With the cloud looming, is Software Asset Management (SAM) still relevant?

George Ittyerah | November 2013

In an economy of tight margins and a conscious drive to bring down total cost of ownership of IT assets, cloud seems to be emerging as one of the most talked, and somewhat sought after, solution According to industry analysts, over the next two years, it is predicted that over half of a company’s IT applications are going to be located in the ‘cloud’. As organisations shift to platforms that provide cost optimisation through the cloud, traditional asset management approaches would also need to consider implications of these new technologies and its effects on software licensing.

Over the last four years there has been tremendous change in software license review landscape. As software publishers enhance compliance programs to protect their Intellectual Property and organisations put in place internal controls, cloud continues to bring in a need for business to rethink or consider changing licensing norms and methodologies to control and monitor software license costs.

There is enough information available in the public domain which indicates that Software Asset Management programmes, which are badly put together, can cause severe damage to a business relationship, waste money, and increase risks. So with businesses moving into the cloud, complexities around number of users, whether they in turn are named or concurrent, need to be considered. Processor related metrics or licensing based on the actual revenues made due to the use of a certain application only makes the entire proposition that much more interesting, if not mindboggling. The one thing that these various licensing models have in common is that they are attempt to maximise revenue, and naturally, software publishers view the use of their products in the cloud as an expansion of licensing rights that represent an opportunity for increased revenues.

It has been stated that certain elements of SAM, such as inventory collection and application deployment, are likely to consume more bandwidth and resources in the cloud than they do if present within the corporate network. Inventory solutions, for example, can be difficult enough to configure to provide audit scrutiny and define the boundaries of application usage.

To simplify and as a point of initiation, organisations should consider the following three questions:

How are the applications configured to utilise hardware resources? With the use of Virtual Central Processing Units (vCPU), differentiation of hard verses soft portioning needs to be taken into consideration. This means, as a general principle, one or more vCPUs are assigned to every Virtual Machine (VM) within a cloud environment and therefore each vCPU is seen as a single physical CPU core by the VM’s operating system. For example, in a virtualised environment, Oracle differentiates between hard and soft partitioning of servers to calculate licensing requirements.
How are the software licenses tracked in a cloud environment? Irrespective of the service models organisations opt for i.e. be it SaaS (Software as a service), PaaS (Platform as a service) or Iaa (Infrastructure as a Service), organisations need to clearly define the parameters of licensing usage and metrics. Entitlement frameworks along with end responsibilities need to be taken into account across a) procurement, b) vendor details, c) hardware details and d) software details. These governed by policies and procedures that cement people, process and technologies are a must.
Is the cloud environment mixed? With different implications for private and public clouds, heterogeneous IT environments bring to the fore many technical and licensing challenges for enterprises to overcome such as issues of security, issues of ownership of an asset and usage depending on the consumption of an application and its functions.

Needless to say at this juncture, SAM is critical to managing an IT environment because effectiveness is seriously compromised when an organisation does not know what software assets it has, where they are located, how they are configured, and how they are used or by whom. SAM helps ensure compliance by providing a framework which allows IT functions flexibility and control by reducing its threat to regulatory or information security risks by making sure only authorized software, having no virus / malicious code, are present in its systems and networks. It helps increase savings by controlling costs which could arise from over deployment of software.

The pace of innovation in technology will continue to present new challenges to achieving effective software management. This includes interfacing with business units for requirements gathering, IT Team for usage analysis and monitoring of software assets, strategic IT planning for risk management and imparting training to users. Organisations have significant business incentives for determining if they are in compliance with their software licensing agreements, as misinterpretations of licensing terms over cloud can lead to millions of dollars in unplanned expenditure.

About Author

George Ittyerah

George Ittyerah, Associate Director, KPMG India, is part of the Risk Consulting practice. A postgraduate from the London School of Economics and Political Science, George leads a team in the area of contract compliance and license management. He has been part of thought leadership initiatives and has also been a speaker in a couple of forums.