Benefits of SAM – managing risks

12 Sep 2016 | SAM/SLO

In the first of 2 blog articles we are going to look at the benefits of implementing a SAM program in your organization. We will look at how it can help in reducing costs in the next article, but this one will focus on risk mitigation.

Risk is usually the one area overlooked when considering SAM, but there are significant benefits to be realized here in a number of areas. The first concerns the damage to reputation that can occur when an organization is shown to be in breach of its license agreement.

It’s not just vendor audits you have to watch out for!

As well as the increased chance of you receiving one or more vendor audits (now at 67% and rising, according to Gartner), there are now a number of industry associations actively on the warpath. From the Business Software Association (BSA) to the Federation Against Software Theft (FAST), these organizations are running well publicised campaigns naming and shaming organizations using software they are not entitled to – either knowingly or in ignorance.

As well as hitting you with a fine (or settlement cost if you choose to settle before court) your business reputation will also suffer due the unfavourable publicity BSA and FAST will undoubtedly generate to deter other miscreants. Also, the reputation of the IT department within the business will fall for exposing the company to this.

Security

If you have software in your organization that you are not aware of you will not be able to patch it against security exploits. Unpatched software is a major security risk as most software exploits occur on unpatched software. Once infected through one machine inside your firewall, the whole organization could be exposed leaving you with a major job to sort it out.

Better to have a good SAM program in the first place so that you know with certainty exactly what software is running across your organization and where. This will allow you to react to any potential security exploit by ensuring your software is sufficiently patched to provide protection.

Operations

We have seen examples where organizations have become dependent on a small piece of software that is unlicensed. The sudden unavailability of this (due to lack of support or the vendor discovering its utilization and instigating legal proceedings to stop it being used) has caused the business severe organizational disruption whilst an alternative is found. The damage to the business and the costs involved can be immense and sometimes the impact terminal.

Mergers, acquisitions and divestitures (MAD)

During MAD activity all assets need to be verified – including software licenses. For larger organizations the total value of this can come to many $millions. So, any unlicensed items could potentially impact the deal and lead to either additional costs, or if the discrepancy is significant, failure of the deal.

So, implementing a good SAM program can provide significant benefits by helping to alleviate these risks and that is before we get onto the financial benefits.

Watch out for our next article on this.