The Basics of Software Asset Management Practice
During its inception, Microsoft founder Bill Gates made it a corporate mission to place a PC on every desk and on every home. That has become a reality in a sense today, since most of the work we do in the office, at school and even at home involves using the computer. Organizations nowadays have sizeable IT budgets for hardware, networking infrastructure, productivity software and security infrastructure. It is but right that these assets are managed properly.
Hardware can be fairly easy to manage. It can be seen. It can be touched. We can attach an asset tag on it. What about software? If we are on a volume licensing scheme, we might have only a CD and a piece of paper as our “physical assets,” but those may be the means for us to legally use the software across our entire organization since that paper says we can. The value of the software, obviously, transcends beyond the monetary value of its physical manifestations.
Unfortunately, quite a number of organizations do not really know how to treat software in their corporate accounting. They usually treat it as an expense, which is not a very good idea because as long as the software does what is supposed to do, it is contributing to the growth of the company’s bottomline. More importantly, on non-OEM types, software can be legally installed and used on another machine should one machine that runs it permanently fails.
In short, software should be treated as an asset, not as an expense. And since it is intangible, it cannot be managed the same way that we manage physical assets. Hence we have what’s called Software Asset Management, or SAM.
What is Software Asset Management?
Software Asset Management can be defined as the treatment and management of software as though it were a physical asset. As such, the following needs to be in place: (a) a means to record software purchases; (b) a means to record software installations and removals; and (c) a periodic reconciliation of recorded values against real values.
Does this mean that we have to go from PC to PC to check out installed software? All people who have done so can attest that manual software inventory processes can be a very tedious endeavor. It can take as much as 5 minutes per machine to gather the software installed on the machine from the Control Panel, multiply this by the number of machines in the corporate network. Of course, their users are not really keen on allowing a 5-minute stoppage from their work to inventory software. Not to mention since a manual inventory most probably is an announced one, chances are illegitimate software are uninstalled prior to the inventory and reinstalled again afterwards, if users have the capability and knowledge to do these.
There is a big difference between physical assets and software assets. It is much easier to manage software assets compared to physical assets, since software lends itself to be inventoried, unlike physical assets that require physically being able to detect and tag the said asset. It is because Microsoft Windows contains a repository of all settings, called the registry. All software that is installed in Windows leave their mark in the registry. Therefore, being able to gather the required information from the registry, it is possible to glean information on software that’s installed on a machine. Current software asset management utilities use this to gather software inventory information.
Lucky for us there are automated ways of gathering software inventory. Microsoft has a free tool called Microsoft Software Inventory Analyzer (MSIA). It has a superb web-based interface and reports, but one major drawback is that it only gets Microsoft software. Get more info on MSIA at http://www.microsoft.com/resources/sam/msia.mspx.
My personal favorite is SAMLite 2.0 developed by Microsoft Consulting Services (MCS) and ISA Technologies in Malaysia. It has a lot simpler Microsoft Access-based interface, and has the capability of acquiring the inventory of even non-Microsoft applications.
MSIA and SAMLite 2.0 are both available for free.
Advantages of a Sound Software Asset Management Practice
Many think that the phrase “software asset management” is synonymous with anti-piracy and raids from law enforcement. I would like to discourage this kind of thinking. Properly managing your software assets does not just ensure that you comply with legal requirements on software usage; it also ensures that you buy only the software that you need, when you need them. By properly managing the company’s software license acquisitions, we can avoid purchasing software that is in fact already purchased but not really utilized.
Software asset management can also be part of a sound ICT infrastructure security framework. Knowing what software is installed, limiting software installation rights to qualified personnel and preventing the usage of pirated software can help us in ensuring that our software is free from malware like viruses and spyware. As of the moment, Microsoft implemented the Windows Genuine Advantage, where only genuine software is allowed downloads for some Windows XP freebies like Windows MovieMaker or Windows Defender. Plain common sense dictates that it Microsoft may enforce the same on critical patches and security updates.
How to Implement a Successful Software Asset Management Practice
Now that we’ve identified tools to make our lives simpler in managing our software assets, let’s now take a look at how we can implement a successful software asset management practice.
Know the licensing options of your software vendors. Different software vendors have different licensing schemes in place. It is important to know these options and remain compliant.
Inventory. Use MSIA or SAM 2.0 to gather information about your software assets.
Procurement documentation. Also gather all documentation on all purchases of your software. It is not enough to know what is installed, but also more importantly, identifying if what was detected is actually purchased by the organization. SAM has the capability of logging software purchases, as well as those that are actually installed by the corporate IT group.
Proofs of Authenticity. Boxes, Certificates of Authenticity, licenses and other documents that prove that the software that you have is authentic are to be properly filed just in case it would be needed.
Periodically reconcile. Make sure that there is a periodic reconciliation of the recorded numbers vs. reality. Most companies with a successful SAM practice do an annual software inventory.
Lock down installation. Ensure that users do not have the capability to install their own software in their computers. This is best for both security and software asset management concerns. By limiting the installation only to qualified IT personnel, we can be sure that we are installing legal software only on computers that need the software.
In knowing what you own, you can enjoy the benefits of the software you’re using without the apprehensions of any legal repercussions, save previous capital by not purchasing unneeded software, and keep your network secure by using software that’s free from malware.
If you wish to know more on managing software assets or SAMLite 2.0, or even request for your free copy of the abovementioned tools, feel free to email me at jpaloma@portsnpackets.com.