There is only one thing worse than being audited by a software vendor and finding yourself out of compliance – and that’s allowing it to happen again a few years down the line.
From a known compliant state, fully licensed and up to date – how does an organisation slowly fall out of compliance?
Where are the leaks?
End User Leaks
1. End users on the network install software themselves without an appropriate license. This can be through;
- Deliberate abuse
- Ignorance of terms and conditions or
- Not checking that the business is covered.
2. End users buy legitimate software themselves but don’t pass on purchase and license information to the purchasing department or breach the terms and conditions.
3. End users buy legitimate software but via the wrong channels e.g. not via the recognised volume agreement.
IT Department Leaks
4. IT Department install software or redeploy existing software without checking license entitlement.
5. IT Department install software, check license entitlement but then licence it incorrectly. This can be through;
- Using licenses outside their original terms and conditions e.g. OEM Confusion, using academic licenses in a commercial environment
- Using the wrong version or edition e.g. Professional rather than Standard
- Failing to inform end users of the terms and conditions once it’s installed.
6. IT Department install software in Virtual Environments incorrectly;
- Software is installed on a server which many people can access – exceeding the total number allowed to access that application.
- Software in installed which is based on the hardware profile of the machine it is installed on or number of connections without understanding the consequences.
7. Losing track of physical copies of license agreements.
8. Your hardware supplier ships hardware with inappropriate OEM software.
9. Your software supplier sells you fake software.
10. You are misold software from the vendor or reseller or they lose track of your purchase history.
Have I missed anything? How else do companies fall out of compliance?
About Martin Thompson
Martin is also author of the book "Practical ITAM - The essential guide for IT Asset Managers", a book that describes how to get started and make a difference in the field of IT Asset Management.
On a voluntary basis Martin is a contributor to ISO WG21 which develops the ITAM International Standard ISO/IEC 19770.
Learn more about him here and connect with him on Twitter or LinkedIn.