Article What is Software Asset Management?

Your business likely has SAM in place to manage its software licenses (such as Microsoft Office). If not, then keeping this software up-to-date in terms of compliance, security, and capabilities can be a complex process to build from scratch.

Below, we discuss how today’s businesses are using SAM to lower the cost of deploying software across their organizations:

What Does Software Asset Management Do?

The fundamental goal of SAM is to keep your software assets (such as productivity applications) secure, compliant and up-to-date. This is done through a clearly defined and implemented process in your organization.

The specifics might be different, but in general, SAM teams keep track of software licenses deployed at your organization. Your SAM team will monitor how these licenses are used and/or your company’s software deployment.

They will want to know if these licenses are still active to ensure that your business is still paying for them and not using them illegally. Your SAM team will also ensure your software is up-to-date and in line with your organizational needs.

For example, your business might not want to add new features to its applications, but you want to keep your software up-to-date in terms of security builds and patches. This team will also look for ways to reduce software spending without hampering your productivity.

On that last point, when requesting new software, your employees will generally approach your SAM team (which could be led by a Software Asset Manager or Consultant).

You can think of SAM as your tool to keep your software running while also protecting your business from security gaps, compliance problems, and escalating costs.

How Does Software Asset Management Work?

First: SAM is done through a SAM team. This team can comprise of either in-house employees, contract staff, or a managed IT services provider (MSP).

Generally, the team will have a manager leading efforts to ensure compliance and use the SAM tool. In smaller businesses, the manager will also contact vendors, review license agreements, and steer SAM strategy.

Second: SAM defines how users are permitted to use software issued by the company. Your SAM will also build a mandatory process through which new licenses can be bought (such as for new hires) along with a system of approval.

Third: Your SAM team will be responsible for managing your software assets amid a disaster, such as fatal error, cyber attack or breach.

Fourth: When an employee has no need for a specific license, your SAM team is responsible for reclaiming and re-allocating it to another team member, or for withdrawing it so that the OEM does not continue charging your business for it.

Fifth: Your SAM team must ensure that your company’s software licenses are compliant with the supplier’s end-user agreements and local laws. It must always be ready for an audit check.

Software Asset Management ISO Standards

SAM has three ISO (International Organization for Standardization) standards: ISO 19770-1, ISO 19770-2, and ISO 19770-3. These ISO standards outline best SAM practices for your business.

ISO 19770-1

This standard requires you to have a SAM tool that clearly displays the state and allocation of your software licenses.

Not only does this help with the compliance auditing process, but you can also use it to monitor how SAM is helping your business lower its software licensing costs.

ISO 19770-2

Under 19770-2, you must have software identification tags (SWID) to map-out what software you have installed at your organization. The idea is for your software to be easily recognizable and to help keep track of the number of licenses in use at your company.

ISO 19770-3

With 19770-3, you will need software entitlement tags to outline how software licenses are allocated at your business or organization.

Common Software Asset Management Mistakes

Organizations typically commit the following three mistakes when deploying SAM solutions:

• Striving to automate the SAM process: There are numerous automated SAM tools that can perform tasks such as asset discovery and management. While this helps with one part of the SAM process, it’s unlikely that the entire scope can be automated. Deploying a SAM tool won’t result in automatic compliance for your business and could lead to a painful audit. Proper application of SAM requires monitoring and regular checks from an experienced team that’s aware of modern-day best practices.
• Failure to account for distributed environments: Some of the world’s largest companies have turned to remote employees to meet their hiring needs. As organizations run on-premises data centers and cloud-based ones in parallel, it becomes imperative to have an accurate view of software consumption, inventory, and entitlements. Your SAM team should aggregate data from all offices and remote locations, centralize it, and then conduct its regular maintenance checks. If remote employees aren’t accounted for, it’ll be impossible to get an accurate picture of the existing environment
• Bypassing the CIO: According to Gartner, shadow IT can account for up to 40 percent of IT spending in large enterprises. Simply put, shadow IT is technology that has been procured without taking the IT department into the loop. For example, the Head of Sales may sanction the procurement of Salesforce, a cloud-based SaaS solution to improve sales workflows, without consulting the CIO first. In fact, according to some estimates, 90 percent of CIOs aren’t consulted at all leading to the use of IT solutions within an organization without a proper vetting structure in place. If IT teams aren’t aware of existing IT solutions, then it won’t be possible for them to determine an accurate picture, and that will hurt your SAM processes.

Software Asset Management Challenges

Achieving maximum efficiency with your SAM can be tough. Organizations can overspend on software by up to 30% of their entire IT budget and many are over-licensed on software by 60%.

Under licensing exists, too. If you’re not careful, you could be sued for a colossal sum of money due to breaches in the software licensing agreement.

For example, software giant SAP sued brewer Anheuser-Busch InBev, a Belgium-based brewing company, for a staggering US$600 million as a result of a software licensing dispute.

There are a few reasons why legal quagmires could occur:

• Unclear and verbose licensing agreements: Vendor terms and conditions tend to be complex and ambiguous, and there are always new models to contend with. Before purchasing any software, organizations need to be completely aligned with the compliance and licensing agreements. Any ambiguities need to be resolved before the software is rolled out within the organization.

  After all, if you’re measuring your use incorrectly, you’re setting yourself up for an audit failure due to non-compliance.

• Complexities due to the cloud: As software shifts to the cloud, it adds more complexity regarding internal usage and compliance. While it’s easier for SaaS, IaaS, and PaaS companies to monitor usage, the onus is on the customer to ensure that they aren’t oversubscribed. Emerging tools to accurately track the use of cloud-based software could potentially help solve this problem.