White List – Black List – SAM

Software Inventory Analysis with Black and White Lists

One of the most basic – and most immediately useful – uses for rich software inventory information, is white list and black list reporting. A white list of applications which every PC should have installed, and a black list of applications that should not be found on any PCs. The ability to set up and monitor inventory against these lists is a simple but strong feature, which is often overlooked when organizations are assessing software inventory and software asset management (SAM) tools.

White and black lists that apply across the organization are a great start, but will quickly be seen as relatively crude. In particular, there will be benefit in defining white lists for subdivisions of the organization to ensure the essential tools for each business function are both in place and maintained at the correct version. This is easy to say, but is far more likely to succeed if the organization recognizes the basic need and opportunities for Software Asset Management (SAM) and begins – or expands on – involving departmental managers in defining software needs.

From Basic Software Inventory to Software Asset Management

From this activity, a complete and accurate picture of the organization’s software needs can be created. But in order for this picture to remain valid as departments grow and contract, the number of PCs in each department needs tracking. As new PCs are added to the network, or moved around the network, the department to which it belongs needs to be changed in the ITAM database. (In turn, this is a simple action within overall Change Management discipline.) Further, there can be PC groups defined on other characteristics to ensure mandatory applications are present. In Vector’s terminology, the set of groups defined for a given application – or set of applications – is termed the Application Policy, defined through the Application Policy Manager.

Whenever the need for a particular application is re-assessed, each group for which it is mandated is re-evaluated. In Vector’s Asset Manager Pro, this is handled by creating ‘Dynamic Groups’, which can be based on the Department to which a PC is assigned, or any other characteristic or set of characteristics. It is quite possible therefore for a PC’s need for an application to be covered through membership of multiple groups, and this is dealt with by simple de-duplication before the list of PCs is reported.

Too often Software Asset Management is not given enough resource to do more than firefight and attempt to resolve the largest anomalies in licensing and prepare for vendor audits. By contrast, with the right combination of commitment and technology, Software Asset Management can be pro-active in helping quantify and optimize the organization’s software license needs.