Taking Splunk to the Next Level - Manager
1 like887 views
Splunk can help customers document business value by providing deliverables like business cases, value realization studies, and adoption roadmaps. It has helped over 700 customers worldwide since 2013. Key value drivers reported by customers include IT operations, application delivery, security, and compliance. Common challenges to documenting value include lack of tools, benchmarks, and time. The document outlines best practices for positioning value at Splunk, including quantifying business value, qualifying pain points, aligning with objectives, and measuring success. It provides examples of value drivers achieved in areas like infrastructure optimization, revenue growth, and risk reduction.
Ad
More Related Content
What's hot (20)
Viewers also liked (6)
Ad
Similar to Taking Splunk to the Next Level - Manager (20)
Ad
More from Splunk (20)
Recently uploaded (20)
Taking Splunk to the Next Level - Manager
- 1. Copyright © 2016 Splunk, Inc. Taking Splunk to the Next Level for Management David Caradonna Director, Global Business Value Consulting [email protected] March, 2016
- 2. Copyright © 2016 Splunk, Inc. Agenda for Today’s Session 2 2 Overview of Key Value Drivers 3 Best Practices for Positioning Value 4 Summary / Q&A 1 Business Value at Splunk
- 3. Copyright © 2016 Splunk, Inc. Help customers document the projected and already realized business value of making machine data accessible, usable, and valuable for everyone Common Deliverables: › CFO-Ready Business Case › Value Realization Studies › Usage Maturity & Staffing Readiness › Enterprise Adoption Roadmaps › Customer and Industry Benchmarks 700+ Engagements Worldwide Since 2013 Business Value Consulting at Splunk
- 4. Copyright © 2016 Splunk, Inc. Splunk should not be a Hidden Gem 4 I was never able to do this before! I can search Syslog way faster now! What business value do I get?
- 5. Copyright © 2016 Splunk, Inc. Top Challenges to Documenting Value ToolsData Lack of Tools to Make Value Measurement Easy x Lack of Splunk and Industry Benchmarks x Not Enough Time to Assess Your Value x Time
- 6. Copyright © 2016 Splunk, Inc. Overview of IT Value Drivers Based on FY16Q3 activity Security, Compliance IT Operations Application Delivery Common Value Drivers as reported by Splunk Customers
- 7. Copyright © 2016 Splunk, Inc. IT Operational Analytics (ITOA) An overview of Splunk efficiencies and Most Common Data Sources as reported by Splunk Customers IT Operations NOC, Server, Storage, Network Admins, DBA, Middleware, Application Support Teams
- 8. Copyright © 2016 Splunk, Inc. TOP 4 Use Cases for ITOA Root Cause Analysis Up to 30% unknown root causes, causing incidents to recur Incident Troubleshooting Lengthy log analysis done manual Incident Triage All hands on deck, taking up 30 to 40 minutes Failure detection Customer often informs IT Before Splunk Service Restoration Fix is implemented #4 Faster and more comprehensive root cause analysis helping to reduce incident recurrence #3 Faster investigation (MTTI) through rapid log search and correlation conducted in conjunction by different teams (everyone looks at the same data) #2 Faster triage often conducted by 1st level staff without all hands on deck #1 Better detection customer is notified by IT With Splunk Fix is implemented Event Mgmt Incident Mgmt Problem Mgmt
- 9. Copyright © 2016 Splunk, Inc. Benchmarking Splunk Customer Success Documented through 700+ engagements worldwide Reduced Sev1 and Sev2 incidents by 43% Reduced MTTR by 95% and reduce escalations by 50% Improved API performance by 50% reducing need for infrastructure upgrades and increasing user satisfaction 15-45% reduction in high priority incidents 70-90% reduction in incident investigation time 67-82% reduction in business impact 5-20% increase in infrastructure capacity utilization Customer Feedback IT Operations Analytics (ITOA)
- 10. Copyright © 2016 Splunk, Inc. Network Server & Storage • SNMP • DHCP • Firewall • Load Balancer • Network Switches • Network Routers (cisco_cdr, cisco:asa, cisco_syslog, clavister) • Netflow • Proxies Application • OS Logs (ntsyslog, snare, dhcpd, linux_secure, aix_secure, osx_secure, syslog, PERFMON:CPUTime, PERFMON:FreeDiskSpace, Win:Event, etc.) • VMWare server logs • AWS Logs (CloudTrail, CloudWatch, Config, S3, etc.) • MS Azure Logs (WADEventLogs, WADPerformanceCounter, WADDiagnostInfrastructure, etc.) • Backup logs • Storage logs Common Data Sources Documented through 700+ engagements worldwide Middleware & Database • Java – J2EE (log4J, JMS, MQ, TibcoEMS, HornetQ, RabbitMQ, Native JMS, Weblogic JMS, etc.) • Middleware (Tibco, Software AG etc.) • Web Server (access_combined, access_combined_wcookie, access_common, apache_error, iis, nginx, etc.) • Application Server (log4j, log4php, weblogic_stdout, websphere_activity, websphere_core, websphere_trlog, etc.) • Mobile Devices • Database error logs • Application Error Logs • Application Performance and Usage Logs • Application Authentication Logs • Business Process Logs (Payments status, batch upload status, customer order status, etc.) • Mail Server Logs IT Operations Analytics (ITOA)
- 11. Copyright © 2016 Splunk, Inc. Network Server & Storage • SNMP • DHCP • Firewall • Load Balancer • Network Switches • Network Routers (cisco_cdr, cisco:asa, cisco_syslog, clavister) • Netflow • Proxies Application • OS Logs (ntsyslog, snare, dhcpd, linux_secure, aix_secure, osx_secure, syslog, PERFMON:CPUTime, PERFMON:FreeDiskSpace, Win:Event, etc.) • VMWare server logs • AWS Logs (CloudTrail, CloudWatch, Config, S3, etc.) • MS Azure Logs (WADEventLogs, WADPerformanceCounter, WADDiagnostInfrastructure, etc.) • Backup logs • Storage logs Common Data Sources Documented through 700+ engagements worldwide Middleware & Database • Java – J2EE (log4J, JMS, MQ, TibcoEMS, HornetQ, RabbitMQ, Native JMS, Weblogic JMS, etc.) • Middleware (Tibco, Software AG etc.) • Web Server (access_combined, access_combined_wcookie, access_common, apache_error, iis, nginx, etc.) • Application Server (log4j, log4php, weblogic_stdout, websphere_activity, websphere_core, websphere_trlog, etc.) • Mobile Devices • Database error logs • Application Error Logs • Application Performance and Usage Logs • Application Authentication Logs • Business Process Logs (Payments status, batch upload status, customer order status, etc.) • Mail Server Logs IT Operations Analytics (ITOA)
- 12. Copyright © 2016 Splunk, Inc. Application Delivery Application Delivery An overview of Splunk efficiencies and Most Common Data Sources as reported by Splunk Customers Developers, Testers, Project Managers AND DBAs, Middleware, Application Support Teams
- 13. Copyright © 2016 Splunk, Inc. TOP 6 Use Cases for Application Delivery typical SDLC #4 Faster delivery of dashboards provide real-time visibility across all technology layers involved in processing business service transactions so bottlenecks can be swiftly identified and addressed #5 Faster Mean Time to Market on key projects through faster test failure analysis and defect remediation #6 Increased release value through improved visibility on feature efficiency patterns in order to better assess needs for future releases #2 Faster pre-production defect remediation through improved investigation of root causes #1 Faster test failure analysis for functional, performance and security test runs through analysis of test logs #3 Fewer escalations to developers from fewer production outages means developers are more focused on innovating the business
- 14. Copyright © 2016 Splunk, Inc. Benchmarking Splunk Customer Success Documented through 700+ engagements worldwide Application Delivery Shortened development cycles by 30% Reduced reporting time by 88% Increased release cycles by 8x with no additional staff Customer Feedback 80-90% faster development of reports and dashboards 70-90% reduction in time for QA test failure analysis 70-90% reduction in time for pre-prod defect investigation 10-50% improvement in time to market
- 15. Copyright © 2016 Splunk, Inc. SDLC Application Delivery Common Data Sources Documented through 700+ engagements worldwide Middleware & Database • Java – J2EE (log4J, JMS, MQ, TibcoEMS, HornetQ, RabbitMQ, Native JMS, Weblogic JMS, etc.) • Middleware (Tibco, Software AG etc.) • Web Server (access_combined, access_combined_wcookie, access_common, apache_error, iis, nginx, etc.) • Application Server (log4j, log4php, weblogic_stdout, websphere_activity, websphere_core, websphere_trlog, etc.) • Mobile Devices • Database error logs • Performance Test Logs • Functional Test Logs • Security Test Logs • Debug Logs • Release Error Logs • Code Management Logs Application • Apache Web Logs • Application Error Logs • Application Performance Logs • Application Authentication Logs • Business Process Logs (Payments status, batch upload status, customer order status, etc.) • Mail Server Logs
- 16. Copyright © 2016 Splunk, Inc. Security and Compliance Security, Compliance An overview of Splunk efficiencies and Most Common Data Sources as reported by Splunk Customers Security Analysts, SOC, Compliance, Audit teams
- 17. Copyright © 2016 Splunk, Inc. Assess Risk Deep Analysis Monitor Controls Audit & Comply TOP 4 Use Cases for Security & Compliance #4 Continuous compliance on ALL components and policies resulting in faster and simpler audits #3 Faster implementation of critical security controls (ex: CIS Top 20) across ALL layers of the organization, ultimately resulting in full enterprise visibility and a reduction in risks #2 Faster deep dive investigation on security incidents that require further proactive and reactive analysis #1 Faster 1st level triage on ALL security attacks with less resources as opposed to reviewing only a subset of attacks Web Threats Mobile & IOT Vulnerabilities Scams & Social Media Targeted Attacks Data Breaches E-Crime & Malware
- 18. Copyright © 2016 Splunk, Inc. Security, Compliance & Fraud 70-90% faster detection and triage of security events 70-90% faster investigation of security incidents 70-90% reduction in compliance reporting time 10-50% reduction in risk of data breach, IP theft, fraud Customer Feedback Benchmarking Splunk Customer Success Documented through 700+ engagements worldwide Reduced effort on security staff tasks saving more than $500,000 per year Reduced fraud & abuse by 50% converting fraudulent users to paying customers Reduced compliance reporting time by over 80% for SOX, SAS-70 and PCI a SaaS company
- 19. Copyright © 2016 Splunk, Inc. Security, Compliance & Fraud Common Data Sources Documented through 700+ engagements worldwide Network, Server & Storage • SNMP • Wire Data • DHCP • Firewall • FTP Logs • IDS Logs • Network Access Control • File access control • Network Switches • Network Routers Application & User • Wireless Network logs • Netflow • Proxies • OS Logs (ntsyslog, snare, dhcpd, linux_secure, aix_secure, osx_secure, syslog, Win:Event, etc.) • Patch Logs • VMWare server logs • AWS Logs (CloudTrail, CloudWatch, Config, etc.) • Storage logs Middleware & Database • Java – J2EE (log4J, JMS, MQ, TibcoEMS, HornetQ, RabbitMQ, Native JMS, Weblogic JMS, etc.) • Middleware (Tibco, Software AG etc.) • Web Server (access_combined, access_combined_wcookie, access_common, apache_error, iis, nginx, etc.) • Application Server (log4j, log4php, weblogic_stdout, websphere_activity, websphere_core, websphere_trlog, etc.) • Database error logs • Malware protection logs • Endpoint activity • Application Error Logs • App. Authentication Logs • Vulnerability Scanning • Mail Server Logs • Active Directory • LDAP, VPN • SDLC Security Test Logs • Mobile Devices • Physical Card Reader Logs Other • Threat Lists • OS Blacklist • IP blacklists • Restricted ports and protocols • Vulnerability Lists • Social Media Feeds • Training Logs
- 20. Copyright © 2016 Splunk, Inc. Splunk Security & Compliance Best Practices RefertotheSplunkSANS20whitepaper fordetailedusecasesandexamplesof howcustomersuseSplunktoachieve theanticipatedimprovementswith: FasterDetectionofSecurityEvents FasterResearchandInvestigation ReducedRiskswithDataBreachandFraud New release coming out soon: Mapping Splunk Software to the CIS 20 CSC Version 6.0
- 21. Copyright © 2016 Splunk, Inc. Best Practices for Positioning Value 41 3 Quantify business value Qualify current pain points 2 Taking your Splunk Deployment to the Next Level Align with key objectives Measure your success
- 22. Copyright © 2016 Splunk, Inc. Best Practices for Positioning Value Based on FY16Q3 activity Applies to All types of Use Cases Security, Compliance, and Fraud IT Operations Application Delivery Traditional Use Cases Business Analytics Industrial Data and the Internet of Things Vertical Use Cases
- 23. Copyright © 2016 Splunk, Inc. Steps to Aligning with key objectives • Align your project with something strategic • Take a top-down approach • Find an executive sponsor • Link your plan to Top-5 key objectives • Explain how Splunk aligns to these objectives • Use the Splunk Value Benchmarks to help you 1 Align with key objectives
- 24. Copyright © 2016 Splunk, Inc. Common IT Goals Achieved with Splunk Infrastructure cost avoidance through improved capacity management Future headcount avoidance Tools consolidation Optimization of business processes Labor savings with common IT processes Faster incident investigation and root cause analysis Proactive automation of key business processes Better visibility & reporting Avoid revenue impact from fewer critical outages Faster delivery of real-time business analytics Improved innovation value for key business initiatives Faster test failure analysis Faster remediation of bugs and defects Fewer developer disruptions Faster, more robust code deployments Minimize business disruptions Improved & more consistent SLA’s More reliable business services leads to better brand Faster response to customer requirements Better detection of cyber attacks Faster response to security incidents Continuous compliance monitoring Reduction in risk for data breach, fraud and IP theft Reduce/Avoid Business Expenditures Improve Internal Efficiencies Increase Revenue Accelerate Time to Market Improve Business Services Continuously Secure the Environment Documented through 700+ engagements worldwide
- 25. Copyright © 2016 Splunk, Inc. Steps to Qualifying Pain Points • Identify common issues and roadblocks • What’s hindering your key objectives • Document why something should change • Describe the current challenges and pain points • Describe the desired state Qualify current pain points 2
- 26. Copyright © 2016 Splunk, Inc. Example of Challenges and Pain Points Production Support – Complex layers of technology stack – Complex flow of data and calls across each layer – Lack of end to end visibility on data flow – Unclear customer impact during incidents – Lengthy manual investigation of logs cause longer outages – Investigation delays prevent real-time collaboration across teams – Developer escalations required to assist with production issues – Intermittent errors go unresolved for years Application Releases – Lengthy manual investigation to address release errors – Impossible to gain real-time collaboration between support staff and developers – Often unclear whether errors are caused by code or infrastructure – Not enough time during change windows to fix errors – Releases at risk due to slow determination of errors – Business can be impacted by 30-day release delays if release is backed out
- 27. Copyright © 2016 Splunk, Inc. Production Support – Complete visibility of data flow across all layers – Quickly isolate the particular area in the stack that is causing issues – Real-time collaboration between teams during incident response – Reduce MTTR associated with production incidents with rapid log analysis – Faster RCA analysis of problems to reduce recurring incidents – Reduce business impact with fewer and shorter incidents Application Releases – Accelerate investigation of functional and performance defects – Real-time collaboration between teams during release errors – Avoid release rollback through faster investigation of release errors – Deliver faster time to value on key business projects Example of Desired End-State Vision
- 28. Copyright © 2016 Splunk, Inc. Steps to Quantifying Business Value • Collect internal Key Performance Metrics • Leverage External Benchmarks to fill in the gaps • Use Splunk Customer Benchmarks to guide your efficiency calculations • Business cases are not an exact science, don’t worry about being too meticulous • Keep it conservative! 3 Quantify business value
- 29. Copyright © 2016 Splunk, Inc. Key Performance Metrics that Drive Value IT OPERATIONS › # of sev1, sev2, sev3 incidents per month › avg MTTR per Incident by severity › # people involved in Incident investigation › $ per hour of business impact › % incidents requiring post incident reviews › # hours for root cause analysis per incident › # servers (physical + virtual) › % servers virtualized › $ cost per physical vs. virtual server APP DELIVERY › # developers › % developer time spent troubleshooting › # request for dashboards and reports per month › # people to develop dashboards and reports › # large, medium, small project releases per year › $ business value per project release › # months from project kick-off to prod release › # test runs conducted per month › # pre-prod defects investigated per month SECURITY & COMPLIANCE › # of security alerts per week › # people for 1st first level triage › avg time to triage an alert › # security incidents per week › # people involved per incident › # sensitive records › $ business fraud per year › # audit activities per year › # people hours per audit activity Less than 10 KPIs per Value Center Documented through 700+ engagements worldwide
- 30. Copyright © 2016 Splunk, Inc. Quantifying Value with Splunk Tools Financial Analysis Made Easy – Over 50 Value Calculators – Driven by Actual Customer Results – Complete Financial Analysis – Best Practice TCO Models Don’t Forget – Follow the Impact – Capture All the Value – Summarize and Socialize WEB and Excel versionIVA – Interactive Value Assessment
- 31. Copyright © 2016 Splunk, Inc. Financial Metrics – Value Dashboard Value Realized Use Case Gaps Additional Value Detailed Use Cases Benefit Calculations Adoption Speed Investment Details ROI Analysis CFO Metrics
- 32. Copyright © 2016 Splunk, Inc. Financial Metrics – Adoption Rates Value Realized Use Case Gaps Additional Value Detailed Use Cases Benefit Calculations Adoption Speed Investment Details ROI Analysis CFO Metrics
- 33. Copyright © 2016 Splunk, Inc. Financial Metrics – Use Cases Value Realized Use Case Gaps Additional Value Detailed Use Cases Benefit Calculations Adoption Speed Investment Details ROI Analysis CFO Metrics
- 34. Copyright © 2016 Splunk, Inc. Financial Metrics – Detailed Calculations Value Realized Use Case Gaps Additional Value Detailed Use Cases Benefit Calculations Adoption Speed Investment Details ROI Analysis CFO Metrics Splunk helps us avoid incidents, and the corresponding effort of managing them, with 3 key capabilities. First, by providing alerts to conditions that indicate a problem is coming. Second, through dashboards that provide visual representations of health. And lastly, by delivering greater root cause analysis.
- 35. Copyright © 2016 Splunk, Inc. Financial Metrics Value Realized Use Case Gaps Additional Value Detailed Use Cases Benefit Calculations Adoption Speed Investment Details ROI Analysis CFO Metrics Investment should account for: Software Maintenance Infrastructure Services Training Advisory Services
- 36. Copyright © 2016 Splunk, Inc. ***BECOMES*** “We’ve reduced downtime by more than 50% and we’ve captured 11,5000 hours/year of efficiencies that have been reallocated to higher value work across the organization, generating $1.95M value/year” The Impact of Documenting Value “We can search syslog and we could never do that before” 36 ***BECOMES*** “We’ve reduced downtime by more than 50% and we’ve captured 11,5000 hours/year of efficiencies that have been reallocated to higher value work across the organization, generating $1.95M value/year”
- 37. Copyright © 2016 Splunk, Inc. Steps to Measuring your Success • Leverage the use cases identified in the IVA as the benchmark for tracking and validating your success • Identify your Top-3 success stories • Interview power users for each success story • Describe specific challenges that existed prior to Splunk • Explain the impact to your organization • Socialize your successes 4 Measure your success
- 38. Copyright © 2016 Splunk, Inc. Interview your Power Users With Splunk 1. How did Splunk help us address this scenario? 2. How fast were we able to implement a solution with Splunk? 3. Are we able to detect or isolate circumstances that were previously unnoticed or impossible to find? 4. How often has this type of scenario surfaced since Splunk has been in place? Before | After Questions for each Success Story Before Splunk 1. How often did this type of scenario occur, how long did it take to resolve and how many people were required? 2. What challenges did we face handling this type of scenario before Splunk? 3. Did we have to do any manual work? 4. Did we invest in infrastructure or other resources to address this before Splunk? 5. Did this cause direct financial impact? 6. Was customer service or customer loyalty affected? 7. How did this impact end-user productivity? 8. Did it affect our brand negatively, i.e. bad press or negative social media hits? 5. How faster are we able to respond? 6. Has this freed a % of our staff time to focus on other more important tasks? 7. Was this possible before Splunk? 8. Can we provide a dashboard screenshot?
- 39. Copyright © 2016 Splunk, Inc. Socialize your Top Value Use Cases Constant cycle of email interruptions impacted the faculty for 1+ year Mail – Blacklist Reduced by 92% Examples of a Customer Success Story
- 40. Copyright © 2016 Splunk, Inc. Plan your Splunk Staffing Roles A successful and scalable deployment of Splunk relies on the orchestration of key roles and responsibilities, primarily centered around: Architecture Administration User adoption (Power User) Application development Be sure you have the staff and skills to maximize value
- 41. Copyright © 2016 Splunk, Inc. Splunk Roles & Recommended Training Splunk Roles Using Splunk Splunk Administration Searching and Reporting Creating Knowledge Objects Advanced Searching & Reporting Developing Apps with Splunk Developing with Splunk SDKs Architect Required Required Optional Optional Optional Optional Optional Admin Required Required Optional Optional Power User Required Required Required Optional Developer Required Optional Required Required Optional Required Optional for Splunk on-premises
- 42. Copyright © 2016 Splunk, Inc. Splunk Roles & Recommended Training for Splunk Cloud Splunk Roles Using Splunk Splunk Administration Searching and Reporting Creating Knowledge Objects Advanced Searching & Reporting Developing Apps with Splunk Developing with Splunk SDKs Architect Required Optional Optional Optional Optional Optional Admin Required Optional Optional Power User Required Required Required Optional Developer Required Required Required Optional Required Optional
- 43. Copyright © 2016 Splunk, Inc. Map Your Roles & Highlight Training Gaps Splunk Admin #name Splunk Developer #name Security Power User #name Collaboration Power User #name Database Power User #name CRM Power User #name Network Power User #name Financial Apps Power User #name Splunk Architect #name = Fully Trained = Partially Trained = Not assigned Web Power User #name Server Power User #name Your Company
- 44. Copyright © 2016 Splunk, Inc. Understand your Data Sources Groups Use Cases Data How does my data overlap across different groups? How much of it is already indexed? more use cases = more value from your current data Are my current users benefiting from all the possible use cases? What else could they be doing? Can other groups leverage the data already indexed? How could they benefit from this data? What data exists in my environment? How much of it is indexed?
- 45. Copyright © 2016 Splunk, Inc. Data Source Assessment Tool • Identify areas where additional value can be realized with existing data • Identify missing data sources required to achieve specific use cases • Plan for better value realization by understanding data overlap indicators
- 46. Copyright © 2016 Splunk, Inc. Quantified Benefits Drill Down Use Cases Success Stories Alignment with Key Goals Current Pain Paints Desired End State Investment Schedule Financial Performance Training Plan Data Source Mapping KPIs to Track your Success Covered by Free Splunk Value Tools Bring it all together!
- 47. Copyright © 2016 Splunk, Inc. Common Questions Can I get a copy of the IVA and TCO tools? Can you assist me with a value assessment? Can you help us better understand our data sources? YES! Get in touch with your sales rep to schedule time with your sales support team YES! Send us an email at [email protected] Can I get a copy of this Presentation? Can I get a copy of the SANS 20 Security Whitepaper?
- 48. Copyright © 2016 Splunk, Inc. Questions? Thankyou!
Editor's Notes
- #5: You all know what a great platform Splunk is. So if it’s so great, why does our team exist? Well…Users love Splunk and clearly understand the value it delivers to them operationally, but they struggle with articulating it to their senior management in business terms. This leaves executives asking what THEY get from Splunk. They understand their people love it, but can’t put dollars, euros, yuan, or yen on it easily. The Value that Splunk brings to the business is a hidden gem for most executives. When they are able to understand the business value it delivers for them, in most cases it’s priceless.
- #7: Dave - 2 MINUTES Another IMPORTANT PATTERN to talk about is this Amidst the 17 hundred IVAs completed in the past year, 90% of these were focused on IT use cases, and the typical value ranged from $2M to $3M per year Not bad for doing this on your own! But we also noticed 10% of WEB IVAs also included NON-IT user cases, and when combined IT and NON-IT use cases, the value now goes up to $10M per year So currently we’re seeing A LOT of data with IT Use Case, and A LOT of value with non-IT use cases, so combine the 2 together and you can have LARGER EAA discussions! Now why only 10% of business cases included non-IT use cases, that’s because we haven’t instrumented our tool to help you do this effectively But that’s about to change!
- #23: Dave - 2 MINUTES Another IMPORTANT PATTERN to talk about is this Amidst the 17 hundred IVAs completed in the past year, 90% of these were focused on IT use cases, and the typical value ranged from $2M to $3M per year Not bad for doing this on your own! But we also noticed 10% of WEB IVAs also included NON-IT user cases, and when combined IT and NON-IT use cases, the value now goes up to $10M per year So currently we’re seeing A LOT of data with IT Use Case, and A LOT of value with non-IT use cases, so combine the 2 together and you can have LARGER EAA discussions! Now why only 10% of business cases included non-IT use cases, that’s because we haven’t instrumented our tool to help you do this effectively But that’s about to change!