Articles

Businesses and governments direct their IT organizations to establish and practice Software License Management in order to maintain compliance with the terms of vendor contracts and to minimize the risk from external audit. In turn, IT management seeks out solutions to ease the workload involved in maintaining and proving compliance in the form of software technology. The expectations are seemingly straightforward: Deliver Software License Management functionality that supports identification and reporting on installed software products correlated to their license entitlements. While dozens of tools on the market tout themselves as being able to respond to these requirements, only a handful of products actually do so across the broad spectrum of license management scenarios.

Many people imagine that software auditing and compliance is a case of tallying installed copies of each software product and matching them up against the licenses that have been purchased. In reality, that approach is woefully inadequate. Software compliance has evolved into a highly complex issue with many moving parts.

To begin with, software compliance involves a diverse array of license models. A license can be defined in many ways, such as per user, server-side, site and enterprise, to name some examples. Additionally, almost every major software publisher offers products for download and time-restricted evaluation. Unfortunately, the publishers rarely make changes to the installation information that indicates when software is an evaluation copy. This means that multiple data points must be examined to determine license compliance. In the case of the time-restricted evaluation software, it may be the install date. To add to the complexity, some license models are based on logical, rather than physical, relationships. Client Access Licenses (CALS) follow this model, which means they cannot be physically inventoried.

Effective compliance tools must be able to deal with all of these kinds of templates. Many software products do offer complementary compliance tools that recognize and report on specific portfolios, but these often fumble in identifying products or license models outside their proprietary spectrum. Having several of these software packages running not only complicates the environment, it creates work overlaps.

A strong solution must have a set of templates that recognizes these infinite license models. Since new schemes are constantly emerging, it must also be easily updated to keep current without requiring a wholesale upgrade.

Defining models is just the beginning. The key to compliance is license assignment, and that can only be accomplished with accurate inventory information. Inventory completeness relies on thorough data collection and product recognition.

Software compliance data comes from many sources. Inventory tools that are already in place in an infrastructure may have some of the required information for compliance reporting. Purchasing and/or Financial systems also hold critical data. Additional license information was traditionally gathered by means of client software called ‘agents’ that must be installed on each computer. Current technology alternatives — such as CA Software Compliance Manager — provide “non-resident” interrogation and data capture that can gather the needed inventory information with equivalent accuracy.

Software License Management relies on the ability to synthesize and represent all these sources by accepting data not only from an indigenous tool but also from those already in the environment — even those from competing license management software.

Once the data is collected, the next hurdle is to organize and compile the entries in a way that makes sense of the software product data in terms of identification. This is often the greatest challenge of the process. The sheer volume of records can be daunting. A small company with 200 employees may very well represent thousands of software inventory records.

Furthermore, many of these records may have slight variations that demand cleansing before the data is usable. Entries may have shortened product titles, use trade names, delineate between suites and promotional bundles or simply sport misspellings from human error. Aside from those variations, software licenses themselves do not follow any established industry standards. Version, edition and language data doesn’t align to a common format and, indeed, is sometimes missing altogether.

When a person works directly with data, he or she can immediately infer similarities between subtle differences and make the necessary alterations. Most computer programs, on the other hand, sort only on absolute matches. One of CA’s goals with its Software Compliance Manager was to build the capability to mimic the normalizing conducted by the human mind when looking at inventory information.

A tool that works with that textual data using sophisticated logarithms to eliminate duplicates, standardize data values and classify records sharply cuts down the resources hours needed to organize the inventory. The result is a collection of product information that can be used to successfully report software license compliance as well as provide for effective software license management.

As understanding software licensing and proving entitlement becomes more and more challenging, the right software product is the key to effective and efficient compliance management.