Software Usage Monitoring
This article aims to provide an introduction to software usage, clarify terminology and perhaps help you build a business case for implementing software usage monitoring.
Introduction
I have spoken to a number of organizations recently who claim to have a good process for tracking ‘Goods In’ and assets coming into the business but admit to doing little to track items once they are live on the network and make no effort at reclamation. I hope this article provides some food for thought if you are considering this process.
To illustrate why you might want to take a look at software usage it’s useful to step outside of the realms of IT and look at another discipline that manages the assets of the business.
Let’s say you have been assigned the role of looking after the fleet of company vehicles in your company. Your first job might be to establish what vehicles the business owns and the credentials of those vehicles; lease expiry, cost, road tax expiry, insurance, staff ownership and so on.
Once you have collected these details you can then begin to assess whether you are compliant with basic government legislation and the vehicles are being managed properly by the company. From this baseline you can then assess are we getting good value for money? are we making best use of the existing vehicles? Would our staff be better suited with a different brand or model? Best of all, when the business requests a new vehicle we can look at the existing stock and make informed decisions. We can juggle things around to keep users happy and costs at a minimum – the same logic can be applied to software.
Why Monitor Software Usage?
There are several reasons why you might want to implement software usage tracking:
Type | Description | Examples |
Eliminating Waste | Removing assets that are not being used so they can be used elsewhere or abandoned. | Bob has Photoshop on his machine but does not use it. |
User Productivity | Identifying applications that are not appropriate for work time | Bob spends all day on Facebook. |
Security | Identifying applications that represent a threat to the company | Bob spends all day swapping tunes with his buddies on Limewire. |
License Optimization | Identifying application usage to ensure the company is using the best license scheme for its current needs. | Bob has Microsoft Office Professional Plus 2010 Installed but would be fine with Microsoft Office Standard. |
User Education and Service | Identifying application usage and comparing this to the needs of the user and the company. | Bob works in Sales but does not use the CRM application we provide him – why not? does he need training? Should he be using something else? etc |
Consolidation and Migration | Identifying applications of the same type with a view to consolidating onto one brand of software. | In order to migrate to Windows7 we need to find a common photo editing application that users are happy with. |
Compliance vs Software Usage Monitoring
It is important to note that software compliance and software usage monitoring are different disciplines. Software usage monitoring data can be used to identify software not in use, which can then be removed to reduce compliance risk. But on the whole software optimization and efficiency drives should follow compliance.
Any cost savings and efficiencies delivered with software usage can easily be blown out of the water with an expensive, time consuming compliance audit. Implementing software usage tracking when a company has not have a good handle on basic compliance is akin to putting money in a low interest savings account when you have credit card debt; the sentiment is admirable but its a bit daft.
User Involvement and Legislation
Depending on your country of origin software usage tracking may be subject to local legislation or privacy laws. German law, I am told, stipulates that users must a) be notified if they are being audited and b) offer the user the opportunity to refuse an audit. There may also be rules in your country governing the storage of usage data, for example if you monitor the usage of software in one country that data may not be stored in another.
It is best for the process to be backed up by a solid policy which is signed off by users as part of the overall IT policy; “In order to make best use of our software assets, save the company money and best serve our users we reserve the right to monitor usage of applications etc …” . It is useful to refer to a similar policy such as user internet usage to determine a similar approach so you don’t need to reinvent the wheel.
Best Practice versus The Service Imperative
Realistically I don’t believe there is a boiler-plate best practice method for implementation.
Some companies have a reactive approach to IT Asset Management whereby they simply provide everything the user wishes and reactively optimize software and contracts as an afterthought. The needs of the user are paramount and we don’t want to bother them with details as long as they are productive. I’m reminded of a friend who supported highly-strung dealers on the trade floor of a merchant bank who regularly flung monitors about the place in order to get what they wanted.
To the other extreme some Asset Managers have the luxury of being gatekeepers – whereby every new purchase or change must be justified or authorized.
Some examples:
- Some Asset Managers notify users they have identified software which is not being used and politely ask if they can reclaim it
- Some build in scripts and routines to automatically de-install software that has not been used for a certain number of months and notify users after the fact
- Some just remove the software without notification. On the basis that if they weren’t using it – they probably won’t miss it.
- Some actively involve their users in the selection and consolidation of software (via a panel or committee) – some just lay down the law.
Ultimately implementing software usage monitoring must be handled within the overall context and atmosphere of your company.
Terminology and Types of Software Usage Monitoring
- Passive – This is where an organization monitors what applications users are using for information purposes only. This may be stealth monitoring, whereby users do not know they are being monitored or public monitoring.
- Active – Active monitoring is when application usage is tracked but can also be restricted based on certain rules or criteria. This may be based on the user profile (Bob is in sales so he can use CRM), by time of day (Bob can play solitaire after 5pm) or by software group (see methods below). This is also known as software metering or software control. Users are usually notified by some form of pop-up or other interaction to let them know a policy is actively being enforced.
- License Harvesting – Collecting and Storing Unused Licenses
- License Recycling – Using Harvested Licenses Instead of Buying New Licenses
Types of Active Software Monitoring:
- White List – Approved applications on a list are allowed to run, everything else is restricted.
- Black List – Risky applications are restricted, all others are allowed to run.
Usage Depth & Variants
The degree of usage information provided varies significantly between tools. Some tools will simply track if an application is ‘being run’. In a windows environment this means the application is running in the task tray. This is a low key method of tracking usage but has it’s limitations in that a user might have the application open but might not be actively using it, or it might open as part of the boot cycle but never be actually used.
More forensic tools provide data on whether an application is actively being used, the number of keystrokes and mouse clicks being made, hours and minutes when the application is being used and so on.
All of these factors need to be weighed up against your portfolio of applications. For example if you have expensive applications that use a concurrent licensing model it might be worth investigating whether users are hogging or camping licenses, that is – opening it when they start their working day to ensure they are assigned a license but not actually using it. You must also consider that the more forensic level detail you collect from each machine the more load is placed on the machine in terms of agent and CPU use. If you are just looking for indicative detail on usage then a lighter option might be easier.
You also need to consider how your portfolio of applications is licensed and where they are located. Tools exist that track usage by user, over Terminal Services, Citrix sessions, within virtual machines, web applications and so on.
Product Use Rights
Refer to the product use rights for your vendors to see if licenses can be claimed back and reused for another user or another device.
For example:
Microsoft Desktop Applications > Licensing Model: Per Device (e.g. Office, Autoroute, Access, Publisher etc)
“You may reassign a license, but not on a short-term basis (i.e., not within 90 days of the last assignment). If you reassign a license, the device to which you reassign the license becomes the new licensed device for that license.”
Microsoft Product Use Rights March 2011
From this, it is clear that knowing the first install date for an installed application (to accompany the usage information) is a useful metric. Checking usage data after the first 90 days and harvesting accordingly might be a good policy.
But Hasn’t The Horse Already Bolted?
For the majority of companies unused software is money wasted. The licenses have already been bought. The opportunities for savings come from:
- Removing Unused Software to Create Surplus ‘Pools’ of Licenses
- Reclaiming software from retired machines (if appropriate) and ‘Pooling’ Licenses
- Making use of these ‘Pools’ before buying new software (£$£$£ Money Saved)
- Consolidating on Cheaper Alternatives (£$£$£ Money Saved)
- Negotiating better License Agreements based on actual usage (£$£$£ Money Saved)
- Negotiating or Reducing Maintenance Contracts (£$£$£ Money Saved)
Building The Business Case
– Via PowerPoint
“Substantial cost cutting opportunities exist in monitoring usage of purchased applications. Depending upon the level of maturity, enterprises that implement software usage capabilities will achieve savings of 5% to 25% in the first year. After the first full cycle of vendor contract negotiations, the savings will likely stabilize at 2-3% in subsequent years.”
Patricia Adams, Gartner (source)
Loads of other examples from Analyst firms exist. Just google them.
– Via Empirical Evidence
A free method for generating evidence to support your business case.
- Select a small, varied subset of your total estate to represent a sample.
- Download free 30 day evaluation of a commercial software usage monitoring tool, this usually has between 5 and 50 agents to trial, more if you ask nicely. Some vendors stipulate that their evaluation can not be used for commercial purposes, ask nicely and they’ll let you either a) use it freely as a gesture of goodwill to help build a business case to buy the software outright or b) offer a heavily discounted ‘Project License’ for your business case. If they don’t budge, vote with your feet and find another vendor – see The ITAM Review Market Place > Vendor Directory
- Monitor usage of your software subset for 30-60 days. Remember that an individual might only use software once a month but it might still be critical to their job.If you are serious about the project most vendors or partners will assist with implementation with the pilot as a pre-sales exercise.
- Analyse results, identify unused software or consolidation opportunities and extrapolate the results to your total estate. i.e. If you found unused software and opportunities for consolidation in 50 machines you are very likely to find similar results for 5,000.
- Build forecasts of for new license purchase savings, maintenance savings and build these against the upfront costs of implementation (Software, Professional Services, Human HorsePower).
Finally, some real life case studies can be found here: Industry News > Case Studies.
About Martin Thompson
Martin is also the founder of ITAM Forum, a not-for-profit trade body for the ITAM industry created to raise the profile of the profession and bring an organisational certification to market. On a voluntary basis Martin is a contributor to ISO WG21 which develops the ITAM International Standard ISO/IEC 19770.
He is also the author of the book "Practical ITAM - The essential guide for IT Asset Managers", a book that describes how to get started and make a difference in the field of IT Asset Management. In addition, Martin developed the PITAM training course and certification.
Prior to founding the ITAM Review in 2008 Martin worked for Centennial Software (Ivanti), Silicon Graphics, CA Technologies and Computer 2000 (Tech Data).
When not working, Martin likes to Ski, Hike, Motorbike and spend time with his young family.
Connect with Martin on LinkedIn.
Insightful article.
One point I missed. All of this assumes you have an agent installed. I’m yet to find a technology that provides useful long term usage information without a resident agent on the device – but I’m very open to being corrected 🙂
Hi Martin,
One area often neglected (sadly) when considering usage relates to high
cost, optional extras for databases and other server technology.
For example – the Partitioning option in Oracle Enterprise
Edition costs $11,500 per processor license. Often customers don’t understand the difference here between in-use and installed. Oracle
EE 11g uses Partitioning internally – it is always installed, and ALWAYS in use – but if the customer themselves are not using the option
(if they do not have partitioned tables) then it does not require a license.
Often people buy more licenses than they need for
this – and as you can apprecaite if you can reduce this by even 10 processor licenses, that’s hundreds of thousands of dollars at list
price.
And yes – an agentless tool (not mentioning any in particular (iQSONAR!)) can gather details like this – and even better –
Oracle LMS accept the details as iQSonar is verified by Oracle.
Same example is valid for all of the payable Oracle options, but
also for options from other Oracle products, IBM products, etc.
Hi Martin,
One area often neglected (sadly) when considering usage relates to high cost, optional extras for databases and other server technology.
For example – the Partitioning option in Oracle Enterprise Edition costs $11,500 per processor license. Often customers don’t understand the difference here between in-use and installed. Oracle EE 11g uses Partitioning internally – it is always installed, and ALWAYS in use – but if the customer themselves are not using the option (if they do not have partitioned tables) then it does not require a license.
Often people buy more licenses than they need for this – and as you can apprecaite if you can reduce this by even 10 processor licenses, that’s hundreds of thousands of dollars at list price.
And yes – an agentless tool (not mentioning any in particular (iQSONAR!)) can gather details like this – and even better – Oracle LMS accept the details as iQSonar is verified by Oracle.
Same example is valid for all of the payable Oracle options, but also for options from other Oracle products, IBM products, etc.
Thanks Jason. A good point but your example refers to a configuration setting rather than usage – so wouldn’t that come under inventory and discovery rather than software usage?
Hi Martin,
My example relates to usage, not configuration.
Partitioning will ALWAYS be enabled in Oracle Enterprise Edition – that doesn’t mean a customer is USING it…
Usage is identified based on what tables are partitioned (if they are Oracle “Internal” tables, or real, customer partitioned tables).
So – I’d say usage, not configuration 🙂 Identifying IF it is enabled is inventory or discovery, identifying if a customer needs to license it is usage monitoring.
Same example plays out with several other products from Oracle and IBM price lists.
JK
I don’t dispute your views on partitioning, but the article is related to software usage
not inventory.
Hi Martin,
Very interesting and insightful article!
Do you know if there is a guide or a benchmark analysis of the current usage monitoring tools? Apparently there are many solutions in the market but companies have difficulties to select the appropriate tool.
Thank you in advance
Stefano