SAM (Software Asset Management) has become a critical aspect of ensuring a business is protected from license issues and more recently a way to optimise software licensing and managing the rising cost of one of the most expensive IT assets. DeskCenter has been helping its customers manage their software and license assets in a cost-effective way for many years, not only ensuring they remain compliant but also ensuring they can maximise their software in the most efficient way possible and integrate SAM into everyday activities.
It is widely understood that for a successful SAM programme, you need buy in from across the business, there are many articles, blog posts that discuss best practice including the need to engage with stakeholders that don’t have a direct responsibility for ITAM. These tend to focus on getting others excited about SAM, demonstrating the need to reduce risk, optimising software and licenses and of course saving money. There is no doubt that these are all excellent and essential messages to gain active support, but are they enough? Should we be solely looking to get buy in and support based on the needs of SAM, or should we be considering how SAM can be integrated across the business and what this can do to help improve processes, reduce costs and to help identify and mitigate risks across other business functions.
“What can SAM do for me?
When implementing Software Asset Management, as well as getting sponsorship from senior management a clear vision of the goals and objectives of a SAM project are also essential.
These Goals and Objectives are typically related to areas such as Audit Defence, Audit Readiness, and License Optimisation, all critical aspects of a SAM project. With SME’s, organisations without dedicated ITAM / SAM teams or even larger organisations, sight of these goals and objectives can soon be lost, other priorities take precedence, change of personnel, loss of focus and many other reasons, in effect making the investment in SAM processes and tools disappear into a black hole.
So to the essence of this article, how can you ensure your efforts and investments in SAM continue to support the needs of SAM, and perhaps more importantly how can your SAM investment benefit the business as a whole while continuing to stay focused on the original goals and objectives.
By considering upfront how SAM can be incorporated into every day IT lifecycle processes including Software deployment processes, non-IT processes such as New Starters, Leavers and Purchasing activities SAM becomes an integral part of the business and can more readily be maintained by the supporting processes. Also, consider what can be discovered through your SAM efforts to inform other areas inside the business, such as Security, Projects and for the setting of Budgets.
Maximising the value of SAM Data
Software Asset Management needs a lot of information about Systems, Users, Access Rights, Usage Detail, Software, Licenses and Contract information. It is this that we can use to inform other areas of the business. Consider some of the following examples;
Security, A key part of SAM is the recognition and identification of hardware, user details, installed software applications and access rights. Using the right tools to gather the right data should allow you to understand a great deal more about your environment. Are your software applications patched correctly? Are there later releases available? Are they out of support? Are there high risk applications installed, toolbar’s, games etc. and do you have multiple applications for the same purpose?
In addition to the detail of your software applications, your SAM tool should be able to deliver additional information that can be used to keep your environment secure, Local Guest and Administrator accounts, processes that are not running such as Anti-Virus and other end-point protection, identifying un-patched Operating Systems and perhaps devices that should not be connected to your network, Information that can all be used to assist in the security of your estate, and a by-product of an existing process.
Knowing is one thing, being able to react to these situations directly increases that capability to not only identify but also allowing you to resolve these issues directly. Consider the end-to-end processes required to address these issues and how your tools or tool can be used to facilitate this end-to-end integration.
Projects, whether you are moving to the cloud, planning a major upgrade of software or operating system, or preparing for an acquisition, knowing what you have and having access to a “single truth” is critical. Using the information gathered through your SAM efforts can have a significant impact on the outcome of these types of projects, and further, being able to execute directly using this information can ensure you execute these projects with more accuracy, speed and certainty.
Clearly a SAM project needs to deliver on the core objectives of compliance, but ensuring your investment in tools and processes supports other core functions will enforce the need for SAM across the business.
Any SAM tool should have the ability to collect information in a variety of ways. Typically inventory data is collected on schedules according to the type of target systems. License and contract data is imported or maintained manually, decisions can in some cases be automated but generally are manual interventions. These efforts will result in alerts, notifications and reports that summarise the position and provide an indication to compliance and risk.
But many of these things are sequential, an event happens, the tool discovers the results, the SAM team react. What if the tools you use can make decisions, act and notify as part of other related processes?
Consider what are the things that will have the most dynamic impact on a SAM position? Two of the most significant could be considered as Users and Desktop Software. This might sound obvious, and probably should, but how can you influence these two things with a SAM tool set.
Influencers – For a new user or where a user moves role there is a need for equipment, access to resources, services and software etc. IT need to be informed about these requests otherwise the user will not be able to perform their role. When a user leaves however, or when a user no longer needs access to certain services, the incentive to let IT know is not there. The implications are clear from a SAM perspective, licenses are not reclaimed, for other areas the issues can be more significant, not cleaning up access rights, not identifying devices the user had access too, can lead to a less than optimal state.
I recently read an article on Gamification to encourage a more engaged environment (http://goo.gl/zNxLc7) and that’s a great idea, but are there more “less fun” but more functional ways to tackle some of these issues, perhaps in conjunction with gamification or other techniques.
“don’t underestimate the power of sharing information!;
New Users are easy to capture, HR or Department Heads need IT resource to enable accounts, commission new hardware provide access to services and update Active Directory. This can involve multiple departments (Purchasing, IT Operations) with the consideration of licenses coming as an afterthought if thought about at all. Who cares if the shiny new laptop or latest mobile device has licenses! “Well capture the new license allocations at the next true-up”
Wouldn’t it be better to capture that detail at the outset or before new licenses are required?
Consider a single process starting with a service request that makes this request process simpler for the requester. Consider then reacting to this by creating the user, allocating access rights, configure software applications (with integrated license checks and allocations) as a single step. The request is acted upon quicker, the new user is enabled quicker, the right software is provisioned on the correct hardware, mobile devices are provided, access rights enabled and license positions are updated. Not only have we satisfied the requester, we have ensured that the IT estate integrity is maintained and we are immediately informed of any license or compliance issues, allowing us to rectify this immediately or implement remedial actions.
Enabling these types of processes where the end user directly benefits will encourage them to use the same process for less important “in their eyes” actions. Notification of leavers is the same process as above but in reverse. Perhaps we should consider providing the requester with details of that user, what systems they had access too, what hardware they were issued, and for SAM, what licenses were allocated and can be reclaimed.
“It’s all about transparency”
If you have the information think about providing a summary back to key stakeholders. Include details of users, the impact this has on licenses, the cost of acquiring new users, and licenses reclaimed data. This will all help to have transparent processes, which will help raise the understanding and recognition of how important and effective SAM can be to a business.
In this article, we hope we have started to show how SAM can be used as an enabler across an organisation and how with a little joined-up thinking you can make SAM a core part of everyday activity. A key part of this is in the toolset you choose to use, while it is important that the core objectives of SAM are met, consider how the toolset can be used to deliver value outside of SAM. Consider also how can the tool be used to integrated processes to benefit both SAM and other business functions. SAM can and should be an integral part of everyday business.
If you would like to learn more about how DeskCenter can enable these and more integrations and optimisations around SAM, why not get in touch or join us for one of our regular Webinars on this subject or one of our other webinars about the capabilities of the DeskCenter Management Suite. Webcasts