Software is an increasingly valuable element of a modern company's assets. But managing software licences is becoming complex, especially as the onward march of virtualisation gathers pace, breaking the ties that used to bind software to hardware.
Controlling software licences is a key element of IT asset management. So when Ben Grimes, chief technology officer of Avocent, the vendor of IT management software LANDesk, visited the UK recently, ZDNet UK took the opportunity to grill him about his views on software licensing.
Q: What are the core software licensing problems that enterprises are facing? Do you have any research that shows the scale of the problem?
A: I can't quote any research, but from the conversations with CIOs I've had around the world, the core issues are gaining control of licence fees. I see policies and procedures being put into place to add rigour to the environment, so the CIO can understand what they have, rather than buy new licences.
The problem is that so many things have happened from the point of view of technology sprawl, that the licence fees people pay have expanded and don't necessarily correlate to the software that's installed.
What about devices such as smartphones? These are a software licensing problem too, but you can't stop users bringing them in.
Smartphones are an issue and it speaks to problems about security. Smartphones are just small laptops that can load any software and they create a security problem. So, for example, they track email and use enterprise software, so IT managers need to make sure they're secure.
IT managers need to limit these devices by locking them down. It means policies and procedures have to be put in place to ensure compliance. In the industry it's starting to look like you need policies to have access to data but not store it on the device.
The question is: how can I remove physical content from mobile devices including laptops and keep it in a secure environment, and still have usage of an infrastructure as if it was right there with me.
How does virtualisation affect software licensing practices? For example, many licences are issued on a per-processor basis.
If you look at large software vendors, they've all changed their policies quite a bit now. You're starting to see policies changing to a per-virtual-machine basis or to different models to address the virtualised world.
So what can enterprises do to reduce what they pay, and how are they responding in practice?
Enterprises need to take a management perspective of their assets. You need to put policy around the asset: the software.
You need to look at, for example, how I put rigour around the software so you can understand what exists out there, how much of it is being used and where is it running. How many servers does it run on? If you don't do this, you run the risk of paying much more than you need, by paying for licences you never use.
How much could a typical company save?
We have done studies which show that up to 30 percent of IT equipment is not fully understood by IT managers. They don't know what it does and what it contains, and that includes software.
What happened was that they needed a function, so they installed a server and the application, threw it in the rack and left it there. When it comes to counting for licensing purposes, they just count servers...
...and buy that many licences, rather than understand what they are running. They still have servers they don't know about.
Here's an example: we at Avocent did an inventory asset-management activity and found machines we didn't have to license — we saved over $1m (£600,000) a year when we brought in the tools that we develop and used them internally. This type of software management provides a quick return if allied with policies and processes.
What about possible resolutions such as cloud computing, open-source software, and greater use of concurrent licensing?
Any of those technologies will work — especially cloud computing as people move more towards a subscription model. But you have to be careful and look at expense and value.
You need to know what the run-rate is of having this software in your environment and measure whether it's cheaper to go down the cloud-computing route.
There are many intangible benefits. For example, do I need to keep all my infrastructure if I deliver services from the cloud? But you need to make sure you're measuring all the expenses. And you need to analyse the risk, because your corporate information is in the cloud, which could be harmful if exposed.
What kinds of companies are finding that cloud computing is best suited to them?
Rather than the type of company, what I find is that it's about functionality in the company whether it makes sense to move to the cloud. For example, applications such as Salesforce.com are suited to being delivered as a service.
But I find that real company-critical data, which if exposed could be harmful, tends to stay within the business.
All enterprises are looking at the cloud, but few are moving 100 percent there yet. It just depends if it makes sense — although even the government is looking at it.
And what about open source?
This is a solution for a piece of the problem that makes sense for non-core business activities where, if you have service issues or outage, it won't stop your business from functioning.
However, CIOs are cautious about it for business-critical applications because they don't necessarily understand the heritage of the product, or whether it has and will continue to have appropriate service and support. Also, if you have a problem, can you resolve it so your internal service-level agreements are maintained?
Many argue that the terms of most software licences are unfair because they give no recourse if software is faulty or if the author decides to stop supporting a product, for example. Is there a resolution? For example, we've even seen companies suing their software providers. Is that a way forward?
I don't know about the legal aspects but, when I talk to folks in the industry, there is a certainly a move to do things differently. CIOs want to get access via a different purchasing model such as subscription rather than a traditional purchasing model. So the acquisition of licences will differ from what it was in the past, and I think there'll be maturation as we go forward.
What do you see as the key trends in software licensing?
I think it's about putting rigour in policies and managing your software assets. In the old wild-west days of software installation, you ran a risk of creating potential situations for you and your infrastructure.
So if you put those policies in place, understand where the licences are and how long they last, same as with support contracts, and use proactive licence management, you can drive expense out of your business.