White PapersBy affording organisations a greater level of visibility, control and automation, SAM can help significantly reduce overall software spend and differentiate areas in need of critical investment from wasted purchases and effort. At the same time, this visibility and control can be extend to software licensing, to ensure that the organisation is accurately licensed for all software in use across the network.
In a nutshell, if you can understand what you’ve got, where it is, how it’s used, how it’s licensed and when it needs to be updated or changed, you’re well on your way to an improved enterprise IT infrastructure. And that can have a significant benefit on IT’s bottom line.
INFRASTRUCTURE MANAGEMENT Rev 3.0 March 2010 Best Practices White Paper Getting a head start in Software Asset Management Managing software for improved cost control, better security and reduced risk SAMSAMPeoplePeopleProcessesProcessesTechnologyTechnologySAMSAMPeoplePeopleProcessesProcessesTechnologyTechnologyUntitled DocumentGetting a head start in Software Asset Management 2Table of Contents 1 Understanding SAM ..........................................................................................3 1.1 Cost Control.........................................................................................................5 1.2 Greater Security...................................................................................................6 1.3 Decreased Risk ...................................................................................................7 1.4 Improved Governance .........................................................................................8 2 Getting started with SAM..................................................................................9 2.1 Inventory............................................................................................................10 2.2 License Capture.................................................................................................11 2.3 Identification & Validation ..................................................................................11 2.4 Reconciliation ....................................................................................................12 2.5 Automated Software Deployment......................................................................12 3 The Fast Path to SAM......................................................................................14 4 About FrontRange Solutions..........................................................................15 Untitled DocumentGetting a head start in Software Asset Management 31 Understanding Software Asset Management For the majority of organizations, software represents one of their largest spends each year whether it is buying new licenses, upgrading applications, paying for support and maintenance or covering the labor cost associated with maintaining availability and productivity. In fact, research from McKinsey suggests that in 2010, software will account for 35 percent of all IT spend. With IT budgets and the general economy still uncertain organizations need to have confidence that every single dollar, pound or euro committed software is well-spent. But managing software effectively isn t just about as thrifty as possible. In fact, skimping on software spend can also lead to significant troubles and costs for the organization. In its Data Center Polling Indicates IT Asset Management as an enabler paper of 8th March 2010, the analyst firm Gartner reported that the number of organizations receiving at least one software audit request in the last 12 months had jumped to nearly 60 percent (up from 30-35 percent in 2008, and 56 percent in 2009). Addressing these two key issues effectively minimizing the cost of acquiring and managing software, while not exposing the organization to unnecessary risks is what Software Asset Management (SAM) is all about. By affording organizations a greater level of visibility, control and automation, SAM can help significantly reduce overall software spend and differentiate areas in need of critical investment from wasted purchases and effort. At the same time, this visibility and control can be extend to software licensing, to ensure that the organization is accurately licensed for all software in use across the network. In a nutshell, if you can understand what you ve got, where it is, how it s used, how it s licensed and when it needs to be updated or changed, you re well on your way to an improved enterprise IT infrastructure. And that can have a significant benefit on IT s bottom line. An overall SAM initiative can typically be broken into five constituent parts: 1. Project planning and scoping it s vital to know what your SAM project is setting out to achieve before you commit resources and budget 2. Discovery what applications do you have on the network, where are they, are they actively being used etc. Untitled DocumentGetting a head start in Software Asset Management 43. License management are applications appropriately licensed, are there unused or duplicate copies, etc. 4. Deployment how to manage the deployment of new software, updates, migrations, initiatives, etc. 5. Patching & Configuration Management is the software up to date and secure, which versions need patching, retiring etc. What helps SAM stand out as a must do IT initiative is the tangible effect it has on the bottom line. In research conducted by FrontRange Solutions and its partners, the vendor found that typically organizations over-spend on software procurement by around 20 percent. This is because the majority of companies will leave unused software dormant on PCs without re-harvesting the licenses, estimate their volume license requirements rather than base them on current audit information, fail to clamp down on maverick software purchases, fail to buy software through the most cost-effective means this list goes on. Companies that have made an investment in SAM report significant savings, usually across four key areas of IT operations: 1. Software purchases full visibility of the total number of applications installed on the network, allied with a clear view of whether they are in use or not enables IT and procurement managers to make better decisions about software acquisitions. Analyst firm Gartner cites eliminating unused software and harvesting unused licenses as two of its Top-20 ways to cut IT costs. 2. License negotiations aside from managing the cost of individual software purchases, SAM initiatives help organizations understand their true IT needs, putting them in a better position to negotiate favorable volume licensing agreements (based on actual software installations, not estimates). Again getting tougher with vendors is a Gartner Top-20 must-do for managing IT costs. 3. Automation of key tasks by using automation, critical jobs such as rolling out new applications or applying security updates can be done across hundreds of PCs in a matter of hours, rather than days or even weeks. This not only accelerates the availability and ROI of new technologies, it also frees up IT staff to concentrate on other tasks. 4. Reduction of support and maintenance payments FrontRange s research found that typically 2 percent of the available software budget is wasted paying for support and Untitled DocumentGetting a head start in Software Asset Management 5maintenance on software that is no longer in user. By bringing the finance and IT functions closer together, organizations can eliminate over-spend on supporting unused or retired software Despite all these obvious advantages, some detractors will cite complexity as a reason to put off investment in SAM. Indeed, SAM in its fullest sense following the guidelines as established in the ISO 19770-1 SAM standard might seem intimidating. It s a comprehensive best practice outline which, while very worthy, could take years to complete. However, the key aspects of SAM particularly the four areas mentioned above are far quicker to implement and thus can deliver a real benefit to the bottom line in just a few months. What s more, whatever short-term work is done will benefit the organization s longer-term goals, whether in terms of SAM-specific benefits or a wider IT management strategy around standards such as ITIL. Let s now take a look at some of the tangible ways in which adopting SAM processes and technologies can help reduce IT costs, improve security, minimize risks and provide for more effective IT Governance: 1.1 Cost Control In theory, software purchasing is a fairly straightforward process: You buy what you need. Yet, inherent in that process are several questionable assumptions: What exactly do you already have? Of that pool, what are people actually using on a regular basis? What is already up to date? What is not? One of the goals of SAM is to deliver those answers, enabling the IT group to achieve full visibility of the software on the network and take control of software licensing and lifecycle management process. By knowing what you currently have, you can accurately budget and plan software purchases. By knowing what people are using (or not using), you can eliminate waste and redundancy, reallocating unused licenses or avoiding unnecessary purchases/upgrades. Moreover, a comprehensive picture of current software usage across the organization enables IT and business managers to negotiate more advantageous pricing whether in the form of volume licensing agreements or re-working existing maintenance contracts to ensure that retired and unused licenses do not continue to require support fees. Untitled DocumentGetting a head start in Software Asset Management 6The analyst firm Gartner believes that many organizations have up to 20 percent redundancy in software on the estate i.e. one in five purchased software titles is not in active use. That s a massive and unnecessary drain on IT budgets. Looking at the economy as a whole, a leading analyst firm recently reported that organizations that fail to incorporate software usage and inventory data into their asset management will overbuy licenses for 60 percent of their portfolio and will be out of compliance on another 30 percent of their portfolio. Either way, those companies risk losing out financially. 1.2 Greater Security Tracking software on the network can also help dramatically improve network security. For example, after a critical vulnerability alert is released for a particular application, organizations with a full and up-to-date IT inventory will know which machines are affected and where those machines are on the network. Armed with this information, administrators can quickly decide to deploy a patch (if available) or even quarantine the affected PCs (especially on older, unsupported platforms). In August 2009, the SANS Institute (a well respected organization involved in IT Security training and certification) published its Twenty Critical Controls for Effective Cyber Defense: Consensus Audit . The Consensus Audit Group (CAG) comprises past and current CIOs and CISOs from federal agencies in the USA, who came together to agree on a prioritized set of 20 critical security controls. Of these prioritized controls, the first two are: #1 - Inventory of Authorized and Unauthorized Devices And #2 - Inventory of Authorized and Unauthorized Software Specifically, the CAG states that before anything else, organizations should: Deploy software inventory tools throughout the organization covering each of the operating system types in use, including servers, workstations, and laptops. The software inventory system should track the version of the underlying operating system as well as the applications installed on it. Furthermore, the tool should record not only the type of software installed on each system, but also its version number and patch level. Untitled DocumentGetting a head start in Software Asset Management 7For any organization either already invested in SAM or about to kick-off a SAM project, this is good news, as a class-leading software inventory solution such as FrontRange Discovery can help kill two birds with one stone. That very same information that s critical to establishing what software is on the network (and therefore requires a license) can also be used by security professionals to check for authorized and unauthorized software. Similarly, IT managers can use audit reports to monitor networks for applications known to pose security risks such as file sharing software and take proactive steps to eliminate those applications. 1.3 Decreased Risk Organizational risk is not limited simply to security; it also strongly corresponds to the legal risks associated with software non-compliance, lack of policy enforcement, inappropriate usage and more. Industry research shows that roughly one quarter to one half (depending on your geographic location) of all software worldwide is pirated or unlicensed, and much of this resides on corporate networks. This leads to several issues from a legal standpoint, not the least of which is the potential for heavy fines levied against those organizations found to be guilty of software piracy. With software industry watchdogs such the Business Software Alliance (BSA) now offering rewards of up to 1 million for those that blow the whistle on corporate piracy, and almost every major vendor ramping up its compliance activities (a natural reaction when new license revenues are suffering), the chances of facing an audit have never been higher. According to one Gartner survey in March 2010, around 60 percent of organizations will face at least one audit annually. IDC has a similar take, putting the figure at around 55 percent. And at a recent Gartner SAM event, around 75 percent of the audience said they had been subject to at least one audit in the last 12 months. Whichever figure you chose to rely on, the simple fact is that your organization needs to be prepared for an audit. Turning to Gartner once more, it said that one of its clients suffered costs approaching 500,000 simply responding to a vendor audit a cost that would have been dramatically lower had the organization already established its license position ahead of the audit request. Untitled DocumentGetting a head start in Software Asset Management 8 Note: Vicarious Liability This issue of software piracy is compounded thanks to the principle of vicarious liability, where the organization bears responsibility for practically all actions of its employees. As such, whether it is installing unlicensed software, copying music and video files to the network or unwittingly propagating viruses it is the employer that has the legal responsibility to guard against the misuse (intentional or accidental) of its IT systems or face the risks of damage to their reputation. 1.4 Improved Governance SAM provides several key benefits for business management beyond those discussed above. Current and comprehensive software asset control improves IT-related business functions, from support and service management operations (knowing what exactly is on the system and the respective configurations speeds time to resolution) to release management to faster and easier mergers, acquisitions, business consolidations or expansions. Knowing exactly what s on the network also allows organizations to focus more on running the business and less on trying to keep up with IT systems, facilitating planning for future IT initiatives, migrations, new hardware or software purchases and more. Yet while the benefits of software asset management are readily understood and the various components are straightforward, the implementation can seem daunting. For many IT departments, the idea of identifying, tracking, auditing and maintaining every software asset on a sprawling, often multi-site network is a difficult one to wrap their mind around. Certainly it might be possible management by walking around, if nothing else. But manually tracking every piece of software would be a nightmare, and manually managing it might well be impossible. Instead, organizations need to find a way to combine technology with their own people and processes to implement SAM in a cost effective way that will return the maximum value in the minimum time. Untitled DocumentGetting a head start in Software Asset Management 92 Getting started with SAM While it is very important to establish your organization s overall goals for its SAM initiative, the key to realizing tangible benefits quickly is to prioritize and balance which elements of SAM are the easiest to implement and demonstrate real value from. Once the momentum has been built up with a few simple steps, the program will be much easier to build and turn into additional savings across the IT budget. One way to help identify the key areas to focus on and how to approach SAM in a methodical and efficient way is to invest in a SAM program management solution such as SAM Essentials from FrontRange Solutions. This unique solution maps out the complete SAM initiative, from conception through to creating a compelling business plan, managing individual activities through to measuring successes. This takes the guesswork out of planning a SAM initiative clearly outlining both the component parts of the program as well as the order and priority in which they need to be addressed. Best practice documents, checklists and project plans help users both professionalize and accelerate the SAM process. SAM Essentials has been built to deliver a rapid return on investment (ROI) but to also ensure that any activities undertaken are in line with established best practices such as the ISO 19770-1 SAM standard, Microsoft s SAM Optimization Model (SOM) and SAM for ITIL. Applying these fundamental principles to SAM brings into focus three key elements discussed at the start of this paper: discovery, license management and automated deployment. Discovery provides the foundation for everything that comes after you can t figure out what you need or how to fix it if necessary if you don t know what you have. Similarly, license management promises a significant, immediate ROI in terms of cost control and risk mitigation. The deployment step is concerned with automating and regulating the deployment of new software and how to manage software updates, migrations, initiatives, etc. The value of SAM is derived directly from the improved control and efficiency these elements bring to an organization s overall software infrastructure. Taken together, discovery, license compliance and automated deployment form the bedrock of successful SAM best practices and can deliver a much faster return on investment (ROI) than you might expect. The three elements above can be directly mapped to five key steps that should form the basis of any SAM program: Untitled DocumentGetting a head start in Software Asset Management 10 1. Software Asset Inventory 2. License Entitlement Capture 3. Entitlement Identification & Validation 4. Usage vs Entitlement Reconciliation 5. Automated Software Deployment In reality, these five steps are not entirely linear, instead forming a cyclical project where there is always an opportunity to review and improve processes based on dynamically-updated information. As such, the SAM process itself is perhaps best illustrated as: 2.1 Inventory Having scoped the SAM project and created an immediate action plan, the foundation of any software management exercise has to be the creation of an accurate and up-to-date software inventory. This is essential to helping managers fully understand: What software is in use across the organization? Does the company have any unused programs that can be removed or reallocated? Is the installed software on each machine used regularly? Is the company using the most recent versions of the programs it needs? Does every employee have the needed software? Inventorying all of the assets on the network is the basic function of discovery, and fortunately there are automated tools for this process (FrontRange Discovery for example) that generate a Untitled DocumentGetting a head start in Software Asset Management 11quick, efficient and accurate IT inventory. In fact, these tools typically work across multiple geographies, subnets and platforms, ensuring a comprehensive inventory even when the finance department is working on PCs in New York while development is on Linux in Hyderabad. The latest generation of tools will even discover non-physical devices, such as virtual machines and applications giving you true 100% visibility of the entire IT estate. When Good Enough really isn t In tough times, it can be tempting to settle for good enough rather than what s really needed. This thought, however, must not apply to software inventory. As the baseline for everything else that follows in a SAM program, the software inventory has to be 100% accurate at all times. This means choosing a solution that is dynamic, light enough on the network to run regularly, effective enough to identify all common software applications and capable of integrating with other world-class IT management systems (license management, service management, lifecycle management etc.). If good enough puts your SAM initiative at risk, then it really isn t. good enough . 2.2 License Capture While software assets are inventoried, in parallel staff can be working on the process of building a central repository of the organization s software licenses. Again this is where an automated solution can be invaluable minimizing both the chance for human error and the overall labor requirements needed to build and maintain the data repository. Solutions like FrontRange License Manager speed up this process by providing a wizard-based interface (also improving record accuracy and consistency) and even bulk data import facilities (to import license information from sources such as a Microsoft CLP report). A key consideration when recording license entitlements is whether it is feasible for one person to manage this or whether, more likely, this will be a collaborative effort across multiple individuals and departments. If the task of entering license information is going to be shared, the organization needs to consider how to protect both the integrity of the data records (i.e. ensuring that all records are in a consistent format etc.) and also the confidentiality of the licensing position. Again, certain tools are designed to support multiple users with different privileges, while others will fall short in this area. 2.3 Identification & Validation The next step in the process is to identify and understand how the captured license information (i.e. the information entered) relates to both what you think you have, and to the vendor s actual Untitled DocumentGetting a head start in Software Asset Management 12catalog (i.e. what they think you have). Often there will be discrepancies between original invoices, installed software and future audits something particularly true in large organizations with a traditionally ad hoc approach to software management. Solutions such as FrontRange License Manager aid this process by automatically matching entered information and discovered software with vendor product information, including the proper title, SKU number (part number), associated entitlement rights and other important information. This reduces turnaround and errors, and facilitates future licensing discussions. More importantly, from an auditing and compliance perspective, it is essential that you are able to link any entered entitlement information to the actual proof of entitlement (such as scanned images of invoices email confirmations, etc.). This will enable you to both keep a better track of licensing for internal purposes and also respond much more quickly and efficiently to any demands from external auditors. 2.4 Reconciliation The next key element is to do a reconciliation of the license entitlement against the inventory of actual installed software. There are a wide range of potential licensing restrictions, making an automated approach a necessity for this reconciliation. For example, a license may have upgrade or downgrade restrictions that don t match actual usage within the organization. To help achieve the most advantageous licensing position for the organization, a solution like FrontRange License Manager applies intelligent rules and a dynamic best fit methodology when reconciling installed assets against software licenses, avoiding the manual task of creating a one-to-one relationship between a specific license and an actual software instance. This also gives the organization more flexibility when upgrading or swapping out software. Moreover, FrontRange License Manager features a built-in rules engine for calculating upgrade and downgrade rights and ensuring that upgrade licenses are backed up with appropriate historic version entitlements. 2.5 Automated Software Deployment Following steps one to four, organizations are now ready to take a more advance approach to the deployment of software. Again this is where an automated solution can be invaluable minimizing both the chance for human error and the overall labor requirements needed to deploy, manage and maintain the software. The automated software deployment solution FrontRange NetInstall facilitates this final step and automates the initial deployment and ongoing management of the software. Untitled DocumentGetting a head start in Software Asset Management 13 FrontRange NetInstall is policy based in other words, the desired state of the software only needs to be defined once. The compliance state of each PC on the network is represented by a simple but effective traffic light system enabling managers to identify at a glance any problems. NetInstall takes charge of ensuring that end devices are kept up-to-date, leaving administrators free to concentrate on any exceptions to the rule. The policy-based approach ensure that the desired state as well as the internal rules and regulations pertaining to departments, standards, users and security will be adhered to automatically. In case of discrepancy the IT department gets a failure notification and can then automatically repair the specific instance, e.g. automated application repair directly out of the help or service desk. The deployment process is not just fully automated but also ensures security. All software packages need to run through a test, pilot and approval phase. This ensures the availability and stability of the IT infrastructure and guarantees the security and compliance requirements. Untitled DocumentGetting a head start in Software Asset Management 143 The Fast Path to SAM While organizations have traditionally found it difficult to accurately determine the total cost of poor software management (as a starting point, think back to Gartner s claim that up to 20 percent of software owned by organizations is effectively shelfware ), more and more IT leaders are recognizing that better controls, processes and technologies can deliver significant advantages in terms of cost savings and productivity gains across the enterprise (again, Gartner estimates between five and 35 percent of the IT budget can be saved by effectively managing software). By establishing a plan of attack for SAM, and then prioritizing on asset discovery, license management and automated deployment, any organization will dramatically improve insight into its IT infrastructure and drive productivity enhancements. More importantly, the business can enjoy immediate cost savings from improved software allocation, volume license discounts, better price points, accurate asset depreciation and more all while eliminating the risks associated with software non-compliance, lack of policy enforcement and inappropriate usage. Finally, these initial steps will put the enterprise in a strong position to implement further best practice processes as described in standards and documents such as the ISO 19770-1 and the ITIL Guide to SAM. Introducing FrontRange SAM SuiteTM Through this white paper, we ve made reference to several FrontRange Solutions products: - FrontRange SAM Essentials an all-in-one best practice and project management tool for SAM initiatives - FrontRange Discovery for complete visibility of your network inventory - FrontRange License Manager to record and reconcile your license entitlements - FrontRange NetInstall to automate the complex task of deployment and software management To provide organizations with a single-vendor, single-purchase solution for all their SAM needs, FrontRange is pleased to offer all the above components as part of its new SAM Suite solution. With FrontRange SAM Suite, you get the benefit of proven technology with an unbeatable combination of fast implementation time, low total cost of ownership, rapid ROI and a highly attractive price point. To learn more about FrontRange SAM Suite, visit www.frontrange.com or contact your nearest sales office today (details below). Untitled DocumentGetting a head start in Software Asset Management 154 About FrontRange Solutions FrontRange Solutions develops software and services that growing mid-size firms and distributed enterprises rely on every day to build great customer relationships and deliver high-quality customer service. The company applies a unique combination of innovation and automation with a standards-based approach to simplify core business processes, including: IT service management; customer relationship and sales force management; and PC lifecycle management. More than 150,000 organizations, including some of the world s best-known brands, use FrontRange offerings to quickly improve their interactions with external and internal clients and achieve better business results. For more information visit www.frontrange.com North America United States 800.443.5457 EMEA United Kingdom +44 1635 516700 France +33 13 926 5555 Germany Filderstadt +49 711 340190 5208 Germany Munich +49 89 31 8830 Italy +39 03 654 48253 Poland +49 89 31 8830 Russia +7 495 710 9930 Spain +34 91 550 1646 South Africa +27 11 325 5600 APAC Melbourne +61 3 9823 6292 Sydney +61 2 8080 3300 China +86 10 6581 4196 India +91 22 3088 1119 New Zealand +64 9 359 7402 Singapore +65 6829 2147 Copyright 2010 FrontRange Solutions USA Inc. All Rights Reserved. GoldMine, HEAT and other FrontRange Solutions products, brands and trademarks are property of FrontRange Solutions USA Inc. and/or its affiliates in the United States and/or other countries. Other products, brands and trademarks and trademarks are property of their respective owners/companies. USE OF THE SOFTWARE DESCRIBED IN THIS PAPER AND ITS RELATED USER DOCUMENTATION IS SUBJECT TO THE TERMS AND CONDITIONS OF THE APPLICABLE END-USER LICENSE AGREEMENT (EULA). The information contained in this document is provided as is without warranty of any kind. To the maximum extent permitted by applicable law, FrontRange disclaims all warranties, either express or implied, including warranties for quality, accuracy, merchantability, fitness for a particular purpose, title and non-infringement; and in no event shall FrontRange or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of profits or data or special damages, even if advised of the possibility of such damages.
