It was circa 2003, and my then employer was scared to death of the implications of non-compliance. We did some ground work but IMO it somewhat “died a death” when we realised that we had no idea where all the purchase records were, let’s assume they are all compliant now. Since then I have viewed SAM as just being on the to-do list for far too many organisations, never quite making it into the realms of actual “doing.”
Sad but true.
Thankfully, however, my first three months at Forrester is changing this opinion, as 30% to 40% of my client inquiries relate to IT asset management and SAM (if you are interested the other 60% to 70% relate to ITIL adoption, process improvement and ITSM tool selection - there’s a lot of tool replacement going on). SAM is rising from the ashes of its compliance era; in many ways, this time “it’s all about the Benjamins.”
To me this is great news, not only for the vendors of ITAM or SAM-supporting technology but for I&O organisations that are finally waking up to the fact that they are wasting a significant amount of their IT funding each year either on licence procurement (when they don’t need to), support and maintenance for more licences than they actually need/use (or for “shelf-ware”), and internally-supporting and hosting software that should have been “decommissioned.”
All caused by I&O organisations not knowing what they have paid for and what it is used for. Oh, and you can get yourself licence-compliant too (although being found wanting in a software vendor licence audit is no joking matter).
To me, there are three key challenges for I&O organisations based on differing levels of SAM maturity:
1. For those organisations still to get to grips with the SAM conundrum, there is choosing the right SAM tool once you have decided what you want/need to achieve and the policies and processes required to meet these aspirations
2. For more SAM-mature organisations (usually where licence compliance has been achieved) there is moving from a state of quick wins and license compliance to one of optimisation. In response to these two bullets, a Forrester SAM Wave is to be published at the end of 2011 to help I&O organisations, covering the following areas and tool capabilities:
- Gather inventory/inventory management
- Perform application recognition
- Match up inventory and purchase data
- Determine licence compliance
- Optimise licensing (including application usage management)
- Software management
- Reporting and audit facilities
3. For all organisations, the risks associated with what I term “shadow” software, software that is used but most likely not managed in the same way as “paid-for” software, are often neglected. Some examples are:
- Open source software that is limited by terms and conditions
- Software that is free for personal use but not for business use
- Free trial software that has trial-expired
- Free software that has a capped usage volume (say less than 30 corporate users)
- Vendors that allow you to use software on a free-trial-basis but with a maximum number of concurrent software packages being trialled
Linking back to a couple of my previous blogs, there are organisational issues here too:
In my opinion, the use of personal devices in the workplace brings in software risk. How will I&O ensure that these personal devices are compliant, especially in light of my shadow software examples? I’m not a legal expert but my assumption is that if an employee is using a non-compliant device, on corporate premises, for corporate purposes, then the enterprise has to be vicariously liable.
As has been pointed out to me on Twitter, many of this list are generic adoption issues. Most of these ITIL adoption mistakes definitely ring true for software asset management.
So that’s this week’s rant, sorry blog, in the can. Anyone have any great SAM success stories to share in terms of license optimisation and financial savings?
Posted by Stephen Mann