Does SaaS affect Software Asset Management (SAM)?

Thursday, 12 May, 2022

We reached out to IAITAM, Inc. the other day to find out how SaaS affects SAM and would like to send a big thank you their way for contributing to this article.

SaaS and SAM

Software As A Service affects many aspects of SAM. Before SaaS everything was more physical.  Programs had to be physically installed on our hardware assets (desktops, laptops, etc.) and this required a request, justification, approval, and negotiation before the software could be acquired and installed.  As technology enables us to move away from handling physical assets – just like we no longer use paper money or credit cards as much as we favor PayPal and Apple Pay – installing new software is as simple as a few clicks of the mouse, enabling departments to bypass the typical acquisition process.

How SaaS Makes SAM Even More Important

This ease of access and ability to bypass the acquisition process does not eliminate the need for SAM.  In fact, it further complicates SAM.  The assets are still assets and require management.

SaaS requires ITAM managers and teams to have a good deal of control and understanding of their SAM program because subscriptions need to be renewed and can be negotiated as an auto-renewal and are often easier to forget since the renewal doesn’t require any action or permission to happen.

Because SaaS makes it very easy for employees and departments to find what they need with little help, ITAM teams are often bypassed in ways that they couldn’t be before.  When this happens, it can wreak havoc on the ITAM team and their ability to manage and control asset spend and affect their ability to accurately inventorying the IT assets of the organization.

SAM, HAM & Security

Another significant impact is that when software is virtual, it is accessible to almost everyone. This makes it very easy and tempting for employees to download what they need, especially if it’s free and without having to put in a request for an IT manager.  However, if left unchecked – in no time, the company has no way of pulling together a list of the programs installed on company devices. This is why it’s so important for Software Asset Managers to have solid security restrictions on all desktops, laptops and mobile devices.

Software Asset Management must work more cohesively with Hardware Asset Management (HAM) and Security to restrict the ability to download and install software without the knowledge or approval ITAM.  SAM must be aware of every detail in the fine print of our EULAs and other Subscription Agreements to remain compliant. This requires a stronger SAM team and more robust tools than we’ve had in the past.  Many organizations employ multiple Discovery Tools now, for example.

SAM is More Important Than Ever

In principle, the Acquisition and Vendor Management of SaaS requires the same policies, procedures, and strategies as our traditional IT assets.  There are just different questions to ask the vendor and different considerations to make that are specific to the cloud asset itself.  Ultimately, the ITAM program remains the same, but the need for the Communication and Education KPA has never been greater!

Click Here to learn more about SAM Certification

Top Security Considerations for 2013

Monday, 26 November, 2012

IT Security is one of those often spoken about but not always executed well topics. How aware are you of the breaches going on? Here’s a just a few from the long list for 2012:

  • Over 1,400,000 IDs were compromised in US based public health databases alone (in 2012 to date). These were linked to their social security numbers.
  • Over six million passwords were stolen in a hack of the professional networking site linkedin.com.
  • Hours ahead of its planned protest against certain incidents of internet censorship in India , hacker collective Anonymous attacked and brought down the website run by Computer Emergency Response Team India (CERT-I n), the country’s premier agency dealing with cyber security contingencies.
  • Hackers Target Police, City of Chicago Websites before the NATO summit (supposedly when security would be high!) temporarily crippling them.
  • The website of the Afghan Taliban was repeatedly taken down for the third time in less than a year crippled the main website of the Afghan Taliban, with a Taliban spokesman on Friday blaming Western intelligence agencies amid an intensifying cyber war with the insurgents. The unidentified hackers broke into the Taliban’s El Emara.

So what are we in store for in 2013? Here are the top areas to consider in IT security for 2013.

  1. The Cloud – questions of security are more complicated because of oversight and qualifications. With the Cloud being so new, assessments of providers don’t offer years of data yet.
  2. Consumerization – with many companies moving to mobile devices, the management of different security profiles, a range of levels of trust with users and devices, and a diverse set of end points is a complex and diverse task.

Source: Gartner Group report, OpenSpace.com

CS Graduates Seeing Better Playing Field in 2011

Monday, 9 May, 2011

The economy has improved for graduates hitting the field with computer science degrees.  According to Dice.com, companies are planning to hire almost 20% more graduates this year.

Last year was tough for many people trying to get in, graduates and experienced workers alike.  Employers were averaging roughly 40 applicants for every open position.  That average has dropped significantly to about 21 applicants this year.  With job creation running at a generally consistent clip for some time, graduates are starting to see some light at the end of the tunnel.

Demand for skills reaches across the IT field.  Networking and storage skills are being sought by those gearing up to be a Cloud vendor.  Security skills are in demand in both corporate and government.   Application developers for web, mobile and software are finding homes in small as well as enterprise-level employers.

Computer science graduates can supplement their degrees with focused skill training in the hottest IT topics of today.  GogoTraining is a leading provider of high-quality training taught by industry experts, available online and affordable (even for graduates!).  Example areas of interest include:

Best IT Skills to Develop Moving Forward

Thursday, 7 April, 2011

The emphasis on combining technology with business sense continues where it comes to the desires of CIOs.  The main problem they are facing is the need for IT to transition more into being focused on the business rather than the technical infrastructure of the business.

According to DiceTV, CIOs are seeking “innovative developers who can weave social, mobile and collaborative technology features into their designs.”  In order to survive and thrive in the new era of IT one needs to have technical and business skills.

We’ve talked before about how those in networking positions in IT departments will need to evolve negotiation and management skills in order to deal with an increasingly cloud-bound infrastructure environment.  New skills will include security and analytics as protecting and working with data will be major undertakings going forward.

Getting credible training in critical areas is easy to do with GogoTraining.  Taught by industry experts, GogoTraining course are actual classroom training courses brought into an online, self-paced and affordable format (thanks to GogoTraining’s unique business model).

Check out the online IT training course catalog or take a look at these specific areas:

Mobile Development, Cloud and Security Needed ‘aSAP’

Thursday, 17 February, 2011

The latest large employer looking for mobile developers is SAP, one of the leading providers of business software.  Their model of how they meet market demands involves their Global Business Incubator, which essentially is a venture developer that creates nearly autonomous teams of people to act like a start-up company.  These teams are tasked with fulfilling a specific need in the market.

One such new team is the Consumer Mobile Initiative focused on “leveraging consumer’s adoption of smartphones and SAP technology to redefine consumer shopping experience in and around the store” (per many of the current SAP job postings for developers).  The new team has already developed market pilots with a handful of leading retailers and consumer product concerns in the American and European markets.

Specific areas of growth in SAP will be mobile development, cloud computing and security as they continue to pursue development using their Global Business Incubator model.

Those interested in meeting the need of SAP and other enterprise software providers in these growing areas can make use of IT training courses from GogoTraining, such as:

Trained, Certified Staff on Security Manager’s Wish List

Friday, 21 January, 2011

There have been many reflections on the breaches in security that came out of 2010.  Continued growth in Internet usage powered by hot technologies like social media, smartphones, tablets and cloud computing present significant implications for security.

A.N. Ananth, CEO of Prism Microsystems, offered some insight on a security manager’s wish list for 2011 based on recent developments.  Toward the top end?  Trained, certified security experts on staff.

“Every CISO feels understaffed for the challenges at hand,” writes Ananth.  “Most organizations have already made investments in security tools – but having a trained staff that knows how to use them for maximum effectiveness is as important as having those tools.”

GogoTraining offers training courses for two of the most sought-after security certifications, including:

CompTIA Security+ certification training courses

CISSP® certification training courses

Critical Deadline for Internet Protocol: Are You Ready?

Monday, 17 January, 2011

Can you imagine your city running out of addresses?  Imagine building a new home or office but having no way to tell anyone how to find it.  Imagine this happening only a year from now and you have little time to ramp up on the solution.

It’s not imaginary.  This is exactly what is happening with the Internet.  The current Internet protocol (IPv4) has been used since 1981 and is what allows us to find anything on the Internet.  One of the problems with IPv4 was an inherent limitation on the number of addresses that could be deployed on that version.

The successor – Ipv6 – solves not only the “IPv4 address exhaustion” problem but also streamlines how addresses are assigned, makes multicasting part of the base spec (rather than an option), and advantages in mobility and extensibility.

Migrating from IPv4 to IPv6 has become a growing priority.  The American Registry for Internet Numbers (ARIN) recommends that all servers in the Internet be prepared to serve only IPv6 clients by January of 2012.

You can use the GogoTraining course TCP/IP In Action taught by industry expert David Zimny as a way to get a head-start on learning and understanding IPv6.

This course covers practical methods for migrating to IPv6 and offers several approaches for seamless communications between IPv4 and IPv6.  A great deal more is covered regarding this important topic, so learn more about prerequisites, objectives and an outline.  You may also view some course previews!

Do you have a local group discussing IPv6 migration?  Share a link to it here as a comment.