Vendor audits are increasing, yet companies still have large amounts of unused, or rarely used software deployed on their networks which are draining money. At the same time, many have still to put the appropriate processes in place to both understand and manage these software assets.
Software vendors are stepping up the practice of auditing their customers for software license compliance. According to professional service firm KPMG, 52% of companies said that their losses from the use of unlicensed software came to more than 10% of their revenue. With an average of €9.6 billion a year being wasted on unused business software there is a worrying disengagement between the software that is being purchased and the use, and management of, said software. Many companies fail to recognise the full scope of their software real-estate or who is actually plugged into the various applications on their network.
With an explosive growth in software defined networking – which market research company IDC believes is on track for an 89% compound annual growth rate (CAGR) hitting an $8 billion market by 20183 – together with the advance of cloud enterprise platforms and the use of mobile devices, managing software assets and compliance is becoming a real challenge.
Companies need to deploy the right tools and put resources in place to enable a high level of process and license management automation to ensure they can manage their software budgets, ensure compliance, and lock down security moving forward. For example, the usage metrics provided by a software asset management (SAM) solution can be used to make informed decisions, and enable SAM managers to decide if they can re-harvest licenses to use elsewhere in an organisation or re-negotiate licenses where possible with software vendors.
Reducing The Security Risk
The link between IT security and SAM may not be an obvious one to many IT Managers, but by having an overall view of the software real estate, IT teams can not only monitor and audit usage, but also spot potential risks. Companies can better understand who has, and needs, access to sensitive information via which applications, and access permissions can be more logically restricted. SAM can prevent the use of suspect or malicious applications and identify and reduce the number of unused applications on a network.
If a security breach happens SAM can be an invaluable tool in analysing application usage on the network to see if any dubious software has been running. It can also be helpful post factum to re-track software usage and find the installations of the malicious applications, especially where companies need to adhere to regulatory compliance.
The increased trend of Bring Your Own Device (BYOD), and mobile devices logging onto networks remotely also means that rogue software may escape the firewall, but the ability to spot this and disable applications (if necessary) is a very powerful tool for the IT team.
Clouding The Issue
Knowing exactly what applications are installed on a network and who is using them is essential to ensuring a company does not break licensing laws and incur large fines as a result of an application audit by software vendors.
Equally, software that is getting little or no use, but is taking up a license, is a financial burden to organisations, and should be as important to SAM managers as non-compliant software on the network. By 2017, 35% of new applications will use cloud-enabled continuous delivery and DevOps lifecycles for a faster roll out of new features4. As the cloud trend moves apace, IT Managers need to get an accurate picture of software installed beyond their PCs and servers.
As with on-premise software, it is becoming increasingly commonplace for software vendors to audit the use of Cloud-based applications. Unfortunately Cloud licenses do not manage themselves. They need to be as carefully monitored as on premise applications or a company can find itself guilty of non-compliance or overspending on software.
Tracking on-premise and cloud-based software should be of equal importance in a SAM solution. It is desirable that this approach is not limited to device-based access. As well as monitoring how often an application is run on a device, it should also show who is using the application and where. With software audits on the increase, IT managers, who haven’t already done so, need to get their software assets in order. SAM delivers license compliance, but can also help prevent software over purchasing, shore up IT security and reduce support costs.