After your software has gone through the acquisition and inventory phases, you will be ready to install it on your company’s computers. Again, a centralized installation policy—with one person or department in charge of all software deployment—is optimal. Additionally, you should make sure that only those in charge of software installation are allowed to do it.
A good software installation policy can help you control risks that are often related to unauthorized software. In the absence of proper installation policies, your company is left open to a number of vulnerabilities, including:
Increased susceptibility to viruses
Compromised security and/or security breaches
Loss of data
Loss or waste of network bandwidth from running unauthorized programs
Increased risk of unlicensed or pirated software in your environment
Consider implementing the following policies:
Provide technical support only for approved applications and devices.
Prohibit end users from installing any new software or hardware on any company device, including desktop computers, servers, or portable computers, without prior approval.
Disable both the Run and Add or Remove Programs options on all of your company’s computers.
Disable the Autorun feature on all computers that have CD-ROM drives.
Make it clear that any unauthorized software or hardware will be uninstalled if it is discovered.
When these policies are in place, they should be made available to all employees and department managers. Be sure to define the specific consequences or penalties involved for any potential violators.
As always, you should keep all software media—including license documentation, user manuals, and installation media—in a safe storage area, and designate one department to maintain it after installation.
It is imperative that all employees receive the Software Use Policy and understand what their roles and responsibilities are regarding your company’s software and hardware. Creating and adhering to this policy will help minimize the risks your organization faces by keeping your systems free from viruses, reducing the number of support calls, and keeping your software inventory up to date.
Knowing when to retire your software is just as important as knowing when to purchase it. Although it is important that you know what updates are available and whether you really need them, it is equally important to know when it is time to get rid of the old and bring on the new. The money you save can be reinvested in either purchasing new programs or developing your own.
Old software can be costly to maintain and may not continue to work well with newer applications. Similarly, you can offset the cost of upgrading by eliminating the cost of maintaining the old, and by improving workflow. You may also find that a large, costly application is really only being used by a few people in your company. Older applications may also be slowing down your entire network. It’s smart, therefore, to look for alternatives that may be less expensive and can aid more employees in your workforce.
Periodically review your software asset investments with the following in mind:
Are you saving money by sticking with a proven but older product, or are you wasting money with constant maintenance and upgrades? Often the software reseller or even the manufacturer itself will discontinue its support of your product.
Are you licensed for newer editions that could be deployed? Would such an update improve productivity or reduce support costs?
Would your return on investment (ROI) be improved by purchasing a new product?
Analyze the options to make sure you obtain the right software.
Establish standards for all phases of the software life cycle: