Talk to anyone responsible for software management or license compliance and you'll hear the same set of seemingly straightforward requirements:

• 1. identify all installed software products
• 2. match installed software products to software licenses
• 3. report on the status of compliance

The ugly truth is that despite 2 ½ decades of development from countless vendors around the world, the output from ALL the available commercial software inventory tools is at best based on "educated guesses."  The "content" used to make those best effort software product identifications remains proprietary to each tool vendor, and is extremely costly to create and maintain. As a result, in addition to other pragmatic reasons, vendor content efforts have mostly been concentrated on Windows desktop environments.

I won't go into the complete explanation of why this whole situation exists, other than to state that the complete lack of standards for how software identifies itself to inventory tools.  If you're interested, you can read more about it in my White Paper Why Software License Management Is So Difficult - And How To Simplify It.

Overall, these realities are extremely troublesome to IT decision makers.  For most organizations, today's focus is no longer on desktop but rather on the higher cost and much more complex server-based software products. Adding insult to injury, many software publishers are exploiting the lack of adequate software inventory support for the server environments; over the past few years a sharp increase in 3^rd-party audits of server-based software products has occurred.

To make matters even worse, the inability to effectively, efficiently and accurately identify server-based software products is (or should be) of particular concern for those IT managers leveraging virtualization technologies. While these initiatives are undertaken to increase agility and reduce cost, many organizations are unpleasantly surprised by unplanned (and unbudgeted) fees for upgrades and additional licenses.

How did this happen? Well, some software licenses are tied to a single, specific physical computer during installation.  Other software product licenses are linked directly to the configuration of the server on which it is installed, and BOTH the physical AND virtual attributes involved must be accounted for. Which means organizations must be able to track and map the virtual machine to the physical server at any and every stage of virtualized operation. And, in some cases, the software license essentially prohibits virtualization of any kind. Unfortunately, few organizations have the requisite specialized expertise and processes to obtain the level of visibility needed for complete planning and decision support.

Which brings me to title of this posting: why standards matter?  When it comes to software management, the lack of standards has put the customer at a distinct disadvantage.  However, that is coming to an end. The ISO/IEC 19770-2 software identification (SWID) tag standard gives us the potential to accurately and consistently identify and report on installed software products - the "Holy Grail" everyone has been desperately seeking. Beyond giving us requisite visibility for IT management, we'll finally be able to confidently monitor our installed software.

Notice I said "gives us the potential"--ensuring adoption by a broad set of software publishers is now our chief challenge.  Are you with me?