Companies typically invest 25 percent of their IT budgets in software. But unlike tangible assets such as desks, chairs or equipment to software can be very difficult to track and inventory. A look at the number of desktops, laptops, mobile devices, servers and cloud-based applications in a company on which software is installed, makes the only too clearly.
Where software is exactly present on the devices , this represents only one aspect. It is much more important often to have an overview of how this software will be used and whether this use is in accordance with the contractual compliance policies. If the actual use via the combined conditions, there is a breach of the license and the company must anticipate unscheduled compensation and punishment. This can amount each year on unlicensed use of several million euros. Benefits companies their licenses not fully out, they pay the full price for a product which they have little or no use.
According to a recent IDC report, the complex management of software licenses in companies indirectly average consumes 25 percent of the annual budget for software licenses. Companies rely therefore involve more and more comprehensive programs to software license optimization, the people, processes and automation tools. Thus, wasteful spending on software licenses can be avoided and maintain compliance risks associated with unmanaged software low.
Security risks caused by poorly managed software
Software stocks that manages not properly cared for and will cause huge risks for cyber security in companies. Many organizations have therefore taken up this issue and developed a range of security standards and frameworks. This includes the SANS Institute, which has created a priority list of security measures that the company intended to prepare the network prior to real threats. Topping the list: Companies need to be able to actively manage their entire hardware – including inventorying, tracking and troubleshooting. The second important measure focuses on the inventory of authorized and unauthorized software.
Photo:. santiago silver, Fotolia.com
As a central software asset management (SAM) for Cyber Security is also made clear by the Business Software Alliance (BSA) / IDC report. The more software accordingly unlicensed running on the computers of a company, the higher the risk of malware. The experts’ conclusion: Companies do not have to reduce software licensed to a minimum in order to ensure the security of their networks can
But in 2014 were 15 435 vulnerabilities in 3870 software products are discovered.. This represents an increase of 55 percent over the previous year and continues the trend of the past five years. For 83 percent of all vulnerabilities patches are already available on the date of publication. In plain language this means: Each vulnerability can be resolved, companies just need to know where to find them. Software Vulnerability Management therefore become an essential component within security concepts.
Security and inventorying often in separate teams
Both SAM as also require cyber security as a basis the exact, efficient and ongoing identification and inventory of hardware and software assets within an organization. The same applies to the software license optimization. The implementation of programs for software license optimization and discovering and inventorying done this usually on the IT Asset Management (ITAM) or the SAM team in an IT department. In many companies, so the tasks Discovery and inventory are the same performed by two divisions – one in the IT security team and one more time in the IT operations team
For companies it is important to realize that. apparently independent tasks – namely, software license optimization and Software Vulnerability Management – two separate teams will be taken at the same time. This “dual” labor is not only inefficient, costly and time-consuming. She raises the risk of security vulnerabilities because of cyber attacks may go unnoticed.
In reality, SAM and cyber security have long been inextricably linked. Accordingly adapt the processes, therefore just the next logical step for companies. The goal is to merge the overlapping areas of responsibility in the fastest way. So you can avoid unnecessary expenses and at the same software security vulnerabilities. (wh)
Newsletter ‘software’ now
No comments:
Post a Comment