Skip to main content

SAM and IT Security - PT I

By David Foxen | February 15, 2016

You only need to look at the annual spend on IT security technologies and software (estimated by Gartner to be around US $77 billion in 2015) to see how seriously organizations take the subject.  

While Software Asset Management (SAM) and IT security might not be obvious bedfellows, there is a wealth of information available from the SAM platform which can help an organization achieve its security goals. In this first instalment of a two-blog post on the subject, I’m going to explore two ways in which I think SAM can support IT security.

UNAUTHORIZED SOFTWARE

Unauthorized software (i.e. applications installed on the network without the appropriate approvals and procurement policies being applied) can present a number of risks to the organization, whether financial, productivity or security-related. Depending on the maturity of the SAM estate, unauthorized software can mean a number of different things:

  1. Software that is harmful to the businesses network and/or has been actively ‘blacklisted’ as not a business application,
  2. Software that isn’t part of the software catalogue for functionality or licensing reasons
  3. Software that has been installed by the user without a license or permission. This could include software brought from home
  4. Software that has yet to be evaluated by the business as a genuine business requirement.

 

Obviously, the SAM team is concerned with all of these elements, but for the purpose of this article we will focus on those with the most significant security risk. Software that has been actively ‘blacklisted’ by an organization has been done so for a reason; these applications are considered to be business related ones or they have been identified as posing a threat to the business through viruses, Trojans and spyware. A good Software Asset Management solution can play an important role in the identification of blacklisted applications. 

First there is the blacklisting functionality itself, prompting timely reports on the appearances of undesirable applications on the network before a security incident occurs. 

Second, the functionality is dependent on the highest quality of software recognition. 

It is only practical to blacklist software when the organization can be confident that it is blacklisting the right software.   

This is where an effective SAM solution differs from most security technologies. 

Because each different version and edition of an application might have different licensing conditions attached to it, it is entirely reasonable that the SAM platform will be better (in certain circumstances) at identifying the individual instances of blacklisted software than the default security scanning technology. Any instances of said applications should be spotted as quickly as possible so the SAM team can alert the IT Security team. Snow License Manager enables the SAM team to blacklist applications that are deemed disruptive to the organization. The SAM team can create an alert on their Snowboard (homepage) so that they are notified if there are any blacklisted applications installed on the network.  

ANTI-VIRUS SOFTWARE CHECKS

It is, of course, best practice to ensure that each device on the network is secured with the selected anti-virus and security applications – and that they be fully up-to-date.  Software Asset Management can play an important role here, thanks to its advanced software recognition capabilities. As obvious as it might sound, first the SAM solution can check that the right security technology is actually installed on the right devices. 

By creating a class of device and establishing the ‘must-have’ applications for that class, the SAM solution can highlight instances of PCs, tablets etc. that are lacking the necessary security applications. 

Where the applications are present, the software recognition functionality can confirm that the installed version is the current one (and thus offering the latest capabilities the security vendor has to offer). The IT security team can either receive this information via scheduled reporting or, perhaps better, using solutions like Snow License Manager, they can access their own custom ‘Snowboards’ (management dashboard) with security-specific reports built to their requirements. In this example, the SAM function provides a highly valuable ‘check and balance’ against the established security policies, ensuring that no parts of the network slip through the cracks and helping the IT security professionals keep the network safe.  

Does your SAM function support your security teams?

If you have any questions, or are unsure how you can be of great benefit to other areas of the business, then please get in contact with one of Snow Software’s SAM experts today to find out how your SAM function can add value.

You May Also Like

SAM in 2021: Data Elements You Should Be Tracking for Software Agreements
SAM in 2021: Data Elements You Should Be Tracking for Software Agreements
Discover some of the key software agreement data fields you should collect and import to improve visibility over what applications are being used and at what cost.
Read More
Boost Agility and Efficiency with Automated Self-Service IT
Boost Agility and Efficiency with Automated Self-Service IT
Automation can be a powerful tool for modern IT organizations. The challenge lies in knowing where to get started.
Read More
Study: Hybrid Work Is Here to Stay, Bringing Its Own Mix of Complexities
Study: Hybrid Work Is Here to Stay, Bringing Its Own Mix of Complexities
We surveyed 400 IT leaders to determine the current state of hybrid work and technologies and found that more than 92% were moving or had already moved to a hybrid work mode.
Read More