|ISO/IEC 19770-2 Standard is Published!|
After 3 years of significant effort and peer review, the ISO/IEC 19770-2 standard has been published by ISO. Individuals and organizations can purchase the standard from ISO, ANSI, or your national bodies standards organization.
TagVault.org is helping the SAM ecosystem create, certify and deploy software identification tags and all software publishers, or other organizations or individuals that need to deal with software identification or SAM processes should join TagVault.org.
Software publishers that publish software identification tags will see a reduction in costs for overall software identification management. This will be seen in the training, negotiation efforts and if it is required, the auditing phases. Software publishers will also be able to promote the fact that they understand their customers' needs and frustrations and are working diligently to resolve the problems that are inherent in SAM programs - especially in the software discovery phase.
This standard is the first step in revolutionizing the software asset management market. As software gets more expensive and hardware costs continue to plummet and software audit findings are rising, software purchasers are realizing that they need to more effectively manage their software assets. The problem is that SAM programs are expensive to implement. One of the reasons for the high cost of SAM programs is due to resource costs involved in manually identifying software inventory, or fixing 3rd party identification libraries that have been unverified and untested.
The 19770-2 standard resolves the issues with software identification. For publishers that recognize the value proper software identification can bring to their organization as well as to their customers and to the rest of the SAM ecosystem, TagVault.org will provide certification services that ensure all SWID tags conform to the standard, include normalized values for all elements, and are authoritatively signed with a digital signature and timestamp. These procedures allow end-user organizations, such as the US Government to validate that they are following the procedures recommended by the consensus audit guidelines (CAG). They also allow all SAM ecosystem members to know exactly what software is installed on the computing devices in their organization.
|Goodwin Proctor has written an article on the 10 steps required to ensure License Compliance. These steps mirror the processes detailed in ISO specification 19770-1. Read the article...|