The greater danger for most of us lies not in setting our aim too high and falling short, but in setting our aim too low, and achieving our mark. ~Michelangelo
We all know that if we see the yellow tape that says “caution”, it means there might be something dangerous behind it. Or if we see a “wet floor” sign, there is a danger that we might slip and fall. But what about things we don’t always see? The natural gas we use was once a hidden danger. In the 1930’s, there was an explosion at a school in Texas caused by natural gas. This led to the “odorization” of natural gas, so now we can smell it if there is a leak. Prior to that, it was a hidden danger.
There are hidden dangers in ITAM as well. Often it’s things we don’t see that are the danger, but sometimes we see the danger and just don’t recognize it. We’re going to give a few examples of those hidden dangers.
Let’s start with that batch of old computers we all have set aside for disposal. Are the hard drives wiped prior to storage? The hidden danger here is that any software installed on those machines can be subject to audit. If a software vendor comes in to audit you, they can make you power those computers up and then count any software on them as installed.
I have an example that happened to a former employer of mine before I started working there. The company received a shipment of laptops. The laptops were on pallets sitting on a loading dock. Before the laptops were all safely stored away in a locked room, several of them grew legs and walked away. So the hidden danger is that the missing laptops weren’t discovered as missing for a while. Processes were never created around receiving and nobody checked the shipment for accuracy, nor did anyone know for sure when the shipment was due to arrive. A solid receiving process, along with a better procurement process, could have helped the situation.
How many freeware and/or shareware titles are in your environment? Has anyone read through the EULAs (End User License Agreement) for those products? Some applications that are free for personal use are not free for business use!
Speaking of EULAs, how often does someone accept a EULA without printing a copy or even reading it? I know I have certainly done that in the past. Did you know that if you do not keep a copy of your license agreements, that a software vendor can make you follow whatever the current T&Cs are? This can happen with any software in your environment. Hypothetically, you may have taken the time to negotiate a great contract that is a win-win for both you and the vendor. If you lose that contract, the vendor can come in and audit you and cite you for violations to their standard agreement because you can’t prove that you had a better agreement in place.