Jim Ryan, Chief Operating Officer – Flexera Software
As chief operating officer, Jim Ryan is chartered with leading Flexera Software's worldwide sales team, ensuring operational alignment and driving organizational development and leadership. Jim has been affiliated with the business since 1998. Prior to becoming chief operating officer, Jim was senior vice president of worldwide sales where he led consistent and strong revenue growth. Previously, while located in the UK, Jim served as the general manager for Macrovision's EMEA region and led the global Macrovision software business unit sales team. Also during his tenure with Macrovision, he led the company's services, technical support, operations and pre-sales teams. In 2008 Jim helped lead the spinoff of Macrovision's Software Business Unit to the private equity firm of Thoma Bravo, which launched the Flexera Software brand.
The Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) was designed to fortify cybersecurity of government networks and systems. CDM provides federal departments and agencies with capabilities and tools that identify cybersecurity risks on an ongoing basis, prioritize these risks based upon potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first.
One of those risks CDM is designed to protect against is the vulnerability arising from unauthorized software running on government systems. Unauthorized software means that nobody is securing it from vulnerabilities nor guarding it against hackers. This is why Software License Optimization technology is key to the success of the CDM program. This technology provides comprehensive IT asset management capabilities that meet all of the CDM program requirements.
The Need for Visibility, Control and Security
The government cannot protect against software vulnerabilities on its systems if it does not know the software is there. Therefore Software License Optimization's first order of business is to provide visibility and control of the IT environment. It does this by collecting and analyzing comprehensive hardware and software inventory data, giving the agency visibility into assets installed in the environment.
One benefit of this visibility is that it enables rationalization and consolidation so that hardware and software assets not being used, or software that is duplicative, can be safely pulled out of the environment. This reduces management oversight and support costs as the assets are no longer installed in the environment. It also eliminates a source of potential vulnerabilities. For instance, agencies can easily see which hardware devices under management are now identified as missing from the network. (See Figure 1) This could expose a security risk if devices containing sensitive data are reported as missing.
Figure 1: Example of Hardware & Software Asset Visibility via a Management Dashboard
In addition, Software License Optimization technology provides visibility into licensed and unlicensed software installations. This occurs all the time in the regular course of business – such as when an employee downloads a piece of software (that isn't sanctioned by the government) directly from the Internet. That software could contain malware that, once installed on the network, could serve as a gateway for attack.
Agencies must have processes in place to control software installations and only deploy authorized software. Additional processes are required to ensure that unauthorized software, once identified, is removed to mitigate this security risk.
Applying Software License Optimization to CDM Requirements
Software License Optimization technology meets all CDM program requirements for software asset management, including the ability to discover authorized (managed) and unauthorized (unmanaged) hardware and software on the network. A complete, accurate, and timely software and hardware inventory is essential to support awareness and effective control of software vulnerabilities and security configuration settings.
Software License Optimization technology has been specifically designed to automate identification and normalization of software titles, versions and editions installed and/or in use in the IT environment. It also allows for proper management of software by tracking and managing the specific software product use rights contained in the government's license agreements.
Software License Optimization tools also fully automate purchase order processing, allowing agencies to import purchase orders ('POs') to update existing licenses or generate new licenses, as necessary, without any operator interaction. This significantly reduces the administrative overhead required to understand what software is in the environment and what can be done with it – critical to CDM compliance. With this information, these tools can then monitor federal employee usage of software to help ensure all activities are in compliance with licensing terms. Understanding this usage and reconciling activities to contract terms is virtually impossible to do manually, and a critical function automated within a Software License Optimization solution.
Software License Optimization technology also provides full contract management capabilities, allowing agencies to keep track of contract renewal and expiration dates. This helps agencies ensure that software maintenance doesn't lapse and that the latest version of software and security patches have been installed, minimizing the security risk.
Without this level of automation, minimizing security risks and vulnerabilities called for in the CDM is virtually impossible.