By John Smith

In my dealings with customers that are using Engineering and ERP applications I find that the most frequent cause of oversupply is due to local and uncoordinated software procurement activity.  Because there is no oversight at the enterprise level, licenses are obtained for new staff or projects without checking existing license inventory or application usage levels.

Furthermore, the software is deployed without having any tracking mechanisms in place, often on an unshared basis—meaning that only one department or group of users has access to the applications and licenses. These applications are also frequently purchased with sub-optimal contract terms attached.

By establishing central purchasing and control of software licensing, full visibility of your software assets can be achieved. Processes can be designed to reclaim and reallocate unused and under-used licenses (also known as license reharvesting), allowing your organization to only buying more software when absolutely necessary.

Another major benefit of this central control is that negotiations with each vendor can be carried out by IT procurement specialists who are knowledgeable of software purchase agreements and licensing terms and conditions. They are in a position to use more than just price as a lever to obtain the best deal.  They can use incentives that influence vendors (revenue recognition, for instance) to extract concessions that are significant to the corporate customer.  Professional procurement officers will end up with contracts that are flexible from the customer’s perspective and relevant to a modern, dynamic organization, covering possible eventualities like mergers, acquisitions and divestitures.

For example, the software may be leased for several years, instead of having the larger initial investment associated with perpetual licenses for software that may be superseded or become irrelevant due to technology advances.  Another example is to negotiate a clause that allows global access to the pool of (concurrent) licenses, to ensure the maximum utilization of the software assets.

Clauses may also be added that limit increases of maintenance costs or that provide access to emerging products at guaranteed prices.  And buy-back options may be negotiated so that legacy products and features may be exchanged or re-mixed for newly- released products. In some cases, such as for electronic design automation (EDA) software used by semiconductor design teams, remix can allow the organization to change the number of concurrent licenses available for each application in a set of design and verification tools depending on where they are in the design cycle.

To summarize, there are three major reasons to centralize software procurement and software license management:

To gain oversight of your software assets (know what is owned, deploy what was bought and use what was deployed)
To implement best practice processes that allow effective management of licenses throughout the entire software lifecycle, control costs and increase utilization of existing software assets
To negotiate better software contracts that are allow flexibility and cover the needs of a dynamic organization

***
To learn more about setting up a software asset management (SAM) program for managing concurrent licenses (e.g. for engineering and technical applications), please view our on-demand webinar: Creating a Mature SAM Process for Concurrent License Management

By Natalie Overstreet Lias and Martin Kurzinski

As more organizations adopt best practices based on standards such as IT Infrastructure Library (ITIL), infrastructure teams increasingly demand configuration management databases (CMDBs) and other configuration management systems in order to track key attributes of the organization’s IT environment.  The CMDB contains key attributes of the configuration items (CIs) under management, which may include not only computers (both physical and virtual) but also mobile devices, printers, routers, monitors, or any other item tracked as an IT asset.

Typically, the CMDB will include asset ownership information (either an individual or a department), the manufacturer and model information, and details specific to the type of device.  For example, a monitor may have a specific field for resolution or connector type.  In the case of computers, the machine’s CI will typically contain the processor and core count, the amount of memory and hard drive available, the IP address (if static) and MAC address, and the OS including patch level, as well as warranty and support information.  CIs for servers typically include some high-level application information as well.  This application information exists within the CMDB in order to provide information about the purpose and relationships of IT assets.  In general, this information is manually entered into the CMDB when the asset is brought online; its designated purpose is understood at configuration time and easily tracked in the CMDB as part of the organization’s standard server configuration process.

The data in a typical CMDB can certainly assist with software asset management (SAM) and software license optimization processes, but it is not sufficient for either purpose.  There are two missing ingredients:

• First, the CMDB will have no visibility into software license entitlements.  In some cases, CMDBs can be configured to link purchase information to IT assets, but in general a CMDB is not designed or scoped to actually create a record of, and manage, software license entitlements (including upgrade and maintenance entitlements). Nor do they typically keep a record of the raw software purchase order (PO) data.  Moreover, software asset managers are generally not the core users and consumers of the CMDB; they may be using the CMDB on a read only basis but will not make updates, unless they also perform hardware asset management functions.  For these reasons, it is usually impractical to make the CMDB a viable resource for tracking software license entitlements.
• Second, although the CMDB may have high-level information about which applications are installed on servers, it generally has no information about clients (desktops, laptops), except for the contents of the organization’s standard image.  Even its server application information is typically insufficient to correctly calculate software license consumption.  Because typical CMDB application descriptions are manually entered, they almost never have the amount of detail required to identify each installed component and calculate the associated license position.  Major applications will almost certainly be correctly documented, but it is rare to find quantities of named users, separately licensed options or add-ins, or other details in the CMDB.  These details are not required for the business purpose of the CMDB. Furthermore, the IT infrastructure team generally lacks visibility into the appropriate details for tracking software license consumption.

Software license optimization tools provide an Application Recognition Library that can distinguish standalone products, suites, versions and editions.  These tools also maintain a SKU library to automate purchase order processing and help generate a ‘purchased versus installed’ license position. And finally, software license optimization tools deliver a Products Use Rights Library that is used to automatically apply software license entitlements—product use rights, to minimize license consumption and reduce software costs. None of these capabilities is provided by a CMDB.

It is important to remember the goals for ITIL and SAM/License Optimization— how they are similar and also how they differ.  ITIL’s goal is to manage the logical model of the IT environment in the CMDB, thus enabling the ITIL processes: Incident Management, Problem Management, Change Management, Release Management and Configuration Management. The goal for software license optimization is to optimize the management of cost, risk, inventory, contracts and vendors throughout the asset life-cycle, including strategic planning, acquisition and retirement processes.

To properly incorporate the data in an organization’s CMDB into a software asset management and license optimization program, you need to consider the business purpose and contents of the CMDB and how they supplement the overall SAM data set.  The CMDB’s wealth of detail on IT (hardware) assets must be married with accurate software inventory information and correctly applied software license entitlements in order to successfully optimize an organization’s software license position.

***

To learn more about software license optimization, please read our white paper: Moving Up the Software License Optimization Maturity Curve to Drive Business Value.

Software license compliance audits are an established industry practice by which vendors are allowed to investigate customers’ actual software usage, and seek additional compensation in the form of a “true-up” penalty if use exceeds licensing terms.  According to Flexera Software’s 2012 Software Pricing and Licensing Survey, prepared jointly with IDC, software vendors are continuing to exercise their rights to audit their customers and true-up. 64% of enterprises reported that they have been audited over the last 18-24 months. And large enterprises (those with greater than $1billion in revenue) were audited three times or more over the same period. Moreover, 24% of enterprises said their total true-up paid over the past year was more than $1 million.

Part of the problem however can be traced to challenges companies face tracking and managing software licence use, and reconciling that use to ensure compliance with licensing terms.  According to the survey, one third of enterprises surveyed said they are either dissatisfied or very dissatisfied with their current method for managing software licenses and usage.

And the reason for that dissatisfaction is clear — 38% of enterprises indicated that 11% or more of their application spend is associated with applications that are overused, and therefore out of compliance, up from 26% one year ago.   Hence, vendors are looking to recapture some of that revenue leakage due to noncompliance via software audits and true-ups.

The major software vendors – those that typically account for a significant portion of most organisations enterprise application spend – are also the most aggressive auditors.  Enterprises reported that over the last year, they’ve been audited most frequently by Microsoft (51%), Oracle (275), IBM (24%), SAP (22%) and Adobe (19%).

“Software usage that exceeds the negotiated licence terms can represent significant lost revenue for software vendors,” says Amy Konary, research vice president – software licensing and provisioning at IDC. “There are many factors that make licence compliance difficult, including licence and IT environment complexity, lack of automation, and decentralised IT. IDC expects that vendors will continue to enforce their licence agreements with audits, and advises enterprises to pro-actively track and manage usage of their software licence assets.”

Clearly, organisations are facing tremendous challenges tracking and managing software licences, the end result being that they are having to fork out huge amounts of money by way of unbudgeted expenses annually. Adopting technology that facilitates the optimisation of software licences can not only take away the pain of software licence management, but also ensures costs savings in an IT environment that encompasses traditional, cloud, virtualisation, enterprise appstores and more.

This licensing and pricing survey is the eight in the series. Since 2004, Flexera Software has produced the Key Trends in Software Pricing and Licensing Survey in conjunction with several industry partners such as the Software and Information Industry Association (SIIA), the Centralised Electronic Licensing User Group (CELUG), and Electronic Design and Automation (EDAC). In 2009, Flexera Software joined forces with analyst house IDC for the survey. Executives and managers at 334 software vendors, intelligent device manufacturers, and enterprises participated in the survey.

Earlier this week we received a query from a company who had spent 2 and a half week’s manually cataloguing software installed across their organisation. 2.5 weeks is a small time frame compared to many others still working in this way! Since software typically represents 25% of an organisation’s total IT budget, it makes good sense to keep a close eye on how, where and what you buy.

As the global installed base of PC’s edged past 1.5 billion, the Business Software Alliance published a report which indicates that the total worldwide software piracy rate in 2011 was 42% – of the 1.5billion PC’s installed that’s a commercial value of £167 million! So there’s little wonder why vendors such as IBM, Adobe and Microsoft are frequently knocking on organisation’s doors requesting to know their Effective Licence Position (ELP).

According to Gartner 65% of respondents received an audit from a software vendor in the last 12 months – so if you haven’t been audited yet you’re one of the lucky ones! But this doesn’t mean that you’re excluded.

But the impact of software piracy goes way beyond income lost to the software industry, says Sarah Coombes, BSA’s Managing Director for anti-piracy. And we are inclined to agree with this. Effective Software Asset Management is about Tools, People and Processes. Organisations that strive for compliancy will only manage risk, and not future proof their business.

Tools – Today’s technology provides a hardware and software Inventory, giving you up to the minute information on what you already have. This can be automatically reconciled against licence entitlements to give you an Effective Licence Position (ELP).

People – Once an ELP is established this requires a team of dedicated SAM Professionals to ensure that the asset information is kept accurate and up to date. Maintaining your SAM Plan can enable you to automate this process to control your company’s software more effectively and be in a better position to handle organisational changes.

Processes – By creating Policies and Procedures to establish guidelines for software installed – including who is using it and when organisations can re-harvest unused licenses can achieve significant savings. For some companies, this is automatically repeated every 2 – 4 hours which can mean never having to buy an unnecessary licence again!

Your software is an invaluable asset, so it’s important to know what you have and how it’s being used. Many businesses over spend on licenses because they don’t keep accurate records of what they’ve deployed. Under most licence agreements, companies are obliged to maintain records of every purchase and upgrade, but many lose track of this process. So whilst they understand the risks of using unlicensed software, they struggle to work out which licences need renewing and often waste precious funds on licenses they don’t actually need.

Implementing SAM protects your software investments and helps you recognize what you have, where it’s running, and if your organization is using your assets efficiently.

http://www.certero.com/UK/Software-Asset-Management/21347

Gartner ‘The Software Vendors That are Auditing Now and what to do About It’ 2012

BSA Global Software 2011 Piracy Study http://portal.bsa.org/globalpiracy2011/

Certero MD John Lunt

IT software specialist Certero is aiming to revolutionise the Software Asset Management (SAM) market with a revamped solution helping organisations to save valuable time and slash costs.

The Warrington firm is launching its brand new AssetStudio V4 at this year’s Gartner IT Financial Procurement and Asset Management Summit, at Park Plaza, Westminster Bridge, London running on October 10 and 11. It is a Platinum Sponsor of the event.

Certero Managing Director John Lunt said the firm’s new modular based solution breaks down SAM complexities by giving organisations 10 comprehensive modules which can be chosen individually or used to work together.

“This is a terrific platform to be launching our brand new SAM solution,” said Mr Lunt. “We have invested years of energy and resource into developing AssetStudio V4. We wanted to produce a SAM solution which is simple to use and critically offers greater flexibility. We believe AssetStudio V4 will revolutionise the SAM market helping to make complex administration a thing of the past. The management of software assets will no longer be restricted to the experts, the User Interface provides an intuitive solution for everyone.

The Intelligent Platform Manager brings together all of the modules into one seamless solution. Furthermore there are no hidden costs as is often the case with SAM solutions which require ongoing training from consultants.”

Mr Lunt said the modular approach allows organisations to adopt a ‘buy what you need’ strategy rather than paying out for everything up front.

“AssetStudio V4 ultimately allows much greater choice,” he said. “It enables individual modules to be applied depending on the needs of the user. The customisable dashboard gives users complete visibility of software assets making any combinations of solutions possible. The built in reporting engine provides business intelligence in just a few clicks to enable historic, current and predictive views on software trends. AssetStudio V4 offers one complete SAM solution.”

Certero is also unveiling a new Oracle licencing solution at the Gartner Summit. The latest solution adding to the portfolio will place Certero as one of few firms in the world that is both an Oracle compliance Tool Vendor and Oracle SAM services provider.

Further to the AssetStudio relaunch Certero is also unveiling a new Oracle licencing solution. This is one of world’s only solutions which acts as both a compliance tool and SAM services provider for Oracle software.

“Every year companies spend millions on Oracle,” said Mr Lunt. “Licence compatibility for this software is notoriously complex. Organisations are often unclear if they have complete licence compliance or if in fact they have paid large sums of cash for unnecessary licences. Certero’s Oracle module allows organisations to easily manage their datacentre licences. It has a unique reconciliation engine which provides complete visibility for any network. Critically it ensures continuous up-to-date compliance by automatically analysing licence entitlements and highlighting the need for upgrades or downgrades. To complement this solution we have also developed a range of Oracle SAM services including audit services, software assessments, licensing training and help desk support. Both AssetStudio V4 and the new Oracle module reinforce our position as a leading one-stop-shop for independent licensing and SAM guidance.”

Enterprises embracing software licence optimisation and saving millions of pounds

With software spend reaching an all-time high for enterprises across all continents, and Gartner predicting spending on global enterprise application software to total around $120.4 billion this year, up from $115 billion in 2011; there has never been a more compelling time for businesses to review their approach to managing their software estate. Software licence compliance audits are becoming more frequent, and businesses are under continuing pressure to reduce costs and curtail the resulting 7-8 figure un-budgeted software expenses resulting from non-compliant use. As a result, there is increasing focus on software licence optimisation as a means of meeting these challenges.

Solutions to manage the software estate vary, and in most organisations the information pertinent to software licences is often siloed, with purchasing, contracts/legal and operational IT often not having the software asset management technology or processes in place to share critical information about software purchases, entitlements and installations.

Coupled with this, enterprises are also demanding IT and application functionality as a service i.e. Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). With the recent landmark EU ruling in the Oracle-UsedSoft case, which saw the legalisation of the re-sale of software licences, the complexity of how software is purchased and delivered is increasing.

A recent report by Gartner stressed the need for enterprises to go beyond traditional approaches to software management and implement ‘licence optimisation’ to meet today’s licence management challenges. Licence optimisation helps automate the process of managing the software estate, and provides a foundation for individual groups, such as those mentioned above, to share critical information to optimise software spend and ensure continuous licence compliance.

Vincent Smyth, General Manager for EMEA at Flexera Software says, “We have long espoused that organisations seeking to maximise the value of their software estates must understand software license optimisation and implement it within the enterprise. Gartner’s report validates this proposition. Given the way we consume software is becoming more complex, with virtualisation and the cloud – it’s become even more compelling for organisations to adopt a software licence optimisation approach that can manage this complexity.”

Flexera Software’s customers who are embracing licence optimisation are already seeing multi-million pound savings. One global organisation has recently reduced its software licence costs by more than $35 million for just two major software vendors and it hopes to see similar savings with others. Another discovered that 20% of its SAP licences were unused and saved over $1million.

As enterprises look at ways of making their IT resources go further, software licence optimisation must be a primary consideration. This next-generation software asset management approach goes hand-in-hand with best practice processes, which translates into ongoing, quantifiable cost savings as a matter of course.

For more information, visit: http://www.flexerasoftware.com

EU Court Ruling Expected to Grow Secondary Software Market, but Used Software Not the Real Cost Cutting Means for Enterprises, Says Flexera Software

The recent European Court of Justice (ECJ) ruling in the Oracle-UsedSoft case, which legalises re-sale of software licences, is a landmark verdict and has caused reverberation in the software publisher community. The final decision on this case is yet to be made by the German court, who is expected to be guided by the ECJ’s ruling. If the German court rules in favour of UsedSoft, it is almost certain that the ruling will abet the rapid growth of a software secondary market. Enterprises are likely to see the used software purchase option as a means of curtailing software cost, which forms a significant part of the overall IT budget.
 
However, used software is not the real means of cutting software costs. Enterprises can own ‘new’ software and yet lower their costs between 10 and 30 percent simply by taking control of their software estate and optimising their software licences. Often, enterprises purchase more software licences than actually needed simply due to risk of software vendor audits and the fact that they don’t know what they have installed and what their use rights entitle them to use. Many organisations don’t know what is actually being used and how much is shelf-ware. Visibility into the software estate and the ability to tie back software installations and usage to the licence entitlements detailed in software licence agreements is necessary to significantly reduce software expenses.
 
Therefore, regardless of the whether enterprises purchase new or used software, without insight into the software estate, including a detailed understanding of licence entitlements (product use rights), enterprises will still be prone to over spending. Further, the software licence cost is often the lesser of the two components of overall software cost with ongoing maintenance fees being the major portion of software expense. Currently in a used software market, there is ambiguity in this software maintenance area and the true extent of the value proposition of the secondary software vendors is not entirely known. The cost savings made from purchasing used software may be offset by the increased risk of issues around ongoing software maintenance.
 
Whatever enterprises’ preferred method of software purchase, to inherently reduce software costs and mitigate the foreseen and unforeseen risks of licence non-compliance, enterprises need to automate software asset management and licence optimisation procedures. In doing so, they eliminate over-buying or under-buying of software and facilitate re-purposing of licences – i.e. re-assigning licences from users who are not using the software, to those who actually need them, saving the business substantial additional licence purchase costs, which brings down software costs in real terms.

A DMH Stallard panel debate held last week, Securing Your Data in the Data Explosion, saw a lively discussion amongst over 40 senior business leaders on both the strategic and technical issues surrounding data security.

Key issues raised by the panel, with speakers from ASOS, Blackfoot, DMH Stallard and Ramsac, included the pros and cons of Bring Your Own Device polices, the issues surrounding the deletion of data and the role of IT departments in moving businesses forward in an increasingly data driven age.

Discussions and debate revealed some reluctance and uncertainty from directors on how to adopt best practice to address some of the issues raised, which was attributed to a number of factors. Security, compliance and who to ask for a second opinion remain key obstacles to moving the businesses forward in terms of IT innovation.

Bring Your Own Device (BYOD) and Managing Mobile User Access

“Who owns the device, who owns the data and what is the risk for me?”

Both the audience and the panel were divided on the benefits of a BYOD policy allowing users to supply their own devices and the potential pitfalls that such a policy would bring.

BYOD offers employees and corporations countless business benefits from increased efficiency to controlled costs on providing a mobile workforce. The culture of BYOD is growing across all types of organisations, but can leave businesses open to huge potential risks if their security issues are not appropriate.

“Empower your staff, make them care and make them aware. Let your staff realise that their own personal data may be at risk if best practice and your policies are not followed.”

Attendees highlighted that businesses who embrace BYOD can gain significant competitive advantage. By creating an enabling culture, not only does worker satisfaction increase, and the consensus was that businesses are likely to get more out of their staff as a result. BYOD programs also offer the potential to shift costs onto the user, saving businesses additional expense.

However, attendees were wary of several issues with concern centred on the lack on control over the IT hardware and how it was used. One attendee stated that their organisation would be hesitant to develop such a policy as they remain cautious of the potential blurring of the lines between the professional and personal lives of their employees. Another stated the issues surrounding increasingly popular products, including iPhones and Blackberrys, may lead to data leakage issues. Businesses may be unaware that using these products may result in their data being stored in the US, opening business up to scrutiny under the USA Patriot Act, which the FBI can use to get access to companies’ confidential data.

Panellists highlighted that there was a need for a defined policy for BYOD which makes it clear what the expectations are from employees. Others highlighted the need for clear disciplinary processes to be put in place, so all staff are aware of the repercussions of ignoring policy. This should be coupled with making staff care about the data by explaining that their own personal data could be at risk too, with one panellist suggesting that up to 40% of data breaches are due to behaviour of staff. An issue highlighted by one audience member was the potential problem of retrieving company data should a worker leave. There should therefore be a joiners and leavers policy in place which governs how the data will be retrieved from the device, and who has what data. Several audience members pointed to the various virtualisation and partition services which are available to business in order to ensure control of data on an employee’s device. The services allow data to be controlled by the IT team and can allow the business to remove all data at any time.

Next Steps

The panel came to the conclusion that the following three point plan was appropriate to move forward with addressing business data security issues:

1. Segmentation –audit the data identify via what data you hold and who can access this data
2. Ramifications – what are the likely financial and reputational implications of losing this data and act accordingly
3. Personalisation – a one size fits all approach is not applicable and each business should take steps that best work for it.

The debate follows the publication of DMH Stallard’s recent report into data security.

To register to receive a copy of this report then please email frank.jennings@dmhstallard.com.