It can be very difficult to manage software licensing. Software licenses could be per PC workstation, per concurrent user, or even per CPU. It's different from software to software and they are usually dozens or hundreds of software out there.
The ultimate fear is that the company CIO gets the dreaded letter from a vendor requesting a software audit that could lead to additional budget-busting software license purchases in order to return to compliance. It's important for the CIO and CTO to take all of the necessary steps to have software licensing compliance in order to defend accusations of inadvertent software piracy.
Software Licensing Models
The first thing to do in order to assess the software compliance problem at the company is to understand how software licensing works for each vendor. It can vary considerably from one software vendor to the next. Some licenses are simple like Microsoft Office, which is licensed by PC. Others are licensed by the number of concurrent users.
Some vendors allow companies to license to specific named users. With enterprise server software, some such as Oracle database are licensed by the number of CPUs. Does a dual core CPU count as one CPU or two CPU? That is a question that only the software vendor can answer, and it varies depending on the vendor. Understanding software licensing is often as unclear as understanding the terms of a cell phone contract.
Another major problem occurs when employees bring in their personal software or download freeware that's supposedly free. Copies of software may be copied illegally between employees. Also, many freeware software explicitly state that the free version is for non-commercial use only. Since most home users don't read license agreements when downloading freeware off the Internet, employees are generally oblivious to the problems of downloading some freeware that don't allow for commercial use. One such freeware intended for non-commercial use is Avast anti-virus software, which has an admonishment in bold at the Avast download page.
Metering Software and Software License Tracking
There are lots of choices when it comes to software metering and asset management software. One popular choice is Microsoft's SMS (System Management Server) which has an option for software metering. Ideally, the software metering product chosen will be able to keep an accurate inventory of software installations as well as warn system administrators when the number of licenses is low or has been exhausted. Finally, the software should monitor how often each installed software is used.
Software License Management Best Practices
It's not enough to gather software usage information. It's important to establish good practices as well. For example, most companies ghost an image to create a standard desktop installation which often includes licensed software such as Microsoft Office. For example, if Office is not used by 150 of the 1,000 deployed PCs, the company would save money by removing it from the image and forcing users to request the software if they need it. With regards to software installed that's never used, it's important for companies to act on that information and uninstall the software so it can be used elsewhere.
Another important step to take is to take away the user's ability to install any software on their company PC and laptops. In the Windows environment, that's done via the Software Restriction group policy which allows administrators to specify which ActiveX components can be downloaded, to restrict the installation of programs to approved users and approved software, to run only digitally signed scripts, and to take other actions that lock down a computer.
In the end, the time spent on software compliance helps the company stay on the correct side of the law as well as the correct side of the software budget. Audits from software vendors do occur occasionally especially since they're a major source of extra revenue. Because of that, chief information officers need to treat this problem seriously.
No comments:
Post a Comment