SlideShare uma empresa Scribd logo

Pragmatic software governance

1E: Software Lifecycle Automation
1E: Software Lifecycle Automation

Discover how dynamically controlling your license estate leads to a software balance and protects your organization.

TecnologiaNegócios
1 de 10
Baixar para ler offline
PRAGMATIC SOFTWARE GOVERNANCE DISCOVER HOW DYNAMICALLY CONTROLLING YOUR LICENSE ESTATE LEADS TO A SOFTWARE BALANCE AND PROTECTS YOUR ORGANIZATION GEOFF COLLINS MARTIN ANDERSON 1E APRIL 2011 ABSTRACT: This whitepaper sets out the 1E view of software governance and compliance, highlighting that the correct approach is not to overspend and overprovision, but nor is it to wait for your chosen software vendors to audit your enterprise. The answer is to get the balance ‘just right’. All rights reserved. No part of this document shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without permission from 1E. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this document, 1E and the author s assume no responsibility for errors or omissions. Neither is liability assumed for damages resulting from the information contained herein. The 1E name is a registered trademark of 1E in the UK, US and EC. The 1E logo is a registered trademark of 1E in the UK, EC and under the Madr id protocol. NightWatchman is a registered trademark in the US and EU.
Contents Too much or not enough? ......................................................................................................................................... 3 What’s the recipe? .................................................................................................................................................... 4 Liability and control ................................................................................................................................................... 7 Getting it just right .................................................................................................................................................... 9 References .............................................................................................................................................................. 10 © 1E 2011 2
Too much or not enough? “63% of software vendors cited revenue generation as their number one reason for operating a compliance program, while 50% also want to protect their intellectual property rights.” Software compliance without tears, Ernst & Young, February 10, 20111 Like Goldilocks and her porridge, when it comes to software governance and compliance, every organization needs to get things ‘just right’. Spend too much in a climate of restricted spending, overprovisioning on software licenses that you think you might need, and you impact budgets and your ability to invest in strategic projects. By contrast, spend too little and when software vendors approach you about your installed software base you run the risk of non- compliance, fines and legal action. But what constitutes a sensible level of control? Effectively minimizing the cost of licensing and managing software, while not exposing your enterprise to the risk of an audit is the key, but it’s often not as straightforward as it might appear. Some projects aimed at understanding and managing software compliance run on for many years and struggle to demonstrate any return on investment. But equally, the solution cannot be so simple as to hope for the best and shout ‘help’ when the auditors arrive. Getting it ‘just right’ is not as easy as it looks. © 1E 2011 3
What’s the recipe? “Gartner continues to see increasing incidence of software vendor audits, making it critical that customers negotiate with an understanding of how license compliance can be accomplished consistently and cost-effectively.” Key Issues for IT Asset Management and Procurement, Gartner, 25 February 20092 No organization wants to be unprepared and have their business interrupted by a software audit. They may be able to struggle through one but there is no guarantee that these are single occurrences. Every enterprise can and should be prepared for that inevitable visit before it happens. But to be prepared you need to answer three fundamental questions: ‘What do I have installed?’ ‘What do I own?’ and, most importantly, ‘What do I actually need?’ What software do I have installed? The first step to compliance is getting control of what has been installed in your enterprise. Many times even answering this seemingly simple question can be a real struggle even if they have a top of the line systems management solution in place. The unfortunate truth for many organizations is that it will boil down to an approximation based on some raw data because of the uncontrolled manner in which software is installed and inventoried. The root of the problem lies in the vagaries of product information, with inconsistent and incomplete product names, versions and editions often published without a common format. Some standards of how software should run on Windows platforms do exist. However, the enforcement on ISVs to follow these standards is not strictly controlled. For instance, even though many operating systems offer file attributes, not all software publishers take advantage of these features. And in the event that software offerings do include relevant attributes, a lack of formal quality assurance can significantly lessen consistency. Software bundling is a common practice when releasing software that supports commoditized functionality, such as web services. Again, publishers rarely change details in the registry entries or file attributes to indicate that the software is bundled, so systems management tools typically cannot differentiate bundles from full products requiring associated licenses. From the software vendor’s perspective, identification of suites or bundles is not their concern which is why they do not build such identification into their products. As a result, the reported software inventory is artificially inflated to contain items for which users can rarely prove entitlement. These inconsistencies are then compounded by the presence of ‘try before you buy’ evaluations, unrecognized by systems management tools and often downloaded by users direct to the desktop without the knowledge of the IT department. Installations such as these are not localized to individual users either. Rather, it is more the case that one person in a department begins to independently use a piece of software which they have installed and then via word of mouth they push others in their group to do the same. This problem worsens when we consider that applications can be downloaded through the Internet or via portals or installed using flash drives or disks. Then there is the issue of data collection itself. The traditional approach employs systems management tools to examine the software for registry entries, file attributes and product identification data embedded in the code to produce an inventory. An inventory of your desktops, notebooks and servers should give you visibility of all the software you have installed. But when used for this purpose, systems management tools frequently produce a lot of © 1E 2011 4
‘noise’. From a software developer’s perspective the information that accompanies the file wasn’t intended to assist the IT Administrator’s inventory and identification process in so much as it was intended to help the software development and debugging process. To begin with the inventory will be full of software that you don’t need to know about, including hot fixes, drivers, toolbars, plugins and Java Runtime licenses. It will also contain duplicates caused by those inconsistent product names, versions and editions, usually leading to double counting and inaccurate results. All of this data needs to be cleaned, often as part of a laborious manual process. Once you’ve been through all that, you then need to filter your results just to identify the software that is commercially licensable. It is perhaps not surprising then, in a recent survey conducted by Opinion Matters on behalf of 1E, that two in every three respondents in organizations with more than 500 employees said they found preparing for software vendor 3 audits challenging. So let’s assume you’ve been able to identify what you have installed. How do you understand how much of it is actually yours? What do I own? The ability to track purchase information for licenses is much more difficult than many organizations realize or care to admit. This is typically because the information is not held in one central source, but by a number of individuals or departments and in a myriad of different formats. License details will be found in your accounting and purchasing departments, recorded on spreadsheets or detailed in finance applications. They will be stored on paper, filed away in cabinets somewhere by your IT team. They could even appear in marketing or sales, purchased from a high street store on expenses having been authorized by a line manager. They may not have even been recorded at all! Some organizations will freely admit that because some SAM tools are so large and complex they would rather wait for a vendor to come to them with an audit rather than try to manage the process themselves. 1E’s own research would suggest that nearly 50% of enterprises still use spreadsheets to record software licenses, with almost 9% still using a paper-based filing system and a staggering 14% using nothing whatsoever.3 Larger enterprises also operate on an international basis, from multiple sites and in many different countries, each of which might have their own purchasing, finance or IT teams and their own local procedures governing software purchases. Indeed, that same research would suggest that 43% of organizations manage their software regionally, 39% by department and 20% on a project-by-project basis.3 Ian Blatchford, a partner with Ernst & Young, agrees, saying “Customers feel that their own decentralized structures often make it harder to keep track of usage around 4 the organization - as does their increasingly complicated suite of IT packages." Additionally there are many organizations that have scattered licenses and overlaps in software functions due to mergers and acquisitions. This often gets overlooked and causes both over payment in software due to duplication in job functions but also liability from lost tracking of licenses. Inevitably, many organizations will be forced by the sheer complexity of uncovering and recording all this data to assign a project team to the job of gathering license information across the business. Some will even need to contact vendors and other sources, increasing still further the risk of an audit. © 1E 2011 5
Now let’s assume you have been able to accurately identify what software you have installed and how much of it you own. The last part of the story is to understand how much of what you have is actually needed. What do I actually need? This question could be rephrased as, “What am I actually using?” A review of your software estate may well determine how many copies of applications are installed on your systems and whether or not you have paid for those licenses, but you also need to determine which of these software applications are actually being used, by whom and how often. Without usage data, you may be purchasing software based on perceived requirements or user requests, not actual need. Usage data plays an important role in determining which applications should be included in a standard image and how many standard images may be needed to meet the different requirements of users. It also plays a part in monitoring and controlling the use of unauthorized applications and in preventing the downloading of insecure, non- approved software. Having control of software licenses in your environment also reduces the risk of expensive penalties and legal exposure. The true realization comes when you see that software usage and license liability are tightly coupled topics that can be addressed in order to keep your software installation and purchasing decisions optimal. Software which is installed and used would fall into the category of “I need this software” however software which is installed yet not licensed wouldn’t. We would refer to this as waste. But what if, in addition to waste you had software which was a liability with respect to licensing? – I.e. installed copies of software for which your organization hadn’t purchased licenses for yet. It’s in your best interest to know the usage information for this group of systems as well in order to make prudent purchasing decisions. Once you know what software you have, how often you’re are using it, and how much your organization has purchased, you have the information you need to make informed business decisions. Once you can make informed business decisions, you can put software in place to automate these and keep your environment in an optimal state. © 1E 2011 6
Liability and control “In a survey of attendees at our IT Asset Management, Procurement and IT Financial Management Conference conducted in November 2010, 61% of the 144 respondents said they had been audited by at least one software vendor in the past 12 months.” IT Asset Managers Should Prepare Now, Gartner, 2 March 20115 But even if you can find out what you have, how often you’re using it and how much you’re paying for it, how do you manage your liability and control your risk? In the vast majority of cases organizations fall out of compliance by accident rather than by design. It may take you many months (or in some cases years) to audit your software licenses, ownership and usage in preparation for that audit. But how are you going to keep that information up-to-date ready for next year or the year after that. You don’t know when a software vendor will request an audit, just that they surely will. While perhaps there has been a tendency over the years to shy away from discussing software compliance, it remains the primary goal for many organizations in reviewing their software licenses. 40% of the enterprises Opinion 3 Matters questioned said this was their main concern, with a further 22% highlighting reduced business risk. It’s not just a question of identification; it’s also a question of control and the ability to take action in order to remediate a problem. With this in mind, software license management tools provide the next and arguably most important step in the process. Audit data, as we have seen, can only contribute towards compliancy if it is combined with entitlement data, obtained from recording purchases and reports from vendors. For many enterprises, this ‘true up’ could be an almost entirely manual process requiring analysis of general ledger postings and tracking back to accounts payable to find the invoices. Furthermore, it could be out of date in a matter of days. The key point here is that license management tools need to be “plugged-in” to the active software estate to consistently present compliance status to the IT department. Advanced license management tools automate the correlation of installation, ownership and critically need, providing a central resource for ongoing compliancy while responding to and reducing liability in the short, medium and long term. The ability for a license management tool to control compliance is considered a base from which a complete compliance program can be built. The control of this data must be automatic, ‘active’ and ongoing. It must be continually tracked and monitored, alerting appropriate managers when the business falls out of compliance or is overbuying licenses and thereby wasting money. Rather than simply identifying what has, or has not, been purchased, sophisticated tools can manage centralized deployment and removal of applications, auto-reclaim unused software on one client machine and deploy to another and even ‘rent’ applications to users on a temporary basis for only as long as they need them. They can also reduce or even remove purchased but unused applications, known as ‘shelfware’, from the business. It is these elements of advanced control that set some software license tools apart. © 1E 2011 7
More importantly, your enterprise will enjoy immediate cost savings from improved software allocation, volume license discounts, better price points, accurate asset depreciation and more - all while eliminating the risks associated with software non-compliance, lack of policy enforcement and inappropriate or unnecessary usage. © 1E 2011 8
Getting it just right “Software audits are increasing. Organizations must fund IT asset management disciplines or will risk high, unexpected financial liability due to software compliance problems. Having good asset management can reduce the time and pain of a software vendor audit.” IT Asset Managers Should Prepare Now, Gartner, 2 March 20115 Uniquely focused on software waste, AppClarity™ from 1E delivers compliance without complexity by filtering out irrelevant license data to show just licensable software, organizing it by financial impact or vendor so you can quickly focus your compliance efforts. AppClarity enables your organization to make immediate reductions in software costs by analyzing all your applications instantly and providing you with actionable results, reducing your spend within one month. By identifying the software you actually use, then automatically removing what you don’t need and reallocating to reduce license liability, AppClarity enables you to financially quantify all software waste by identifying and controlling unused software across your whole enterprise. AppClarity also reduces business risk by controlling unapproved and prohibited software installs (such as torrent-like applications), automating software removal to protect your organization. From a security perspective this has the added benefit of reducing your entire company’s attack surface. Using a simple traffic light status to show compliance, together with additional guidance on how that compliance was calculated, AppClarity provides comprehensive reporting for vendor audits with just a few mouse clicks, reducing the cost and time it takes for your enterprise to prepare for any software vendor audit. Never again will you need to conduct manual ‘true ups’ and labor intensive audits. Through feature identification techniques, AppClarity also has the ability to provide reports and actions where “functional overlap” is taking place in your organization. This means that AppClarity can help reduce overspending due to two applications being purchased and installed which provide the same features and functions to the user community. By making sense of what software you have, why you have it, and where and how it is being used, AppClarity allows you to make informed strategic and operational decisions, putting you in a much stronger negotiating position when renewing maintenance or purchasing additional licenses. And it does this on a continual basis, month-on-month, year-on-year. Deploying AppClarity alongside other 1E products like Shopping™ delivers a solution that further enhances license control by offering the opportunity to rent applications on a short term basis to users, so that short term needs do not become long term liabilities. Getting it ‘just right’ is possible; you just have to know where to look. © 1E 2011 9
References 1 Software compliance without tears Monitoring customers’ software usage in a complex world, February 10, 2011. Available from: http://www.ey.com/Publication/vwLUAssets/Software_compliance_without_tears_- _Monitoring_customers_software_usage_in_a_complex_world/$FILE/EY_- _Software_compliance_without_tears_Monitoring_customers_software_usage_in_a_complex_world.pdf 2 Key Issues for IT Asset Management and Procurement, February 25, 2009. Available from: http://www.gartner.com/DisplayDocument?doc_cd=165771&ref=g_rss 3 Software Efficiency Report 2011. Opinion Matters survey on behalf of 1E, 2011 4 Software compliance without tears. Software asset management survey, Ernst & Young March 2011 5 Survey Analysis: Survey Shows Another Increase in Software Vendor Audits; IT Asset Managers Should Prepare Now, March 2, 2011. Available from: http://www.gartner.com/DisplayDocument?id=1569814&ref=g_fromdoc © 1E 2011 10

Recomendados

Reduce, reclaim and recycle your software to deliver dramatic cost reductions
Reduce, reclaim and recycle your software to deliver dramatic cost reductionsReduce, reclaim and recycle your software to deliver dramatic cost reductions
Reduce, reclaim and recycle your software to deliver dramatic cost reductions1E: Software Lifecycle Automation
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBsGFI Software
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
Network Environments
Network EnvironmentsNetwork Environments
Network EnvironmentsGFI Software
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
Patch management
Patch managementPatch management
Patch managementGFI Software
 
Productivity 3.0
Productivity 3.0Productivity 3.0
Productivity 3.0The Lorenzi Group
 
Cybersecurity the new metrics
Cybersecurity the new metricsCybersecurity the new metrics
Cybersecurity the new metricsAbhishek Sood
 

Recomendados

Reduce, reclaim and recycle your software to deliver dramatic cost reductions
Reduce, reclaim and recycle your software to deliver dramatic cost reductionsReduce, reclaim and recycle your software to deliver dramatic cost reductions
Reduce, reclaim and recycle your software to deliver dramatic cost reductions1E: Software Lifecycle Automation
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBsGFI Software
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
Network Environments
Network EnvironmentsNetwork Environments
Network EnvironmentsGFI Software
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
Patch management
Patch managementPatch management
Patch managementGFI Software
 
Productivity 3.0
Productivity 3.0Productivity 3.0
Productivity 3.0The Lorenzi Group
 
Cybersecurity the new metrics
Cybersecurity the new metricsCybersecurity the new metrics
Cybersecurity the new metricsAbhishek Sood
 
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...infoLock Technologies
 
Prevent & Protect
Prevent & ProtectPrevent & Protect
Prevent & ProtectMike McMillan
 
Steps to Cut your Software Spend by 30 Percent
Steps to Cut your Software Spend by 30 PercentSteps to Cut your Software Spend by 30 Percent
Steps to Cut your Software Spend by 30 PercentIvanti
 
Website Security Statistics Report 2013
Website Security Statistics Report 2013Website Security Statistics Report 2013
Website Security Statistics Report 2013Bee_Ware
 
5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams Arun Chinnaraju MBA, PMP, CSM, CSPO, SA
 
Data Loss During Downsizing
Data Loss During DownsizingData Loss During Downsizing
Data Loss During DownsizingConstantine Karbaliotis
 
Índice de software sin licencia en el mundo.
Índice de software sin licencia en el mundo. Índice de software sin licencia en el mundo.
Índice de software sin licencia en el mundo. Luis Noguera
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
Research Paper
Research PaperResearch Paper
Research PaperBrian Kasha
 
Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Kim Jensen
 
Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Universidad Cenfotec
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 
How to measure your cybersecurity performance
How to measure your cybersecurity performanceHow to measure your cybersecurity performance
How to measure your cybersecurity performanceAbhishek Sood
 
NH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 KamensNH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 Kamenskamensm02
 
E guide weathering the storm at your business
E guide weathering the storm at your businessE guide weathering the storm at your business
E guide weathering the storm at your businessSoma Technology Group
 
Top Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperTop Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperNetIQ
 
Prevent SAP Security Vulnerabilities | Symmetry
Prevent SAP Security Vulnerabilities | SymmetryPrevent SAP Security Vulnerabilities | Symmetry
Prevent SAP Security Vulnerabilities | SymmetrySymmetry™
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
Security Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersSecurity Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersThe Lorenzi Group
 
Ebusiness Auditing
Ebusiness AuditingEbusiness Auditing
Ebusiness Auditingnewarttech
 
English 1102pres
English 1102presEnglish 1102pres
English 1102presguest81ad0b
 
Apereo : Software Community Governance and Incubation
Apereo : Software Community Governance and IncubationApereo : Software Community Governance and Incubation
Apereo : Software Community Governance and IncubationIan Dolphin
 

Mais conteúdo relacionado

Mais procurados

(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...infoLock Technologies
 
Steps to Cut your Software Spend by 30 Percent
Steps to Cut your Software Spend by 30 PercentSteps to Cut your Software Spend by 30 Percent
Steps to Cut your Software Spend by 30 PercentIvanti
 
Website Security Statistics Report 2013
Website Security Statistics Report 2013Website Security Statistics Report 2013
Website Security Statistics Report 2013Bee_Ware
 
Índice de software sin licencia en el mundo.
Índice de software sin licencia en el mundo. Índice de software sin licencia en el mundo.
Índice de software sin licencia en el mundo. Luis Noguera
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Kim Jensen
 
Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Universidad Cenfotec
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 
How to measure your cybersecurity performance
How to measure your cybersecurity performanceHow to measure your cybersecurity performance
How to measure your cybersecurity performanceAbhishek Sood
 
NH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 KamensNH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 Kamenskamensm02
 
E guide weathering the storm at your business
E guide weathering the storm at your businessE guide weathering the storm at your business
E guide weathering the storm at your businessSoma Technology Group
 
Top Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperTop Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperNetIQ
 
Prevent SAP Security Vulnerabilities | Symmetry
Prevent SAP Security Vulnerabilities | SymmetryPrevent SAP Security Vulnerabilities | Symmetry
Prevent SAP Security Vulnerabilities | SymmetrySymmetry™
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsElizabeth Dimit
 
Security Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersSecurity Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersThe Lorenzi Group
 
Ebusiness Auditing
Ebusiness AuditingEbusiness Auditing
Ebusiness Auditingnewarttech
 

Mais procurados (20)

(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
 
Prevent & Protect
Prevent & ProtectPrevent & Protect
Prevent & Protect
 
Steps to Cut your Software Spend by 30 Percent
Steps to Cut your Software Spend by 30 PercentSteps to Cut your Software Spend by 30 Percent
Steps to Cut your Software Spend by 30 Percent
 
Website Security Statistics Report 2013
Website Security Statistics Report 2013Website Security Statistics Report 2013
Website Security Statistics Report 2013
 
5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams
 
Data Loss During Downsizing
Data Loss During DownsizingData Loss During Downsizing
Data Loss During Downsizing
 
Índice de software sin licencia en el mundo.
Índice de software sin licencia en el mundo. Índice de software sin licencia en el mundo.
Índice de software sin licencia en el mundo.
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
Research Paper
Research PaperResearch Paper
Research Paper
 
Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015
 
Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - Web
 
How to measure your cybersecurity performance
How to measure your cybersecurity performanceHow to measure your cybersecurity performance
How to measure your cybersecurity performance
 
NH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 KamensNH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 Kamens
 
E guide weathering the storm at your business
E guide weathering the storm at your businessE guide weathering the storm at your business
E guide weathering the storm at your business
 
Top Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperTop Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White Paper
 
Prevent SAP Security Vulnerabilities | Symmetry
Prevent SAP Security Vulnerabilities | SymmetryPrevent SAP Security Vulnerabilities | Symmetry
Prevent SAP Security Vulnerabilities | Symmetry
 
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great CollaboratorsTo Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
To Be Great Enterprise Risk Managers, CISOs Need to Be Great Collaborators
 
Security Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersSecurity Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud Examiners
 
Ebusiness Auditing
Ebusiness AuditingEbusiness Auditing
Ebusiness Auditing
 

Destaque

English 1102pres
English 1102presEnglish 1102pres
English 1102presguest81ad0b
 
Apereo : Software Community Governance and Incubation
Apereo : Software Community Governance and IncubationApereo : Software Community Governance and Incubation
Apereo : Software Community Governance and IncubationIan Dolphin
 
Governance of agile Software projects by an automated KPI Cockpit in the Cloud
Governance of agile Software projects by an automated KPI Cockpit in the CloudGovernance of agile Software projects by an automated KPI Cockpit in the Cloud
Governance of agile Software projects by an automated KPI Cockpit in the CloudpliXos GmbH
 
aka enabling software for information governance
aka enabling software for information governance aka enabling software for information governance
aka enabling software for information governance Conni Christensen
 
IBM Incorporates Actiance Software into Information Governance Product
IBM Incorporates Actiance Software into Information Governance ProductIBM Incorporates Actiance Software into Information Governance Product
IBM Incorporates Actiance Software into Information Governance ProductTimothy Valihora
 
SOFTWARE PRODUCT DEVELOPMENT GOVERNANCE FRAMEWORK
SOFTWARE PRODUCT DEVELOPMENT GOVERNANCE FRAMEWORKSOFTWARE PRODUCT DEVELOPMENT GOVERNANCE FRAMEWORK
SOFTWARE PRODUCT DEVELOPMENT GOVERNANCE FRAMEWORKArul Nambi
 
Importance of governance in software development
Importance of governance in software developmentImportance of governance in software development
Importance of governance in software developmentMahesh Chopker
 

Destaque (7)

English 1102pres
English 1102presEnglish 1102pres
English 1102pres
 
Apereo : Software Community Governance and Incubation
Apereo : Software Community Governance and IncubationApereo : Software Community Governance and Incubation
Apereo : Software Community Governance and Incubation
 
Governance of agile Software projects by an automated KPI Cockpit in the Cloud
Governance of agile Software projects by an automated KPI Cockpit in the CloudGovernance of agile Software projects by an automated KPI Cockpit in the Cloud
Governance of agile Software projects by an automated KPI Cockpit in the Cloud
 
aka enabling software for information governance
aka enabling software for information governance aka enabling software for information governance
aka enabling software for information governance
 
IBM Incorporates Actiance Software into Information Governance Product
IBM Incorporates Actiance Software into Information Governance ProductIBM Incorporates Actiance Software into Information Governance Product
IBM Incorporates Actiance Software into Information Governance Product
 
SOFTWARE PRODUCT DEVELOPMENT GOVERNANCE FRAMEWORK
SOFTWARE PRODUCT DEVELOPMENT GOVERNANCE FRAMEWORKSOFTWARE PRODUCT DEVELOPMENT GOVERNANCE FRAMEWORK
SOFTWARE PRODUCT DEVELOPMENT GOVERNANCE FRAMEWORK
 
Importance of governance in software development
Importance of governance in software developmentImportance of governance in software development
Importance of governance in software development
 

Semelhante a Pragmatic software governance

Netreo whitepaper 5 ways to avoid it management becoming shelfware
Netreo whitepaper 5 ways to avoid it management becoming shelfwareNetreo whitepaper 5 ways to avoid it management becoming shelfware
Netreo whitepaper 5 ways to avoid it management becoming shelfwarePeter Reynolds
 
Software License Audit Preparation
Software License Audit PreparationSoftware License Audit Preparation
Software License Audit PreparationNPI_Spend_Mgmt
 
EY Software Asset Management Advisory
EY Software Asset Management AdvisoryEY Software Asset Management Advisory
EY Software Asset Management AdvisoryMohit Madan
 
Software Licence Audits - Facts Survival Benefits
Software Licence Audits - Facts Survival BenefitsSoftware Licence Audits - Facts Survival Benefits
Software Licence Audits - Facts Survival BenefitsEric Chiu
 
Moving up the Software License Optimization Maturity Curve to Drive Business ...
Moving up the Software License Optimization Maturity Curve to Drive Business ...Moving up the Software License Optimization Maturity Curve to Drive Business ...
Moving up the Software License Optimization Maturity Curve to Drive Business ...Flexera
 
Creating a Well-Stocked, Well-Managed Enterprise App Store
Creating a Well-Stocked, Well-Managed Enterprise App StoreCreating a Well-Stocked, Well-Managed Enterprise App Store
Creating a Well-Stocked, Well-Managed Enterprise App StoreFlexera
 
Unlocking Efficiency: Choosing the Perfect Company Secretary Software
Unlocking Efficiency: Choosing the Perfect Company Secretary SoftwareUnlocking Efficiency: Choosing the Perfect Company Secretary Software
Unlocking Efficiency: Choosing the Perfect Company Secretary SoftwareSmoooth Biz Limited
 
4 Software-Based Accounting Mistakes to Avoid in the UAE.pdf
4 Software-Based Accounting Mistakes to Avoid in the UAE.pdf4 Software-Based Accounting Mistakes to Avoid in the UAE.pdf
4 Software-Based Accounting Mistakes to Avoid in the UAE.pdfJose thomas
 
SAM Services powered by AUPIT
SAM Services powered by AUPITSAM Services powered by AUPIT
SAM Services powered by AUPITJames Galera
 
Numara Presentation - Address the 800lb Gorilla in the Room: Software Licens...
Numara Presentation - Address the 800lb Gorilla in the Room: Software Licens...Numara Presentation - Address the 800lb Gorilla in the Room: Software Licens...
Numara Presentation - Address the 800lb Gorilla in the Room: Software Licens...San Francisco Bay Area
 
The Ultimate Workflow Management Software Buyers Guide 2023
The Ultimate Workflow Management Software Buyers Guide 2023The Ultimate Workflow Management Software Buyers Guide 2023
The Ultimate Workflow Management Software Buyers Guide 2023Kashish Trivedi
 
Why Regular Audits are Necessary in IT Asset Management.pdf
Why Regular Audits are Necessary in IT Asset Management.pdfWhy Regular Audits are Necessary in IT Asset Management.pdf
Why Regular Audits are Necessary in IT Asset Management.pdfaotmp2600
 
7steps software-licensing
7steps software-licensing7steps software-licensing
7steps software-licensingsuyashawasthi
 
What Does it Take to Achieve Software License Optimization?
What Does it Take to Achieve Software License Optimization?What Does it Take to Achieve Software License Optimization?
What Does it Take to Achieve Software License Optimization?Flexera
 
AMB100: Ivanti Asset Management Suite from the Ground Up
AMB100: Ivanti Asset Management Suite from the Ground UpAMB100: Ivanti Asset Management Suite from the Ground Up
AMB100: Ivanti Asset Management Suite from the Ground UpIvanti
 
Increase ROI by Integrating an Enterprise App Store with your Software Licens...
Increase ROI by Integrating an Enterprise App Store with your Software Licens...Increase ROI by Integrating an Enterprise App Store with your Software Licens...
Increase ROI by Integrating an Enterprise App Store with your Software Licens...Flexera
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability ManagementGFI Software
 

Semelhante a Pragmatic software governance (20)

Create your own enterprise apps store
Create your own enterprise apps storeCreate your own enterprise apps store
Create your own enterprise apps store
 
Netreo whitepaper 5 ways to avoid it management becoming shelfware
Netreo whitepaper 5 ways to avoid it management becoming shelfwareNetreo whitepaper 5 ways to avoid it management becoming shelfware
Netreo whitepaper 5 ways to avoid it management becoming shelfware
 
Software License Audit Preparation
Software License Audit PreparationSoftware License Audit Preparation
Software License Audit Preparation
 
EY Software Asset Management Advisory
EY Software Asset Management AdvisoryEY Software Asset Management Advisory
EY Software Asset Management Advisory
 
Software Licence Audits - Facts Survival Benefits
Software Licence Audits - Facts Survival BenefitsSoftware Licence Audits - Facts Survival Benefits
Software Licence Audits - Facts Survival Benefits
 
Moving up the Software License Optimization Maturity Curve to Drive Business ...
Moving up the Software License Optimization Maturity Curve to Drive Business ...Moving up the Software License Optimization Maturity Curve to Drive Business ...
Moving up the Software License Optimization Maturity Curve to Drive Business ...
 
Creating a Well-Stocked, Well-Managed Enterprise App Store
Creating a Well-Stocked, Well-Managed Enterprise App StoreCreating a Well-Stocked, Well-Managed Enterprise App Store
Creating a Well-Stocked, Well-Managed Enterprise App Store
 
Unlocking Efficiency: Choosing the Perfect Company Secretary Software
Unlocking Efficiency: Choosing the Perfect Company Secretary SoftwareUnlocking Efficiency: Choosing the Perfect Company Secretary Software
Unlocking Efficiency: Choosing the Perfect Company Secretary Software
 
4 Software-Based Accounting Mistakes to Avoid in the UAE.pdf
4 Software-Based Accounting Mistakes to Avoid in the UAE.pdf4 Software-Based Accounting Mistakes to Avoid in the UAE.pdf
4 Software-Based Accounting Mistakes to Avoid in the UAE.pdf
 
SAM Services powered by AUPIT
SAM Services powered by AUPITSAM Services powered by AUPIT
SAM Services powered by AUPIT
 
NiTO Ebook
NiTO EbookNiTO Ebook
NiTO Ebook
 
Numara Presentation - Address the 800lb Gorilla in the Room: Software Licens...
Numara Presentation - Address the 800lb Gorilla in the Room: Software Licens...Numara Presentation - Address the 800lb Gorilla in the Room: Software Licens...
Numara Presentation - Address the 800lb Gorilla in the Room: Software Licens...
 
The Ultimate Workflow Management Software Buyers Guide 2023
The Ultimate Workflow Management Software Buyers Guide 2023The Ultimate Workflow Management Software Buyers Guide 2023
The Ultimate Workflow Management Software Buyers Guide 2023
 
VER_WP_CrackingCode_FINAL
VER_WP_CrackingCode_FINALVER_WP_CrackingCode_FINAL
VER_WP_CrackingCode_FINAL
 
Why Regular Audits are Necessary in IT Asset Management.pdf
Why Regular Audits are Necessary in IT Asset Management.pdfWhy Regular Audits are Necessary in IT Asset Management.pdf
Why Regular Audits are Necessary in IT Asset Management.pdf
 
7steps software-licensing
7steps software-licensing7steps software-licensing
7steps software-licensing
 
What Does it Take to Achieve Software License Optimization?
What Does it Take to Achieve Software License Optimization?What Does it Take to Achieve Software License Optimization?
What Does it Take to Achieve Software License Optimization?
 
AMB100: Ivanti Asset Management Suite from the Ground Up
AMB100: Ivanti Asset Management Suite from the Ground UpAMB100: Ivanti Asset Management Suite from the Ground Up
AMB100: Ivanti Asset Management Suite from the Ground Up
 
Increase ROI by Integrating an Enterprise App Store with your Software Licens...
Increase ROI by Integrating an Enterprise App Store with your Software Licens...Increase ROI by Integrating an Enterprise App Store with your Software Licens...
Increase ROI by Integrating an Enterprise App Store with your Software Licens...
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 

Mais de 1E: Software Lifecycle Automation

Desktop Reclaim: Automate Removal of Microsoft & Adobe Software
Desktop Reclaim: Automate Removal of Microsoft & Adobe SoftwareDesktop Reclaim: Automate Removal of Microsoft & Adobe Software
Desktop Reclaim: Automate Removal of Microsoft & Adobe Software1E: Software Lifecycle Automation
 
Automated and dynamic maintenance keeps your computers healthy and performing...
Automated and dynamic maintenance keeps your computers healthy and performing...Automated and dynamic maintenance keeps your computers healthy and performing...
Automated and dynamic maintenance keeps your computers healthy and performing...1E: Software Lifecycle Automation
 
Drowsy server reduces energy consumption in your server farm
Drowsy server reduces energy consumption in your server farmDrowsy server reduces energy consumption in your server farm
Drowsy server reduces energy consumption in your server farm1E: Software Lifecycle Automation
 
Determining an accurate picture of energy usage with variable tariffs
Determining an accurate picture of energy usage with variable tariffsDetermining an accurate picture of energy usage with variable tariffs
Determining an accurate picture of energy usage with variable tariffs1E: Software Lifecycle Automation
 
Empowering energy efficiency and sustainability in it for federal agencies
Empowering energy efficiency and sustainability in it for federal agenciesEmpowering energy efficiency and sustainability in it for federal agencies
Empowering energy efficiency and sustainability in it for federal agencies1E: Software Lifecycle Automation
 
Is BranchCache right for remote, serverless software distribution?
Is BranchCache right for remote, serverless software distribution?Is BranchCache right for remote, serverless software distribution?
Is BranchCache right for remote, serverless software distribution?1E: Software Lifecycle Automation
 
NOMAD ENTERPRISE & WAN CACHING APPLIANCES NETWORK OPTIMIZATION IN A CONFIGURA...
NOMAD ENTERPRISE & WAN CACHING APPLIANCES NETWORK OPTIMIZATION IN A CONFIGURA...NOMAD ENTERPRISE & WAN CACHING APPLIANCES NETWORK OPTIMIZATION IN A CONFIGURA...
NOMAD ENTERPRISE & WAN CACHING APPLIANCES NETWORK OPTIMIZATION IN A CONFIGURA...1E: Software Lifecycle Automation
 
SWEATING THE ASSET HOW IMPROVING THE HEALTH AND PERFORMANCE OF YOUR PCS CAN E...
SWEATING THE ASSET HOW IMPROVING THE HEALTH AND PERFORMANCE OF YOUR PCS CAN E...SWEATING THE ASSET HOW IMPROVING THE HEALTH AND PERFORMANCE OF YOUR PCS CAN E...
SWEATING THE ASSET HOW IMPROVING THE HEALTH AND PERFORMANCE OF YOUR PCS CAN E...1E: Software Lifecycle Automation
 
A WASTE OF TIME AND MONEY? HOW IMPROVING THE HEALTH OF YOUR DESKTOPS AND LAPT...
A WASTE OF TIME AND MONEY? HOW IMPROVING THE HEALTH OF YOUR DESKTOPS AND LAPT...A WASTE OF TIME AND MONEY? HOW IMPROVING THE HEALTH OF YOUR DESKTOPS AND LAPT...
A WASTE OF TIME AND MONEY? HOW IMPROVING THE HEALTH OF YOUR DESKTOPS AND LAPT...1E: Software Lifecycle Automation
 
STOPPING THE YO-YO WHY CENTRALIZED DECENTRALIZATION IS THE KEY TO CUTTING COS...
STOPPING THE YO-YO WHY CENTRALIZED DECENTRALIZATION IS THE KEY TO CUTTING COS...STOPPING THE YO-YO WHY CENTRALIZED DECENTRALIZATION IS THE KEY TO CUTTING COS...
STOPPING THE YO-YO WHY CENTRALIZED DECENTRALIZATION IS THE KEY TO CUTTING COS...1E: Software Lifecycle Automation
 
PUTTING YOUR USERS IN CHARGE COULD SAVE YOU MILLIONS HOW USER SELF SERVICE CA...
PUTTING YOUR USERS IN CHARGE COULD SAVE YOU MILLIONS HOW USER SELF SERVICE CA...PUTTING YOUR USERS IN CHARGE COULD SAVE YOU MILLIONS HOW USER SELF SERVICE CA...
PUTTING YOUR USERS IN CHARGE COULD SAVE YOU MILLIONS HOW USER SELF SERVICE CA...1E: Software Lifecycle Automation
 

Mais de 1E: Software Lifecycle Automation (20)

Desktop Reclaim: Automate Removal of Microsoft & Adobe Software
Desktop Reclaim: Automate Removal of Microsoft & Adobe SoftwareDesktop Reclaim: Automate Removal of Microsoft & Adobe Software
Desktop Reclaim: Automate Removal of Microsoft & Adobe Software
 
Automated and dynamic maintenance keeps your computers healthy and performing...
Automated and dynamic maintenance keeps your computers healthy and performing...Automated and dynamic maintenance keeps your computers healthy and performing...
Automated and dynamic maintenance keeps your computers healthy and performing...
 
How healthy is your computer estate?
How healthy is your computer estate?How healthy is your computer estate?
How healthy is your computer estate?
 
User empowerment and choice in downloading software
User empowerment and choice in downloading softwareUser empowerment and choice in downloading software
User empowerment and choice in downloading software
 
Maximize the efficiency of your server farm
Maximize the efficiency of your server farmMaximize the efficiency of your server farm
Maximize the efficiency of your server farm
 
Drowsy server reduces energy consumption in your server farm
Drowsy server reduces energy consumption in your server farmDrowsy server reduces energy consumption in your server farm
Drowsy server reduces energy consumption in your server farm
 
Yes to virtualization projects but dont virtualize waste
Yes to virtualization projects but dont virtualize wasteYes to virtualization projects but dont virtualize waste
Yes to virtualization projects but dont virtualize waste
 
Determining an accurate picture of energy usage with variable tariffs
Determining an accurate picture of energy usage with variable tariffsDetermining an accurate picture of energy usage with variable tariffs
Determining an accurate picture of energy usage with variable tariffs
 
Agents vs Agentless
Agents vs AgentlessAgents vs Agentless
Agents vs Agentless
 
Empowering energy efficiency and sustainability in it for federal agencies
Empowering energy efficiency and sustainability in it for federal agenciesEmpowering energy efficiency and sustainability in it for federal agencies
Empowering energy efficiency and sustainability in it for federal agencies
 
PXE Lot or PXE Lite
PXE Lot or PXE LitePXE Lot or PXE Lite
PXE Lot or PXE Lite
 
Nomad and WAN caching appliances 1.6
Nomad and WAN caching appliances 1.6Nomad and WAN caching appliances 1.6
Nomad and WAN caching appliances 1.6
 
Bios configuration management
Bios configuration managementBios configuration management
Bios configuration management
 
Empower your users and save millions
Empower your users and save millionsEmpower your users and save millions
Empower your users and save millions
 
Is BranchCache right for remote, serverless software distribution?
Is BranchCache right for remote, serverless software distribution?Is BranchCache right for remote, serverless software distribution?
Is BranchCache right for remote, serverless software distribution?
 
NOMAD ENTERPRISE & WAN CACHING APPLIANCES NETWORK OPTIMIZATION IN A CONFIGURA...
NOMAD ENTERPRISE & WAN CACHING APPLIANCES NETWORK OPTIMIZATION IN A CONFIGURA...NOMAD ENTERPRISE & WAN CACHING APPLIANCES NETWORK OPTIMIZATION IN A CONFIGURA...
NOMAD ENTERPRISE & WAN CACHING APPLIANCES NETWORK OPTIMIZATION IN A CONFIGURA...
 
SWEATING THE ASSET HOW IMPROVING THE HEALTH AND PERFORMANCE OF YOUR PCS CAN E...
SWEATING THE ASSET HOW IMPROVING THE HEALTH AND PERFORMANCE OF YOUR PCS CAN E...SWEATING THE ASSET HOW IMPROVING THE HEALTH AND PERFORMANCE OF YOUR PCS CAN E...
SWEATING THE ASSET HOW IMPROVING THE HEALTH AND PERFORMANCE OF YOUR PCS CAN E...
 
A WASTE OF TIME AND MONEY? HOW IMPROVING THE HEALTH OF YOUR DESKTOPS AND LAPT...
A WASTE OF TIME AND MONEY? HOW IMPROVING THE HEALTH OF YOUR DESKTOPS AND LAPT...A WASTE OF TIME AND MONEY? HOW IMPROVING THE HEALTH OF YOUR DESKTOPS AND LAPT...
A WASTE OF TIME AND MONEY? HOW IMPROVING THE HEALTH OF YOUR DESKTOPS AND LAPT...
 
STOPPING THE YO-YO WHY CENTRALIZED DECENTRALIZATION IS THE KEY TO CUTTING COS...
STOPPING THE YO-YO WHY CENTRALIZED DECENTRALIZATION IS THE KEY TO CUTTING COS...STOPPING THE YO-YO WHY CENTRALIZED DECENTRALIZATION IS THE KEY TO CUTTING COS...
STOPPING THE YO-YO WHY CENTRALIZED DECENTRALIZATION IS THE KEY TO CUTTING COS...
 
PUTTING YOUR USERS IN CHARGE COULD SAVE YOU MILLIONS HOW USER SELF SERVICE CA...
PUTTING YOUR USERS IN CHARGE COULD SAVE YOU MILLIONS HOW USER SELF SERVICE CA...PUTTING YOUR USERS IN CHARGE COULD SAVE YOU MILLIONS HOW USER SELF SERVICE CA...
PUTTING YOUR USERS IN CHARGE COULD SAVE YOU MILLIONS HOW USER SELF SERVICE CA...
 

Último

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 

Último (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 

Pragmatic software governance

  • 1. PRAGMATIC SOFTWARE GOVERNANCE DISCOVER HOW DYNAMICALLY CONTROLLING YOUR LICENSE ESTATE LEADS TO A SOFTWARE BALANCE AND PROTECTS YOUR ORGANIZATION GEOFF COLLINS MARTIN ANDERSON 1E APRIL 2011 ABSTRACT: This whitepaper sets out the 1E view of software governance and compliance, highlighting that the correct approach is not to overspend and overprovision, but nor is it to wait for your chosen software vendors to audit your enterprise. The answer is to get the balance ‘just right’. All rights reserved. No part of this document shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without permission from 1E. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this document, 1E and the author s assume no responsibility for errors or omissions. Neither is liability assumed for damages resulting from the information contained herein. The 1E name is a registered trademark of 1E in the UK, US and EC. The 1E logo is a registered trademark of 1E in the UK, EC and under the Madr id protocol. NightWatchman is a registered trademark in the US and EU.
  • 2. Contents Too much or not enough? ......................................................................................................................................... 3 What’s the recipe? .................................................................................................................................................... 4 Liability and control ................................................................................................................................................... 7 Getting it just right .................................................................................................................................................... 9 References .............................................................................................................................................................. 10 © 1E 2011 2
  • 3. Too much or not enough? “63% of software vendors cited revenue generation as their number one reason for operating a compliance program, while 50% also want to protect their intellectual property rights.” Software compliance without tears, Ernst & Young, February 10, 20111 Like Goldilocks and her porridge, when it comes to software governance and compliance, every organization needs to get things ‘just right’. Spend too much in a climate of restricted spending, overprovisioning on software licenses that you think you might need, and you impact budgets and your ability to invest in strategic projects. By contrast, spend too little and when software vendors approach you about your installed software base you run the risk of non- compliance, fines and legal action. But what constitutes a sensible level of control? Effectively minimizing the cost of licensing and managing software, while not exposing your enterprise to the risk of an audit is the key, but it’s often not as straightforward as it might appear. Some projects aimed at understanding and managing software compliance run on for many years and struggle to demonstrate any return on investment. But equally, the solution cannot be so simple as to hope for the best and shout ‘help’ when the auditors arrive. Getting it ‘just right’ is not as easy as it looks. © 1E 2011 3
  • 4. What’s the recipe? “Gartner continues to see increasing incidence of software vendor audits, making it critical that customers negotiate with an understanding of how license compliance can be accomplished consistently and cost-effectively.” Key Issues for IT Asset Management and Procurement, Gartner, 25 February 20092 No organization wants to be unprepared and have their business interrupted by a software audit. They may be able to struggle through one but there is no guarantee that these are single occurrences. Every enterprise can and should be prepared for that inevitable visit before it happens. But to be prepared you need to answer three fundamental questions: ‘What do I have installed?’ ‘What do I own?’ and, most importantly, ‘What do I actually need?’ What software do I have installed? The first step to compliance is getting control of what has been installed in your enterprise. Many times even answering this seemingly simple question can be a real struggle even if they have a top of the line systems management solution in place. The unfortunate truth for many organizations is that it will boil down to an approximation based on some raw data because of the uncontrolled manner in which software is installed and inventoried. The root of the problem lies in the vagaries of product information, with inconsistent and incomplete product names, versions and editions often published without a common format. Some standards of how software should run on Windows platforms do exist. However, the enforcement on ISVs to follow these standards is not strictly controlled. For instance, even though many operating systems offer file attributes, not all software publishers take advantage of these features. And in the event that software offerings do include relevant attributes, a lack of formal quality assurance can significantly lessen consistency. Software bundling is a common practice when releasing software that supports commoditized functionality, such as web services. Again, publishers rarely change details in the registry entries or file attributes to indicate that the software is bundled, so systems management tools typically cannot differentiate bundles from full products requiring associated licenses. From the software vendor’s perspective, identification of suites or bundles is not their concern which is why they do not build such identification into their products. As a result, the reported software inventory is artificially inflated to contain items for which users can rarely prove entitlement. These inconsistencies are then compounded by the presence of ‘try before you buy’ evaluations, unrecognized by systems management tools and often downloaded by users direct to the desktop without the knowledge of the IT department. Installations such as these are not localized to individual users either. Rather, it is more the case that one person in a department begins to independently use a piece of software which they have installed and then via word of mouth they push others in their group to do the same. This problem worsens when we consider that applications can be downloaded through the Internet or via portals or installed using flash drives or disks. Then there is the issue of data collection itself. The traditional approach employs systems management tools to examine the software for registry entries, file attributes and product identification data embedded in the code to produce an inventory. An inventory of your desktops, notebooks and servers should give you visibility of all the software you have installed. But when used for this purpose, systems management tools frequently produce a lot of © 1E 2011 4
  • 5. ‘noise’. From a software developer’s perspective the information that accompanies the file wasn’t intended to assist the IT Administrator’s inventory and identification process in so much as it was intended to help the software development and debugging process. To begin with the inventory will be full of software that you don’t need to know about, including hot fixes, drivers, toolbars, plugins and Java Runtime licenses. It will also contain duplicates caused by those inconsistent product names, versions and editions, usually leading to double counting and inaccurate results. All of this data needs to be cleaned, often as part of a laborious manual process. Once you’ve been through all that, you then need to filter your results just to identify the software that is commercially licensable. It is perhaps not surprising then, in a recent survey conducted by Opinion Matters on behalf of 1E, that two in every three respondents in organizations with more than 500 employees said they found preparing for software vendor 3 audits challenging. So let’s assume you’ve been able to identify what you have installed. How do you understand how much of it is actually yours? What do I own? The ability to track purchase information for licenses is much more difficult than many organizations realize or care to admit. This is typically because the information is not held in one central source, but by a number of individuals or departments and in a myriad of different formats. License details will be found in your accounting and purchasing departments, recorded on spreadsheets or detailed in finance applications. They will be stored on paper, filed away in cabinets somewhere by your IT team. They could even appear in marketing or sales, purchased from a high street store on expenses having been authorized by a line manager. They may not have even been recorded at all! Some organizations will freely admit that because some SAM tools are so large and complex they would rather wait for a vendor to come to them with an audit rather than try to manage the process themselves. 1E’s own research would suggest that nearly 50% of enterprises still use spreadsheets to record software licenses, with almost 9% still using a paper-based filing system and a staggering 14% using nothing whatsoever.3 Larger enterprises also operate on an international basis, from multiple sites and in many different countries, each of which might have their own purchasing, finance or IT teams and their own local procedures governing software purchases. Indeed, that same research would suggest that 43% of organizations manage their software regionally, 39% by department and 20% on a project-by-project basis.3 Ian Blatchford, a partner with Ernst & Young, agrees, saying “Customers feel that their own decentralized structures often make it harder to keep track of usage around 4 the organization - as does their increasingly complicated suite of IT packages." Additionally there are many organizations that have scattered licenses and overlaps in software functions due to mergers and acquisitions. This often gets overlooked and causes both over payment in software due to duplication in job functions but also liability from lost tracking of licenses. Inevitably, many organizations will be forced by the sheer complexity of uncovering and recording all this data to assign a project team to the job of gathering license information across the business. Some will even need to contact vendors and other sources, increasing still further the risk of an audit. © 1E 2011 5
  • 6. Now let’s assume you have been able to accurately identify what software you have installed and how much of it you own. The last part of the story is to understand how much of what you have is actually needed. What do I actually need? This question could be rephrased as, “What am I actually using?” A review of your software estate may well determine how many copies of applications are installed on your systems and whether or not you have paid for those licenses, but you also need to determine which of these software applications are actually being used, by whom and how often. Without usage data, you may be purchasing software based on perceived requirements or user requests, not actual need. Usage data plays an important role in determining which applications should be included in a standard image and how many standard images may be needed to meet the different requirements of users. It also plays a part in monitoring and controlling the use of unauthorized applications and in preventing the downloading of insecure, non- approved software. Having control of software licenses in your environment also reduces the risk of expensive penalties and legal exposure. The true realization comes when you see that software usage and license liability are tightly coupled topics that can be addressed in order to keep your software installation and purchasing decisions optimal. Software which is installed and used would fall into the category of “I need this software” however software which is installed yet not licensed wouldn’t. We would refer to this as waste. But what if, in addition to waste you had software which was a liability with respect to licensing? – I.e. installed copies of software for which your organization hadn’t purchased licenses for yet. It’s in your best interest to know the usage information for this group of systems as well in order to make prudent purchasing decisions. Once you know what software you have, how often you’re are using it, and how much your organization has purchased, you have the information you need to make informed business decisions. Once you can make informed business decisions, you can put software in place to automate these and keep your environment in an optimal state. © 1E 2011 6
  • 7. Liability and control “In a survey of attendees at our IT Asset Management, Procurement and IT Financial Management Conference conducted in November 2010, 61% of the 144 respondents said they had been audited by at least one software vendor in the past 12 months.” IT Asset Managers Should Prepare Now, Gartner, 2 March 20115 But even if you can find out what you have, how often you’re using it and how much you’re paying for it, how do you manage your liability and control your risk? In the vast majority of cases organizations fall out of compliance by accident rather than by design. It may take you many months (or in some cases years) to audit your software licenses, ownership and usage in preparation for that audit. But how are you going to keep that information up-to-date ready for next year or the year after that. You don’t know when a software vendor will request an audit, just that they surely will. While perhaps there has been a tendency over the years to shy away from discussing software compliance, it remains the primary goal for many organizations in reviewing their software licenses. 40% of the enterprises Opinion 3 Matters questioned said this was their main concern, with a further 22% highlighting reduced business risk. It’s not just a question of identification; it’s also a question of control and the ability to take action in order to remediate a problem. With this in mind, software license management tools provide the next and arguably most important step in the process. Audit data, as we have seen, can only contribute towards compliancy if it is combined with entitlement data, obtained from recording purchases and reports from vendors. For many enterprises, this ‘true up’ could be an almost entirely manual process requiring analysis of general ledger postings and tracking back to accounts payable to find the invoices. Furthermore, it could be out of date in a matter of days. The key point here is that license management tools need to be “plugged-in” to the active software estate to consistently present compliance status to the IT department. Advanced license management tools automate the correlation of installation, ownership and critically need, providing a central resource for ongoing compliancy while responding to and reducing liability in the short, medium and long term. The ability for a license management tool to control compliance is considered a base from which a complete compliance program can be built. The control of this data must be automatic, ‘active’ and ongoing. It must be continually tracked and monitored, alerting appropriate managers when the business falls out of compliance or is overbuying licenses and thereby wasting money. Rather than simply identifying what has, or has not, been purchased, sophisticated tools can manage centralized deployment and removal of applications, auto-reclaim unused software on one client machine and deploy to another and even ‘rent’ applications to users on a temporary basis for only as long as they need them. They can also reduce or even remove purchased but unused applications, known as ‘shelfware’, from the business. It is these elements of advanced control that set some software license tools apart. © 1E 2011 7
  • 8. More importantly, your enterprise will enjoy immediate cost savings from improved software allocation, volume license discounts, better price points, accurate asset depreciation and more - all while eliminating the risks associated with software non-compliance, lack of policy enforcement and inappropriate or unnecessary usage. © 1E 2011 8
  • 9. Getting it just right “Software audits are increasing. Organizations must fund IT asset management disciplines or will risk high, unexpected financial liability due to software compliance problems. Having good asset management can reduce the time and pain of a software vendor audit.” IT Asset Managers Should Prepare Now, Gartner, 2 March 20115 Uniquely focused on software waste, AppClarity™ from 1E delivers compliance without complexity by filtering out irrelevant license data to show just licensable software, organizing it by financial impact or vendor so you can quickly focus your compliance efforts. AppClarity enables your organization to make immediate reductions in software costs by analyzing all your applications instantly and providing you with actionable results, reducing your spend within one month. By identifying the software you actually use, then automatically removing what you don’t need and reallocating to reduce license liability, AppClarity enables you to financially quantify all software waste by identifying and controlling unused software across your whole enterprise. AppClarity also reduces business risk by controlling unapproved and prohibited software installs (such as torrent-like applications), automating software removal to protect your organization. From a security perspective this has the added benefit of reducing your entire company’s attack surface. Using a simple traffic light status to show compliance, together with additional guidance on how that compliance was calculated, AppClarity provides comprehensive reporting for vendor audits with just a few mouse clicks, reducing the cost and time it takes for your enterprise to prepare for any software vendor audit. Never again will you need to conduct manual ‘true ups’ and labor intensive audits. Through feature identification techniques, AppClarity also has the ability to provide reports and actions where “functional overlap” is taking place in your organization. This means that AppClarity can help reduce overspending due to two applications being purchased and installed which provide the same features and functions to the user community. By making sense of what software you have, why you have it, and where and how it is being used, AppClarity allows you to make informed strategic and operational decisions, putting you in a much stronger negotiating position when renewing maintenance or purchasing additional licenses. And it does this on a continual basis, month-on-month, year-on-year. Deploying AppClarity alongside other 1E products like Shopping™ delivers a solution that further enhances license control by offering the opportunity to rent applications on a short term basis to users, so that short term needs do not become long term liabilities. Getting it ‘just right’ is possible; you just have to know where to look. © 1E 2011 9
  • 10. References 1 Software compliance without tears Monitoring customers’ software usage in a complex world, February 10, 2011. Available from: http://www.ey.com/Publication/vwLUAssets/Software_compliance_without_tears_- _Monitoring_customers_software_usage_in_a_complex_world/$FILE/EY_- _Software_compliance_without_tears_Monitoring_customers_software_usage_in_a_complex_world.pdf 2 Key Issues for IT Asset Management and Procurement, February 25, 2009. Available from: http://www.gartner.com/DisplayDocument?doc_cd=165771&ref=g_rss 3 Software Efficiency Report 2011. Opinion Matters survey on behalf of 1E, 2011 4 Software compliance without tears. Software asset management survey, Ernst & Young March 2011 5 Survey Analysis: Survey Shows Another Increase in Software Vendor Audits; IT Asset Managers Should Prepare Now, March 2, 2011. Available from: http://www.gartner.com/DisplayDocument?id=1569814&ref=g_fromdoc © 1E 2011 10