Image may be NSFW.
Clik here to view.
I’ll be attending the SAM Summit in Chicago next week and participating in two sessions. Given how critical software asset management has become to many enterprises of late, this should be an interesting show. As usual, I’ve got a research agenda I’m going in with, focusing on four things:
1. The problem of “market data” – we see companies over and over again assembling their own data sets of vendors, products, and fingerprints, and struggling mightily with the formidable maintenance and quality problems such efforts entail. It was clear to me as a practitioner in this space that was a non value add problem I badly wanted to outsource. This overlaps with, but is not identical to…
2. Software “tagging.” What constitutes “good behavior” for installed software, whether in house built or vendor supplied? How can software tags increase direct traceability from discovery to contracted product, bypassing the need for error-prone and expensive to maintain fingerprints? And will Tagvault.org succeed?
3. Entitlement modeling and metering. There are so many ways that entitlements can be structured. Is it possible for 3rd party tools to handle them all? Or is this ultimately all going to be handled by in-band by the vendors? What about the availability and security concerns of ongoing metering and enforced availability compliance?
4. Finally, what does an integrated software asset management ecosystem look like? What is the enterprise architecture of SAM? What are the end to end processes, the major data subjects, and the required systems integrations? Here is a straw man I’m going to present at one of the roundtables (click for full size):
Image may be NSFW.
Clik here to view.
There are a number of interactions between the data stores and activities required for complete end to end software asset management. The interactions show a number of use cases:
- the identification and approval of a given software product as fit for enterprise use
- the registration of that product into the service catalog (ordering, provisioning, and supporting the product being a service)
- the modeling of that product/service cost and the ongoing tracking of actuals via provisoning/deprovisioning
- provisioning/deprovisioning activities feeding the enterprise CMDB and/or IT asset system
- the representation of entitlements in a structured manner, flowing from contract terms & conditions (T & Cs)
- the need for a form of market data for both contracts (and downstream systems) and ongoing discovery
- the metering of actual use against entitlements
- unclear or exceeded entitlements routing into risk
- security risks routing to patch management (a form of provisioning, actually)
This is one way to think about it and as I stare at the ecosystem other interactions pop out. What are your thoughts?
Clik here to view.
