- Feb 09, 2017
- Debbie Rich
SAM Stories: Love Edition
Welcome to the Valentine’s Day edition of Aspera’s SAM stories! In the challenging world of Software Asset Management, you often have to look hard for things to love and cherish. In keeping with the Valentine’s spirit, our experts have shared three stories to make your daily SAM feel a bit more warm and fuzzy.
Stripping Down to Basics
Jim Priest, President
On a trip to an IT conference in Nice, France, my colleague and I went to use the hotel’s outdoor pool during a break between sessions. It was late summer and warm, and it was an unofficial activity between sessions. I was wearing a standard American bathing suit. This was in the early 90s so the legs fell between my hip and knees, about the length of jogging shorts. The conference attendees were primarily European so most of the other men had on speedos and most of the women, frankly, were wearing only half a bathing suit.
We jumped into the pool and I was immediately flagged by the lifeguard. He said that I was “not wearing a real suit” and I needed to get out of the pool and go put on an appropriate bathing suit. So to be sarcastic, my friend and I went to a nearby store and bought the smallest, barest men’s suits they had. We knew customers, colleagues and prospects at this convention. But as embarrassing as it was, I felt we had a little revenge on the lifeguard, who gave us a surprised look, then waved us into the pool.
I still have those speedos and now that I’m thinking about this story, I plan to hand them off to the newest addition to our Sales team as a rite of passage. He is going to do a lot of travel, and he also happens to be the son of my cohort from that Nice convention.
It’s a full circle — much like SAM itself! And as with managing license data, sometimes you just need to strip away the complicated layers and get down to basics.
Playing the Field
Pat Spencer, Senior Consultant
Years ago, I worked with a difficult SAM manager at a global company. When we first had to stand up the product, this manager was in charge of the process, and he was very loud and yelled a lot.
I told him all the steps needed to get to compliance, especially on their license position. First you need to pull in your purchase information, which is everything that you have bought. That includes your base purchases, upgrades and follow-up maintenance. To find the maintenance for any upgrades, you need to identify the base product that was previously purchased, which means you have to do assembly (also called stacking).
The manager freaked out and said no, we’re not going to do that. That assembly data was then ignored for over five years, until the SAM team was finally given the go-ahead to tell the jobs to pull in that data.
How did they get away with ignoring the upgrade maintenance? Well, it’s not technically needed for full compliance. If your base product included maintenance when you first bought it, the product would show up as versionless even though it has a maintenance in-date. The system would show it as still being under maintenance, therefore appearing compliant.
But your system doesn’t show a true view of what is or isn’t under maintenance, and the product is frozen at a certain version. Let’s say a product went off maintenance the previous year but you’re still showing it as versionless. The version that you are allowed to use is 2013 but you’re using 2016.
So in the system, you look compliant. But you’re not really compliant. And you’re running a major risk if you get audited.
The SAM manager wasn’t dodging this compliance area because he was scared of what kind of money they might owe. His focus was that within two months, he wanted to have 50 of the company’s top vendors in the system and showing compliance. He didn’t want to spare the manpower needed to sort out this issue. Which is a great goal but an almost impossible deadline. This manager wasn’t ready to commit to focusing his time on a few key vendors, which would have been a lot more beneficial than trying to satisfy every vendor in his portfolio. Much like dating, you could say he was trying to play the field!
Love Ignores the Little Things, but SAM Focuses on Them
Motty Hershkowitz, Senior Consultant
While working at a global investment bank with over 100,000 users, I was the Global Production Release Manager responsible for all production deployments affecting the desktop environment. This included ensuring that a license was purchased and available for each software deployment.
My story intertwines two events that led to over $2M in actual savings: controlling unapproved software installations, and re-evaluating key license purchases.
Having a process to control how you deploy software is important, but it’s equally essential to ensure there’s no way to circumvent that process. During a self-audit, we found a high number of installations, but much lower numbers of approved installations. As per the process in place, my team responsible for deploying software was not allowed to deploy licensed software unless approved by the SAM Team. Unfortunately there were what I like to call “rampant installations” in which users were using software without obtaining a license and the necessary approvals.
Upon further investigation, we realized users could find the software installation packages on our software repository (installation packages are packaged with the license key). Although users did not have permission to install software, anyone with the knowledge would be able to successfully install software by accessing the repository, executing the install, and changing the install file path to a directory they had rights to modify (i.e. a folder on their desktop). Additionally, we had developers and support technicians with admin privileges who were “helping” friends by installing software, and circumventing the processes and procedures in place.
It was especially a compliance risk because employees were installing software that posed a risk to the bank. As a financial institution, we were required to record and monitor every incoming and outgoing communication, however users were using unapproved software that were difficult to or could not be monitored (i.e. Skype, Google Talk, AOL Messenger, etc).
The solution ultimately was locking down the file storage directories by changing the repository permissions so users couldn’t execute, view or browse the install files. And we pushed out a new version of the software install tool that considered user entitlements and allowed software installs only if the user was approved for use of the given software.
We leveraged our planned migration to Windows 7 to enforce the “rampant installs” by:
- Locking down the infrastructure to prevent access to the software install packages
- Limiting who has admin access and making it extremely difficult to obtain
- Only migrating a user’s approved software and not what they had installed.
We experienced pushback from many users, however having the support of Senior Management enabled us to enforce these policies.
To seamlessly migrate users, we had a central pool used for truing-up software where there was no maintenance or the licensed version was not supported by Windows 7, thus requiring us to purchase new licenses. In one example, I was directly responsible for saving over $2M by noticing a big purchase order for product licenses that had a significantly less expensive alternative.
This was an interesting but scary scenario of giving employees what they had versus what they actually need.
I noticed that Microsoft Visio and Microsoft Project were heavily used – as is the case in many large organizations. We had a lot of installs of the Professional versions, which is double the cost of the Standard version. I researched the difference and realized that about 95% of our Visio and Project users only needed the Standard edition.
We had submitted a big purchase order of Visio and Project Professional licenses, and I stopped the PO before it went through. Then I created a replacement order for the Standard versions, oversaw the software migration from Professional to Standard, and created an exception process for users who had a valid justification for Professional. The number of exceptions submitted was less than 1%, for which no valid justification was provided, resulting in 0 exceptions approved.
I was able to save the Bank over $2M in actual savings – not potential savings. Tactically we gained a lot more in theoretical savings because we didn’t have to purchase licenses for the deployed rampant software that we discontinued.
There’s a saying “What’s done cannot be undone.” While that’s true in most cases, I know that consistently being proactive in SAM will prevent difficult situations that require being undone, as well as present the opportunity to “undo” and correct an issue when you realize that something is wrong. True love doesn’t sweat the small stuff, but true SAM picks up every tiny detail of the situation.
Topics: SAM Insights