The promises of the CMDB have been around a long time. The Information Technology Infrastructure Library (ITIL) popularized the concept back in the 1980s and 1990s as a foundational element of IT service management.

The benefits are clear: having a trusted data source with a rich set of relational information provides organizations with decision-making capabilities to support more efficient operations, better user experiences and proactive mitigation of risk. The marketplace has no shortage of services, technologies and service management platforms that support and rely on the CMDB. A CMDB, and by extension, the capabilities it enables, continues to be an important goal for organizations, even more so now considering the impact of digital transformation.

The fact that compliance efforts can be challenging is no surprise to IT professionals and managers. Today’s regulatory environment is full of security and privacy regulations that place strict limits on the collection, handling and storage of sensitive information, and IT teams often find themselves responsible for the heavy lifting of compliance programs.

I recently had the opportunity to visit with a retailer that operates a large contact center to support its international chain of stores. The company was in the early stages of reviewing its compliance obligations and asked us to find ways to modify business practices to reduce the scope of its compliance efforts. After reviewing the company’s activities, we discovered a few small changes in the way the company handles information that could dramatically reduce its compliance burden. Organizations across industries can draw lessons from this experience as they seek to reduce their own costs of compliance.

The global pandemic and social distancing measures have redefined the office for many people. Industries that never would have considered allowing their office employees to work from home were forced to rethink decades of business as usual.

This change has also brought new technology needs. Since these businesses had built technology infrastructures that relied on traditional network and application architecture, a shift had to occur. Suddenly, IT departments were dealing with overloaded VPNs or having to deploy a VPN that they never had to maintain before. Compound that with the fact that users are now accessing company resources from networks or assets that corporate IT has no control over, that most home routers are still vulnerable to exploitation and that, in many cases, the network gates were flung open in the name of productivity ― it’s enough to give any CISO an ulcer.

So how can companies mitigate these risks? Now that everyone is settling into a routine and we’re adjusting to this “new normal,” it’s an ideal time to reach out to your users and talk about security.

Given today’s unique environment, companies are looking to technology, current and emerging, to help navigate the business landscape that exists before them — and the one that is to come in the near term. To help our customers through this constantly evolving environment, we’ve identified three key phases that organizations are moving through as a result of the pandemic. In mapping out this journey with our customers, CDW’s Consulting Services has determined where organizations should focus their technology investments.

Many organizations struggle with IT asset management even during the best of times. In fact, according to a CDW survey, nearly 1 in 5 businesses incorporates Post-it notes as part of its asset management strategy. Now, add a worldwide crisis that has forced organizations to roll out countless laptops and software licenses in a matter of days to enable remote work (often outside of their normal procurement and budget processes), and you have a recipe not only for massive inefficiency, but also huge software license compliance liabilities.

It’s important for organizations to get in front of this now by applying appropriate asset management tools and practices to their new environments. At CDW, we have four main ways of helping customers to better manage their IT environments.

Modern business is a complex web of interwoven relationships. As I work with organizations across a variety of industries, I’m amazed at the networks of suppliers, consultants and partners that companies bring together to create competitive products and services. While these partnerships deliver tremendous value, they also bring new risks. In fact, the Ponemon Institute recently estimated that data breaches are roughly 9 percent more expensive when third parties are involved. The bottom line is that you can outsource various business functions, but you can’t outsource risk.

Let’s take a look at three things organizations can do to better manage the hundreds of vendors that compromise their supply chains. This is the core of building a robust vendor performance and risk management program.