Entitlement Management Explained [GUIDE]

What is Software Entitlement Management?

Software entitlement management is a process enabling companies to make sure that only people who have permission to use their software are able to access and use it. A good analogy would be a library card for a digital library. The library card grants access to someone to borrow books from the library, the system that prints library cards with someone’s identity, and the computer system that then can scan the library card to ensure the person is a member of that library, and is allowed to check out books, would be an example of an entitlement management system.

Software entitlement management is what an Independent Software Vendor might use to manage their users access to use the software they develop and distribute. This system helps the software company make sure that only people who have permission to use it can access it (usually that they have paid for it, and not just anyone can use it for free).

What Are Some Main Features to Look for When Shopping for an Entitlement Management Provider?

There is a lot of functionality that goes into building a robust entitlement management solution (we would know! We have been at it since 2015!). Here are a few of the capabilities a software vendor should inspect when evaluating or when building their own an Entitlement Management Solution

• Authentication: Verifying the identity of users who are trying to access resources or services. What sorts of authentication mechanisms does the Service support? Is it always online, or do they have a solution for offline Authentication (such as local license checks?)
• Authorization: Determining if a user is allowed to access a specific resource or service based on their role or permissions. LicenseSpring allows an ISV to set authorization per device (Node-Locking), per user, per seat, or with Floating Licenses.
• License Management: Managing and tracking the usage of software licenses and ensuring that only licensed users can access the software. We’re great at this, and what LicenseSpring’s core competency lies.
• Access control: Managing the level of access a user has to a specific resource or service, such as read-only or full access. There are many parts of the LicenseSpring Service that different parties interact with. For instance, your Accounts Receivable Team might want to look up license, order and customer information and would require a Read-Only Access to our Vendor platform for that. Maybe an engineer would need write-access to the products and API keys, but no access to the billing and order section.
  
  Assigning roles to users and determining the resources and services those roles can access. This is usually known and Role-based Access Control (RBAC). With our Entitlement Manager, ISVs to define Roles to staff members who have access to the account. The Software Vendor can also assign roles to License Managers who can act as Resellers and Distributors, for instance.
•  Self-service access management: Allowing users to manage their own access to resources and services, such as resetting their passwords or requesting access to a new resource. We make offline license validation possible through an ISVs use of our SDKs and our offline activation portal for instance. We also make available a fully white-labelled User portal, which would allow end users to reset their passwords, to transfer their licenses from one device to another, without needing the Software Vendor to get involved, for example.
• Auditing: Keeping track of user access to resources and services, such as when they accessed them and what actions they took. LicenseSpring provides an Audit Log that can who how entitlements for a specific license have been modified over time, so that you can keep track of when a certain feature has been switched on, when the expiry date for a license has been extended.
• Compliance: Ensuring that access to resources and services is in compliance with relevant laws, regulations, and policies. LicenseSpring’s R&D centre is ISO 27001 and ISO 9001 Certified. We also adhere to GDPR Regulation.
• Automation of provisioning and de-provisioning: Automating the process of granting and revoking access to resources and services. Licensespring makes provisioning and de-provisionning pretty straightforward with our numerous 3rd party integrations as well as through the use of our RESTful management API which allows a Vendor to connect our Entitlement Management Solution to pretty much any CRM, ERP or BI tool.
• Revocation: The ability to quickly and easily revoke access when necessary, such as when a customer cancels their subscription.

How Do You Choose the Best Entitlement Management Software for Your Organization?

There are a lot of vendors with many different offerings for different types of customers. Clearly, a large Vendor like Airbus might have different needs for an indie game developer looking to sell expansion packs to a Windows game built in Unity. Here’s a list of criteria which might be more or less important for your company, depending on the type of software you publish, and the sorts of customers you have.

• Reliability & Availability: Above all else, we think the most important factor in using an entitlement management solution is that it is always available, and works. If the system goes down, it means that licensed users simply cannot use or access their licensed software. for this reason alone, you might choose to host the Entitlement Manager yourself.
• Scalability: The solution should be able to scale to meet the needs of your organization as it grows. For example, it’s one thing if the Entitlement Management System can validate 10 users once w month, it’s something completely different if you’re running concurrency validations across continents with thousands of user groups, each with a unique set of software entitlements to them.
• Security: The solution should provide robust security features to protect against unauthorized access and protect sensitive data. We perform Annual Penetration testing, and follow security best-practices, and have been increasing our emphasis on security of our service as we grow.
• Cost: Many tools like to charge based on Licensed Revenue. We’re more of a “utility bill” based on usage and features needed. An easy rule of thumb would be to see how much it would cost you to build or manage your own entitlements solution versus taking one off the shelf. (hint: Most License Managers should be significantly cheaper than to build your own, but have the drawback of not being fully made to measure).
• Integrations: Entitlement Manager should be able to integrate with other business systems. We’re often asked questions like whether Licensespring can be used with Microsoft Dynamics, SalesForce CRM, if entitlements usage can be sent to Hubspot or some other CRM, for example.
• Usability: The solution should be easy to use and understand for both IT administrators and end-users. We’re often told that we’re very easy to use compared to market incumbents like Revenera or Thales.
• Flexibility: The industry offers notoriously rigid and brittle solutions. In our experience, there isn’t really a single market segment large enough to go after, we needed to solve many edge cases before we found enough clients to have a sustainable business. We now count customers in many diverse verticals such as medical device manufacturers, Automotive software vendors, AR, and Space and Defense, just to name a few. This was largely possible because we have been working on sufficient edge cases that allowed us to become a general-purpose entitlements management service.
• Vendor reputation: Many companies often decide on an entitlements manager solely based on reputation. We often point to our reviews on Capterra, and are often asked for multiple references from larger clients.
• Compliance: Many industries have compliance requirements for their sub processors, including Data Privacy, Audit Logs, Data Retention Policies, Disaster Recovery Policies, and so fourth. LicenseSpring’s software engineering team maintains much of this compliance through our ISO 27001 and ISO 9001 periodic recertification.
• Support: ISVs will often implement the entitlements manager themselves, but having the ability to talk to a human, as well as access complete documentation can be very handy.
• Reporting and Analytics: Reports and Analytics can be very handy for many different staff and end user roles, such as sales, product, customer support, compliance, or security teams.

At the end of the day, the best way to select a software entitlements solution is probably to short list a few that seem to fit your organization’s needs, and perform a robust Proof of Concept, using the points above as a checklist. That is generally how most of LicenseSpring’s customers found us, and we are happy to help ensure this initial evaluation is a success!