Career Education Corporation eliminates software license audit risks

Centralizing application and hardware asset management with IBM Endpoint Manager software

Published on 05-Jun-2013

"While software audits initially drove our search for a new solution, we discovered that we needed endpoint management consistency throughout the entire enterprise. IBM Endpoint Manager software provided all that in a single tool." - Jeff Lemke, director of IT site operations, Career Education Corporation

Customer:
Career Education Corporation

Industry:
Education

Deployment country:
United States

Overview

Career Education Corporation (CEC) offers doctoral, master’s, bachelor’s and associate degrees as well as diploma and certificate programs to more than 75,000 students across the world online, through its campuses and in a hybrid environment.

Business need:
Career Education Corporation (CEC) used a fragmented endpoint management system to track thousands of endpoints at 80 campuses and 10 offices. It needed to centrally manage software and hardware assets.

Solution:
CEC selected IBM® Endpoint Manager software as its software asset management tool and extended it to hardware asset management, patching, antivirus updating and laptop encryption.

Benefits:
By replacing manual patching, testing, deploying and remediating processes for more than 20,000 endpoints, CEC gained the visibility and control necessary to ensure software and security compliance.

Case Study

Career Education Corporation (CEC) offers doctoral, master’s, bachelor’s and associate degrees as well as diploma and certificate programs to more than 75,000 students across the world online, through its campuses and in a hybrid environment.

Needing visibility into a distributed and complex endpoint environment

To enforce software license agreements and generate revenue, software vendors have increased their software license audits over the past several years. In fact, one major provider announced its intention to perform nearly 30,000 audits over the next two years.

When three software vendors made software license review requests to CEC, the company realized its fragmented, best-of-breed endpoint management system was not up to the task. This left it exposed to a range of risks, most notably software license noncompliance penalties of as much as USD150,000 per infraction.

"We needed to know what software and what versions of that software were deployed and if we were properly licensed," says Jeff Lemke, director of IT site operations for CEC. "We have over 80 campuses, as well as 10 corporate offices, and we didn't have a centralized endpoint management tool in place. We lacked overall visibility into our hardware and software assets and the ability to manage them. Typically, we'd ask people at each location to do physical counts of computers and software, which might take weeks, and even then the information was hard to verify."

Inadequate software asset management control increased financial liability and elevated the company's exposure to security and performance risks because CEC could not reliably push updates, patches, antivirus protection and other applications to more than 20,000 endpoints.

Standardizing endpoint management enterprise wide

Adding even more complexity was a mixed operating system (OS) environment, along with the wide variation in endpoint connectivity, from digital signal 3 (DS3) service at some CEC offices to at-home employees working on a virtual private network (VPN).

"We couldn't centrally manage many of our endpoints because of bandwidth issues, so in the case of antivirus updates, for instance, campuses would either set up their own antivirus management server or do it over the Internet," recalls Lemke. "As a result, we didn't have an enterprise wide view into the current status of antivirus. So, while software audits initially drove our search for a new solution, we discovered that we needed endpoint management consistency throughout the entire enterprise. IBM Endpoint Manager software provided all that in a single tool."

By implementing IBM Endpoint Manager software, CEC gained a highly scalable solution for everything from hardware asset management and patching to desktop imaging. With some customization, CEC also delivered encryption software over the network to company laptops and could verify a laptop's encryption if it were stolen. This verification was extremely important given the strict regulations for protecting student information.

CEC has deployed IBM Endpoint Manager software throughout their enterprise, and currently manages over 20,000 endpoints in its schools, corporate offices, data centers, online recruiting centers and remote user locations. “The infrastructure changes required to implement the solution and the time it took to deploy the client were both very minimal. The fast implementation helped us meet our project deadlines” said Lemke. “Additionally, managing endpoints in our classrooms with IBM Endpoint Manager software allows us to validate that the computers being used by our students are safe and secure with the proper applications installed. This has helped ensure a positive student experience.”

Centralizing updates and patches for mixed OS environment

Lemke credits the solution's unified platform as one reason it fit easily into the company’s mixed Microsoft Windows-Mac OS environment and multi-device—such as laptops, desktops and servers—environment. "Instead of using four different solutions to monitor the Windows patching and the antivirus, for example, everything is simplified with IBM Endpoint Manager software. All updates can now be created and deployed from a central interface to all affected endpoints. With other solutions, the overhead required just to deploy one update at 90 locations was a full-time job for one person, and once he was done with that he’d have to do it again for the next update."

Decreasing software license costs through unprecedented endpoint visibility

IBM Endpoint Manager software acts as a guard against over-purchasing software and deploying unused software. For instance, the solution helped Words of Wisdom, the student bookstore that processes the textbook and software needs of online CEC students, move from estimating the number of Microsoft product licenses it needed to precisely quantifying actual demand for licenses. As a result, says Lemke, "We reduced our total Microsoft Visio and Microsoft Project license expenditures by 92 percent."

Enterprise-wide, CEC ensures the proper quantity of licenses are purchased by compiling software license inventories and contract verifications with IBM Endpoint Manager software, rather than contracting with an outside party to perform onsite audits at each campus.

The bottom line, says Lemke, is this: "Our IBM Endpoint Manager software environment has worked from day one, providing something we've never had before: real-time, complete visibility into our highly distributed, mixed IT environment and total confidence that the data we have is accurate and up-to-date."

For more information

To learn more about IBM Endpoint Manager software, please contact your IBM marketing representative or IBM Business Partner, or visit the following website: ibm.com/software/tivoli/endpoint

Additionally, IBM Global Financing can help you acquire the software capabilities that your business needs in the most cost-effective and strategic way possible. We'll partner with credit-qualified clients to customize a financing solution to suit your business and development goals, enable effective cash management, and improve your total cost of ownership. Fund your critical IT investment and propel your business forward with IBM Global Financing. For more information, visit: ibm.com/financing

Products and services used

IBM products and services that were used in this case study.

Software:
IBM Endpoint Manager for Software Use Analysis

Legal Information

© Copyright IBM Corporation 2013 IBM Corporation Software Group Route 100 Somers, NY 10589 Produced in the United States of America April 2013 IBM, the IBM logo, ibm.com, and Tivoli are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Microsoft, Visio and Project are trademarks of Microsoft Corporation in the United States, other countries, or both. The content in this document (including currency OR pricing references which exclude applicable taxes) is current as of the initial date of publication and may be changed by IBM at any time. The performance data discussed herein is presented as derived under specific operating conditions. Actual results may vary. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that systems and products are immune from the malicious or illegal conduct of any party.