Meanwhile, a most interesting article in yesterday's Financial Times
Digital Business supplement details the stunning costs, direct and
indirect, that are associated with the 'management' of software licenses
for business and other professional organisations...


The hidden cost of being too cautious

By Alan Cane

Published: May 30 2007 10:25 | Last updated: May 30 2007 18:06

It is not rocket science. But it is still proving a major headache for
companies worldwide as they attempt to reconcile the third party software
programs they are using with the licences that give them the right to
operate those programs.

The two numbers rarely match.

In the past, the principal worry has been underlicensing . using software
for which the business has no licence . which potentially opens the
company to legal action, fines, even withdrawal of the software in
question. Today, just as big a concern is overlicensing . paying for
licences, support and maintenance of software that are not being used.

Managers are right to worry: .If you don.t get it right, you can very
quickly get yourself into difficulties,. says Ranjit Aulek, a partner in
PwC.s licensing services practice. .In companies with 250 and more users
are where the problems usually start..

So how serious is the problem for companies?

A large enterprise licence essentially covers use of the software by
anybody employed by the company and is agreed between vendor and customer
usually on the basis of the number of staff. The number of people who
actually use the software may be substantially smaller, meaning the
business is paying for unused licences.

Being able to prove exactly how many people use the software is a first
step towards reducing the number of unnecessary licences paid for.

Simon Scarrott, head of business development for Compass Management
Consultants, says: .The mismatch arises because the technical people who
exploit the functionality that has been purchased do not converse with the
people responsible for acquiring the software.. He suggests that savings
of up to 12 per cent are possible by removing .shelfware. . software
bought but never used.

Mergers and acquisitions are a potent source of shelfware. Research
carried out by Computacenter, the international IT company, concludes that
reconciling software licences and liabilities is the greatest challenge
CIOs face after a merger: a .minefield of software compliance and legal
issues. as Computacenter puts it.

But there are substantial financial benefits to be had from
rationalisation. David Mitchell of the consultancy, Ovum, estimates that
between 30 and 50 per cent of the putative savings from any given merger
will come from IT and up to 40 per cent of those from software.

Furthermore, software not entered on a company.s asset register can
undervalue the business . often by millions of dollars. As John Lovelock,
chief executive of the Federation Against Software Theft, said in the
March 7 Digital Business podcast: .In most businesses people don.t realise
that while they may be under-licensed, invariably they are over-licensed.

.We work with about 8,000 companies in the UK, many of which have found
they have computers in cupboards, computers under the stairs, computers in
the warehouse, where they.ve made a department redundant, for example,
forgetting that those licences are a valid piece of software that they
could use when their business grows again.

.Gaining control and listing every piece of software as well as all of the
hardware is a way of making sure that that redeployment can take place.

.We found a well-known financial services firm with £3m of software assets
that they had a right to use that were not listed on an asset register. In
any merger and acquisition activity, that company would try and sell
itself or merge with another organisation with £3m of assets not listed
and they could potentially lose that money..

But gaining and keeping control of software can be difficult. Theresa Bui
Friday is vice president, marketing of Palamida, a San Francisco-based
company whose software can automatically identify all the open source
programs a company has installed on its computers. Its customers include
Microsoft and Avaya.

She says: .We have never done an audit . either ourselves or a customer
using our product . where we have not found at least five times more open
source software in their codebase than they thought they were using..
Palamida software is capable of identifying 780,000 different open source
programs in all their variants.

One factor in this growth of unrecorded and unregistered software is the
large information technology departments now common to big companies and
staffed by thousands of engineers with the right to buy and install
external software. She quotes the chief executive of a large insurance
group employing 2,000 IT professionals: .I now have an additional 2,000
procurement officers. Software and licences are entering the bloodstream
of our company and we have no way of tracking what is going in..

But Mr Scarrott of Compass Management Consultants says these purchasing
patterns reflect sloppy management: .People are purchasing in a fairly
lazy way. To cover themselves from reprisals from a software licensing
point of view they will buy a large enterprise licence without doing the
due diligence of asking themselves: .Do I really need this much
software?...

There are answers, however, but no magic bullets . only the bullet of hard
work to be bitten as companies carry out an audit of all the hardware and
software they use. John Lovelock of Fast says: .Everybody makes it sound
as if it.s a complicated process. It.s not, but it does mean a lot of hard
work in the first instance. After that it becomes easier. The first stage
is an electronic audit followed by a manual check on every machine that is
not connected to the network.

.Companies with a fleet of a couple of hundred cars would generally have a
fleet manager. The value of all the software in the organisation is
probably greater than the value of the cars but there is no IT licence
manager.. Such an individual, if they existed, would combine technical and
fiscal responsibilities with the ability to hold a view of the company.s
IT requirements.

Change could be in the air, however, as the shadow of compliance
legislation lengthens. Steve Reynolds, managing director of Civica
Services, a Microsoft Large Account Reseller, says: .Senior managers are
more actively involved as corporate governance principles gather momentum,
whether driven by Sarbanes-Oxley or ISO licensing standards. Financial
directors are demanding better ways to manage costly but intangible
assets, such as software licensing, in the same way as physical assets
like vehicle fleets..

Resellers, he notes, are increasingly advocating a control process based
on the discovery of what software is employed . using electronic tools of
the kind provided by Palamida and other vendors . what software has been
bought and the reconciliation of the two: .This provides four benefits,.
says Mr Reynolds. .It drives cost savings, allows the reharvesting of
licences, achieves compliance and critically, creates a continuous loop to
achieve policy improvements..

The new popularity of .virtualisation., which can involve running multiple
operating systems and applications on the same machine, presents a new
level of complexity. Mr Lovelock of Fast says if an organisation has
failed to exert control over its software acquisition policy before it
attempts virtualisation it will soon be in trouble.

Ranjit Aulek of PwC points to the importance of a new standard for
software asset management, ISO/IEC 19770-1, published last year and
exemplifying best practice. It is being tested in the UK first and the
intention is that it will then be rolled out universally. Looking further
ahead, the advent of .software as a service., where customers buy or rent
software when they need it and have it delivered over the internet, could
put an end to the problem of over and under-licensing.

But Mr Aulek is cautious: .We may be a little way off software as a
service becoming industry-wide. In the meantime there is a real risk that
many companies could be non-compliant or paying too much for software they
don.t need..

Copyright The Financial Times Limited 2007