Software tagging - rebooted for license optimisation

Established by the International Organisation for Standardisation (ISO), ISO 19770-2-compliant software tags provide software vendors and enterprises a way of authoritatively identifying applications and supporting the complex software asset...


Established by the International Organisation for Standardisation (ISO), ISO 19770-2-compliant software tags provide software vendors and enterprises a way of authoritatively identifying applications and supporting the complex software asset management and licence optimisation processes.

While everyone benefits, the uptake of software tagging has been slow. The industry has been mired in a chicken and egg situation - application vendors have been reluctant to invest time in imbedding tags because of the lack of take-up by enterprises, and vice versa. But it appears that the logjam is being cleared, making universal adoption a greater likelihood.

What are Software Tags?

ISO 19770-2-compliant software tags enable the authoritative identification of applications on a device through the inclusion of a tag file with the application. The tag file contains accurate descriptive information on the application (publisher, name, version, etc.).

Software tags simplify software asset management tasks by describing and identifying applications, which can be accessed to provide an accurate application inventory. Without software tags, and the necessary automated tools to read them as part of a software asset management process, inventorying applications running in an enterprise can be a highly manual and complex task. Software tags simplify the ease of locating and using that identifying data for software asset management and optimisation purposes.

Ultimately enterprises want to control and optimise their application estates - meaning they want to buy what they need, and use what they have. Enterprise License Optimisation solutions facilitate software asset management by making it much easier for enterprises to identify the software they have deployed and optimise its use to minimise waste and maximise value. As we’ll see later, software tags will play a key role here.

Preserving Tags During the Software Packaging Process

Many enterprises “repackage” software before deployment. Repackaging an application essentially involves modifiying the “out-of-the-box” software installation program supplied by the software vendor to conform to the enterprise’s internal standard. For instance - a company might not want games that come with Microsoft Windows to appear on employees’ desktops - so the repackaging process can fix that customised deployment need.

Enterprises will also repackage applications for mass deployment and installation to avoid having to visit each desktop computer to install and application. In the process, they can imbed into the repackaged setup routine configuration settings that comply with corporate standards.

Today when applications are repackaged the identifying evidence, or fingerprints, are often lost or obfuscated. The backend software asset management tools then struggle to properly identify the installed applications. Thus, even in instances when the software vendor supplies software tags within their products - that tagging information might not survive the repackaging process. Accordingly, enterprises want the ability to create their own software tags for a couple reasons. First is to solve the software repackaging problem mentioned above. If the repackaging process breaks a tag - and thereby renders it useless, an enterprise will want the tools to fix the broken tag so that it can still be leveraged in the software asset management process.

Second, enterprises may either want to supplement a vendor-provided tag with additional identifying information beyond the standard data, such as who tested the application internally, who released the application to production, and when those events occurred. Or if a vendor does not supply software tags with their products - enterprises may want to create their own ISO 19770-2 compliant tags anyway. In either scenario, tools are required to create the compliant tags.

Automated Tools that Create, Read and Leverage Tags

Some software asset management technology vendors are making software tags practical to implement by introducing tools making it easier for software vendors to create tags; and for enterprises to preserve, augment and leverage those tags. For instance, software vendors have started announcing the availability of automated tools to create ISO 19770-2 software identification tags as part of the application installation development process, and they are already looking to extend support to applications developed for Unix, Linux, Mac.

The same technology vendors are also providing enterprises with the capability to automatically add ISO 19770-2 compliant tags to repackaged applications and preserve the original publisher information that will enable applications to be identified after installation. This solves the long standing industry problem of identifying repackaged applications after deployment and installation.

Supporting Software Asset Management Efforts

Ultimately, the value of software tags will be realised by enterprises when they can use them to better manage their software assets. Vendors providing software asset management and licence optimisation technology understand this, and are building automated tools to recognise and report on data contained in those tags.

The ultimate vision of the ISO 19770-2 standards body is to improve the accuracy and reduce the difficulty around software identification. While the standards provide the path to improved accuracy, automated tools as those described in this article provide the vehicle to get organisations to the goal line.

Posted by Vincent Smyth, General Manager EMEA, Flexera Software