By Louella Fernandes, 18 September 2008 08:00
COMMENT
Mismanaging software licensing can lead to extra costs and damaged reputations. Quocirca's Louella Fernandes explains how to make sure this doesn't happen to you.
Many organisations unknowingly overspend on software license agreements and maintenance. This is typically a result of organisations struggling to understand and manage complex licensing and pricing models, across multiple vendors.
Technology changes also complicate licensing and are difficult to predict. For example, the growing popularity of virtualisation and increasing employee mobility mean IT departments are under further pressure to keep up to date with the different types of software licensing and patterns of usage.
Exclusive column: The Naked CIO
See what this CIO really thinksÂ…
Naked CIO: Fishing for data
The Naked CIO: The great recovery disaster
The Naked CIO: Best backgrounds for CIOs?
The Naked CIO: Why boards get IT spend so wrong
The Naked CIO: Tech's weasel words
The Naked CIO: Poisoned BlackBerrys
The Naked CIO: Enemies of the state
At the same time, the issue of compliance is ever more present as audits by third party firms such as the Business Software Alliance and the Software and Information Industry Association are becoming more and more frequent, in response to the large amount of unlicensed software being used globally.
However, despite the high financial costs associated with non-compliance, not to mention the potential negative publicity, most organisations today struggle to adequately track and manage software licence usage.
The end result is that few organisations today accurately know what software they are running, how much they have paid for it, who and how it is used - and, in fact, if it is ever used at all.
This lack of visibility into licensing has significant implications on software purchasing decisions and can lead to compliance problems. Some organisations, in order to contain software costs, may purchase too few licences, leading to users not having access to the applications they need or using them without a licence.
Other organisations may overcompensate and buy extra licences - which they don't need - to make sure they are covered.
All this can lead to unnecessary support and software update fees.
A high proportion of organisations use manual techniques to track software licences, which are prone to error as well as being costly in terms of resources. This also only tells half the story - manual records may report what software is deployed but not if it is under- or over-utilised, for instance.
Using effective software licence management tools is essential for centralising licensing operations and obtaining accurate, granular usage data to properly track and report on licence usage. This not only puts organisations in a stronger position when renegotiating software contracts but also reduces the management burden on IT.
To manage software licences, some organisations have invested in software asset management (SAM) tools from companies such as BMC Software, CA, HP and IBM. However, while traditional SAM solutions can look at what software is installed, where and by whom, they may fall short on determining how software applications are being used.
The 'how' dimension is addressed by compliance monitoring tools from companies such as Acresso (formerly part of Macrovision) and Safenet, which supply technology to software publishers. Such tools continually monitor software usage and in some cases this technology can be used by publishers to enforce licensing.
Products such as Acresso's FLEXnet Compliance Monitor use a non-intrusive agent to collect data from applications, and can be configured to support a wide range of license models. This enables publishers to proactively manage entitlements as well as create flexible licensing models for their customers based on usage.
Meanwhile end-user organisations can also use licence-monitoring solutions to reconcile application usage with entitlements, thereby potentially minimising time-consuming physical audits, preventing over-deployment of software and gaining an accurate view of their application usage.
For organisations to gain the most value from such compliance monitoring tools, their software suppliers should already have enabled their products with third-party licensing technology.
The legal and financial risks, as well as the negative publicity of non-compliance, cannot be ignored. Because of this software licence management is an issue that should be a priority for board-level executives as well as IT managers.
To stay ahead of the game and avoid the extra work and costs associated with compliance testing, Quocirca recommends organisations should move to centralised software purchasing to gain a better handle on their software assets.
As a first step to ensuring compliance, they should then identify the software applications which are the highest value to the organisation and aim to understand how this software is actually being used.
By using a compliance monitoring system, organisations can gain an ongoing insight into usage and then use this information to optimise software spending and negotiate favourable terms with software vendors.
Finally, organisations should self-audit periodically to ensure that software purchasing and licensing policies are being adhered to. Ultimately, conducting such proactive audits means organisations can demonstrate and maintain compliance in the event of an external software audit.
Comments
There are 2 comments. Join the discussion
1. Kosten Metreweli
I agree this is a a huge problem - and most organisations don't really understand how significant it is. We recently completed a project with an investment bank who were about to undergo a licence audit by one of the big infrastructure software vendors, and they found that they had overestimated their usage by 2x.
Couple of other points on 'discovery' in traditional Software Asset Management tools - these tend to work well for desktops, but for data centres:
- Rolling out an agent across all target platforms is nearly impossible (I've seen 70% coverage at absolute best) - so you never get an accurate usage count.
- These products often rely on a 'MD5 checksum' approach to identifying software on servers - if you're using a shared filesystem, this not only kills the storage backend, but it also appears that all software is installed on every server!
2. Julie Strawson
While software applications are recognised by most companies as intellectual property that require licensing, font software is not. But font software is also intellectual property, protected by the same copyright laws as software applications and needs to be licensed. In our experience, many organisations believe they only have fonts supplied with operating systems. When a thorough font audit is carried out they usually find they have acquired many more fonts in use in the organisation in need of licensing. On auditing their fonts some organisations have discovered they are harbouring thousands of fonts on their network unnecessarily, are experiencing significant support issues due to font quality issues and they are over-licensing causing unnecessary expenditure.
Including fonts in a software audit is straightforward now there are tools available to discover fonts quickly. The tricky part is ascertaining whether there are any unlicensed fonts or unused licenses on a company’s system. Help from specialists to do this saves time and once completed it’s critical to implement control processes to maintain your position. Central control of font acquisition and deployment is key to this. Maintaining the company’s position transparently using an online database also helps keep you on track. Such measures can considerably reduce the problems of proving ownership or over-compensation and, more pertinently in the current economic climate, bring significant savings and mitigated risk to the IT department.
Julie Strawson, Director of Marketing, Europe
Monotype Imaging