It’s all too easy to forget how quickly certain technologies have infiltrated the enterprise. Not too long ago, mass adoption of cloud computing was seen as a pie-in-the-sky prediction. Today 85% of mid-to-large-sized businesses use multiple clouds, and enterprise networks are now required to support an average of 4.6 mobile devices per user, as smartphone and tablets use has risen.
This speedy uptake has mostly been positive, increasing productivity and efficiency, while giving staff more flexibility. However, as IT assets become more multi-layered, the task of maintaining visibility over the entire IT estate has also become more challenging.
Identify potential weak spots
Software licensing agreements can be tricky to decipher at the best of times. When you factor in any ‘blind spots’ – those areas of the IT estate that are unseen – then the risk to the business of data breache, regulatory violation, and unnecessary overspend, is increased. To mitigate this risk, IT teams must know where the most common top five weak spots are.
Cloudy licensing visibility
Many companies run applications in the cloud, however, they commonly find their applications’ licensing agreements were written with a client/server environment in mind that no longer exists. Businesses must ensure they have a comprehensive view of the impact of moving applications from on-premise to cloud. What’s more, IT decision makers often lack understanding of the exact make-up of third-party data centres, leaving them unable to monitor which apps and how many instances are running in the cloud.
Even if you do achieve full visibility of your online IT estate, devices may be turned off, lack network access, or be isolated or restricted to secure sensitive data. Such practices are not limited to particular industries (e.g. defence, government) that ‘ring-fence’ certain devices from network access on purpose. GP practices, for instance, may have software running on the mobile devices of part-time doctors, those on-the-move, or working as locums. Identifying every device or software instance, particularly when devices are regularly off-premises, can be very difficult
BYOD and BYOA licensing protocol
Staff-owned laptops and mobile devices may not yield access rights for auditing, but individuals may use their own device to install software for work purposes. This creates the dilemma of how to gain access to these devices to perform audits while maintaining respect for staff privacy on personal devices. This has been further complicated by the boom in the use of wearables and other personal IoT devices that may also support the installation of apps.
Business or pleasure?
Despite processes in place, employees will ultimately find ways to use unapproved software on company devices; employers need to work out whether these apps and web services perform the same functions as licensed products, thus potentially eliminating unnecessary overspend. More critically, employers must determine if staff use of such services for company purposes breaches any licensing terms. For example, employees may be unaware that certain online services are only free if used for personal use, yet using it for business purposes can make the company liable for a license.
Modern workplaces complicate the picture
With the rise of modern, smart device dominated offices, it’s easy to overlook the basics. Connected communication and collaboration platforms are a great example. Are you licensed for the total number of users on your VoIP or UC system, or the total number of people using your networks? The lack of user interface makes such devices easy to overlook. The boom in commercial IoT devices set to shake the industry will only compound this issue.
Companies need to implement monitoring tools and services to gain complete real-time visibility of application usage – including virtualised instances and SaaS services – and compare this against licenses held. They should also support identification of overlapping functions, software that poses a risk, patches required, and identify where versions can be consolidated. Finally, these systems should offer clear reports, suggested action plans, and an estimation of necessary spend; helping to determine which software needs to be removed, patched, or relicensed.
The prospect of on-the-spot audits means most businesses need constant vigilance. Due to the complexities involved, many companies will partner with specialists to help achieve comprehensive insight into their licensing situation. Because these services can carry out the investigation with specialised systems, contact software manufacturers to confirm your software usage rights, negotiate agreements, and present this information in a simple format with recommendations from professionals, most businesses find the initial effort to set this up pays for itself very quickly.