Effective software asset management ensures that employers have the proper tools they need while maximising value for the organisation. In both traditional and cloud environments, remaining compliant with software license agreements is not easy and the practice of managing the lifecycle of software assets within an organisation is critical.

In this overview, we’ll look at software management, including:

• The benefits.
• The risks.
• How to do it properly.
• Preventing unlicensed software in your business.

How it benefits you

The practice of getting the most out of your software is known as Software Asset Management (SAM). It’s an approach that covers the five stages of the software lifecycle (planning, requisition, deployment, maintenance, and retirement). It has three core benefits: reducing your costs, reducing your risks, and maximising your investments.

Software can account for a significant amount of your IT budget, so it makes sense to keep a close eye on it. A good SAM plan means you’ll only acquire the software you need, and ensure your employees only use properly licensed software. You’ll only pay to upgrade what’s being used and have a better negotiating position with software publishers, which can lead to significant discounts. You’ll also know exactly what infrastructure and hardware you need, cutting out redundant and costly technology. This helps lay the groundwork for a move to the cloud, by helping map out exactly what you have and what will need to be transformed. It also means that, through having legitimate software, you access a complete array of support from the product’s publisher, including official upgrades, offers, training and insight into how to best use it.

The key to good control is having a separate budget for software. This allows you to plan for purchases and upgrades in an orderly way, by being able to anticipate what you’ll need. It also allows you to track purchases accurately and easily spot unauthorised copies of software in your business.

 

How it protects you

Malware is a major threat to all types and sizes of business. SAM gives you a significant advantage in your fight against cyber threats, by helping you map exactly what you’ve got, identifying gaps and vulnerabilities in your IT systems.

Most security experts will tell you that the biggest risk to businesses isn’t a new piece of malware or virus, it’s people – and more specifically, the errors they make. SAM can help you develop policies and procedures that detail how you obtain software and what you use it for. Those policies and procedures can then be used to educate employees and help avoid situations where they might install unlicensed software. If employees know the correct way to procure the software they need, and if you’ve already done the work by knowing exactly what they do and don’t require, then the need to download something unofficially is greatly diminished.

One of the biggest weaknesses cyber attackers exploit are holes caused by outdated software. Put simply, SAM helps you see when you need to update software. It also guarantees that you’ll be using officially-supplied software, which in turn gives you access to vendors’ own support and update programmes, sealing holes before they can be exploited.

Finally, it gives you peace of mind that you are using official, legally sourced, and supported software. So many elements outside of your control can affect your business; the last thing you want is for a rogue piece of software to cause you significant legal and financial damage. By knowing what you have, what you need and what you use, SAM allows you to identify unlicensed or illegally used software and remove it quickly. This in turn shuts down any possibility of costly and time-consuming legal battles if you were found to be using illegal software. SAM helps you see when you need to update software.

SAM gives you a significant advantage in your fight against cyber threats.

How to do it properly

Effective software management is an iterative process. It’s not a ‘one-and-done’ action, but an ongoing cycle. This is critical, as not only is the first attempt never perfect, nothing is constant. Everything, whether it’s the industry you operate in, the technology you use or your own business, changes and evolves. The best way to keep it going and ensure that you continue to get the most value out of your software is to implement a continuous cycle of improvement. Specifically:

 

Plan:

Identify what you need and what your SAM objectives are

Identify what support and resources you will need to implement SAM (such as a SAM consultant)

Put together a plan for your SAM implementation

 

Do:

Check what software you have and whether you have enough licenses

Make sure you have records of your hardware and software purchases and licenses

Make sure you have implemented security measures, so that your SAM processes follow the information security requirements of the organisation, as well as ensure employees understand their role in cybersecurity

If you have outsourced any of your IT (such as when using cloud services), or allow employees to bring their own devices in, make sure your processes address the requirements for SAM

 

Check:

Put steps in place to monitor the implementation of SAM in your organisation and run those checks on a regular basis

Ensure that all parts of your organisation are aware of how you are implementing SAM

 

Act:

When an issue does arise (for example, if an employee did install unlicensed software), take clear, documented steps to deal with the issue promptly

Think ahead about future changes to your IT infrastructure (such as if you will allow employees to use their own devices, or move to the cloud, or completely outsource IT) and what you can be doing now to prepare the organisation for those changes

Keeping unlicensed software out of your business

The business can make a conscious effort not to use illegitimate software, but what about employees (however well meaning)? Training, processes and policies will ensure that no one purposefully installs unlicensed products. That said, small businesses may not have the time to properly evaluate how they acquire the software they need. In that instance, it’s important to remember:

• Make sure you have the buy-in of top management in your organisation for software asset management
• Having an employee with responsibility for software asset management role will ensure there is someone in your organisation controlling how software is acquired, deployed, used and retired
• Develop written policies, that employees can sign, to make them aware of their responsibilities for looking after the IT equipment
• Don’t allow employees administrator rights on their IT equipment. This will limit their ability to download and install unlicensed software
• Only procure software from vendor-certified partners to ensure that the software you buy is legitimate and properly licensed software
• Make sure you know what software you have and on how many computers the software is installed
• Carry out regular audits of your IT systems to ensure that you have not over-installed software or that your employees are not making use of unlicensed software
• Make sure that your software is regularly updated to stop hackers exploiting vulnerabilities
• Be wary of software products that come without any documentation or manuals
• Watch out for products labelled as academic, OEM, NFR, or CD-R. For more on those terms, take a look at Software Licensing – The Basics.

Conclusion

Proper software asset management takes time and effort, but the payback is well worth it. If you have followed the process outlined in this guide, you have taken the steps necessary to get the full benefit from purchased software and eliminate your company’s exposure to the risks of unlicensed software.