Agenda

What is SAM?

Benefits of SAM

New types of SAM engagements

Q&A

Software Asset Management

Mihaela MIHAIEPG SAM Manager

SAM

What Is Software Asset Management (SAM)?

SAM is a global industry standard

ISO/IEC 19770-1

Endorsed by Microsoft and many others

ITIL best practice guide on SAM

All of the infrastructure and processes necessary for the effective management, control, and protection of the software assets within an organization, throughout all stages of their lifecycle.

SAM is an integral part of the control framework for any well-run organization

Following SAM best practices results in better information for decision making and a higher degree of operational excellence; ultimately driving long-term business value.

SAM Can Help Companies

Control Optimize Grow

Regain control of

systems

Reduce technology conflicts and increase stability

Manage legal liability

Help protect and secure IT infrastructure

Improve back-up and recovery plans

Save money

Consolidate license purchase points

Improve negotiating position

Improve system, user, and help desk performance

Optimize efficiencies

Increase standardization

Better market

position

Better budget predictability

IT best practices that drive business value

Insight into company assets

SAM Program Value Adds

Engagement

ApproachFocus on enabling long term capability and best practice adoption

Promote and deliver resources, tools, knowledge, and training

Work through partners to deliver better business intelligence and analytics

SAM Baseline Review

Inventory deployed software Match installations with licenses

...build a detailed report on your current state

Microsoft

SAM Baseline Review

Collect information and review

policies and proceduresIdentify improvement opportunities

How well are software

assets managed today?

Where do

improvement

opportunities

exist?

What adjustments

need to be made.

The Path Forward

Cloud-ready Engagement

Todays technology trends are sparking opportunity

70% of CIOs will embrace a cloud-first strategy in 2016.

Moving data and business processes to the cloud offers several advantages over a traditional enterprise IT environment. Transform your datacenter while reducing cost, complexity, and non-compliance risks.

A cloud strategy should address cost reduction, increased agility, and improved scalability

A Cloud-ready SAM engagement is a crucial

first readiness step.Understanding the current environment and future roadmap is critical to

determining the right path. You first need to know what software you already

have rights to, starting with a comprehensive application inventory.

Based upon this, you can:

Develop your adoption strategy

Identify required characteristics of remaining applications

Prioritize and identify candidates for the cloud

Adopting SAM principles eases the application inventory process, identifying license and usage patterns.

SAM supports cloud readiness

Process discipline helps reduce corporate riskEase of purchasing and deploying cloud services can lead organizations to unanticipated results:

SAM best practices can facilitate cloud adoption by providing the systems, processes, and management structure so organizations can make the right strategic decisions to achieve their long-term cloud goals.

Over-provisioning can occur when users receive services they dont want or need.

Under-licensing can occur when services are added or consumed but not accounted for in a centralized way.

A mix of on-premises and cloud solutions can cause confusion; not all on-premises solutions have cloud options available.

Best practices for cloud readiness

Fully define your goals. Organize around long-term organizational

objectives.

Build internal alignment. Management, IT, Procurement, and other stakeholders all play a part in creating an environment for success.

Avoid surprises. Increase awareness of all impacts of cloud adoption, including changes to licensing and budgeting.

Take control. Ensure needed processes are in place internally.

SAM for SQL Workloads Engagement

The datacenter is the hub of everything you offer your business.

With software asset management, or SAM, you can gain the insights into your SQL environment you need to:

Align SQL Workloads to better meet future needs.

Transform your datacenter while reducing cost, complexity, and non-compliance risks.

Modern SQL environments can be very complex.

A SQL Workloads engagement can help an organization:

Identify underutilized SQL Servers.

Optimize workloads to avoid unnecessary costs.

Gain clarity about their IT environment.

Align IT, procurement, management, and other activities around organizational goals.

Create the necessary processes for improved governance.

Reduce risks associated with non-compliance.

Develop a solid foundation for future evolution of the IT environment, based upon a clear understanding of the existing infrastructure.

Use SAM to

help optimize SQL Workloads

Adopt best practices to optimize SQL workloads:

Limit the number of CPUs and cores for increased cost

savings.

Consolidate workload instances and databases

onto fewer servers to reduce licensing costs.

Isolate production vs. development environments.

Consider moving to dedicated Host Clusters

licensed via Enterprise for unlimited virtualization.

Strengthen policies, increase standardization

and gain insight into company assets while

improving internal licensing communication.

Establish a solid foundation for achieving future

organizational objectives based upon a clear

understanding of your SQL environment.

Virtualization SAM Engagement

A Virtualization SAM Engagement provides customers with a strategic virtualization

strategy by assessing existing virtual environments and identifying opportunities to

optimize virtualization.

Customers are looking to invest in server, desktop, or application virtualization to: Reduce costs

Improve business continuity

Increase business agility

The simplicity of adding and accessing virtual servers and desktops can lead

organizations to unanticipated results: Over-provisioning can lead to under-utilized virtual machines and significant license responsibility.

User device connectivity to virtual machines and applications can create additional license complexities.

Licensing of virtual environments can be more complex than physical environments.

Benefits of a Virtualization SAM Engagement Increase the business value virtualization can provide based on an

analysis of your current virtual environment.

Helps you to strategically plan for virtualization implementation.

Provide increased security through further server consolidation.

Maintain control of existing virtualization environments.

Implement policies around virtualization management.

Virtualization SAM Engagement

ROI Analysis: Consider how virtualization can impact your bottom line.

Hardware

ExpenseSpeed of

Provisioning

IT

Resourcing

Energy

Consumption

Software

InstallationsBusiness

Agility

Facilities

Use

Disaster

Recovery

Recommended

policies and

procedures for virtualization

Configuration planning

should be completed prior to

deploying virtual servers to

support controlled

provisioning.

Company policy should

address the use of bring your

own devices (BYOD) and

remote access.

Corporate log in credentials

should be employed to

access the virtual desktop or

applications.

A SAM manager or auditor

should be assigned to

oversee the configuration

planning process.

The IT department should

maintain an inventory of all

VMs regardless of if they are

active or archived.

Establish a solid foundation

for achieving future

organizational objectives

based upon a clear

understanding of your Virtual

environments.

Non-production Environments SAM Engagement

Modern non-production environments: characterized by change.

It can be difficult for an organization to:

Understand how non-production systems are deployed, developed and tested upon, decommissioned, and rebuilt

Get a clear picture of the organizations software footprint

Understand the licensing subscriptions available

Understand who needs to be licensed

Benefits of a Non-production Environments

SAM Engagement: Gain a better understanding of how developer tool licensing works

Receive value from your licensing investments

Reduce costs through operational efficiencies

Incorporate standardization across management of company assets

Improve internal licensing communication

Establish a solid foundation for achieving future organizational objectives

Non-production environments SAM engagement

Report on

key findings

and

guidance

We will review with you:Non-production vs. production: Discuss differentiators between non-production and production environments and updates to product use rights (PUR).

Common licensing mistakes: Review common over-licensing and under-licensing mistakes.

Licensing options: Walk through challenges of managing licensing and licensing options available.

Best Practices: Review best practices for navigating the non-production environments, managing software licensing subscriptions and consolidation of non-

production environments.

Policies and Guidelines: Based on our findings we will have a good understanding of how we can help your organization create policies for managing

your non-production environments going forward.

Under-licensing mistakes that are commonly made

Buy Cheap, Use Expensive

Buy Few, Use Many

Expired MSDN

Unlicensed Outsourcing

MPN Benefit Misuse

Incorrectly LicensedNon-production

Customer uses more products than they purchased and fails to order/True Up

Customer without active MSDN subscription uses latest version of product

Customer uses outsourced development workforce internally and neither party pays to license those users

MPN partner uses MPN licensing to provide software development services and/or exceeds MPN benefit entitlement cap

Customer uses MSDN software on Development/Test servers without licensing all users reaching those environments

Customer uses higher product edition(s) than they purchased and fails to order/True Up

Over-licensing mistakes that are commonly made

Buy Expensive, Use Cheap

Buy Many, Use Few

Wasted MSDN

Overlicensed Outsourcing

Wasted MPN Benefit

OverlicensedNon-production

Customer purchases Premium and/or Ultimate editions but Administrator fails to assign and users cannot access

Customer uses fewer products than they purchased and fails to deploy or renew down, renews unused software

Customer with an active MSDN subscription does not take advantage of new version, Office production* and Azure use rights

Customer uses outsourced development workforce internally and both parties pay to license those users due to miscommunication

MPN partner qualifies for MSDN benefits but does not take advantage of them

Customer purchases or renews more MSDN subscriptions than are needed in order to license all users reaching those environments

Cybersecurity SAM Engagement

You cant protect what you dont know.A Cybersecurity SAM Engagement provides a view of what software is deployed to identify areas of potential

risk and high-level guidance on cybersecurity programs and policies to help enable good IT software asset

management.

Benefits of a Cybersecurity SAM EngagementEstablish a solid foundation for securely managing software assets that promotes

good cybersecurity preventative practices in a holistic, integrated way.

Become better prepared in order to build a resilient, adaptive IT infrastructure that

can respond to threats.

Support an effective defense against attacks through added policies

and controls.

Decrease costs from data loss, fraud from theft, loss in revenue, labor, support,

employee downtime, cost to locate and reinstall lost data, customer support, and

negative impact to reputation.

Frequently install security updates for all software. This is the simplest, and perhaps most effective, way to protect an organization

Keep anti-virus software active and up-to-date. Run frequent security scans.

Whenever possible, use the newest versions of applications. They typically have much stronger security features.

Manage Active Directory roles and access. Validate the configuration management of applications to ensure there are no security gaps.

Monitor what software and devices employees bring into the workplace and the network environment. A successful BYOD program needs to take into account data security risks.

Carefully manage the supply chain. Understand threats that can be introduced in procurement, configuration, exception management, and disposal.

Deployment Considerations for a Secure IT environment

Pirated software puts computers and data at risk.

Only devices with genuine Microsoft software get important software updates needed to operate reliably and protect from malware often found in counterfeit software.

Tips for safer shopping

Make sure you are getting what you paid for. Buy from a reseller you trust.

Use a secure payment method.

Beware of Product Keys sold separately.

The best way to get everything you expect up front is to buy genuine Microsoft software preinstalled on a new PC or from an authorized reseller.

Genuine Software

Managing vulnerabilities

through proper patch

management

Topics covered by SAM Policies and Processes

Example policy: Laptops, workstations, and servers

must be configured so that they will not auto-run

content from removable media, like USB tokens (i.e.,

"thumb drives"), USB hard drives, CDs/DVDs, FireWire

devices, external serial advanced technology

attachment devices, and mounted network shares.

Aligning Active Directory

to the current threat

environment

Creating and managing

an authorized software

media library

Establishing protocols to

secure devices

Instituting proper

permission management

Training Employees,

vendors, and others

accessing organizational

resources

Addressing change

management

Mobile Device Management SAM Engagement

Use a Mobile Device Management SAM Engagement to:

Leverage mobility to increase your competitive advantage

Increase productivity and security while controlling costs

Be informed: know who is using what and how

Tailor your mobility strategy to securely meet your organizational needs

Align licensing to actual usage

Become empowered to make the right decisions for the organization with an accurate picture of mobile device use.

Mobility is the new normal.

Change is being driven by the proliferation of consumer devices, the flexibility provided by the cloud, an

explosion of data, and a natural shift as people adapt to an always-connected world.

While there are many benefits, there are also concerns for both user-supplied and company-owned

mobile devices. Top concerns are security and licensing optimization.

Deployment Considerations

Selecting the right management platform now includes looking at how well it matches your mobile device management needs and objectives for the organization.

Licensing Considerations

User Device Location

Is the user covered by the

Microsoft Core Client Access

License (CAL) Suite or the

Microsoft Enterprise CAL Suite

on a per-user basis?

Is the user the single primary

user* of the device?

Can the organization easily

identify the primary user of the

device?

Is the device covered by the Core

CAL Suite or Enterprise CAL Suite

on a per-device basis?

Is the device running a qualified

Microsoft operating system?

Is the device a qualified device or a qualified third-party device?

Is the device accessing a virtual

desktop infrastructure (VDI)?

Is the device owned by the

employee or the organization?

Will the user access the software

on the corporate premises (on-

site)?

Will the user access the software

remotely from outside of the corporate premises (off-site)?

Topics covered by SAM Policies and Processes

How much control do

you want to maintain

over user-owned

devices?

Example policy: The IT department reserves the

right to approve accessibility or refuse

connectivity for any personal devices that do not

meet security and software requirements as

defined by corporate policy.

What constitutes

acceptable use of

corporate IT resources

on user-owned mobile

devices?

How are devices

authenticated?

What data and apps can users access?

What are the minimum security controls that are

required?

Can you identify the

employees, vendors, and

others accessing

organizational

resources?

How effective is your security awareness

training?

Benefits of a strong SAM process

PCs / Users

Servers / CALs Devices

A strong SAM process helps control all

licensing across the hardware life cycle

Complex IT environments and licensing

options drive risk of license mismanagement

Take Inventory: Find out what you already have.

Get Organized: organize all your software licenses and documentation.

Create Policies & Procedures: Establish standards and guidelines for all phases of the hardware and software lifecycles

Maintain your SAM Plan: Keep your plan current through regular spot checks, inventories, and employee training.

Next Steps and Q&A

Software Asset Management.Implementare si recomandari ulterioare

Planul de proiect

Operating System Name and Version Installation count Percentage

Microsoft Windows 7 Ultimate 2 1%

Microsoft Windows 7 Enterprise 16 5%

Microsoft Windows XP Professional 133 39%

Microsoft Windows 7 Professional 42 12%

Microsoft Windows 7 Home Edition 2 1%

Microsoft Windows 2000 Professional 114 33%

Microsoft Windows Vista Business 32 9%

Microsoft Windows 8.1 Professional 2 1%

Total 343 100%

2 216 0

133

95

42 42

2 2

114 114

32 322 21

0

20

40

60

80

100

120

140

Installation count Invoices

Instalari Windows vs achizitii

Microsoft Windows 7 Ultimate Microsoft Windows 7 Enterprise Microsoft Windows XP Professional

Microsoft Windows 7 Professional Microsoft Windows 7 Home Edition Microsoft Windows 2000 Professional

Microsoft Windows Vista Business Microsoft Windows 8.1 Professional

Recommended Hardware Upgrade To Minimum

Increase System RAM 114

Increase Hard Disk Free Space 24

Upgrade Graphics Card 33

50%49%

1%

Client computer readiness for Windows 8

Ready for Windows 8

Not Ready for Windows 8

Insufficient Data

Solutii de securitate

34%

46%

4%

9%

7%

Instalari solutii de securitate

System Center Endpoint Protection

Kaspersky Enpoint Security

Microsoft Security Essentials

AVG Antivirus

Avast Antivirus

Realizarea unei baze de date cu toate informatiile descoperite in cadrul procesului de SAM si actualizarea datelor din acest centralizator ori de cate ori sunt realizate modificari

Responsabilizare utilizatori

Implementarea unui sistem unitar de codificare a tuturor PC-urilor in retea, de exemplu: Locatie-Departament Initiala Prenume&Nume

Implementare Microsoft Active Directory pentru toate PC-urile si inlocuirea licentelor de tip Home cu versiuni Professional pentru integrarea tuturor statiilor in Microsoft Active Directory

- Management centralizat al politicilor de securitate implementate;

- Reducerea costurilor de exploatare prin folosirea noilor facilitati de administrare si de optimizare a traficului de

retea;

- Automatizarea setarilor de securitate;

- Securizarea implicita a noilor servere ce vor fi integrate in infrastructura informatica;

- Administrarea utilizatorilor si resurselor se face de la o singura consola;

- Controlul strict si monitorizarea accesului la resurse;

- Definirea unor politici globale pentru utilizatori si pentru statiile de lucru;

- Restrictionarea utilizatorilor;

- Single sign-on pentru utilizatori;

- Prevenirea modificarilor configuratiei desktop de catre utilizatori.

Active Directory

- Management centralizat al politicilor de securitate implementate;

- Distribuirea aplicatiilor si sistemelor de operare;

- Software Update Management. WSUS integrat;

- Inventar software si hardware cu istoric;

- Evidenta frecventei folosirii aplicatiilor;

- Raportare detaliata;

- Upgrade usor pentru sistemele existente si instalarea de la zero pentru noile sisteme;

- Suport pentru diferite tipuri de client (desktop, notebook, server, mobile);

- Descoperirea sistemelor vulnerabile si non-compliante cu politicile organizatiei.

Implementarea unei solutii pentru managementul unitar al statiilor de

lucru in retea System Center Configuration Manager

Poate fi instalat pe 5 device-uri ale aceluiasi utilizator;

Drept de downgrade inclus pana la orice versiune;

O singura cheie si un singur kit pentru toate licentele achizitionate;

Licenta poate fi transferata catre noi utilizatori;

Dovezi licentiere: contract, confirmare comanda si factura de achizitie.

Windows Server Standard 2012 permite instalarea a 2

licente Windows Server in

mediul virtual

2 licente Windows Server 2012 achizitionate 4 licentein mediul virtual.

Cheie de activare unica;

Nu exista COA;

Contract nominal;

Costuri apropiate de celeOEM.

Licentierea SQL per core vapermite accesul la server a unui numar nelimitat de utilizatori, fara a mai fi necesara achizitionarea Client Access License pentru fiecareuser/ device

Migrarea aplicatiei in Azure

Pasii urmatori

- Actualizare portal Software Asset Management si incarcarea documentatieiaferente. Definirea unui responsabil din partea companiei pentru update regulat;

- Solutii licentiere pentru produsele instalate fara dovezile de achizitie;

- Suport implementare procese agreate.