The Future of IWMS: Navigating Emerging Trends with Archibus

Posted on March 4, 2024 by admin

As the corporate landscape evolves, the demand for agile and comprehensive facility management solutions becomes increasingly critical. Integrated Workplace Management Systems (IWMS) are at the forefront of this evolution, offering sophisticated tools to manage real estate, infrastructure, and facilities assets. Archibus, a leader in the IWMS space, continues to set the benchmark by staying ahead of emerging trends. This blog explores the future of IWMS and how Archibus is innovating to meet tomorrow’s challenges.

Emerging Trends in IWMS:

AI and Machine Learning Integration: The integration of Artificial Intelligence (AI) and machine learning into IWMS platforms like Archibus is revolutionizing facility management. Predictive analytics for maintenance, smart space utilization, and automated workflows are just a few areas where AI enhances decision-making and operational efficiency.
IoT and Smart Building Technology: Internet of Things (IoT) devices are becoming ubiquitous in modern facilities. Archibus leverages IoT data to monitor building systems, optimize energy consumption, and ensure a comfortable and productive environment for occupants.
Sustainability and Green Initiatives: Sustainability is no longer optional; it’s a necessity. Archibus is committed to helping organizations achieve their green goals by providing tools for tracking energy usage, reducing waste, and maintaining LEED certification standards.
Mobile Workforce Accommodation: With the rise of remote and mobile workforces, managing space and resources effectively has become more complex. Archibus offers mobile solutions that enable employees to find workspaces, book resources, and access services on-the-go, ensuring maximum flexibility and productivity.
Enhanced User Experience: User experience is paramount in the design of next-generation IWMS. Archibus focuses on creating intuitive interfaces and personalized dashboards, making it easier for users to interact with the system and perform their tasks efficiently.

How Archibus Stays Ahead:

Continuous Innovation: Archibus invests heavily in research and development to incorporate the latest technologies and best practices into its platform, ensuring clients have access to cutting-edge tools.
Scalable Solutions: Archibus provides scalable solutions that grow with your business. Whether you’re a small enterprise or a multinational corporation, Archibus can adapt to your changing needs.
Global Support Network: With a vast network of partners and support professionals around the world, Archibus ensures that clients receive timely assistance and expertise no matter where they operate.
Client-Centric Development: Feedback from the diverse Archibus user community drives the platform’s evolution, ensuring that new features and improvements address the real-world challenges faced by facility managers.

The future of IWMS is dynamic and promising, with technological advancements paving the way for smarter, more efficient facility management. Archibus remains at the vanguard of these developments, providing organizations with a robust, forward-thinking platform that not only responds to emerging trends but actively shapes the future of integrated workplace management. Embrace the advanced capabilities of Archibus and lead your organization into a new era of facility management excellence.

Ready to explore how Archibus can elevate your IWMS strategy? Contact us to discover the full potential of an integrated approach to workplace management.

About IMS Consulting

For more than a decade, IMS Consulting has delivered the full scope of Archibus-related services to both government and commercial clients. As a Virginia Certified Small Business, IMS Consulting provides our clients with personalized attention by experienced Archibus-certified consultants. Our experts work with our clients to thoroughly understand how they do business, identify their unique needs, pinpoint opportunities to better manage their infrastructure, employ more efficient work processes, and make smarter capital budgeting decisions—both today and over the long term.

IMS Consulting specializes in the implementation of Archibus, the #1 real estate, infrastructure & facilities management solution in the world. Archibus is the global leader in streamlining how you manage your real estate, infrastructure, and facilities. Centralize your data, planning, and operations onto one seamless platform backed by 35 years of innovation and the world’s largest support network. Reduce costs, enhance sustainability, and create a better workplace by transforming how you connect with people, places, and processes.

Demystifying FedRAMP Compliance and Authorization

Posted on October 23, 2023 by admin

As a government agency, there are many advantages to being able to tap into cloud technologies. From eliminating time-consuming manual tasks and reducing paperwork, cloud technologies offer a spectrum of efficient and effective improvements over traditional methods. Plus, software-as-a-service (SaaS) subscription-based models can help reduce annual information technology costs.

To implement these technologies, however, you’ll need to comply with the Federal Risk and Authorization Management Program known as FedRAMP provides a standardized approach for assessing and complying with government security controls, authorizing cloud products and services, and providing continuous monitoring of systems. It’s managed by the FedRAMP Program Management Office (PMO).

FedRAMP authorization can seem daunting, but if you have the right resources and preparation in place, the process can be streamlined and simplified. In fact, there’s a lot less for a Federal agency to do than you might think. The burden is predominantly on the cloud service provider (CSP) whose services you wish to use and its independent assessor over your team and internal resources.

There are several common myths, misconceptions, and questions about FedRAMP requirements and processes – and a few benefits to understand given the investment and effort of the program.

To help clarify, we spoke with expert James Masella, Vice President of Compliance Advisory Services, at Coalfire – a leading provider of IT security assessments for many security standards and payments frameworks and programs, including FedRAMP support.

Masella has been working in IT for 20 years – 15 of them focused on security assessments for Federal controls, most prominently, helping organizations comply with National Institute of Standards and Technology (NIST) cybersecurity controls. Over his career, Masella has accomplished over 70 FedRAMP compliance and assessment projects – and has been working on them since the program’s infancy in 2015. He’s been with Coalfire for eight years.

What is FedRAMP?

If you’re evaluating cloud technologies, such as a workplace and asset maintenance platform, it helps to have a background in the evolution of FedRAMP since there are many different cybersecurity compliance and controls to manage. In fact, the program was created specifically with this knowledge. The entire goal of FedRAMP is to accelerate the adoption of secure cloud solutions in the Federal government.

It streamlines the authorization process for CSPs and improves confidence in the security of cloud solutions. FedRAMP was created by the General Services Administration (GSA) in partnership with the US Department of Defense (DoD) and NIST.

“The big problem that FedRAMP was meant to solve was the Federal government knew it needed to modernize its IT infrastructure because their model was not sustainable,” explains Masella. “Commercial cloud services were a lot more affordable than the way much of the government manages IT infrastructure and provided better services.”

The challenge is having assurance that the security of those commercial cloud services is meeting the requirements of the Federal government. Under the Federal Information Security Modernization Act (FISMA), every federal agency can implement its own security plan if it follows the guidelines of the law – which also include audits and independent assessments.

FedRAMP pulls that all under one umbrella and allows all Federal agencies to leverage independent assessors to reduce duplicate effort within audit and assessment work. But FedRAMP is not a certification – it’s a compliance framework within a Federal program that an organization is either authorized to be a part of or not.

“FedRAMP is a different animal,” says Masella. “You actually are building an information system for Federal government use and the government is authorizing that system for use for Federal data.”

Any vendor who has gone through an extensive audit process can be listed in the FedRAMP marketplace, so Federal agencies can easily find and procure services without having to do additional research or due diligence. It makes it easier for departments, such as the Department of Homeland Security (DHS), DoD, or healthcare organizations including the Centers for Medicare & Medicaid Services (CMS) to purchase products from vetted vendors quickly while reducing costs associated with IT resources.

The good news is there are over 300 authorizations on the FedRAMP marketplace today, and some of them are large, some are small. They’ve all solved many of the challenges and issues already, relays Masella.

Delineation of work under FedRAMP: Who is responsible and for what?

The PMO is responsible for managing documents, such as policies, procedures, standards, guidance documents, templates, checklists, etc., which are used throughout all stages of authorization. The FedRAMP Joint Authorization Board (JAB) reviews all provisional Authority to Operate (ATO) packages before they are authorized.

The 3PAOs – Third Party Assessment Organizations – conduct independent security assessments for agencies before issuing a Provisional ATO. These 3PAOs assess each system’s compliance with NIST 800-53 standards, as well as other requirements specified by each agency or department at four different Impact Levels ranging from Low to High. Coalfire is an example of a 3PAO.

“In the case where a CSP has engaged an advisor, the advisor entities are doing all of the work,” says Matella. “The [government] agency just has their due diligence under the law to review the risk. That’s it. It’s the same thing they would have to do if they were the second agency, the last agency or the agency in the middle. There is no difference.”

The heavy lift and burden are accomplished by the 3PAOs and the cloud service provider.

The requirements for FedRAMP compliance

Depending on the risk associated with a particular service, organizations must demonstrate their commitment to security to gain authorization from the JAB. The requirements range from basic NIST 800-53 Rev 4 controls at Low Impact Level (Level 1) all the way up to DHS Risk Management Framework regulations and additional physical protection measures at High Impact Level (Level 3).

Once a Provisional Authority to Operate (PATO) has been granted, it is valid for three years, however, organizations are expected to continuously monitor their systems and update any changes made since initial authorization was granted.

Preparing for FedRAMP: What you need to know

If this is the first time you are dealing with FedRAMP, it’s important to understand some of the most common issues that can arise. Many of these will be the burden of the CSP you wish to use – but it’s better to know what they are upfront.

First, it’s important to communicate to the CSP your specific agency’s policies on who can access information. Some hurdles involve the standards and requirements themselves, relays Matella. These include technology and process compliance areas, such as validated encryption, requirements of internal flows, and connections to external services — they all must be FedRAMP authorized.

“In many cases, it’s not a Fed RAMP requirement, but it can be a requirement from agencies that only US persons or US citizens can actually access the production environments,” he says. “And many of these commercial cloud services are supported by offshore support and many have a ‘follow the sun’ (operational) model.”

As Masella points out, these issues have been dealt with before by other agencies and CSPs, but it’s one that needs to be addressed and understood from the outset.

Secondly, CSPs themselves may think they know compliance, but it can be more work than they know. Many IT leaders assume they have the expertise in-house to handle FedRAMP since they already have an internal security team. Just because they have a robust engineering team, it doesn’t mean it’s going to be easy to architect a system to meet FedRAMP requirements.

“Many times, the engineering teams are great at designing infrastructure and applications, but once you take away a lot of the tools that they have been using or you have to implement some new measures that they didn’t have to have before, this can complicate things,” says Masella.

For example, perhaps a CSP doesn’t perform vulnerability scanning internally or they don’t do file integrity management today and must implement and use it. Now they’re having to decide on new tool sets – which take time to evaluate and get up to speed.

The other problem area Masella sees a lot is not having the business case worked out and detailed enough for the investment. If the CSP hasn’t done enough market research, they can easily get derailed.

“[A CSP] might not be able to get that first initial authorizing agency, might not get on the marketplace, might start the investment and it begins to get pretty big, and the return-on-investment case might not be there,” says Masella.

The best guidance is for the CSP to work with an experienced, third-party FedRAMP advisor preparation provider. And as he points out, many of the challenges and pitfalls can be avoided since much of it has been sorted out already. Getting this kind of information upfront will help you speed up your FedRAMP authorization process overall.

FedRAMP checklist

Common FedRAMP questions

Is FedRAMP a certification?
How long should it take to finish the FedRAMP process?
What should be prioritized first when seeking FedRAMP authorization?
Can artificial intelligence help speed up the process?

Common FedRAMP misconceptions

Our agency will have to do a lot of heavy lifting of the work.
The CSPs engineering team works on security compliance already, so FedRAMP work should be easy.
FedRAMP takes a lot longer than it should.

FedRAMP Questions / Misconceptions	Answers
Is FedRAMP a certification?	No, it’s a program. You use a compliance framework, audits, and assessments to be authorized to be within FedRAMP.
How long should it take to finish the FedRAMP process?	It depends. Very fast is 90 days. Most common is 9 to 12 months depending on prioritization and changes needed.
What should be prioritized first when seeking FedRAMP authorization?	Gaps between the FedRAMP framework and your current state of compliance.
Can artificial intelligence help speed up the process?	AI has a significant role to play in automating the creation and review of documentation packages which could speed up the process and increase the number of services in the marketplace, but it’s not in widespread use yet.
Our Federal agency will have to do a heavy lift.	Actually, the CSP we want to use and its 3PAO will do the bulk of the technology and process compliance. Our agency will perform due diligence on risk under the law.
The CSPs engineering team works on security compliance already, so FedRAMP work should be easy.	This is the most common pitfall: A large engineering team does not mean you will easily meet FedRAMP requirements.
FedRAMP takes a lot longer than it should.	Preparation with CSPs and independent guidance will help speed up the process. Know your specific agency information access policies and communicate them upfront to CSPs. Encourage CSPs to work with a 3PAO.

FedRAMP helps government agencies like yours make sure your data remains secure while reducing duplication when purchasing compliant offerings in the approved marketplace. It also provides assurance that any cloud solution used meets pre-defined security requirements so that you can have peace of mind knowing your data is being always kept safe and secure.

After you go through the FedRAMP process for the first time, it will open up the door to a world of new and evolving cloud technologies forever.

Reposted from Eptura blog.

About IMS Consulting

Quick Tips: How to Make Desk Sharing Work

Posted on May 22, 2023 by admin

The concept of desk sharing can upset the balance of even the happiest workplace. Companies often believe their employees will clash over where, how, and when desks are used. Employees tend to fear the idea of a nomadic office, where they ultimately have no home. Both fears are valid, but easily addressed with the right desk-sharing setup.

Yanking the rug out from under employees with a desking shuffle is likely to create panic and chaos. Likewise, being too rigid about desk usage often eliminates the point of a shared desk arrangement. The approach needs to be somewhere in the middle—a happy medium between rigidity and office anarchy.

What is desk sharing?

Desk sharing’s definition is in its name. Instead of coming to work and walking to the same desk every day, employees can choose their workspace. There are many methods of execution. Some involve employees claiming a desk outright, while others rely on desk reservation systems.

Like most new-wave office concepts, the idea is to take employees out of their “silos” and encourage them to commingle homogeneously.

The motivation behind desk sharing is better space utilization and lower costs for the business. For employees, it’s meant to eliminate the droll, repetitious concept of doing the same thing every day. Desk sharing offers the flexibility both sides need to function better while promoting a positive, healthy workplace culture.

Desk sharing pros and cons

If the line between effective desk sharing at work and total workplace disruption is so thin, why chance it? Simple. The benefits of a successful desk-sharing arrangement far outweighs the negatives. Let’s put them in perspective.

Pros

Saves space and lower space utilization costs
Creates new collaboration opportunities among coworkers
Improves workplace culture and employee wellbeing
Helps attract and retain talent
Increases business flexibility and worker agility
Supports a flexible workforce (remote, part-time, contractor)
Encourages a social workplace
Incentivizes employees to be tidier and cleaner
Levels the playing field in an office, creating equality

Cons

Lacks personal, private space for employees
Results in more disruptions to work
Creates challenges for IT and support infrastructure
Takes employees longer to get settled and working
Promotes the formation of cliques and territories

Managed properly, the cons are easily minimized, managed, or eliminated altogether. There’s a tremendous incentive to make shared desking arrangements work.

How to make shared desks work

Making shared desks work isn’t a superhuman feat—it just relies on paying attention to the details. Here are a few tips for a proper transition to shared desks:

Get buy-in from employees well before the changeover. Explain the benefits and field concerns in an open forum to foster positive sentiment.
Actively address employee concerns beyond listening to them. Target pain points with innovative solutions and present them to employees. Responsible oversight can make the change easier.
Determine the number of shared desks you’ll need, then budget for more. Consider the number of employees, the shifts they work, and other variables that affect occupancy. It may seem counterintuitive to cost-cutting, but extra desks ensure everyone has one during peak times.
Create rules and guidelines to cover shared desk etiquette. This can stop bad habits and friction-inducing problems before they manifest. It’s also a great way to set the tone for what employees can expect from their new desking arrangement.
Make the change gradual. Up-ending your entire office in a week won’t allow employees to transition or adapt. Delegate a set number of desks to convert over a period of time and lean into the transition. It’s less abrupt and gives employees time to get familiar.
Create a variety of desk types and locations, as well as supplemental workspaces outside of shared desks. Employees shouldn’t feel boxed in by a lack of space. Provide options to improve utilization rates.
Delegate authority to an office manager or facility manager. Creating a central authority for disputes and questions gives employees the comfort of having a final word on any uncertainties that may arise.
Create a funnel for feedback about the shared desking arrangement. What do employees like or dislike? What isn’t meeting their needs or expectations? How could the arrangement be improved? Make the arrangement an ongoing forum.

These tips can help you avoid everything from workplace friction to the outright rejection of shared desks by your workforce. However, remain cognizant of how your workforce adjusts and adapts to shared desks. Keeping this arrangement successful depends on meeting ongoing challenges as they arise.

Avoid the pitfalls of desk sharing

The pitfalls of shared desks are few, but critical. Poorly executed shared desks can topple major pillars of your workplace—productivity, culture, and comfort. Proper execution is key. Ongoing adaptation is another. Consistent employee sentiment and recognition of relevant trends are the others. Together, they make shared desking work

Shared desking is a proven, positive workplace arrangement that offers measurable benefits. To capitalize on it, make sure you’re laying the right foundation and avoiding some of the common pitfalls that can sink this concept before it has a chance to return value.

By Tamara Sheehan
Director of Business Management
SpaceIQ

About IMS Consulting

For more than a decade, IMS Consulting has delivered the full scope of Archibus- related services to both government and commercial clients. As a Virginia Certified Small Business, IMS Consulting provides our clients with personalized attention by experienced Archibus-certified consultants. Our experts work with our clients to thoroughly understand how they do business, identify their unique needs, pinpoint opportunities to better manage their infrastructure, employ more efficient work processes, and make smarter capital budgeting decisions—both today and over the long term.

The Next Normal in a Post-Pandemic Workspace

Posted on March 10, 2022November 6, 2023 by admin

Whether your office has already partially returned to work or you’re planning a workplace reentry, one thing is certain—things may never be the same. Safe facility management during an unprecedented pandemic requires a high level of planning and precaution. The measures you implement should increase employee productivity, promote workplace trust, and most importantly, keep employees and customers safe.

Rule and Regulation Compliance

It’s not always easy to keep up with new regulations, especially with constantly changing guidelines. Regardless, the first priority is employee safety. In most nations, employers are encouraged to provide a safe working environment. Physical safety should be a constant for all employees, but some may tolerate risk better than others. It’s wise to consider your most vulnerable employees when creating a return-to-work plan, but determine strategies with everyone in mind.

Second, keep employees informed of changes and guidelines. Assign staff to monitor local conditions and guidelines, then share updates on a consistent schedule. Keep a global perspective and adjust plans as needed to comply with local requirements.

Third, align business priorities with global realities. Inspect your building for potential hazards and determine remediation costs. Be willing to remodel, reconfigure, or rearrange everything including work schedules, walls, and seating arrangements.

Masking, Sanitation, and Social Distancing

Most official guidelines center on three principles—masking, sanitation, and social distancing. Depending on your industry, some guidelines may present more of a challenge than others. Restrictions will change as the coronavirus threat diminishes or increases, so keep long-term needs in mind when investing in safety equipment.

Personal protective equipment (PPE) requirements can vary depending on the role. There’s no one-size-fits-all when it comes to PPE. Some employees may not be able to wear masks. Others may need to avoid the workplace altogether, such as employees with asthma or other respiratory conditions.

Employees want clean workplaces, even more so now under COVID-19. Make sanitation a priority by setting up hygiene stations with hand sanitizer, soap, gloves, and disinfecting wipes. The typical weekly office cleanings may not be enough. Consider hiring extra cleaning staff to more frequently clean bathrooms, break areas, and shared spaces like conference rooms and lounges.

PPE isn’t limited to individual employees. Plexiglass shields provide an additional layer of protection around pinch points where social distancing may be a challenge, such as reception areas, entrances and exits, and payment areas. Posted policies and directional signage are great visual reminders for customers and employees to abide by your workplace precautions.

Other measures such as UV lights and thermal scanners are options for combating COVID-19 but should be part of an overall workplace health and safety strategy. It’s wise to check with locally, regionally, and country-specific requirements to determine what’s feasible for your team to manage.

Technology and Real Estate Optimization

For most workplaces, safety decisions center around official guidelines. Maintaining six feet of distance helps protect people from breathing in infected air particles. However, this is easier said than done for many businesses.

Social distance guidelines vary by country and region. In the U.S., 6 feet is the standard; the World Health Organization recommends 1 meter. Social distancing may reduce workplace capacity, depending on your current seating configuration, plan density, desk sharing, and other factors. The potential for space loss raises some interesting options:

Should some individuals work remotely forever? Can we stagger work schedules? Do we need to let some staff go?
Should we purchase or rent additional office space or retrofit the space we have? Should we consider moving? Should we renegotiate the terms of our lease?
How can we prepare our workplace for future emergencies?

During the pandemic, many business leaders are leveraging real estate planning software to visualize coronavirus-related changes to seating arrangements, staff schedules, and office remodeling before committing time and money to wholesale changes. For example, hoteling software helps maximize seating efficiency using dynamic data such as HR information and floor maps.

Business owners can require that employees reserve a hotel desk prior to coming to work and show the reservation before they’re allowed to enter. After someone uses the hotel desk, facility management can be notified that the area must be cleaned and sanitized before another reservation can be made.

The Next Normal is Now

Reopening your workplace can be difficult. Regulations are constantly changing and there’s no saying when COVID-19 will ease. The post-pandemic “next normal” requires flexibility and adaptability. Desks, rooms, and entire floors may not function the same way. Previous policies for remote work, sick leave, and work schedules may need to be reevaluated in the new work environment.

You can’t foresee every situation, but you can be flexible in establishing your new normal. Employees will appreciate your efforts as they return to their former—though newly arranged—workspaces.

By Nai Kanell
Vice President of Marketing
SpaceIQ

About IMS Consulting
For more than a decade, IMS Consulting has delivered the full scope of Archibus- related services to both government and commercial clients. As a Virginia Certified Small Business, IM犀利士
S Consulting provides our clients with personalized attention by experienced Archibus certified consultants. Our experts work with our clients to thoroughly understand how they do business, identify their unique needs, pinpoint opportunities to better manage their infrastructure, employ more efficient work processes, and make smarter capital budgeting decisions—both today and over the long term.