Читать книгу The Official (ISC)2 SSCP CBK Reference - Mike Wills - Страница 76

Software Inventory and Licensing

Оглавление

Software and firmware come in many different forms; almost without question, all of these forms should be under the right combination of configuration control, configuration management, and asset management. Between those three processes, you'll have a very good chance to know that all of your software elements:

 Have been protected from unauthorized changes

 Have had all required changes, patches, and updates correctly applied

 Have had all outstanding discrepancy reports or change requests reviewed and dispositioned by the right set of stakeholders and managers

 Where each element is, physically and logically, how it's being used, and whether or not it is up to date

You'll also know, for each software element, whose intellectual property it is and whether there are license terms associated with that ownership interest. For each license, you'll need to know the detailed terms and conditions that apply and whether they apply to all copies you've installed on any number of devices or to a specific maximum number of devices; the license may also restrict your ability to move an installed copy to another system. The license might be seat limited to a specific number of individual users or capacity limited to a maximum number of simultaneous users, maximum number of files or records, or other performance ceilings.

Many modern applications programs (and operating systems) facilitate this by using digital signatures in their installation processes so that each installed and licensed copy has a unique identifier that traces to the license identifier or key. Software license inventory management tools can easily poll systems on your network, find copies of the application in question, and interrogate that installation for its license and identifier information. This can also find unlicensed copies of software, which might be legitimate but have yet to activate and register their licenses or might be bootleg or unauthorized copies being used.

Proper software license management and software inventory management can often save money by eliminating duplicate or overlapping licenses, or by restricting usage of a particular app or platform strictly to where it's needed.

The Official (ISC)2 SSCP CBK Reference

Подняться наверх