Comments on: ARTICLE: Ten Leaks In Your Software Management Process

By: IT Management Blog Carnival - 1st edition - IT Skeptic, Martin Thompson, Harris Andres,... | PMIT.PL Blog

Wed, 07 Oct 2009 20:09:38 +0000

[...] Thompson presents ARTICLE: Ten Leaks In Your Software Management Process where he summarizes top sources of failing to… posted at The ITAM [...]

By: Cynthia Farren

Cynthia Farren — Wed, 08 Jul 2009 00:04:33 +0000

Typically we see three major holes in companies when it comes to software licensing:

1) Imaging – images are built or modified without review by the person/unit with licensing responsibility.
2) Lack of product use rights knowledge particularly around servers and server access licenses (production, development, virtual, remote access, mobile device access, etc).
3) Guesswork, you can’t manage what you don’t know.

Many of the items listed fall into one of these three categories but I think it’s important to also acknowledge the root causes.

By: Martin Thompson

Martin Thompson — Wed, 06 May 2009 20:30:49 +0000

Thanks very much for all feedback for this article. I have taken the feedback on board and edited accordingly. I think the most important one mentioned was the loss of physical evidence to prove what you own.

I’m sure from a legal standpoint the responsibility for lost licenses sits with end users but vendors are notorious for keeping poor purchase information and I think it should be a shared responsibility.

By: James V. Melillo

James V. Melillo — Wed, 06 May 2009 20:28:34 +0000

Having strong corporate backed procurement, change and problem management processes that incorporate asset management as a key component can go a long way to stopping some of these leaks.

By: Ben McCullom

Ben McCullom — Fri, 01 May 2009 15:53:54 +0000

Nice Job Martin, All true, but the thing I have seen most in the market is a lack of corporate committment to this discipline and lack of identified processes in place to track and confirm the current state.
Ben

By: Licensing & SAM

Licensing & SAM — Fri, 01 May 2009 08:49:46 +0000

Проблемы в процессах управления ПО…

На ITAM Review очередная интересная статейка: проблемы в процессах управления ПО. В комментариях к посту…

By: Rory Canavan

Rory Canavan — Thu, 30 Apr 2009 09:02:08 +0000

End User Leaks:

Not educating your user-base to what they are and are not allowed to do with their IT equipment

IT Department Leaks:

No consideration being given to regular auditing and reconciliation of audit data against proof of entitlement.
IT Departments not ensuring that the manner in which software is deployed matches the licence they have to use it.
Insufficient knowledge transfer caused by a turnover of IT staff.

Supplier Leaks:

Trusting to your supplier that evaluation software hasn’t been bundled on to hardware you have installed.

By: Sandi Conrad

Sandi Conrad — Wed, 29 Apr 2009 01:43:06 +0000

Machines are redeployed without being cleared of the original image. A real life example of where it can get expensive: Old CAD system is moved into a general office role. CAD software, full Office Package, maybe some graphics software and MS Project Pro are all left on the system, when the new user only needs MS Word. Previous user gets a new system and reinstalls all the previous packages, perhaps upgraded and suddenly the company is out of compliance.

By: Troy Parker

Troy Parker — Wed, 29 Apr 2009 01:00:18 +0000

In my role as a software licence compliance auditor, it is very often identified that licence shortfalls are directly attributed to an insufficient knowledge and understanding of licence terms by those responsible for licence compliance.

In particular, organisations who have deployed software in virtualised server environments are often identified as having insufficient licenses for the way in which those virtualised server environments have been configured (Using DRS for example). The licensing of virtualised environments can be very complex and with more and more organisations moving to the use of virtualised server technologies this appears to be an area where non-compliance is growing.

By: Andrew Harcourt

Andrew Harcourt — Mon, 27 Apr 2009 21:02:40 +0000

A few thoughts of my own:

- A physical server with a wide portfolio of applications installed is cloned and virtualised on a much more powerful machine. No consideration is given for the extra CPUs that require licensing or if any of the applications EULA’s permit or deny virtualisation rights.

- A number of desktop applications are removed from PC’s and placed on a Citrix environment. No considerations is given as to who can access what and a shortfall of 2,000 licences is uncovered during an audit.

- An application that is procured as boxed product is packaged for mass deployment and widely deployed.