The discussion on software licensing usually centres around the use of software without having a licence or the correct number of licences. The idea of being over licensed is seldom given the same emphasis and organisations often find themselves:
- Buying new software licences while existing licences remain idle. Unused software licences should be reallocated and licence requirements assessed before purchasing new licences. Examples include:
- staff members who have changed roles and no longer need access to the software
- staff members who have left the organisation
- Renewing yearly support contracts based on the current number of licences, while overall software usage has dropped. Reviewing software usage prior to renewing support contracts could reduce the costs significantly.
- Having software installed that is not being used, creating an unnecessary financial exposure. An external vendor software licence audit could identify the need to purchase a significant number of new licences. The business might have 100 staff using a particular product, and has correctly purchased 100 software licences, however if the audit reveals 150 installations the vendor could demand payment for the extra 50 licences. Removing software completely from computers where access is not required will reduce this risk. This is cost avoidance rather than cost reduction but they are equally important.
- Distributing work inefficiently across a wide cross-section of the business with the effect of increasing overall licence requirement. For example, 300 staff have access to software, but 150 use it for less than 5 minutes per day, or software allocated on the basis that access may be needed under specific conditions. Reorganise responsibilities to reduce licence requirements.
The cost of change needs to be considered when undertaking these activities taking into account the licence unit cost, quantity of licences and support costs.
Information security consultant with over 20 years’ extensive experience gained across a diverse range of private and public industry sectors including insurance, banking, telecommunications, health services, charities and more, both in the UK and internationally. Graduated in 1997 with a software engineering degree and specialising in cyber security, risk analysis, compliance reporting and access management.