ITAMChannel is a hub of coverage for all the latest news and views within the IT Asset Management Industry

Business Risks of Non-Compliant Software

SHARE
,

Let us not mince words; breaching software licences is very expensive. Vendors are quick to punish those who would defy their strict contract terms and, with confidence in software compliance at an all-time low, companies have never been more open to financial penalties from vendors. Globally CIOs are reporting a marked increase in the number of software vendor audits and faced with constant scrutiny, the lack of preparedness for an audit continues to amaze.

It is a shocking fact that over 50% of IT managers (or equivalent) do not know whether they have sufficient licences for the users and software they’re running. If they’re unsure whether they are fully licensed it’s a sure bet they aren’t. This is a huge concern for the IT department, management and the people in charge of company finances. Initial responsibility lies with IT – they have to ensure compliance – and with unlicensed software comes security threats. Malware can easily exploit unlicensed software and leave an entire organisation, its data, their client’s data and/or invaluable sensitive information exposed to the world. The potential for damage is limitless and the results could be more costly than the fines imposed for not being properly licensed.

With compliance audits happening at least annually, it is imperative for organisations to have complete control over their software assets. A company must have as close to 100% visibility of licence use at all times and be ready to be audited, sometimes twice annually by the same vendor. The BSA Software Alliance’s recent report (Software Asset Management – Processes, Practices and Plans) has highlighted that 60% of companies are unable to assess compliance as a result of their current visibility of their software assets. This lack of visibility has a snowball effect and “the biggest impediment for CIOs to make the most of their software investments is lack of complete visibility into their software inventory”, Pranav Kumar, Executive Vice President & Head – CIO Forum, IMA.

Being prepared for vendor auditing requires planning and good planning needs sound polices. The way forward with both unlicensed software threat limitation and a lack of asset visibility is through implementing sound, forward-thinking policies and practices. The BSA report discovered that only 35% of organisations have formal policies in place for software licensing, meaning 65% of companies are at a higher risk of having large fines imposed on them and leave themselves open to a catastrophic security breach (and the subsequent meltdown) as a direct result of the lack of visibility and planning of their software estate. This is fundamental planning for any organisation, absolutely mission-critical in large companies and totally inexcusable to lose control over one’s software and licences.

A comprehensive policy should include details of a software deployment log, how a SAM system will be integrated and deployed and address issues such as financial impacts, damage to corporate reputation, adverse operational effects, security concerns etc. There is no one-size-fits-all as every company has their unique operating practices and culture, solutions must be tailored and moulded to fit every organisation.

According to the BSA report, 58% of CIOs see vendor audits as a “nuisance or distraction” and with 60% of companies unprepared to be audited, the demand for SAM experts has never been greater. Livingstone is your saviour in the confusing and financially devastating world of software licensing. SAM gets us out of bed in the morning, it’s what excites us, motivates us, floats our boats. We love it, we expect you don’t, so let us do our thing and you can get on with doing yours.