Earlier this month, TagVault.org held the first Asset Identification Summit outside of Washington, D.C. Since ISO/IEC 19770-2:2009 was approved, the tag solution for our profession’s software identification woes has been gathering momentum, culminating in this conference. Attendees represented just about every aspect of the ITAM ecosystem including software publishers (non-ITAM vendors as well as ITAM vendors), government agency representatives, corporate IT Asset Managers, engineers, ITAM consultants and members of the ISO/IEC 19770 working group as well as other ISO/IEC participants. IAITAM was represented by Jenny Schuchert, who brought back the following comments:
- The benefits of the SWID tag are broader than compliance and the discussion about the impact to security was one of the strongest voices at the summit
- The tag might help reduce the adversarial relationship between customers and software publishers
- Audits and review will continue even when SWID tags are universally applied, providing verification of compliance. The SWID tag simply makes it easier to understand and structure the software inventory, both in preparation for an audit and as part of SAM
- The SWID tag does not interfere with new technology models or with new installation/pricing schemes that publishers might develop
- Speaker Alan Vander Mallie, GSA, identified a growing need for government-wide software management, with CIOs getting more control over software budgets and being able to move forward to new opportunities like cloud technology efficiently
Software identification tagging may not seem like a glamorous or important topic, but it is obvious that tagging is an enabling strategy, permitting software management to expand and mature. Tagging not only allows best practices to be initiated and sustained more easily, it also removes the executive concerns about lack of control and even creates the belief that control is possible. The change in executive expectation may be the single most important aspect, although predicting the relationship between tags and far-reaching achievement might have been difficult to see without the summit’s broad cross-section of industry leaders.
During the conference, TagVault.org, a non-profit organization that validates and certifies tags, received the Platinum Contributor award from the ISO/IEC 19770-2 Working Group. As the first winner of this award, I congratulate them and look forward to continuing the campaign towards best practices in SAM together.