisions in IT security and asset management. The first step is gaining insights into your current state to address gaps effectively.

• Leverage Block 64’s platform to illuminate IT blind spots and optimize resources efficiently: Contact us for a demo or sign up for a free trial to start mastering your IT environment.
• For a comprehensive evaluation of your readiness for Copilot adoption, explore our Copilot Readiness Assessment – free if you sign up before August 31, 2024.

Subscribe to our LinkedIn Newsletter:

Stay updated with more research, news, and advice for IT professionals by subscribing to our newsletter on LinkedIn.

Subscribe on LinkedIn

The post Crowdstrike, Copilot and Conquering Risk: CIO Trends for July, 2024 first appeared on Block 64.

This isn’t just our opinion. We have the research to prove it.

Introducing Block 64’s Benchmarks for CIOs reports

For 12 years, we’ve used data to improve ITAM, security and modern IT outcomes for our customers. Recently, we decided to run an experiment. In April of 2024, we assembled all the data gathered in the previous four weeks from 351 North American businesses. This anonymized data set provides a solid sample of today’s technological landscape. It includes granular details and usage metrics from 250,165 end points.

In brief, this research serves as a wake-up call. It confirms our suspicions that most IT organizations need to close gaps across security, ITAM, SAM and modern workplace. Doing so won’t just prevent catastrophe. It will unleash the full potential of their business and people.

We’ve organized our findings into four sections below, starting with the most sobering: security.

Security: Most Businesses Are Critically Exposed

Although IT leaders in 2024 might say they take security seriously, our data paints a different picture. From widespread critical vulnerabilities to outdated operational software, businesses are dangerously close to suffering a major, disruptive hack. Here’s why:

• 1 in 4 endpoints are exposed to critical vulnerabilities: Our analysis reveals a disturbing fact: approximately 1 in 4 endpoints operate with a vulnerability score above 9 out of 10 on the Common Vulnerability Scoring System (CVSS). To clarify, a CVSS grade of 9 or above indicates critical urgency for remediation due to the potential for exploitable weaknesses. Our benchmarks show that 22% of endpoints have at least one such vulnerability. Worse, this issue affects 74% of all businesses surveyed.
• Half of critical Windows and SQL server installs are unsupported: The study revealed that half of IT servers are running unsupported mission-critical software like SQL and Windows Server. By the numbers, we found 48% of organizations running unsupported SQL and 58% running unsupported Windows Server versions. On an end point basis, 22% of SQL server installs, and 19% of all Windows Server installs are unsupported. Running these outdated products significantly increases the risk of security vulnerabilities and compliance issues, potentially leading to data breaches and operational disruptions.
• 57% of businesses have antivirus gaps: While only 1.25% of endpoints are missing antivirus software, the ramifications are disproportionate. This ostensibly small figure represents a significant security gamble, as it only takes a single compromised device to become a gateway for malicious actors. When you consider this from an organizational perspective, 57% of businesses have had least one endpoint that is unprotected by antivirus solutions, underlining a widespread security oversight across North America.

ITAM: IT Leaders Are Overpaying for Compute & Ignoring End User Needs

In today’s hybrid landscape, your productivity relies on having high-performance, low-maintenance work devices. As economic conditions demand smarter spending, there’s no excuse for unnecessary infrastructure costs. Yet, our data shows failing grades on both fronts. Employees are straddled with devices that are unfit for modern needs. Meanwhile, IT is significantly over-spending on compute, along with all the operational expenses that come with it.

• 44% devices are out of warranty: Our data depicts an IT landscape where 44% of endpoints are used beyond warranty. This suggests a widespread deficiency in lifecycle management. Indeed, 100% of all business surveyed was running at least one such out-of-warranty device. Such a scenario sets the stage for potential disruptions that proactive hardware refresh plans could avert.
• 9 in 10 servers use less than 25% of available resources: The Benchmarks data also revealed a pattern of underutilization, with 92% of all servers using less than a quarter of capacity for CPU or RAM. From an organizational perspective, 62% of North American businesses had at least one server that was severely underutilizing resources. This indicates an overprovisioning issue and hints at potential savings if IT environments were right-sized. These findings reveal an opportunity to explore cloud, virtualization, or hybrid solutions to increase efficiency and reduce costs related to power, cooling, and unused space.

SAM: Subscription Shifts Pose Challenges

There’s always a lot of disruption in the software asset management (SAM) world. Major publishers frequently make big changes to pricing and licensing models. Just how much these changes will cost your business, and what you should do about it, isn’t always so clear.

Our Benchmarks report underlines the need for businesses to get on top of two major recent licensing adjustments from VMware and Oracle. Here’s why:

• VMware’s new licensing will have wide-spread impact: Shortly before Broadcom finalized its acquisition of VMware, VMware announced it would end perpetual licensing. This change took effect in December 2023. Now, VMware products are available exclusively through a subscription model. Analysts say this shift could potentially double the costs for businesses compared to previous licensing agreements. According to our data, more than 80% of virtual endpoints are running on VMware. Fifty percent of all customers (or, 177 total) are running VMware as their primary virtual technology. Especially for those businesses, it’s time to understand exposure to price increases – and build an optimized plan forward.

Related: Read our guide to VMware licensing changes.

• 63% of businesses face Java licensing risk: Oracle’s Java licensing saw a significant shift in January 2023, moving from a processor-based to a per-employee licensing model for Java Standard Edition (SE). Companies, especially those with extensive employee bases but minimal Java utilization per employee, could see their expenses surge, potentially by up to 90%.Our research shows that 63% of customers reviewed had a commercial version of Java installed. Add to that Gartner’s estimate that 1 in 5 organizations will face down an Oracle audit by 2026 and the call to action is clear. Businesses must clarify their current Java position and make plans to avoid unnecessary risk.

Related: Read our Oracle Java licensing guide

Generative AI: Get Ready for Copilot Before You Dive In

The excitement around Copilot for Microsoft 365 isn’t just hype. Business leaders see these tools as a chance to bolster productivity and stay competitive. But that doesn’t mean all organizations are ready to dive in and start experimenting today. Our research reveals businesses have to focus first on clarifying their licensing position, crafting clear use cases and standardizing usage of Microsoft 365 tools. Here’s why:

• Most Microsoft 365 users aren’t using everything they own: Microsoft 365’s penetration is extensive, yet usage rates for the suite are potentially too low, with less than 30% of users leveraging the full suite of tools. For example, of the 238,224 Microsoft 365 users we surveyed, 41% were not using Teams and 29% were not using Outlook. This underutilization signals a potential challenge for integrating new solutions like Copilot —especially if investing in such premium add-ons doesn’t translate to actual usage. As we have been saying, encouraging widespread engagement with existing M365 applications is crucial to capitalize on investments in emerging technologies effectively.

Related: Read our guide to getting ready for M365 Copilot adoption, or take a look at our free Copilot readiness assessment.

• Most businesses still have on-premise Office: On the same topic, 68.4% of businesses persist with on-prem Office installations, suggesting a possible dint to efficiency and flexibility. Moving to cloud services like Microsoft 365 could offer significant cost savings and productivity enhancements, especially as on-prem versions age and miss out on the latest features.

Where do CIOs go from here? 

These Benchmarks for CIOs offer a sobering overview of the IT status quo, emphasizing the urgency for strategic action in a number of areas. From security, to ITAM, SAM and modern workplace, there is plenty of work to do. Today.

We see a precarious security landscape with one in four endpoints presenting critical vulnerabilities. Significant underutilization of hardware is evident, with 92% of servers operating at less than 25% of their total capacities. The transition to subscription-based software also presents hurdles, as 63% of businesses are entangled in Java licenses that could lead to severe financial penalties. Finally, readiness for generative AI technologies, such as Copilot for Microsoft 365, might be lacking. Only 30% of businesses using Microsoft 365 are maximizing the platform’s capabilities, signaling a need for further adaptation and integration efforts to leverage these advanced tools effectively.

Here’s the good news: Fixing all these issues starts simply by gaining a clear picture – and custom, actionable insights for what is at risk and what you should do. And that’s exactly what the Block 64 Insights & Analytics platform offers you and your technology partner. To find out more and request a free trial, please visit Block64.com.

Subscribe to our newsletter on LinkedIn

Thought this was interesting? There’s plenty more research, news and advice for IT professionals on our LinkedIn newsletter. Sign up today.

Subscribe on LinkedIn

The post The state of Security, ITAM, SAM and Copilot Readiness in 2024 first appeared on Block 64.

But that popularity is now waning, as the demands of IT organizations evolve. Unsupported tools such as MAP Toolkit are not able to provide the insights and dependability needed to migrate to the cloud or drive IT modernization.

What is MAP Toolkit?

The MAP Toolkit is a free utility that allows IT professionals to inventory devices, software, users, and infrastructure without the need for installed agents. It is an agentless, automated, multi-product planning and assessment tool for desktop, server and cloud migrations. MAP provides readiness assessment reports with detailed hardware and software information, and recommendations to help organizations accelerate their IT infrastructure planning process, and gather more detail on assets that reside within their current environment.

Set up is straight forward. A server isn’t required, and the wizard-based install means that potentially any end-user with the right credentials to scan their network could have it up and running in less than an hour.

The end of MAP Toolkit support and development

In July 2019, Microsoft announced to their Partner Network that MAP will receive no further updates. At the time, they recommended that partners and end users use alternatives to conduct the following assessments and services:

• Server assessment and migration from on-premises to Azure
• Database assessment and migration from on-premises to Azure
• Web application migration from on-premises to Azure
• Migration of on-premises Windows VDI estates to Windows Virtual Desktop in Azure

As time goes on, the Toolkit is becoming less useful, even for legacy use cases. For example, it cannot recognize newer versions of SQL Server. Add to that the fact that there is no support line to call for help, and it’s easy to see why partners are looking for an alternative.

Block 64: A MAP Toolkit Alternative with Enhanced Features

Block 64’s Insights & Analytics platform is a cutting edge MAP toolkit alternative, trusted by a number of the world’s largest IT consultants and Value Added Resellers. As with MAP, Block 64 also offers best-in-class agentless discovery tools and wizard-based set up in just a few minutes. But it’s what happens next and our commitments to constant innovation and support that set us apart.

A feature-by-feature comparison illustrates Block 64’s clear edge over the MAP Toolkit:

• Deployment & Support: Block 64 reduces deployment bottlenecks with its fast deployment process and provides hands-on global support, unlike the now unsupported MAP Toolkit.
• Data Collection & Analysis: With capabilities extending to ITAM, cloud resource consumption, SaaS, and security insights, Block 64 surpasses the basic ITAM information collected by the MAP Toolkit.
• Partner Features: Block 64 empowers IT solutions providers and consultants with customizable templates and branded portals for enhanced customer interactions, a feature the MAP Toolkit does not provide.
• Updates & Scalability: Block 64 promises regular updates, new features and fixes — a clear advantage over the MAP Toolkit which no longer receives updates. We are also deployed in environments of all sizes, from 100 endpoints to tens of thousands.
• Reporting & Recommendations: Block 64 offers customizable templates and executive summaries, enabling tailored reporting and strategic decision-making. With MAP Toolkit, you are on your own when it comes to packaging and presenting your findings in a tangible, action-oriented way.

The added value of Block 64

Block 64 not only matches the capabilities of MAP Toolkit but goes above and beyond, providing comprehensive features and support that streamline the IT assessment process.

Instead of manual reports and disparate third-party tools, Block 64 customers use automated reports and comprehensive insights to centralize data collection, enhancing their ITAM, cybersecurity, and Microsoft 365 solutions practices. This not only reduces workload but also results in faster engagements, increased field margins, and a substantial uptick in vendor diversity.

For organizations looking to future-proof their IT assessments in the wake of the MAP Toolkit’s dwindling support, Block 64 stands out as a robust and innovative alternative. To witness first-hand how Block 64 can transform your IT infrastructure assessment and planning, reach out to our team for a demo.

The post MAP Toolkit Alternatives: Why Block 64 is Better first appeared on Block 64.