Federal agencies are under great pressure to reduce costs and cybersecurity risks in their IT activities. Congress and executive branch leaders have identified software supply chain management as one of the biggest potential areas of IT savings and risk mitigation for government agencies.
This is because, for many years, agencies have purchased and managed software in a decentralized manner, engaging in tens of thousands of licensing agreements annually. Consequently, agencies have struggled to create accurate inventories of their software, purchased vast quantities of unneeded software, and allowed end-of-life assets to remain on their networks, constituting dangerous vulnerabilities for cyber intrusions. And because current methods of buying, tracking, and maintaining software lack transparency, agencies are often left exposed to security risks or potential penalties from vendor audits.
Numerous attempts in recent years to improve software supply chain management at federal agencies should help, but, unfortunately, progress has been slow. The Federal Information Technology Acquisition Reform Act of 2015 (FITARA) and the Making Electronic Government Accountable By Yielding Tangible Efficiencies Act of 2016 (MEGABYTE) both direct agencies to take firm steps in getting a firmer management hand on their software inventories and purchases. MEGABYTE, for example, requires agency CIOs to establish a comprehensive, regularly updated inventory of software licenses and to analyze software usage to make cost-effective decisions.
Yet in May 2018, the House Committee on Oversight and Government Reform (OGR) gave 14 of 24 agencies failing grades for their implementation of those two laws in the category of software licensing management. And the Government Accountability Office said that, as of May 2018, agencies had yet to implement 78 of 135 recommendations it has made to improve policies and practices for managing licenses.
With effective software management, agencies can better manage, control, and protect their software assets and the risks associated with their use. When agencies ensure that licenses are used in compliance with licensing agreements, are cost-effectively deployed, and that software purchasing and maintenance expenses are properly controlled, they can better manage their risk exposure and potentially achieve significant savings.
In fact, market research firm Gartner reports that many organizations can reduce their software costs by 30 percent, simply by implementing three software license optimization best practices: application configuration optimization, recycling software licenses, and the use of effective software asset management (SAM) tools.
Nevertheless, there are several key challenges that can hamper agencies’ progress toward more effective software supply chain management. First, agencies often struggle with gaining a firm understanding of exactly what software and how many licenses they need for their enterprises. A second challenge is that many agencies still lack clear visibility into what software they already have. And third, many agencies have blind spots when it comes to knowing whether their software is vulnerable to cybersecurity threats.
Flexera’s FlexNet Manager Suite for Enterprises offers agencies an industry-leading, comprehensive suite of enterprise software asset management and license compliance solutions that improve supply chain management throughout the software lifecycle. Flexera’s broad vision of software asset management (SAM) and license optimization extends beyond the technology itself to the underlying data powering it. With Flexera’s FlexNet Manager Suite for Enterprises, agencies can:
- Easily and comprehensively discover what is in their IT environment;
- Normalize the data from that discovery phase into a common, consumable language and format that serves the entire enterprise;
- Rationalize the data to provide deep insight into their software inventories, such how many different and potentially redundant versions of licenses they have and what applications exist that serve similar needs;
- Enrich the data with the world’s largest and most comprehensive repository of enterprise software and hardware, providing transparency, accurate product information, and real-time market intelligence for agency IT assets, including end-of-service and end-of-life information;
- Partner with their software suppliers in a transparent way. The insight provided by Flexera’s FlexNet Manager Suite for Enterprises serves as a foundation for developing common understandings of what agencies have bought and what is included and excluded in their existing licensing agreements so they can better address gaps and plan for future needs.