SWID Tags: What are they and why are they important?
As part of our ongoing review of our content to ensure it is up-to-date, this blog has been updated on 10/18/2016.
They may sound like something from a science fiction novel, but SWID Tags – or ISO 19770-2 SoftWare IDentification Tags to give them their full name – have the potential to make huge impacts in the Software Asset Management (SAM) world.
In this blog, we’ll take a quick look at SWID Tags, explaining what they are and why they are important to SAM and software managers.
SWID TAGS – A CONCISE HISTORY
SWID Tags are a part of the ISO 19770 program (a program in which Snow’s founder, Axel Kling, was heavily involved), which originally set out a prescribed set of requirements for effective Software Asset Management.
One of the key challenges to managing the software across the network is understanding exactly what licensable entities have been installed. These two metrics – what’s installed and what’s licensable – often don’t marry up neatly.
For example, many software suites and applications use common installers across different editions. Thanks to this, using traditional software identification techniques (usually based on some kind of finger-printing methodology, the sophistication of which varies from one inventory solution to another), it can be difficult to tell exactly what edition of a software application has been installed, or how that application should be licensed.
Therefore the idea behind SWID Tags is a simple one – software manufacturers ‘embed’ metadata into software installs that can be read by inventory tools to increase the accuracy of the identification of key information such as software publisher, product name and version. This has the potential to make it much easier for SAM managers to differentiate between full and trial versions of software, network versus stand-alone installations and track SaaS and cloud applications.
The SWID Tag standardizes the way this information is formatted so that, in theory, any inventory tool should be able to read it and make use of it in the software recognition process. But wait there’s a catch
GLOBAL ADOPTION CHALLENGES
Did you notice earlier that we said “software manufacturers embed metadata”? Well, at the moment, not many of them do. Despite the ISO 19770-2 standard dating back to 2007, only now are a handful of leading software publishers (such as Adobe and Microsoft) starting to include SWID tags in their shipping software. And in most cases, only in the new versions of software.
As such, the vast majority of software installed across your network will not have SWID Tags and therefore you will have to rely on ‘traditional’ software recognition methodologies. Where they do exist, our experience shows that SWID Tags are not infallible. Unfortunately, they still have to be created by humans; and that means there’s always room for human error.
They also don’t address the problem of ‘ghost’ software on the network. A perennial challenge for SAM managers has been inventory solutions detecting fragments of software applications on devices, which are then ‘recognized’ as installed applications. In many cases, the application in question might have been removed from the computer – or worse still, never installed! That’s because it’s common for files to be left behind after an uninstall, or for files used by multiple applications to be detected and used to mistakenly assume that applications are installed.
In much the same way, SWID tags can be guilty of creating ‘false positives’. If the SWID tag is not removed as part of the uninstall process, that can lead many inventory solutions to report software installs that simply aren't there.
ADOBE NOT PROVIDING UNIQUE SWID TAGS?
Adobe provides SWID tags for its software products, such as Acrobat and Creative Cloud.
However, there appears to be a major flaw – individual Adobe Creative Cloud suite products are given two SWID tags–one for the product and one for Creative Cloud Suite This means that any Software Asset Management solution using SWID tags as a way of inventorying software will show that the user has the full Creative Cloud suite installed, rather than the unique applications that are installed and being used.
To read more about the Adobe SWID tag challenges you can read our recent blog post entitled 'Is ISO 19770-2 effective?'
FINDING THE RIGHT BALANCE
So are SWID tags a waste of time? No.
Where they are adopted correctly and consistently by software publishers, they have the potential to significantly accelerate the process of managing software and entitlements. But as we’ve seen, they’re a) not foolproof and b) not yet in common use.
As such, the right approach has to be to combine the ability to read SWID tags with a sophisticated software recognition methodology which has the capability to both challenge the information held in a SWID tag (to prevent those false positives) against other software identification metrics and provide accurate software recognition in the absence of a SWID tag.
That’s why at Snow Software we believe in building a multi-technology approach to software recognition. Our Windows and Mac inventory clients now both support the reading of SWID tags where they are present. But not content with that, our unique Software Recognition Service continues to grow and we now support over 400,000 applications from over 24,000 software publishers and over 500,000 unique Stock Keeping Unit (SKU) .
On average, our customers benefit from recognition for around 5,000 new application each and every month. Until each and every software title installed across your network comes complete with a correctly-formatted and accurate SWID Tag, you can’t beat the ‘old fashioned’ way of performing software recognition.
Learn more about Snow’s Software Recognition Service and how our products can help ensure you optimize your investment in software.
Better still, book a test drive to see how Snow can make a positive impact on your organization using your own data.