I was at a FAST-sponsored CEO roundtable on Wednesday around Software Asset Management (SAM) - the previous FAST Roundtable in the series is written up here. An interesting discussion was had by all, including representatives from Microsoft anti-piracy, FAST, the BSA, several end-user customers and, of course, SAM vendors.
Now, I'm all in favour of asset management and, indeed, configuration management systems. Unless you know what IT assets you have and what (changing) state they are in, any IT governance you claim is built on sand. With good asset and configuration management, you can take business risks your less-well-governed competition can't afford to (because they can't identify, let alone manage the risk), you can use your resources more effectively - and you can eliminate the scourge of "shelfware" (all, potentially, quantifiable business benefits). Without it - well if you don't know what software is running on your computers, how can you claim any sort of IT security, with a straight face, for a start.
However, it became apparent fairly quickly that (outside of the roundtable participants) there's a very immature attitude to SAM around in the general community. For a start, most people probably don't do SAM (as part of the configuration management process and with identified business benefits) at all. They do "commercial licence management" with no benefit aside from compliance and avoidance of the civil penalties associated with non-compliance.
But commercial license management is purely a benefit to the vendors and "should" be (in my opinion) a service (an opportunity for SaaS, "Software as a Service") provided, at no cost to the customer, by the vendors.
This is something for businesses to think about as they contemplate buying licence management software and the hardware, databases etc it runs on. They should also think about any Open Source licences they've signed up for - assuming that they're aware of all the Open Source software assets used by the business. Open Source licences have teeth - and perhaps lawyers are beginning to see Open Source licensing as an opportunity (I certainly would). Are your Open Source licences managed? It's not just MS Office you have to worry about. You might like to read this this IT Analysis piece on the issues around supporting Open Source Software.
And, perhaps they might think about implementing a proper Configuration Management System (which is the basis for ITIL v3). As it happens :-) I'm involved in a joint BCS CMSG and itSMF conference in this area, "The CMDB and CMS - the Powerhouse Of Service Management", being held at Olympia on 8 & 9 July 2008). With luck, and good management (mostly good management), this will deliver real business benefit - and licence compliance will just "fall out" of the mix as an incidental benefit.