Changing our behavior in software license management
Why is it still so complex to measure what licenses your company has and how many are in use? What are software license tool vendors doing to break down this complexity?
What is the trend in the industry? Do software vendors need to change their behavior? Here is a quick overview of how software license management has evolved.
What can we do about license complexity?
In earlier years companies were developing their software to sell ahead of the competition (that is, to be released before competing products). There were no rules about standards, and customers still had to deal with complex, mostly unreadable, software contracts. And there is a wealth of license types out there. So how do you prove you are not using more than you have bought? And how do you monitor to make sure that contractual rules are applied properly?
My customers are stumbling and struggling to get their heads up to verify their software license compliancy. Most of them get stressed when an audit is coming up, and others have given up and are reserving money for a possible license fine. It is like you know you’re in trouble and ask your boss for a sabbatical leave!
As technology moves forward, new rules are applied, and some rules are harder to measure. A good example is the cloud environment, in which a specific piece of software running in a virtual machine may be used at a specific host, but usage is not allowed when the virtual image is moved to another host. There is definitely a need to reduce complexity here.
Breaking down the complexity
Software license tool vendors are breaking down the complexity initially by using software identification tags (SWID) with their licensing tools. With these SWID tags the software is more easily recognizable. The licensing tool will provide software usage and software installation data in order to answer the “what do I have” and “what do I use” questions. Some tools are capable of storing contracts and entitlements to answer the “what may I use” question to deliver license compliance reports.
There is no tool out there capable of tracking all software for all platforms including all license types. But IBM Endpoint Manager for Software Use Analysis (IEM SUA) has many capabilities to help companies to better manage software license compliance issues.
Some capabilities of Endpoint Manager SUA include the following:
- Management of software inventory
- Ability to display installed software and concurrent software usage (how often it has been used, last time it was used)
- Ability to build contracts, record entitlements and deliver license compliance reports
- A software catalog (updated monthly) containing the software products and product bundles
- Ability to match the scanned software into a product suite bundle
Ability to add SWID tags to the catalog
The trend in the industry is to help make software identification easier. Brian Turner, program director of endpoint management at IBM, explained at the Compliance Manager Summit how IBM achieves better software identification by employing ISO 19770 tags. These industry standard tags will replace the proprietary SWID tags and can be used with basic usage and metering data to provide near-real-time metrics for enterprise software deployments.
ISO/IEC 19770 is an international standard for software asset management and consists of three main parts:
- ISO/IEC 19770-1 is a process framework to enable an organization to prove that it is performing software asset management to a standard sufficient to satisfy corporate governance requirements and ensure effective support for IT service management overall.
- ISO/IEC 19770-2 provides a software asset management (SAM) data standard for software identification tags.
- ISO/IEC 19770-3 will provide a software asset management (SAM) data standard for software licensing entitlement tags.
ISO/IEC 19770 is adopted more and more in the industry today. Tool vendors will be mainly focusing on software identification tags (ISO/IEC 19770-2) because adopting entitlement tags (ISO/IEC 19770-3) is far less easy. Software and tool vendors have to make investments to comply with ISO 19770 standards. This adoption process will be slow because there is no direct return on investment to be achieved. So in my opinion, it is time for the software industry to change how it is approaching customers.
Changing our behavior
It is a good practice to think about proactive ways to bridge the gap between vendor and consumer. Until now the industry has been bringing software to the market with a wealth of license types, and simultaneously licensing tools were applied to help answer compliance questions. The software industry needs to shift focus from delivering tools to measure license complexity to breaking down the license complexity.
Because we are living in an ever-changing world, new technologies and new ways of doing business will continuously impact the software asset management ecosystem. We may always be running a little behind the facts, but when we do not change our behavior we are leaving frustrated customers. And for sure, IT is there to support the business, not the other way around. A good example of a proactive way to bring vendor and consumer together is the Campaign for Clear Licensing.
I am confident that behavior change regarding license complexity will work out over time. What do you think? You are welcome to comment on this blog post or contact me through Twitter: @TilloV.Tags: compliance, endpoint manager, ISO, license, license management, software management, standards, SWID