Software vendors are becoming increasingly aggressive when it comes to cracking down on licensing compliance issues. In order to safeguard your business from hefty fines leveraged when an audit reveals non-compliance, it’s essential to assign someone or a team to be in charge of software licenses. The good news is that there are excellent IT asset management systems available to help.
Defining Software Ownership
Essentially, the company does not own any software developed by a vendor and sold as a paid product. The only software your business owns is that which is developed in house. Open source software does not require licensing compliance per se, but ownership is still assigned to the developer. Paid products sold by companies like Microsoft, Oracle, IBM, SAP, etc. are still owned by the developer.
What the software vendor sells is the right to use the product for a specified length of time, on a specified number of machines, by a specified number of users. When the time runs out on the contract or when the company is found to be using the product on more machines than specified in the contract, the company is found out of licensing compliance and is subject to fines.
In order to prevent this, someone in the business needs to be keeping up with software licensing. This includes tracking the length left on the contract, how many users and machines are running the software, and being in charge of other specifics regarding vendor contracts. There are three types of internal responsibility: organizational responsibility, departmental responsibility, and individual responsibility. Whichever you choose, it’s important that the responsibilities are clearly defined and understood throughout the organization.
The Pros and Cons of Organizational Responsibility
When the organization as a whole takes responsibility for the software licenses, it usually falls under the purview of the IT service desk. This is the most common means for staying on top of licensing issues. Under this model, IT can oversee all of the licenses for all the departments and negotiate the best possible price. Licenses don’t typically go unused, because IT can order the right number of licenses. A centralized pool of licenses also allows for better asset management, assuring that the organization is always audit-ready. An obvious downside is that this puts a lot of extra work on the service desk.
The Pros and Cons of Separate Departments Maintaining Responsibility
An alternative model is to assign a particular department responsibility for licenses. Under this model, the department that uses the software most is usually put in charge of the licenses. The pros include taking more work off of the IT department, and the ability for the department to become experts on the product. However, this model can lead to over-purchasing of licenses, especially if the department is too protective of their licenses and won’t issue licenses to other departments. There is always a risk that other departments will purchase their own licenses because they don’t know the company already bought the licenses, or because the other department won’t give them access.
The Pros and Cons of Individuals Maintaining Responsibility
Another model is to assign a particular individual to keep up with a certain license. The benefit to this model is that the person becomes quite an expert. The obvious downside is determining what to do when that person is out of the office or quits their job. Having one person in charge is also inexpensive, because an entire team or department doesn’t have to spend time on it. However, that individual might become too emotionally attached to the “ownership” of the product, denying access to people they don’t like or issuing too many licenses to people they do like. Unless the person is financially savvy, this model can also lead to paying too much for licenses.
Each model works better for some organizational structures, and less well for others. For example, in an enterprise, it’s usually ideal to issue responsibility to the IT department where all of the users in all the departments can be monitored. In a mid-sized company in which departments are responsible for their own software budgeting and purchasing, departmental-level responsibility might work best. Smaller companies that lack an established IT department and asset management tools might be best served by assigning responsibility to an individual.