30 Days of Compliance Q&As #17: Are You a Target for a Software Audit?

When you hear the word “audit,” you probably think of compliance mandates such as PCI, HIPAA, and SOX. However, software companies are getting into the audit game with increasing velocity.

A recent “2013 Software Audit Industry Report” by Express Metrix showed exposed some interesting results.

Top five software vendors to have audited companies within the last two years:

    1. Microsoft
    2. Adobe
    3. Autodesk
    4. Oracle *
    5. SAP

Chart Software Audit Rates By ISV
Source: Express Metrix 2013 Software Asset Management Survey

Who is being audited?

Not surprisingly, companies with 5,000 or more employees report being audited at a higher rate over the past two years than those with fewer than 5,000 employees.

However, it appears that organizations with between 500 and 4,999 employees and more than 25,000 employees were targeted more heavily in 2013 than they were in 2012, suggesting that software companies are moving more heavily into those areas.


Source: Express Metrix 2013 Software Asset Management Survey

What’s making license audits so difficult? 

Companies cite the following reasons why tracking license compliance is so difficult:

    1. License agreements are difficult to understand or interpret
    2. Complex IT environments
    3. IT professionals can’t easily reconcile what’s installed with what’s actually being used 

Source: Express Metrix 2013 Software Asset Management Survey

How you can prepare for a software audit?

Use a Configuration Management Database (CMDB) and completely automate detection of devices, serial numbers, software, patches, IP addresses, interface information, patches, configurations, physical and virtual servers, and topology maps. AccelOps CMDB uses no agents and common access methods like SNMP, SSH, Telnet, WMI, API’s, and logs that automatically populate the CMDB.

AccelOps brings all of this information into a single solution linking a CMDB that constantly monitors your environment for changes.

Want to discuss how a CMDB can make your I.T. Operations and compliance easier? Contact AccelOps to learn more. We’re here to help.

 

 

Authors


Marta Stone


Marta Stone


Marta Stone


Marta Stone


Marta Stone


Marta Stone


Marta Stone


Marta Stone


Marta Stone


Marta Stone


Marta Stone


Marta Stone


Marta Stone

Try AccelOps FREE for 30 Days

 

Get a Live Product Demo

 

Tags

cloud
security
big data
RSA
analytics
compliance
Q&A
PCI DSS
HIPAA
Sarbanes Oxley (SOX)
Target breach

About Accelops

AccelOps provides the leading IT operations analytics platform for the modern data center. The virtual appliance software monitors security, performance and compliance in cloud and virtualized infrastructures – all from a single screen.

 

AccelOps automatically discovers, analyzes and automates IT issues in machine and big data across organizations’ data centers and cloud resources, spanning servers, storage, networks, security, applications and users. AccelOps’ patented analytics engine with cross-correlation and statistical anomaly detection sends real-time alerts when deviations occur that indicate a security or performance-impacting event.

 

The AccelOps platform scales seamlessly and provides unmatched delivery of proactive security and operational intelligence, allowing organizations to be more responsive and competitive as they expand their IT capabilities. 

Keep Social