Recent Changes - Search:

Tips & Tricks

Windows Tips

Apple Tips

Linux Tips

Networking Tips

Business

powered by PmWiki

MSTips /

SoftwareAudit

Hide Contents

Table of Contents

Software and Hardware Auditing

Introduction

From time to a software audit is required to list the:

  • Operating System license keys
  • Software license keys
  • Driver type, name and version number
  • Hardware
  • Security patches

Corporate Level

An effective IT Asset Management policy is invaluable for any organisation wishing to more effectively manage increasing IT costs and stay software license legal. By employing an asset management solution you can track and control your IT departments' expenditure, have detailed and current software and hardware inventories as well as being able to automatically track assets across the entire enterprise.

With the use of IT ever increasing in today’s office and teleworking environment, it's absolutely essential that asset tracking and software license monitoring is done on a regular basis as a part of your contingency plan. Should an unforeseen disaster happen, your insurance company would need a detailed inventory to make a loss-adjustment assessment, unless you can provide the vital data - you could lose out financially.

Most departments acquire new devices and add/upgrade software (both legal and illegal) to their systems on a frequent basis, which can make keeping manual asset inventory and maintaining license compliance a logistical nightmare.

Support teams can also take advantage of accurate hardware and software inventory data to help speed up the resolution of technical problems.

An accurate inventory linked with usage data can also help cap spiralling IT costs by ensuring unnecessary expenditure, on unused items or assets that can be effectively recycled within the enterprise. [1]

Software Assessment Management

How To Build and Effective Software Assessment Management Strategy

Step 1: Use a Comprehensive Network Discovery Solution. The first step of any SAM strategy is to perform an inventory audit using a network discovery solution. IT managers need to know what programs the organization has and where they are located before they can be managed. Regardless of the network discovery solution chosen, auditors need to ensure the product provides 100 percent network visibility on all computers, servers, hardware devices using Internet protocol addresses, and individual files.

Step 2: Analyze the Audit Report. Once the audit is conducted, IT managers need to process and analyze the audit information by entering, updating, and normalizing all inventories. To normalize data, organizations can classify inventory entries by software class, licensing categories, or according to the software's name, version, quantity, or purchasing information. For example:

  • Manufacturer: Adobe Systems.
  • Product: Adobe PhotoShop.
  • License Category: Commercial.
  • Installation Quantity: Three.
  • Purchase Quantity: 40.

Step 3: Apply the Necessary Requirements. Apply all Business Security Alliance (BSA) and Software and Information Industry Association (SIIA) requirements to ensure ongoing compliance. (See next section for more information on BSA and SIIA.) For example, an organization can validate proof of ownership with an invoice, completed registration documents, or transaction records from a software distributor. In addition, organizations need to identify which applications are not currently compliant and which require updated license agreements, or remove the applications in question. This task usually is conducted by the IT manager or network administrator, depending on the company.

Step 4: Review License Agreements. Analyze the application's use against license agreements, including cost variances with other applications to further streamline software spending. For example, if a business is paying for 50 licenses, but only uses 10, it would be in the organization’s best interest to renegotiate the contract. Some network discovery solutions enable businesses to analyze software use.

Step 5: Audit Regularly. Organizations should conduct network audits regularly. This ensures software licensing compliance and corporate efficiency of IT resources. [2]

Quick and Dirty Method

A very quick and dirty way of doing this is to use some of the utilities that are available on the net. Some of the forums I belong to have listed the utilities cited below, so I would imagine that this would indicate these are probably the most used and most reliable:

  • Belarc Advisor - Which is a free utility and very easy to use with good documentation and help
  • Jalapeño Keyfinder - A powerful utility which scans over 170 supported software titles, and then displays the names and CD keys of the products that are installed on a computer. The list of software titles and keys can then be copied to a text file for safe keeping with a single click of a button. Keyfinder has CLI (command line interface support) however it is not free. The only downfall is it uses Paypal and if you are in a hurry, this will prove a little time consuming to get your payment verified and so forth.
  • System Information for Windows (SIW) - This utility reached PC World's Top 101 freebies in 2006. This utility can report:
    • Software: Operating System, Installed Software and Hotfixes, Processes, Services, Users, Open Files, System Uptime, Installed Codecs, Software Licenses (Product Keys / Serial Numbers / CD Key).
    • Hardware: Motherboard, Sensors, BIOS, CPU, chipset, PCI/AGP, USB and ISA/PnP Devices, Memory, Video Card, Monitor, Disk Drives, CD/DVD Devices, SCSI Devices, S.M.A.R.T., Ports, Printers.
    • Network: Network Cards, Network Shares, currently active Network Connections, Open Ports.
    • Tools: Password Recovery, Reveal lost passwords hidden behind asterisks, MAC Address Changer, Shutdown / Restart.
    • Real-time monitors: CPU, Memory, Page File usage and Network Traffic.

Conclusion

Whatever method used is chosen based on the size of the network and how accurate the audit is needed. The main focus is on accuracy which is why a working Policy is required for larger networks

References

1. ^ IT Asset Management - Retrieved on 15 September 2007
2. ^ Ensuring Software License Compliance in Today's Organizations - Retrieved on 15 September 2007

All text is available under the terms of the GNU Free Documentation License
Privacy Policy | About Wikitec | Disclaimer | Copyright

Edit - History - Print - Recent Changes - Search
Page last modified on 2007-09-15 02:49