Why Do Software Asset Management Tools Stink at Software Asset Management?

Why Are Software Asset Management Tools So Bad at Software Asset Management?

Software Asset Management Tools are all basically imperfect solutions to the challenging task of Software Asset Management.   We all want to know what software has been deployed and be able to correlate that with the licenses that we own.  On the surface it sounds pretty simple yet in our experience pretty much all Software Asset Management Tools are somewhat bad at Software Asset Management.   Here are the top 6 reasons that these tools fail to deliver on their promises.

Reason #1. Bad Inventory Data

The old saying “Garbage in, Garbage out” holds true when considering Software Asset Management tools.   Capturing accurate inventory data of what has been deployed on your network is a critical component of software asset management.  Some of the common culprits that cause the process to break down include inconsistent data sources.  By this I mean naming conventions.   If you have good process and discipline around this, it makes it much easier to accurately identify development and test environments for instance.

Reimaging can also cause challenges as they sometimes create a custom ID Tag as part of the reimaging process.  This can cause the asset to no longer be recognizable by the tool.

Reason #2. Failure to Account for Duplicates.

One of the most frustrating occurrences is when Software Asset Management tools double count the deployment of software assets.  We often see this happen when updates have been applied to software, but the old installation is not completely removed and replaced with the update.  As a result, many software asset management tools will count both copies of the software instead of just one.

Reason #3. Failure to Identify Development and Test Environments

A clearly defined production environment is so critical as the underlying software that is deployed is what the analysis is based upon.  Mixing production and non-production instances is often confusing from an audit perspective and could lead to software asset management tools showing incorrect licensing requirements based on flawed data.   We strongly recommend having solid naming conventions and, if possible, dedicated non-production environments.

Reason #4. Licensing Models Change

The only thing that is constant in software licensing is that licensing models change and sometimes with very little to no notice at all.  This is a huge challenge for software asset management tools.   For example, in the last few years we have seen Microsoft SQL Server change to Core Based licensing from per CPU/Per Named User/Device.  In addition, traditional software licensing models are increasingly being turned on their head as cloud computing becomes and more prevalent.  Remember that each and every software vendor has a unique licensing model that can change at any time.  We are also seeing vendors focus on the installation of software on a server accessible by a community of users.

Read About the Dangers of Audit From Smaller Software Vendors

The point is that these models are constantly in flux and most software asset management tools are somewhat static.  In order to get good data a separate optimization process is usually required.

Reason #5 Virtualization and Cloud Models Add Complexity.

On the surface it would seem that cloud computing could have the potential to make software asset management somewhat obsolete.   Unfortunately, the reality is that it had increased the complexity involved in software licensing and inventory.  Most mid-sized to larger organizations operate hybrid cloud environments in which workloads and assets transition from being cloud based to on premise and back again.   Hybrid cloud environments are an absolute necessity for most organizations, but they dramatically increase the complexity of software asset management and licensing in general.  For more information check out this webinar we recorded about it.

Click Here to Watch

Reason #6 OEM and Retail Box Purchases

OEM and retail box purchases of software can also confuse software asset management tools.   In the case of OEM licenses, they arrive in the environment with the purchase of new hardware.  Depending on the vendor you may or may not uplift them to volume licenses or you may just let them exist as standalone installations.  The problem will be that if they continue to exist as OEM licenses they will not appear in your volume licensing statements and will cause reconciliation and potentially contractual issues for your organization.  The same holds true for retail box purchases.  Furthermore, both OEM and retail box licenses may have very different rules in terms of usage than volume licensing.

What’s the solution?

The bad news is there isn’t a single software asset management tool that truly automates software asset management and does it well.   At MetrixData360 we developed a managed service called SAM Compass which provides you with the best of both worlds.  SAM Compass combines inventory tools with licensing optimisation and then adds software licencing expertise to provide a holistic solution.

Want to learn more about SAM Compass?  Click Here and Scroll Down

Register for our SAM Compass Webinar Here!

Further Reading

 

System Center Configuration Manager – Windows Update Model

This week we will be talking about Microsoft outlines Windows Update Model Using System Center Configuration Manager; Microsoft’s newest Windows Server test build adds new storage, failover clustering updates; and Microsoft challenges Chromebooks with $189 Windows 10 laptops for schools.

Microsoft Outlines Windows Update Model Using System Center Configuration Manager

Microsoft kicked off a video series describing how to update Windows 10 using System Center Configuration Manager recently.  The nature of the updates for Windows, Internet Explorer and NET Framework and how they get updated monthly is outlined. The article below describes how both Windows 10 systems and older Windows operating systems get updated. For Windows 10, Microsoft is trying to move its customers away from selectively choosing which patches to apply each month utilizing automation. However, this can lead to problems.

Windows 10 updates follow a cumulative model, where a monthly update release contains prior patches. Microsoft started the cumulative update scheme when they launched Windows 10.

There were 9 update types that were identified in the article:

  • Critical Update: a widely released fix for non-security software flaws
  • Definition Update: a widely released update to a definitive database
  • Drivers: an update to the system that manages hardware
  • Security Update: a widely released fix for a software vulnerability
  • Service Pack: a between-version cumulative update that largely applies to “legacy” or older software
  • Tool Update: an update to a utility software program
  • Security-Only Update: an update released each month that contains all of the security updates for that month, but which is not cumulative • Monthly Rollup: a set of cumulative updates that include both security and reliability updates • Preview of Monthly Rollup: a tested cumulative set of new quality updates packaged together for distribution in the next month, containing what was included in the prior month, but excluding security updates.

Updates are cumulative for Windows 10 and Windows Server 2016. The updates typically arrive on “update Tuesdays,” or the second Tuesday of the month.

Update releases get more complicated for Windows 7, Windows 8.1, Windows Server 2008 and Windows Server 2012/R2 systems. They have “standalone” and “cumulative” patch options. The NET Framework also has such options.  I know we here at MetrixData360 struggle on patch Tuesday as our users are unable to use their laptops for long periods of time as the updates install.

For more information please visit the Redmond Magazine article here.

Microsoft’s newest Windows Server test build adds new storage and failover clustering updates

Microsoft released a new test build of Windows Server 1803 to Insider testers on Jan. 16.  Windows Server 17074 includes some enhancements to Storage Spaces Direct (S2D) and failover clustering. As Server users may recall, S2D didn’t make it into Windows Server 1709, allegedly because it wasn’t meeting quality standards. Microsoft is hoping to add it back to the coming 1803 release.  Storage Spaces Direct spans Windows Server clusters and creates a bus which allows all the servers in the cluster to see each other’s local drives.  S2D was introduced as a feature of Windows Server 2016 and described by Microsoft as “the foundation for our hyper-converged platform.”

In preview build 17074, Microsoft removes the requirement for SCSI Enclosure Services for S2D to be compatible, which “unlocks a new breath of new hardware which was not capable of running S2D,” says a Microsoft blog post.  S2D also now supports Persistent (Storage Class) Memory and supports Direct-connect SATA devices to AHCI controller, also enabling users to run it on lower-cost hardware.

If you are interested in the new features you can read the Zdnet article here: 

Microsoft challenges Chromebooks with $189 Windows 10 laptops for schools

Microsoft is really pushing for schools to keep using Windows. They are launching new Windows 10 and Windows 10 S devices that are priced starting at just $189. The software giant is also partnering with the BBC, LEGO, NASA, PBS, and Pearson to bring a variety of Mixed Reality and video curricula to schools.  Lenovo has created a $189 100e laptop. It’s based on Intel’s Celeron Apollo Lake chips, so it’s a low-cost netbook designed for schools.  Lenovo is also introducing its 300e, a 2-in-1 laptop with pen support, priced at $279.

The new Lenovo devices are joined by two from HP, with a Windows Hello laptop priced at $199 and a pen and touch device at $299.  All four laptops will be targeted towards education, designed to convince schools not to switch to Chromebooks.

Part of Microsoft’s school push is related to content for teachers to use with these laptops. Microsoft is planning to release a new Chemistry Update for Minecraft: Education Edition this spring. It will focus on experimentation like building compounds or tackling stable isotopes. It’s a free update for everyone using the Education Edition of Minecraft.

Microsoft is also tweaking Word for Mac, Outlook desktop, and OneNote for iPad / Mac to include a new immersive reader that helps with reading and writing. In addition Microsoft is making some Mixed Reality content available for both the HoloLens and the range of Windows Mixed Reality headsets. Pearson, the world’s largest education company, will start distributing a new curriculum in March that will work on HoloLens and they will release new apps for students.

Microsoft has announced that students can receive a 10% discount on HoloLens to tempt schools into trying out its augmented reality headset. Windows Mixed Reality headsets will still be the cheaper option for schools, though.

MetrixData360 knows that the education market (and developers, remember that famous Steve Balmer video) were key to Microsoft market dominance in the late 90’s.  For many years, Microsoft lost focus on this market where our kids learn and choose their platforms early in life. It appears Microsoft is trying to reconnect with students and hopefully develop another generation of workers who grew up with and love Microsoft products.  Time will see if this push is to late or if companies like Google and Facebook can break into Microsoft’s enterprise dominance with the next generation of workers.

Meltdown and Spectre (and other news)

This week we will be talking about the Meltdown and Spectre security flaws in virtually all phone and computer chips that has been dubbed as ‘one of the worst CPU bugs ever found’; Microsoft Unified Support Bringing Increased costs for organizations; and automating Azure license assignment in Microsoft Azure.

Meltdown and Spectre

Security flaws have been found in virtually all phone and computer chips as ‘one of the worst CPU bugs ever found’ has been detected.  Security researchers have disclosed a set of flaws recently that could potentially let hackers steal sensitive information from almost every modern computing device containing chips from Intel, AMD and ARM.

This is a very specific bug which relates to Intel, but there is another one that affects laptops, desktops, computers, smartphones, tablets and internet services alike.  Intel and ARM have insisted that the issue is not a design flaw but that it will require users to download a patch and update their operating system to fix it. Phones, PCs, everything are going to have some impact, but it will vary from product to product.

Researchers have identified two flaws; Meltdown and Spectre.  Meltdown affects Intel chips and lets hackers bypass the hardware barrier between applications run by users and the computer’s memory, potentially letting hackers read a computer’s memory and steal passwords. The second; called Spectre, affects chips from Intel, AMD and ARM lets hackers potentially trick otherwise error-free applications into giving up secret information. The researchers have indicated that both Apple and Microsoft had patches already in place for users for their desktop computers affected by Meltdown.

Google said in a recent blog post that Android phones running the latest security updates are protected, as are its own Nexus and Pixel phones with the latest security updates.  Gmail users do not need to take any additional action to protect themselves, but users of its Chromebooks, Chrome web browser and many of its Google Cloud services will need to install updates.

Amazon Web services, a cloud computing service used by businesses, said that most of its internet servers were already patched and the rest were in the process of being patched.

If you need help determining if all your devices are patched, MetrixData360 is able to run our SAM Compass process against your servers and devices to provide you with a report of any machines that need immediate attention.

For more details on the article click here

Microsoft Unified Support Bringing Increased Costs for Organizations

Microsoft Unified Support Plan will be replacing other technical support plans including Premier Support in approximately six months and will most likely result in an increase in pricing.

Unified Support will likely be the only Microsoft support offering for organizations worldwide and has three plan offerings: Core, Advanced and Performance. Core is the “affordable access to problem resolution”, while Advanced is “a balance of reactive and preventive support” and Performance offers “personalized support with the fastest response times” and service-level agreements.

The older Premier Support plans typically tasked organizations with tallying up their available “problem resolution” or “reactive” support hours each year before going to Microsoft to get support. With the Unified Support plans, organizations instead have so-called “unlimited hours.” These unlimited support hours are offered as part of the Core, Advanced and Performance Unified Support plans, according to Microsoft. Unified Support costs are tied to an organization’s Software Assurance payments, as well. Software Assurance typically is thought of as an annual cost guaranteeing software upgrades to the next major release, along with some educational perks. In other words, it’s considered to have a separate purpose from getting support.

MetrixData360 knows that a number of organizations that have had Unified Support proposals and that these proposals are increasing pricing anywhere from 10 to 40% over Premier Support options. If you like to discuss your new support options contact your MetrixData360 rep to set up a call to discuss.

For more information see the Redmond Magazine article here:

Automating Azure licenses assignment in Microsoft Azure

One of the tasks that requires extensive time and attention from the operations team is the process of assigning license when moving users to Microsoft’s cloud; especially because there are a lot of licenses and services involved. Microsoft Azure offers a feature that allows any company to automate Azure licenses based on Active Directory groups.  You can just enable the feature.  There are a few ways to assign Azure license in Azure and Office 365 by using web console, mobile applications, and command line interfaces. MetrixData360’s new Managed Service offering (called SAM Compass) has an option for MetrixData360 to administer and manage this for you.  Please contact your MetrixData360 rep if you have any questions.

For the “how to” click here link and follow the steps.

Flexera’s Initiative with Microsoft a Silver Bullet for Software Audits?

Microsoft and Flexera recently announced a partnership that they claim will use a standard set of software asset management tools.  Click to Read Article

Customers who deploy both Flexera’s FlexNetManger Suite and Microsoft’s Intelligent Asset Manager (part of SCCM) would be allowed to set an “agreed upon ELP baseline”.  An ELP is an Estimated License Position that shows you how your licenses owned relate to your software deployments and outline any overages or license shortfalls.  This announcement does not state if this “agreed upon ELP baseline” will be documented in any contracts.

At Microsoft Inspire 2017 conference Flexera CEO Jim Ryan described the program like an electrical provider, stating that to audit electricity consumption you simply attach a meter and bill accordingly to the meter.

Three issues were identified in the aricle:

#1 Near Term Exposure:

The cost to deploy the Flexera-Microsoft tool would need to be accounted for.  It is also indicated that this deployment would likely be done by either Flexera (with the clever nickname FlexeraSoft) or Microsoft looking over your shoulder.  This would mean that once the tool or meter is installed any licensing exposure could be agreed upon immediately causing the company to remedy any shortfalls right away.

#2 Long Term Exposure:

The question posed is what exactly will this tool be measuring?  Microsoft has in the past promoted Unified Logic’s Movere tool which is said to monitor the high-water mark of software usage.  The challenge with this approach is that spikes in product usage could be attributed to changing configurations.  These changes may not necessitate purchasing licenses however.

#3 SAM Tools Can and Do Fail:

It is next to impossible to create a SAM tool that does it all.  Since Flexera and Microsoft are developing this tool it is likely that the programming will be done to their favor not yours.  They also tend to operate under the paradigm that you can just do this and ignore important things such as your security protocols when pitching the simplicity of this program.

MetrixData360 and others have SAM options that are independent of Microsoft and we suggest that anyone considering this offering careful review their options before going with a vendor supported (in their favor) solution.

Click here for more details.

Google Introduces Chrome Enterprise subscriptions for $50 per Chromebook per year

Organizations should be ready for Chromebooks to hit their organization and Google is going to take a swat at Microsoft with a new bundle of services that put the Chromebook on par with Microsoft Windows.  Chrome Enterprise will provide management features to allow for support of a fleet of Chromebooks, virtualized desktop applications and theft prevention to name just a few.  In addition it includes one of the most important features: authentication to Microsoft’s Active Directory!

The price for this service is $50 per year per managed Chromebook.  Google did not state if large Enterprises will be eligible to receive discounts on this price.  Google will be also adding support for enterprise mobility management into Chrome OS with this launch with VMware Airwatch to start and other EMM providers to follow.  This move is seen as giving organizations an opportunity to utilize low-cost Chromebooks in their enterprises instead of Microsoft Windows.  The cost of $50 per year may seem high but many organizations are paying $84 or more for Windows Enterprise E3.

MetrixData360 is seeing more large organizations looking for ways to decrease hardware costs and this announcement from Google may be a step in that direction.  Anyone looking to decrease licensing and overall costs may want to seriously look at Chrome Enterprise.

Microsoft News! Must-Dos after Feature Pack Installation and Turn Bluetooth Off When You’re Not Using it!

In this series we will examine the Microsoft news that’s making headlines around the internet and offer our thoughts and opinions!

My Choice Software Releases the Software Licensing CALculator™

This story is about a new tool that has been released into the market by My Choice Software.  The tool is used to look at users, devices, server specs and virtualization information to determine the optimal license configuration for Windows Server.

We really like the nifty name of the product CALculator, a play on Microsoft Client Access Licenses (CAL for short) licensing models.

The vendor claims that the tools saves time by identifying license compliance gaps, optimizing licensing spend on future purchases and saving headaches when it comes to Microsoft Software Asset Management (SAM) audits.

The current product is free but only targets Windows Servers.  Other products are being released shortly and will have a fee associated with them.

MetrixData360 has not tested this tool and are not familiar with My Choice Software who are a Value-Added Reseller based in California and who targets medium sized businesses.  The concept is good, but we caution people to make sure the tool is built for your size.  Our soon to launch Windows and SQL Server calculator took a long time to test and develop so we know how complex this type of development effort can be.

For more details click here.

No Software Assurance?  Must-Dos after Feature Pack Installation

Microsoft recently released Feature Pack 2 for SharePoint 2016 via the Public Update Channel.  There are several new features that have been added, but one of the key feature updates from a licensing perspective is OneDrive for Business modern experience.  This feature is available to Software Assurance Customers only.

The License Trap for this is that this feature is installed by default even if you do not have Active Software Assurance.  The feature can be turned off after installation.

MetrixData360 cautions customers to review all Feature Pack Updates for License Traps such as this one.  Your technical staff may inadvertently make you non-compliant by installing a feature that requires licenses that you do not own.  We are seeing Microsoft and their auditors validate these things via their Software Asset Management (SAM) audits.  We recommend you be proactive and validate if you have turned this feature on and have the appropriate licenses.

For more details, you can see the article here.

Hey, Turn Bluetooth Off When You’re Not Using It

Not so much a Microsoft news article but an important one for technical teams to be aware of.  This article talks about the importance of turning off Bluetooth when you are not using it, due to vulnerabilities.

This week the security firm Armis announced a Bluetooth vulnerability called BlueBorne, which allows any Bluetooth device affected to be attacked through several vulnerabilities.  This impacts, Windows, Android, Linux and iOS.

As security itself has improved, attackers are looking to ancillary features such as Bluetooth to find ways in.  There are so many devices that can be impacted by Blueborne such as internet of things devices like smart TVs, speakers or even Smart Lightbulbs.

The best defence is to make sure you apply all patches when you can.  Or of course you can just shut Bluetooth off when you aren’t using it.

For more details, you can read up on this article here. 

News On Microsoft Azure and Office 365

Microsoft Announces the New Office 365 F1 Products:

New Office 365 F1 products are being released to replace the K plans.  The premise is for Office 365 F1 to be used by customers firstline employee such as customer service reps, factory workers, retail employees and even medical staff.  These are the type of employees who use Kiosks or are not typical Knowledge Workers that require full access to the suite of Microsoft products.

The offer includes a new Microsoft 365 F1 that includes Office 365 F1 along with Windows 10 updates and the new StaffHub application.  StaffHub allows Firstline workers to manage their work days with schedule management and connect applications via a web browser or mobile device.

MetrixData360 suggests that clients look at the F1 when creating profiles for their Microsoft EA Agreement.

Skype for Business and Microsoft Teams are combining:

Microsoft will slowly discontinue Skype for Business and will be replaced by Microsoft Teams.  No timeframe has been provided.  Microsoft Teams will include inbound and outbound calls and will have many features such as hold, call transfer, voicemail and an audio conferencing which will allow people to join a Teams meeting from any phone.  Microsoft still plans to release an updated version of Skype for customers who want VoIP.

For large Enterprises MetrixData360 suggests that you talk with your Microsoft Account team sooner rather than later to understand the impact of this change.  The Skype Client is going to be replaced by Teams which may have application compatibility or deployment challenges.

Microsoft Dynamics is adding AI Enhancements:

Microsoft Dynamics 365 is getting more creative with more Al enhancements and modular apps that will be available later this year.  An example of this is Dynamics 365 for Talent which integrate data from Dynamics 365 and LinkedIn to help candidates and track applicants for open positions.  This will provide increased insight into hiring and improve the overall hiring process.

Although many of our Enterprise customers currently do not use Dynamics, some LinkedIn features and Business Intelligence features that are embedded in Dynamics are being considered by some of our clients.  LinkedIn Training, through their acquisition of Lynda.com is another area of interest.  There is no solution to add this to your Enterprise Agreement, but we do see this as being an area where companies push Microsoft for change.

Chatbots coming to Microsoft Soon:

Chatbots are new in Microsoft products and are designed to augment existing customer support and sales processes with intelligent assistant technology.  These virtual agents can integrate with third party chat apps such as Facebook, Messenger, Kik, Microsoft Teams, Skype and Slack.

More Integration with LinkedIn:

It was announced that LinkedIn Graph is integrating with Microsoft Graph for better integrated data insights with a fully configurable integration.

Both Chatbots and Graph are not applications that we hear many of our Enterprise Customers inquiring about.  Both have powerful application in business and are something that we expect to see more interest in over the next 12 to 18 months.

Microsoft Bing being added to Office 365:

Microsoft announced a new service called Bing for Business for Microsoft 365.  This will allow you to perform internal company search.  It uses a native search tool and it drives personalized search results on company data, documents, people sites, locations and public web search results.  This is designed to save time and increase internal productivity.

MetrixData360 has wondered for quite some time when Microsoft would start to integrate more of Bing into their core product offerings.  Google is still the leader here and you must know Microsoft is chomping at the bit to do a better job.

Microsoft continues to Enhance Security:

Microsoft 365 will be adding better Advanced Threat Protection features such as increased anti-phishing capabilities, and expanded protection to SharePoint Online, OneDrive for Business, and Microsoft Teams. This is to avoid vulnerability and increased threat protection for secure hybrid cloud workloads.

Many of our most recent Enterprise Agreements have included security components.  Microsoft obviously is working hard to push customer to the full Microsoft 365 suite.  MetrixData360 however is still advising customers to create profiles and purchase what is required versus falling into the Microsoft bundle trap.

Azure was obviously a big focus:

Azure Stacks was the big announcement from the Azure team.  Azure Stack basically allows you to bring the Azure Cloud into your own datacenter.  There were other updates announced such as Azure Machine Learning, Azure CosmosDB and Azure Functions.  The Azure CosmosDB database service and server-less Azure Functions will allow developers to write a few lines of code that will tie into Internet of Things, perform database changes and much more.

Azure is being adopted by more companies every day.  If you are not utilizing it, it is likely a matter of when not if.  MetrixData360 highly recommends fully understanding how Azure pricing works before moving to the Azure Cloud.

Watch the Mike’s Minute Video on these topics:   I Want To Watch

Are you still watching and want more?  Check out our MetrixData360 youtube channel where we post much more content around various Microsoft topics.

Software Licensing and Software Asset Management Trends – What to watch for in 2022

Well, it’s hard to believe but, 2021 is winding down. Myself and the team here at MetrixData 360 thought it would be helpful to peer into the software licensing crystal ball to give some insight to the trends we expect to see in the world of Software Licensing and Software Asset Management (SAM) as we move into 2022. Some of what I have listed is vendor specific and some of the Software Asset Management trends are more general as relates to the Software Audit and SAM space. One thing is clear, organizations from small, to the largest enterprise and public sector, are coming to the realization that having a good handle on software licensing positions and implementing Software Asset Management processes can drive down costs considerably and help mitigate potential exposure.

The Merciless Onslaught of The Software Audit

One of the trends we are expecting to see as we move into 2022 is increased software audit activity from software vendors. Watch for software vendors that have traditionally not been active in auditing starting to develop and push forward with software license audits. Increased competition from smaller vendors and lack of innovation in newer versions of most software being released is driving a value gap which manifests itself in businesses being slower to upgrade. These factors are creating a perfect storm of declining revenues vs wall street expectations. The fact that most software companies are publicly traded means that they need to figure out how they can close the growing revenue gap. Watch for the traditional Mega Software Licensing Vendors such as Microsoft, Oracle and IBM to continue their audit activity and considering the revenue stream that their Software license audit practices are producing year over year, don’t be surprised to see increased activity from the likes of VMware, RedHat, Autodesk, Symantec, Quest and others in 2022.

C.A.M. The advent of – Cloud Asset Management

Increasing complexity around cloud offerings and determining exactly what is required vs premium features means overcharging is running rampant. We are going to see a shift from traditional software licensing schemes by vendors to consumption based models. The importance of being able to monitor in real time when cloud based applications and services are being consumed will become paramount in controlling costs. A great example of this is Microsoft’s Office 365. Even though someone is only licensed for access to a basic set of features, some premium features will also be made available at the click of a mouse. If a user is accessing those premium features, your organization is responsible for licensing them as such. Real time reporting that can tell you exactly what employees are accessing and which features are active will move the needle from traditional software asset management towards the new wild west in software licensing which will be cloud asset management.

How secure is your data in the cloud?

This isn’t a new trend but, one that will continue to see increasing scrutiny in the coming year ahead. Understanding geographically where your data is stored and what rights foreign governments have to force cloud providers to allow access to cloud data is paramount in keeping your company’s data private. It’s also important to consider what contractual rights the cloud provider themselves hold regarding accessing customer’s data in their cloud. Even if the infrastructure belongs to the likes of Amazon or Microsoft, strict limitations need to be negotiated into contracts that clearly define your organization’s right to privacy. It is not out of the realm of possibility that vendors could gain potential competitive advantage by knowing what software you are running, how your organization is using it. Watch for more encryption services and offerings to come into the market in 2022 as well as increased maturity of best practices in creating policies to protect the privacy of your cloud environment.

Upgrade or else…

As I mentioned earlier, slowing upgrade cycles is putting downward pressure on software vendor’s revenue. Many businesses just don’t see value in new releases of software and are therefore sitting tight for extended periods of time with the software licenses they already own the perpetual rights for. Watch for new releases of software from mega vendors such as Oracle and Microsoft to offer premium features and integration with other software that will only be available with the latest versions going forward. Microsoft has already announced this when in 2020 if you are not running a current supported version of Office you will not be able to access the Office 365 cloud. Understanding the roadmaps that software companies have laid out and how new releases might affect access to other vendors software that have previously enjoyed a symbiotic relationship will be key into making sure that your organization isn’t being walked onto a ledge that takes the decision to upgrade out of your hands.

The perils of indirect access.

We fully expect that another pain in the side of around Software licensing in 2022 will be indirect access. SAP has been making headlines around the globe as they pursue large enterprise clients for licensing and compliance fees and penalties related to indirect access. As much as indirect access is an issue when discussing SAP, the occurrence of accidental access is a trend that shouldn’t be ignored. We see many organizations that are hosting applications on servers that give users unrestricted access to deploy that application or many applications. It’s so important that every company understands, if users on their network have access to applications, the organization will be held responsible for licensing all users that have access. It does not matter if the application is being launched or not. The fact that users “could” access or deploy an application from a server has become a huge compliance risk. Make it one of your resolutions for the new year to check internally and ensure that users who don’t require access to server based applications do not have the ability to access them. Use firewalls or create policies to ensure that your organization is not at risk of compromising compliance rules through either indirect access or accidental access in 2022.

Bring Your Own Device

(BYOD) licensing, policies and process.

As the business world continues to evolve and control costs by having employees bring their own devices into the company’s environment, new challenges will present themselves in 2022. One of the trends that we are observing in the BYOD space is companies struggling with how to keep software that installed by a user for personal use off their networks. Most software companies do not distinguish rules between running applications off a personal device and a company managed device in their software licensing rules and use rights. If you are being audited and that software shows up in network scans, it can leave your organization open to compliance issues and steep financial implications. Avoid giving software vendors any leverage in software compliance audits by strengthening policies around BYOD. Creating containers that are installed on these managed devices to ensure that software licenses purchased by users outside your network are not able to move freely into your corporate infrastructure.

The advent of Software Asset Management (SAM) as a service.

We are all familiar with managed services. Using outside companies to provide hardware infrastructure, network monitoring services, or professional services to save money has become common place. One of the biggest trends to watch for in software licensing this coming year will be services to assist organizations with their software asset management in real time. For some years now, software vendors have been bringing tools to market claiming that discovery and inventory capabilities of their software asset management tools will save huge money. The reality of this claim is that a software inventory tool is only one pillar of what is required to really ensure compliance and drive savings from spiraling software investments.

Software asset management as a service will add two additional and absolutely required pillars to the picture. These components are people with expertise and the process on which the entire SAM concept needs to include if it is to be successful. Having experts who understand that there are many ways that a software application can be deployed and its use optimized within your environment is logic that no software inventory tool on the market can integrate. Being able to visualize and create meaningful reporting that adds value to your business is key and there really aren’t that many true experts in the workforce. Expert resources offered by SAM as a managed service adds additional benefits to vendors who license their products by Processor Value Unit (PVU). I have spoken to numerous experts in the field of IBM and Oracle licensing who back up the claim that there isn’t a tool on the market today that does a good job of inventorying software licensing that is based on PVU calculations. Setting up the processes to ensure success is the final key pillar of software asset management as a service. It goes far beyond simply making sure licenses are counted, purchased or reclaimed on an ongoing basis. It ensures that the reporting that comes from software asset management tools can be arranged in a way that business leaders can easily visualize licensing data and get real recommendations based on use, what rights your business has to use the software and how that information all fits together with technology roadmaps and upgrade cycles. Look for software asset management as a service to be a big deal as we move forward into 2022.

MetrixData 360 is known for being pioneers in the SAM space and we have developed our own Software Asset Management as a service offering called SAM Compass.  It takes data from whatever tool your organization is using for inventory, couples it with licensing expertise and our proven best practice processes. SAM Compass Software asset management as a service is the result of knowledge gained assisting organizations through software contract renewals, software audits and developing strategy to assist with the adoption of new software technologies. SAM compass will be the silver bullet that we have all been looking for as we seek savings and compliance that will finally unearth the 25-40% savings that have been promised by SAM tools. The best part about Software asset management as a service is that we see this as being a service that will fund itself with the savings organizations experience when they adopt it.

What is Accidental Access and Why Should I Care?

It’s the time of year when we get a little reflective and look back on trends we are seeing in the software asset management industry.   One of the biggest trends I’ve noted this year in Software Asset Management is vendors deliberately targeting what I call “Accidental Access” for huge software audit settlements.   You will want to understand accidental access and be proactive to ensure your organization doesn’t get hit with an audit.

Define Accidental Access

I define accidental access as occurring when software is inadvertently installed in a location in which it COULD potentially be accessed by other unintended users.  In a simple example a copy of Project Professional is installed on a server with the intention of making it accessible to a subset of 25 licensed users.  However, the entire company of 2,500 users could theoretically access this copy of Project Professional.   This would mean that all 2,500 users would technically need a license for Project Professional not just the initially assumed 25 users.

It Gets More Complicated.

Software licensing models are generally designed by licensing geeks like yours truly and because of that, they get complicated.   We think we’ve built a licensing model that’s fair for both the consumer and the software vendor and we release it into the market.  Then a combination of new technology in terms of new ways to deploy/consume coupled with highly technical people breaks the model.  In the past, technology like terminal services or remote desktop have been highly disruptive to existing licensing models.  Today licensing models need to contend with virtualization, VDI, Active Directory, and cloud among others.

What’s the Worst That Could Happen?

In the past, most software vendors didn’t target accidental access specifically in an audit or a Software Asset Management engagement.   It may have been brought up as a negotiation tactic but it wasn’t targeted.  A common tactic we are now seeing is that they approach you and request that you conduct an internal assessment which seems benign on the surface. Usually one of the questions in their site survey document asks if you use virtualization technologies in your environment. Once you confirm that you have virtual environments they will frequently shift the engagement into a more formal audit.

This last year I’ve observed multiple vendors who have targeted this to attempt to drive large compliance settlements. This issue popped up enough this year that we wrote an article warning about this risk.   In the example used in our article the potential gap was in the hundreds of millions of dollars.

Article – Beware The Smaller Software Vendors

This year we also explored the issue of SAP Indirect Access which is similar in that they are targeting what I will call non traditional users for whom it was assumed that licenses were not required.  The contracts are vague but courts in Europe have ruled in SAP’s favor and it has resulted in penalties in the hundreds of millions of dollars.

 

What Can I Do About it?

The best approach is to get ahead of this potential issue and be proactive.  The good news is that there are a number of steps you can take to mitigate possible exposure by accidental access.

Step 1:  Read your contracts and look for language around how they license their products and how they define the ways you can access their products.  For example, here is the language from SAP’s contracts specific to the term “use”:

SAP Indirect Access Example

Based on what you see in these contracts you made need to make some changes in terms of how you deploy/provide access to the software.

Step 2: Use a software inventory tool to see what is deployed on your network.  If you have one already that’s great!  If not, consider looking into something like Microsoft Map which is both free and also what Microsoft would use in a software audit/Software Asset Management engagement.  https://www.microsoft.com/en-ca/download/details.aspx?id=7826

Step 3: Review your server access and your Active Directory (AD) structure.  Check settings and policies and ensure that only the people/devices who need access to server-based applications have access.   This can be a complicated exercise and can also include taking steps like creating an AD User/Device group policy in which you can control access.  I strongly recommend that you contact us at MetrixData360 for some expert guidance before you undertake this exercise.

Step 4:  Consider a series of Self Assessment exercises in which you effectively conduct a self-audit to ensure that you are prepared and that there are no Accidental Access problems lurking.  MetrixData360 specializes in offering self-assessments for a number of major and not so major software vendors.  This gives you the ability to get ahead of things and ensure that the audit is conducted with the same rigor you would expect from a software vendor audit.   We have helped our clients save millions of dollars in terms of audit settlement avoidance.

Step 5:  This sounds complicated and I don’t want to do it myself.  Honestly, I don’t blame you if you are feeling this way about software asset management and the issues surrounding accidental access.   The good news is that we have a managed service offering called SAM Compass.   SAM Compass is a totally unique and proven process that taps into your existing data and allows you to easily visualize deployment data.  It solidifies your software license position and identifies opportunities for optimization and cost reduction of licensing.   If you think SAM Compass might be right for you either click the contact us button below or join us for a free webinar to learn more.

Learn More About SAM Compass!

Creating Quick and Easy Microsoft Effective Licensing Positions – Webinar Replay

Creating quick and easy Microsoft Effective Licensing Positions is pretty much fantasy for most of us.  Gathering the accurate numbers to execute a Microsoft True Up order can be challenging and there can be millions of dollars at stake. Even quickly generating a licensing position can be a time consuming exercise.

On this webinar we will show you the quickest way to painlessly compile an effective licensing position. Join Mike Austin as he shares his insights and cuts through the confusing jargon with straight talk! Mike Austin has been involved in countless Microsoft negotiations and audits and has negotiated over $1 Billion in software cost reductions.

Well organized Software Asset Management is key to saving your organization money in licensing fees. If you are looking to create a more effective licensing profile for your company, MetrixData360’s SAM Compass is for you. Contact us today to arrange a free consultation.

Straight Talk About Microsoft Azure Licensing

Demystifying Microsoft Azure Licensing: Understanding the Complexities and Pitfalls

Microsoft Azure licensing is Microsoft’s cloud computing platform.  Its one of the biggest cloud platforms in the enterprise space but the licensing is very complex and confusing. On this webinar we will cut through the confusion with straight talk and you will learn how Azure licensing works and the pitfalls to avoid!

Join Mike Austin as he shares his insights and cuts through the confusing jargon with straight talk! Mike Austin has been involved in countless Microsoft negotiations and audits and has negotiated over $1B in software cost reductions.