From CIO to IT manager, to software asset manager, there is a significant pressure on managing risk. Identifying, tracking and managing any dangers is part of a business’ responsibility to make sure it is not exposed – whether from internal or external forces. It could be the threats posed by new competitors, the dangers of IT failures or outages, or the risk of unexpected expenditure from audits and fines.
Software licenses within the business represents a major potential issue in the form of the potential cost to the business, should an audit find any breaches. An area of particular danger is licenses in the data center - up to 70% of a large organization’s licenses can sit within the data center and this is set to increase. More and more, companies will need to turn their attention to this often overlooked factor. But why does it present this problem, and what’s preventing companies from managing this effectively already?
Vendors are circling
One main reason is the realization by vendors operating in the data center space, that there is greater opportunity to glean revenue from this part of licensing. This is because they are acutely aware that enterprizes are more reliant on data centers than ever before. Value is shifting to the data center as it’s where intelligence lies – endpoints today, such as mobiles or tablets, do not hold significant amounts of data. The data center is where more licenses will reside and as a result, organizations can’t ignore the growing scrutiny on it.
Not only is there more attention, there’s also more complexity, making an assessment of risk more challenging. Vendors offering licenses in the data center are changing the metrics for licenses on a regular basis, far more than other licenses in the enterprize. This is because more demands are being placed on the data center, with data being access more frequently and by more people, and overall the way data centers are being used in more flexible ways.
Furthermore, the calculations made with these metrics are difficult to understand. It takes time investment to truly know how the license is being assessed, with calculations made using the capacity of machines, power and processors. That complexity is increasing. At the moment, up to 10 metrics need to be measured and reported on and this number is set to increase.
The problem with this is that the person managing the licenses most likely cannot, practically speaking, take this time that is required to understand these complexities. They may not fully understand an audit, or a license’s compliance requirements. There is a major learning challenge at play, where those with software asset management in their remit need to quickly learn how this aspect of the IT estate is presenting risk. Their role is evolving as a result.
Who owns the license?
This changing role is one factor to overcome. But many organizations will find there is confusion over who owns licenses in the data center. It could be the data center manager, it could be the IT manager, or the person with software asset management (SAM) in their remit. Is this leaving a gap, where everyone has different priorities, and are looking to each other to take responsibility?
Given the data center manager is invariably focused on the hardware and smooth running of the data center, this is unfortunately a common scenario. If it is established that it is the SAM manager who is responsible, the likelihood is that the metrics they are accustomed to managing are not in the data center. This is understandable given the difference in the complexities of the license. Indeed, this problem is so common that consultancy firms offer services around this specific problem to plug this gap. For organizations to truly understand their licencing requirements however, there is a need to bridge this knowledge gap.
To truly tackle the data center license risk, the realistic and effective conclusion of this, in most organizations, will be that a compromize needs to be formed. Multiple stakeholders will need to work around the same priorities and collaborate to minimize risk. The data center manager who wants to keep operations running efficiently, and the SAM manager who needs to know exactly what is kept running. Both are critical and collaboration is key. The worst scenario is that neither are responsible and therefore exposing the organization to risk.
Data centers are showing no signs of reducing complexity, adding challenges to the license management environment at a steep upwards trajectory – exposing the organization to different types of risk. The knowledge gap and grey areas around responsibilities only add to this. A clear and defined plan is needed that manages the process, people and visibility effectively, minimising the risk that each factor can present.
David Foxen is software asset management evangelist at Snow Software