A Software Asset Management strategy is not something that can be taken lightly. It must be considered a part of the vital path to achieving a critical business goal, like reducing audit risk or lowering costs. With this in mind, strategic Software Asset Management needs to be approached as a business-critical initiative, complete with executive sponsorship within the organization.
SAM provides businesses with several benefits. In addition to the obvious goal of reducing risk through license/entitlement compliance, when used effectively SAM helps you identify different programs or applications that may be redundant within the organization, enabling you to standardize tools and consolidate unnecessary products; saving time and money that is wasted by reducing the number of software redundancies in your estate. This will help to reduce security risks by completely removing the vulnerabilities present in the software titles that you are able to eliminate, further enabling the realization of cost savings through the reduction of software maintenance and renewal overhead. Knowing the software installed across your enterprise also helps you to understand and remediate your company's overall security vulnerabilities.
The ISO 19770 standards provide a framework from which a successful SAM strategy should be constructed. It suggests that strategic Software Asset Management is a combination of people, processes and technology. A strategy that relies exclusively on one, or two elements, is destined to fail, or not deliver the dividends which true strategic SAM offers.
But where do you go from there? After helping companies implement Strategic SAM practices and leverage AppClarity in the process, I’ve identified some key elements that will help you begin an effective Strategic SAM initiative:
- The single most important factor is having executive sponsorship. The executive sponsor is there to ensure clarity of goals, ensure the project is on-track, and be there to step in when challenges arise.
- The effectiveness of a SAM solution is directly related to the quality of the data provided to it. In ISO speak, this is called “Trustworthy Data.”
- The health of your system management platform is important. In order to have accurate SAM, you need to accurately know what software and hardware you have deployed. Therefore, ensure that all inventory information provided internally or by vendors is accurate. ISO calls this verification.
- When requesting license/software purchase reports make sure the following information is clearly understood:
- Term: Is this a perpetual or subscription-based agreement?
- Quantity: Always reflect the true quantity rather than a block in order to correspond to the correct software count.
- Vendor Name and Product Name: Match the vendor and product that the software registers in the OS when it is installed to facilitate accurate matching for compliance and reports.
- Period of Performance: Start and end dates for subscriptions and/or maintenance and support.
- License Metric: Device, user, processor, core, etc. should be clearly defined.
- History of Vendor and/or Product Names: As vendors are bought and sold product names or SKUs may change, you need this information to link contracts when entering entitlement information.
- When contracts span multiple years and contain multiple modifications related to corrections or exercise of options, be sure to read all of the related contract documents in order to clearly understand the relationship between them before beginning to enter the entitlements into the system. For example, I recently added the contract information for a well-known software vendor into a customer's AppClarity system. This information was contained in one base contract document and 9 "modification" documents. Mods 1 and 2 were corrections to the base contract, Mod 3 was a change, Mod 4 invalidated Mod 3 and redefined the entire base contract. Mod 5 was an arithmetic correction of Mod 4, and Mods 6 through 9 extended product maintenance. By reading through all ten documents it was possible to map out the plan for entering the entitlement information in the most efficient manner, thereby avoiding the need to revisit information that was already entered in order to correct it.
- Concerning the contracts, reports, invoices and any other software purchase documentation, be sure to keep them organized and accessible. This is really common sense but companies can face major challenges as team members come and go, companies relocate, departments move to other areas in a building, or are restructured entirely. It can be easy for records to be misplaced, lost, or discarded. If you use AppClarity, you can attach your entitlement records, invoices, and EULA documents to store them right along with the associated entitlement.
- Finally, it is important to have a central point of contact who is responsible for handling vendor audit communications. You need to manage vendor responses to prevent conflicting or unnecessary communication regarding potential or current audits. The SAM manager or executive sponsor should handle all contact and other employees should be instructed to defer any SAM related calls to the designated party.
On one side of the equation, SAM reduces the amount of shelfware that accumulates as a result of purchasing more than you actually need and can increase automation. At the other end of the spectrum it provides clarity on compliance risk and provides the confidence that you need to defend your true license position when you are faced with a software audit.
Yes, the reasons for a Software Asset Management strategy are compelling, and to be clear, Excel is not a valid Software Asset Management tool. Spreadsheets can’t fully choreograph the dance between installations, metrics, and entitlements (licenses, EULAs, maintenance, etc). With that in mind, use of a tool like 1E's AppClarity with its ISO 19770-3 compliant entitlement engine is very beneficial by providing a place for license details, contracts, and terms to be stored and analyzed in relation to your actual hardware and software inventory. Learn more about Strategic Software Asset Management by watching 1E’s on-demand webinar series.