Home | Contact Us | Events | IBSMA.com | News & Media | Publications | CM Summit Home
What you missed from the 2017 CM Summit
Experts from all aspects of the SAM industry deliver insights and tips for improving compliance
From the keynote roundtable to the final panel discussion on day two, compliance experts focused on what’s new this year.
“I’ve seen major tier one software publishers auditing smaller organizations recently,” said Diane Conaway, SoftwareONE SAM solution specialist. “I think it’s new for them to look at auditing companies with two to 300 employees.”
So she, along with many of other expert speakers, focused on how attendees could make their SAM practices more proactive, rather than reactive to an audit—prevention and controlling the process were the key directives. Being prepared for the inevitable audit letter allows you to take control of the process.
“Effective communications is key,” said Conaway. “Show intent to be complaint, but work with your legal team to understand what you actually need to share. Read contracts for entitlements, for example.”
Kirk Hubbell, program director of license management services at OpenText advised the audience to assign ownership of their organization’s various IT assets as an important part of a proactive SAM practice, and make communications between IT and the business staff a priority. Get everything from your software vendors in writing, and share it, he advised, so that everyone who is responsible for an aspect of licensing has evidence of compliance to share with vendors.
Of course, compliance with cloud licensing was also a topic of much discussion as more and more companies move their applications to the cloud this year. It’s clear that no one yet has a firm grasp on what licensing and compliance will look like for cloud services, but all the experts agree that moving to the cloud won’t be the simple fix to compliance that customers often believe.
Courtney Grey, director of forensic services at PricewaterhouseCoopers, said that customers still don’t understand that they need to include cloud applications in their audits. He pointed out that licensing in the cloud actually becomes more complex, not less so, because the terms are not as clear.
Managing software in the cloud
Research firms were also on hand to present their takes on the trends and forecasts for compliance management. Sandi Conrad, Senior Research Director and Executive Advisor of Infrastructure at Info-Tech, led a session on tactics for managing software in the cloud. She noted that each vendor sets up their licenses differently, which can get tricky when integrating SaaS applications between vendors.
“The savings are in user-based licensing,” she says. “It’s often easier to get projects approved when the expenses are operational.”
But she warned attendees to be particularly wary in reviewing the security and data sovereignty clauses in their contracts, saying that the customer is still responsible for data security, regardless of where it’s stored. This can be challenged if a vendor’s data centers are located around the world, and your company has limitations on where it can store data—those kinds of requirements should be clearly stated in your contract.
Of course, the biggest problems SAM managers still face with cloud apps is shadow IT. Conrad says, “The business people who set up cloud apps are seen as super heroes by their colleagues, but that’s really not good for IT and asset management.”
Contract management is key
Finally, according to the experts, knowing every detail in your contract and knowing exactly what is installed, and used, are the best ways to establish a proactive SAM practice. Know exactly what you’re signing up for in contracts and make sure contracts are understood by IT so that you’re not over deployed. And document everything, including amendments made to contracts.
“We’ve learned that things that seem black and white to us in the contract, sometimes have the opposite meaning to the customers. We’ve learned our lessons and re-written contract templates to make sure they truly are black and white,” said Hubbell, advising attendees to take the same precautions with their own contracts to make sure that customer and publisher have the same understanding of the terms.
Stay tuned here for more on the Compliance Manager Summit 2018, follow us on Twitter or join our Linked in Group.
Thank you to all of our attendees, speakers and exhibitors. Perhaps we’ll see you at the 2018 CM Summit. Follow us: at @SAMSummit_IBSMA or for the latest updates.
Compliance Manager Summit 2018 will be held in the San Francisco Bay area. Visit CM Summit Home for details.