Youre right thats difficult to do. Licensing costs themselves vary from customer to customer. Ive seen multiple companies work up RFPs on Remedy systems and be quoted different licensing and support costs from BMC. And thats without the mark-ups that a company may or may not add in. Could be the same for S-Now. Would be nice to see these vendors publish a price list :) .
From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Joe D'Souza Sent: Thursday, June 16, 2016 1:43 PM To: arslist@ARSLIST.ORG Subject: Re: Question - Service Now ** While on this topic, does anyone have a cost comparison between these two tools? I know this could be a complicated question as the cost of owning these systems isnt just cost of systems, licenses, hardware, etc. but also cost of implementation by way of time and resources. But lets leave the time and resources aside as those costs are debateable as to which system may be more cost effective.. That may give some of us a better understanding of how attractive these sytems are to the financial heads of an organization.. I *think* I have a slight idea of the costs but the information I have is not current and licensing models have changed quite a bit since the time I used to have access to the finanacial information of these systems. Joe _____ From: Action Request System discussion list(ARSList) [ <mailto:arslist@ARSLIST.ORG> mailto:arslist@ARSLIST.ORG] On Behalf Of Ken Pritchard Sent: Wednesday, June 15, 2016 10:41 PM To: <mailto:arslist@ARSLIST.ORG> arslist@ARSLIST.ORG Subject: Re: Question - Service Now Everyone is answering this like a bunch of IT folks. It really comes down to a risk/cost/reward issue. What I the (increased) risk of being hacked on the cloud vs what in a lot of cases is an outsourced IT department (not really much different than a cloud IMO) and what is the perceived cost of any data breach vs the increased cost of hosting the application vs the cloud. Basically we in IT look at it as an absolute of which is better, but upper management the folks with the purse strings look at it from a cost accounting perspective. For some, the data stored in an ITSM suite system (custom apps aside which is where BMC (or should I say Baine Capital) has shoved them) isnt more than a mechanism to process service desk calls. In effect, unless were storing PII in the system (SSNs, etc) is there really a financial risk with the ITSM system being hacked. Now I know the next statement would probably be that the CMDB contains information on other systems within the environment that does contain that type of information, but then it would require that information to contain information on how to access those other systems. I might be a bit naïve here, but I really dont see (in most instances) where upper management would find the risk to exceed the savings. From: Action Request System discussion list(ARSList) [ <mailto:arslist@ARSLIST.ORG> mailto:arslist@ARSLIST.ORG] On Behalf Of Rick Cook Sent: Wednesday, June 15, 2016 7:29 PM To: <mailto:arslist@ARSLIST.ORG> arslist@ARSLIST.ORG Subject: Re: Question - Service Now ** Amazon has already been hacked at least once. I know of one DoD RoD customer that hosts their own instance for security reasons. Rick On Jun 15, 2016 16:10, "Joe D'Souza" <jdso...@shyle.net <mailto:jdso...@shyle.net> > wrote: ** I think it mostly comes down to the answer to this question would you be ok to let a valet drive and park an expensive car or motorcycle you own or would you want to do it yourself. Would you trust that valet to tell you after he has parked it if he accidentally dinked it or hit a huge pot hole if that dink or damage is not easily visible? If so maybe you are the kind of person for who services like the cloud would work quite well with if functionally it offers you everything else you have been looking for. Personally I do not think that services that host cloud based services publicly acknowledge their service was compromised in the odd event it was unless it was quite obvious it has been to the end customer which can sort of be a disturbing thought. There may or may not be a threat or a breach every month.. Maybe every week. Maybe even every day. I honestly do not think they would upfront about such incidents when and if it occurs unless it was quite fatal. It could mean a risk to their business and they would not want that. Joe _____ From: Action Request System discussion list(ARSList) [mailto: <mailto:arslist@ARSLIST.ORG> arslist@ARSLIST.ORG] On Behalf Of Pierson, Shawn Sent: Wednesday, June 15, 2016 8:49 AM To: <mailto:arslist@ARSLIST.ORG> arslist@ARSLIST.ORG Subject: Re: Question - Service Now Just to play devils advocate, theoretically someone whose business depends on their internet-facing servers being trusted is going to likely spend more money on security than a company that sells widgets as their primarily line of business and views I.T. security as just an expense. I dont know who hosts Service Now or BMCs cloud servers, but Id expect that they probably take it very seriously. Things can definitely slip through but if were all deploying MyIT and such to give people access to Remedy via their smartphones and tablets off the network, its really a question of whose cybersecurity you trust more. Thanks, Shawn Pierson Remedy Developer | Energy Transfer From: Action Request System discussion list(ARSList) [mailto: <mailto:arslist@ARSLIST.ORG> arslist@ARSLIST.ORG] On Behalf Of Joe D'Souza Sent: Tuesday, June 14, 2016 8:28 PM To: <mailto:arslist@ARSLIST.ORG> arslist@ARSLIST.ORG Subject: Re: Question - Service Now ** Exactly but I would like to add its as safe as someone elses computer who gives access to some of his trusted associates facing the internet. So once out there, it is as safe as any other shared resource with limited public access on the internet is. Whether you like it or not, that exposes the system to a few more vulnerabilities than a system that is internal and intranet facing. So whether it is ServiceNOWs cloud or any other, it is the one risk you need to assume before investing in it. Joe _____ From: Action Request System discussion list(ARSList) [ <mailto:arslist@ARSLIST.ORG> mailto:arslist@ARSLIST.ORG] On Behalf Of Rod Harris Sent: Tuesday, June 14, 2016 8:44 PM To: <mailto:arslist@ARSLIST.ORG> arslist@ARSLIST.ORG Subject: Re: Question - Service Now ** If only I had a like button. Yes, cloud does seem to be a bit of a buzzword that you have distilled nicely with that T-shirt slogan. Thanks JDHood. On 15 June 2016 at 10:35, JD Hood <hood...@gmail.com <mailto:hood...@gmail.com> > wrote: ** It may be a T-Shirt slogan, but it's relevant nonetheless: "...There is no "Cloud" - It's just someone else's computer..." -JDHood On Tue, Jun 14, 2016 at 8:19 PM, Joe D'Souza <jdso...@shyle.net <mailto:jdso...@shyle.net> > wrote: ** I do recall hearing rumors it was not sure how long time ago. But take that information with a grain of salt as I do not know much details of what I had heard. ServiceNOW is primarily a system hosted on the cloud so is as vulnerable or strong as any other system on the cloud. So IMHO if security of your data is one of your top concerns, the cloud may not be the best place for you to be at. However strong the security, there is always a loophole to be found for someone who has the intent to find one. While this is true for systems hosted internally too, at least the vulnerability of the system isnt exposed to the world if your system isnt internet facing. Joe _____ From: Action Request System discussion list(ARSList) [mailto: <mailto:arslist@ARSLIST.ORG> arslist@ARSLIST.ORG] On Behalf Of Sanford, Claire Sent: Tuesday, June 14, 2016 3:17 PM To: <mailto:arslist@ARSLIST.ORG> arslist@ARSLIST.ORG Subject: Question - Service Now Does anyone know if Service Now has ever had their servers (with customers data) ever been hacked? _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ Private and confidential as detailed here <http://www.energytransfer.com/mail_disclaimer.aspx> . If you cannot access hyperlink, please e-mail sender. _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
