 |
excellent:of the highest quality idea:a realization of a way of doing something |
|
To ensure software license compliance you must be able to demonstrate
documents Software License And Media Manager - SLAMM - is an application for managing the software licenses that you own and for reconciling them with the software that you are using. Proof Of License documentation and software installed/used data is entered or imported into SLAMM and the licenses are reconciled against the software installed using built-in licensing rules. The end result is the License Reconciliation Report which tells you if you have license shortfalls or surpluses and is an essential part of any Software Asset Management process. Using SLAMM to monitor and control your licensing provides a solution to a key
element
Software is a Valuable Asset that needs to be Managed Software is a valuable asset and needs to be managed and protected like any other asset. The cost of software (licenses) is rapidly becoming equal to or greater than the cost of hardware1yet many companies have no way of managing their licenses or knowing what they own. The management of software and licenses is at the heart of what has become known as Software Asset Management – ‘SAM’. Companies using spreadsheets or simple database applications to record license purchases often fail to understand or implement the licensing rules and consequently believe they have more effective2 licenses than they really have. With its built-in business rules and license management processes SLAMM enables you to determine your effective license position correctly.
Every IT professional knows that using software without a license is illegal3 and non compliance is NOT an option for any company. For a long time, the threat of legal action and fines has been used as the justification for software auditing and software asset management and publishers like Microsoft, Symantec, Adobe and Oracle are targeting their customers with licensing compliance reviews. 10 Despite this, a Federation Against Software Theft (FAST) survey indicates that almost half the firms surveyed still believed they may be using illegal software. Companies have a responsibility to their shareholders and society to conduct their business in an ethical way. The integrity of corporations, financial institutions and markets is particularly central to the health of our economies and their stability. Installing and/or using software without paying for the right to do so is unethical and companies identified as failing in this area demonstrate a lack of integrity. Ensuring that you own licenses for all the software you are using is a key element of good IT corporate governance.
Ensuring license compliance as
part of a disposal or acquisition is now becoming a common
activity. A license compliance review is difficult to carry out before purchasing a company but should form part of the IT review / merger. Companies listed on the US stock exchanges and
companies with 300 or more shareholders in the US are bound by
the requirements
of Sarbanes-Oxley. 1. CEOs and CFOs are required to sign and file reports with the SEC attesting to the accuracy of their financials and the accountability of their internal controls. Without an effective asset management solution, inclusive of people, process, and technology, neither the asset data nor the internal controls will exist to validate these reports. 2. External auditors are looking for consistency, accountability, and, wherever possible, automation. An effective asset management solution delivers on all three of these points and replaces inaccurate, manual processes. 3. A number of software vendors are requesting that large corporate customers conduct self-audits against their software usage, allegedly to help the suppliers meet Sarbanes-Oxley regulatory requirements. An effective asset management solution would allow this information to be collected and reported within minutes of the audit request. In a separate study, IT managers admitted that
their Board had never asked for an update on software license
compliance. The
finding suggests widespread boardroom indifference to compliance
issues despite the high profile it has been given in the
media and by numerous industry initiatives.
Instead of focusing on the threat of legal action it is more constructive to focus on the many additional tangible benefits that come from compliance. The better reason to have good controls over IT is not because it will make you compliant - but because it will make your business more efficient. Many studies have shown that effective software and license management lowers the total cost of ownership and improves productivity for both the IT department and users. - More Efficient Software Procurement With a software asset management system in place, companies can receive volume discounts based upon a clear understanding of their software licensing to date and planned licensing for the future. Savings ranging from 10 to 15 percent can be achieved through comprehensive procurement management. With accurate asset information, management can reduce maintenance costs negotiate better license agreements, avoid software over-purchasing, develop corporate desktop standards and plan and budget for future needs In fact, as industry analysts point out, software license compliance is just a side benefit of asset management, which allows organizations to save up to 15% of their total desktop costs. - Prevent Over Purchasing Knowing exactly what licenses you own and utilising them fully can enable cost savings. When they start a license compliance project, most companies are concerned that they will identify license shortages but often find they have over purchased licenses for some applications and are able to save money by using SLAMM to prevent this happening in the future. Gartner Group has said that 20 percent of overall IT software
costs can be - Recover money from unused licenses Surplus licenses may be sold to another company provided the publishers terms of transfer are followed. - Make Better Use of Existing Licenses Alternatively, you can save money by using surplus licenses instead of ordering new licenses when a new user needs a copy of the software. - Minimise the Cost of Correcting Shortfalls If you have a SAM process and can determine that any software that is under-licensed is not being used you can reduce the cost of correcting the shortfall. In the Business Software Alliance document “DIRECTORS’ BRIEFING Software use and your legal liabilities” the BSA5 say;
- Understanding Software Spend Software is generally bought a few copies at a time and it is easy to lose sight of the overall investment Carrying out a license review will allow a better understanding of the investment and may allow a review of purchasing options. “We spend a huge amount
on Microsoft software, more than any other publisher, yet
this is the first time we have had an
accurate view of our overall spend and the first time we have
had the information we need to decide whether we can benefit
from an Enterprise Agreement” - Reduce Annual Software Maintenance Costs Through a detailed reconciliation between the software that is licensed and the software that is being used, a decision can be made as to whether annual maintenance payments are appropriate on all the licenses that you hold. In recent years, annual software maintenance charges have increased from an average annual rate of 12 to 15 percent, and for some products increases have averaged 18 to 29 percent. - Reduce Support and Training Costs Support costs and training costs can be reduced by standardising the software applications that are installed and used, and eliminating un-authorised software6. As part of a compliance project you will discover exactly what software and what versions are installed and being used*. Armed with this information you can improve service and reduce costs by; eliminating unauthorised software which may compromise system reliability; focusing support on authorised software; improving training and reduce support calls by using standard software solutions; * the availability of usage information will depend on the tools you use. - Avoid costly mistakes by understanding license terms By reviewing and understanding license terms prior to purchase and recording these as notes to the license you can avoid potentially costly mistakes. As an example, without reading the EULA carefully, users of Symantec’s “Ghost” imaging may only realise that they need a license for every machine they image after they have imaged hundreds of machines7. - Technology Migrations By supporting technology migrations with real information you can reduce the costs of migration projects. Making the decision to update your applications and infrastructure to support the latest technology advances requires significant planning. The data from a SAM solution can assist you with this transition process by providing details of existing solutions that will need to be supported. Knowing what software is being used, where and by who is key to a successful migration project. A lot of time and money is spent on hardware disaster recovery programs but very few companies have any DR plans covering their license entitlement. By keeping detailed records of your licenses and linking them to the scanned documentation or keeping off-site copies of the documents, your software assets are protected in the event of a catastrophic event such as fire or flood. Implementing a Software Asset Management program will bring focus onto any unauthorised software that is identified. This often leads to a review of security and software deployment processes and a more rigorous management of the desktop which, in turn, reduces the company’s exposure to “greyware” or "malware"8.
Sadly we cannot ignore the legal risks associated with non compliance. IT staff, from Directors to users, should not have to worry about the threat of legal action or dismissal because the company they work for does not or has not purchased sufficient licenses. Very few companies have a deliberate policy to not purchase software but not having a process to prove license compliance and a failure to ensure you have the correct licenses and can amount to much the same thing. Managing your software license assets should be a part of day to day IT management just like hardware asset management (it is unthinkable that any company would steal its hardware). By implementing a management process to ensure license compliance you can remove the doubt, worry and risk of non-compliance.
Ask yourself following questions. If you answer “NO” to any of them then SLAMM together with a Software Asset Management process can offer your company significant benefits.
If you have a completely locked down environment and use standard images you should know what is installed however, in practice, most companies have a percentage of machines that are ‘open’ and so cannot be 100% sure what is installed. Depending on how many machines you have you could carry out a manual audit to produce a ‘snapshot’ of what is installed (most software is licensed on the quantity installed regardless of whether it is being used). However, producing an accurate result and keeping this information up-to-date manually is time consuming and costly. The most effective solution is to use an auditing tool. There are a wide range of products on the market offering cost effective solutions for all sizes of companies from 25 PCs upwards. An auditing tool will provide a report that can be exported as a csv file* (a comma delimited file) showing all the software installed on your machines and the quantity of each application/version. More advanced tools will provide information on whether the installed software is being used. *SLAMM uses the exported csv file to import and update the software installed information.
Most auditing tools have minimal or no license management capability. Those that do generally have a simple field where you can enter the license quantity that you own for each application/version. This is too simplistic, does not provide the evidence you need to prove compliance and would not be adequate for ITIL® (the IT Infrastructure Library), the BSA, FAST or ISO 19770-1.
Yes - you can enter the software installed information manually. Even if you have an auditing tool there will be some software information that you need to enter manually. For example, you need Microsoft Client Access Licenses (CALs) to connect to Microsoft servers but an audit tool will never find a CAL installed on a machine so you have to enter the CAL license requirement manually.
Probably not. If you don't have an auditing tool we recommend starting with licensing. Here's why: They are different exercises, often involving different personnel and can be run in either order or in parallel. Historically companies have started with the software audit simply because there are a lot of people selling auditing solutions. License management software was not available until more recently. In addition there were very few people offering license management solutions for Software Asset Management (SAM). It is only in the past 3 years that ITIL® (the IT Infrastructure Library) has published a guide to Software Asset Management and this year a new ISO Standard (ISO 19770-1) has been created to cover Software Asset Management. A
lot of companies have auditing tools but have never progressed
to license management because
they saw the audit as the end result
rather than a milestone towards Software Asset Management.
For others, carrying out an
audit was seen as ‘ticking
the box’ of compliance and “because we’ve
made a start” might offer an indemnity against prosecution,
which is not the case. The only way to eliminate the risk
of prosecution is to ensure license compliance.
Auditing tools are generally much more expensive than a license management tool e.g. for a company with 250 machines the audit software could cost £2500 to £5000 plus the cost of training and implementation whereas a multi-user copy of SLAMM costs just £1995. If you carry out a software audit you will still have no idea
if you are complaint or not but if you start by collecting your
license information and entering it into SLAMM it is possible
to have a very clear idea of whether there is likely to be a
license shortfall before you conduct an audit. If you use SLAMM to determine your effective license entitlement and set this against your estimate of software installed you will have a good indication of whether there are any license shortfalls. If there aren’t any shortfalls or they are minimal, and you are confident of your installed software estimate, you may decide that an audit tool is not required however, if it appears there may be extensive shortfalls, the purchase of an audit tool to carry out an accurate audit can save you a significant amount of money if it shows that your estimate was high or identifies software is not being used. Estimating the installed software figures i.e. your license requirement. Here are two questions to consider:
In most companies, generating an answer to question 1 that is even 50% accurate may be difficult but assuming you know how many machines you own then, even if you have no auditing tool, estimating the answer to question 2 for the main products you use can be done to a reasonable degree of accuracy e.g.
You can see that, although it will not be 100% accurate you can build up a good estimate of what licenses you need.
In order to prove software license compliance more evidence is required than just a number. It is necessary to prove that the licenses exist, they cover the correct products, that upgrade pre-requisites have been met and subscriptions have not expired etc. etc. A lot of companies who use spreadsheets and simple databases to manage their licenses fail to understand or implement the correct licensing rules and consequently believe they have more effective licenses7 than they really do. SLAMM has built-in business rules to help you. Spreadsheets: Some companies try to use a spreadsheet or similar to record license information but this is difficult to maintain and cannot handle many of the functions they need to manage the licenses in the long term. Integrating the software installed/used data is difficult. Databases: You could create a database application but it will
take a long time and cost a lot of money to include even a
part of the functionality in SLAMM. For example:
SLAMM can manage all of these scenarios and more. SLAMM provides a fast, reliable, and easy way to record the information needed to reconcile your licenses and prove legal compliance.
3UK-based
IT managers are fully aware of software piracy issues. The study, which interviewed 500 IT managers across industry sectors, showed that 99.8% of the respondents knew that intentional or unintentional software piracy can lead to unlimited fines and up to 10 years imprisonment for those deemed responsible for the company's software. In spite of this, over 20% of the IT managers didn't have a formal auditing policy and of the 79% who did, 44% were only auditing their PCs* once per year. Corporate IT Update-(C)1995-2000 M2 Communications Ltd
4Corporate governance definitions: "Corporate governance is about promoting corporate fairness, transparency and accountability" J. Wolfensohn, president of the World bank, as quoted by an article in Financial Times, June 21, 1999.
Corporate governance is the organization's strategic response to risk. Usually encompasses a number of activities and functions, such as Leadership, Assurance, Stewardship, Structure, etc.
5The Business Software Alliance is a private trade organisation with no independent law enforcement authority. The BSA's members include the largest software publishing companies in the world and most notably, Microsoft, Adobe, Symantec, Network Associates, Autodesk and Macromedia. These companies provide the Business Software Alliance a power of attorney to act on their behalf to accuse businesses of software piracy. Accordingly, the BSA can enforce only those rights that its member software publishers have. Legally, software companies usually have a contractual relationship with a customer based upon a software licence and also have the rights provided under copyright laws that protect the holder of copyright against infringement. These are the rights that the Business Software Alliance's enforcement department is attempting to protect.
6The benefits of achieving standardised systems are significant. For example, according to Gartner, the total cost of a well-managed Windows XP desktop is 36% lower than the cost of owning an unmanaged desktop.
“……………………You may use the Software on one computer to clone, or apply an image of a hard drive on that computer, or to another hard drive on the same computer, a replacement computer, secondary media, or network drive…………. You may not use the Software commercially or non-commercially for the purpose of creating multiple computers or hard drives, except for multiple hard drives installed in or attached directly to the original computer…………….”
“An underlying full license for version 1 of a software product, plus an underlying upgrade license to version 2 of the software product, combine to produce one effective full license for version 2 of the software product.” ISO 19770-1 Terms and Definitions
10Gartner Survey Shows Increases in Software License Audits In September 2006, an anonymous survey at the Gartner IT and Software Asset Management conference revealed that 35% of clients had experienced an on-site audit from a major software vendor. In the short term, we expect this trend to accelerate.
|
|
© 2007
Excellent Ideas Limited all rights reserved