SAM I AM, I DO SO LIKE MY HAM WITH SAM

An effective Software Asset Management (SAM) practice is just that – a working model that incorporates the people, process and technology an organization needs to contain costs, enable license compliance, identify security risks and kick-start regulatory compliance such as GDPR. In this model, certain assumptions are often made, like assuming all assets of an organization are known and properly administrated. We know this is rarely true, as factors like onboarding/ offboarding of employees, BYOD, lost/ misplaced portables and other hardware that is believed to be decommissioned can all affect the outcomes sought by implementing a SAM practice in the first place.

A key factor in seeing all the software that is in an estate is to first see all the hardware that exists. This is where Hardware Asset Management (HAM) comes into play. This blog highlights some of the key factors stakeholders should address.

Employee onboarding is one of the first areas to address in effective HAM.  HAM accounts for the hardware provided by the organization, the hardware they bring with them and the associated software, licensing and cloud resources to which they will have access. Having an effective means of tracking the deployment and utilization of hardware is key to SAM practices of software deployment and usage. providing efficient and comprehensive analytics and reporting. Licensing has evolved from the days of “one install equals one license” as employees use cloud-based applications and platforms across multiple devices – from the laptop they’re provided on day one to the phone and tablet they work on to take advantage of mobility and portability.

The second HAM area to address is datacenter assets. HAM is critical to getting accurate SAM results especially when licensing methodologies count assets at a processor or virtual level. These complexities can cause compliance nightmares and increase audit exposure when something as simple as a single server being upgraded could trigger expensive site-based licensing requirements (looking at you, Oracle).

Many organizations also still purchase hardware, for employees and even datacenters, with a Just in Time policy; attempting to minimize the “dead time” that a resource has by sitting on a shelf waiting for its intended use. This approach is also applied to decommissioning and recommissioning assets. These policies and tactics work great in theory, but their impact on the SAM practice can be significant. Keep in mind that just because an asset isn’t on the network, the licensing and legal compliance associated with the software that is still installed remains just as applicable.

The third area effective HAM can impact is security. As devices leave organizations, whether through employees not returning equipment or devices that are lost or stolen, security considerations include not only the data on that specific device but all the data to which the device has access.

Losing sensitive data can harm not only the reputation and strategic goals of a company, but also have significant regulatory risk. GDPR penalties associated with mishandling personal data can be as much as 4% of yearly revenue or 20 Million Euros, whichever is greater. Reputational losses are also longer term and can affect the bottom line through fewer customers and lower stock prices from decreased investor confidence.

HAM plays an especially important role in building effective SAM by creating hardware visibility across the estate; whether the assets are known, on-standby, or missing. Snow provides this hardware visibility through its discovery capabilities.

As cloud adoption increases, often driven by business unit purchases, organizations are effectively dealing with multiple decentralized datacenters., Getting visibility into this hardware and the software running and installed on it becomes increasingly difficult. By leveraging the embedded HAM capabilities in Snow to gain a more comprehensive and accurate view of all hardware across the enterprise, organizations can more effectively determine licensing impacts, help contain and control security exposure, and confidently move forward in driving their Digital Transformation efforts.

For a deeper dive into the tips and tricks that a good HAM practice can deliver to your SAM solution, check out Rory Canavan’s two-part guest blog in our community - Snow Globe - about HAM and SAM, part 1, part 2. If you haven't registered yet please sign up here.