ARTICLE: Six Ways To Plug Software Compliance Leaks

ARTICLE: Six Ways To Plug Software Compliance Leaks

A couple of weeks ago I wrote about ten leaks that occur in software management processes that might lead an organisation to fall out of compliance.

Following on from this – what can be done to plug the gaps? What are the tactical steps a business can take to stop software compliance leaks and start gaining control?

1. Centralise Purchasing

2. Educate End Users About Software Management

3. Manage Software Changes

• Build processes or checklists around inputs and outputs to your software estate (Install, Move, Add, Change, new starter, leaver, etc)
• Consider preventing unauthorised changes via lock down or white listing applications
• Reduce unauthorized changes by monitoring new installs by end users and reprimanding / advising / escalating / educating accordingly
• Build a software request process for end users that checks entitlement before purchasing new applications and seeks manager approval

4. Maintain Accurate Licensing Records

• Store digital records as well as paper receipts, proof of purchase or license details
• Keep a database of installations versus entitlement
• Restrict and manage the distribution of software media
• Validate that licensing terms and conditions are being adhered to by training someone internally, seeking third party guidance or by seeking written validation from the vendor that you are licensed correctly.

5. Manage Virtual Environments

• For virtualised software make sure you know what you are entitled to use, what the worst case scenario might be if usage peaks and how you will monitor ongoing usage.
• For virtualised machines make sure you know what you entitled to use, how your license position will change if the environment changes and you plan to ongoing usage.

6. Only purchase software from a reputable business partner.

What other basic steps should be taken to prevent software compliance headaches?