As a software publisher, you’re under increasing pressure to provide ways for consumers of your software to track their installation and use of it, and reconcile that against their purchased licenses. Such inventory gathering and reconciliation features are likely to become mandatory requirements for purchasers such as government agencies who are increasingly bound by license compliance and security directives. For example, presidential executive order #13103 specifies that all government agencies must have accurate software inventories and must be in compliance with software license contracts, and the consensus audit guidelines (CAG) specify that governmental organizations ensure they can automatically and reliably track every software title installed and used on every system, validate that it’s a known and approved title and securely and independently verify the publisher.
Providing information that facilitates accurate software inventory and automated license reconciliation is in software publishers’ best interests anyway, as it helps enterprises to pay for their legal use of your software. Providing this information in discoverable form saves you from pursuing expensive audits and court cases to claim licensing fees you are due. If everyone can identify installed software accurately, there is no excuse for falling out of compliance.
Obviously, an industry-standard approach is the only one that will work, as software consumers will not instigate many different practices to identify and reconcile software from different software publishers. ISO/IEC 19770-2 software identification tags (SWID tags) is the international standard for tagging software for automated identification. SWID tags are small XML files shipped and installed with software products. Discovery tools use the information contained in the tags to definitively identify installed software. Additional tools can then reconcile inventory records against purchasing and licensing data to ensure compliance.
As a software publisher, you can now create a validated regid and normalized & validated SWID tags, which are all you need to start rolling out software identification tags with your published software. Join Adobe, Hewlett Packard, IBM, Microsoft, Symantec and other industry leaders in voluntarily allowing your software to be validated and uniquely identified, to address consumers’ demands for more transparent software installation, entitlement and licensing information..
TagVault.org, and your peer members, can provide tools and processes to support your introduction of SWID tags. Join today.
How TagVault.org Helps
TagVault.org is promoting the widespread adoption of the software identification tags standard, ISO/IEC 19770-2. As a software publisher, this widespread adoption helps you to encourage clients to comply with licensing entitlements without expensive audits or legal action. In future, large software consumers are likely to mandate software tag support as part of procurement requirements.
SWID tags are also starting to become common in software purchasing requirements. This is especially true with the department of defense that placed the ISO/IEC 19770-2 standard on the Defense IT Standards Registry in preparation for requiring SWID tags from their ISV’s.
Finally, TagVault.org along with various member organizations can help ISV’s from spending hours working out the best approach to integrating SWID tags into your products, validating the data and digitally signing the data. With drop in tools and industry best practices already defined, TagVault.org makes the process incredibly easy, quick and above all ensures interoperability.
Work with TagVault.org now to stay ahead of the curve and introduce processes to create, certify and publish software tags.