America Needs An Education On Software Asset Management (SAM)

I recently had the privilege of attending (and co-sponsoring) the IBSMA SAM Summit in Chicago with some colleagues. It was a fantastic event with great sessions, a wonderful format and venue and amazing networking opportunities.   Representatives were in attendance from all of the major software vendors and many tool companies, alongside SAM consultancies like TxMQ.
What I noticed right away, though, was the skewed attendance. It’s wonderful seeing so many foreign firms travel thousands of miles to attend a conference in the US, but I’m really surprised by the lack of American and Canadian firms in attendance.
I have a theory I’ve been forwarding on why. Like many of my theories, this one’s based on a limited sampling of statistically insignificant data sets. So please give me a lump or two of salt for starters.
First, some contextual background: It’s clear to any informed American that we, as a nation, excel at many things. We eat well, spend well, vacation well, enjoy the finer things in life when we can afford them (and oftentimes when we cannot), and we love kicking problems down the road. Denial is more than an art form. It’s a social science.
Social Security reform? Not my problem – let future generations deal with it.   National debt? Please. My kids and grandkids can pay that off. The environment? Fossil-fuel consumption? Hardly seems to be an issue for my generation.
And US management is too often focused on putting out fires, instead of building fireproof things. So it shouldn’t have been a surprise to see so few American firms interested in understanding and investing in compliance improvement and best practices.
We must work to change the culture of America at a macro level, that much is clear. But we can all work today to change the culture of our workplaces to embrace SAM and declare it a must-do effort – not a future “nice to do if we get audited” thing.
Software Asset Management should NOT be undertaken as an audit-defense practice, but as a part of an overall corporate strategic leadership. Corporate best practice should be to have a tightly integrated leadership organization that includes a SAM leader alongside corporate-compliance officers, security officers and financial overseers.
From software-renewal-agreement negotiations to better alignment between software usage and needs, SAM brings tremendous goodness to organizations.
I’ve written separately on much of the value of SAM, as have many others, so I won’t get into a deep-dive here. But I will say again that a well-run company, with a solid SAM program, delivers greater value to its shareholders by:

  • Minimizing waste (like unused software and entitlements)
  • Maximizing efficiency (by limiting the wasted time replatforming out-of-compliance software or applications)
  • Creating a more positive environment for stakeholders (there’s less stress and worry because there’s less uncertainty and confusion around assets and their allocation or disposition)

Let’s all do our part to help educate our workplaces on SAM as a necessary part of corporate governance and leadership. I’m ready to start the conversation: mailto:[email protected].

Prevent Brand Injury With A Systems Security Check

This week’s speculation (and at this point it truly is only speculation) that Home Depot might be the target of a massive data breach is rocking the retail-confidence boat a bit.
When I heard the news, I chewed on the topic of whether data breaches influence consumer buying habits. Studies claim to say yes. And I think common sense backs that up. It all falls under the banner of brand integrity, and big black eyes like data hacks lead to bad publicity and brand injury.  It can be crippling for SMBs that already toe the line of profitability.
Retail and hospitality firms are the popular targets due to their sheer amount of Electronic Data Interchange (EDI). But banks are right there too, as are insurance companies, healthcare providers and payers – the list goes on.
Any company should ask itself a simple question: What is the cost of brand injury versus the cost of server hardening and best-practice security compliance? If a company does $30 million yearly in sales, brand injury through a major data breach might easily impact sales by 2% or more in the first year. On the other hand, TxMQ can a company get started with scoping, scanning and even systems auditing for a fraction of that cost.
For a confidential and free consultation, contact company president Miles Roty: 716-636-0070 x228, [email protected].