Agencies Struggle to Comply with the MEGABYTE Act

The MEGABYTE Act was signed into law in late July 2016 with the intent of facilitating better management of software licenses across the federal government. 

According to OMB, the federal government spends $9.1B on commercial software each year, through more than 42,000 separate transactions. Additionally, a typical organization spends 30% more than necessary for software.

The MEGABYTE Act requires the CIO for each federal agency to develop a comprehensive software licensing policy, to include:

• Establishing an inventory of software licenses
• Tracking and maintaining such licenses
• Analyzing software usage
• Providing software license management training
• Establishing goals and objectives of the agency's software license management program
• Considering the software license management life cycle phases to implement effective decision making and incorporate existing standards, processes, and metrics.

The Act requires each CIO to submit to OMB a report on the financial savings or avoidance of spending that resulted from improved software license management starting in FY 2017, which ends on September 30th. Reports are to also be submitted each of the following 5 fiscal years.

The Act codified improvements to IT acquisition and management already underway at OMB, specifically related to software licensing. Through OMB memo M-16-12 entitled “Category Management Policy 16-1: Improving the Acquisition and Management of Common Information Technology: Software Licensing,” agencies were directed to

• Appoint an agency software manager and supporting team.
• Post and maintain standard pricing and terms and conditions for the agreements on the Acquisition Gateway.
• By September 30, 2016, compile a baseline inventory of the agency’s commercial and COTS software licenses purchased, deployed, and in use, using commercially available IT.
• Beginning November 30, 2016, and each quarter thereafter, report to the OMB Integrated Data Collection all cost savings and cost avoidance attributable to improved software license management.

According to the most recent FITARA Scorecard from June 2017, agencies are struggling to comply with MEGABYTE Act requirements. Every agency, except Education, GSA and USAID, received an “F.”  GSA and USAID received “A” grades and Education received a “C.”

Organizations such as GSA’s Software License Management Service (SLMS) can assist agencies with their software license management and inventorying efforts. GSA’s SLMS is a proactive approach to Software Asset Management (SAM) which enables agencies to effectively procure, deploy, and manage software licenses based on contract entitlements, product use rights, and actual usage. SLMS can help agencies cut costs (e.g., show positive ROI, decrease overall software spend), comply with federal mandates, and enhance cybersecurity posture by eliminating unused, unsupported, or obsolete (i.e., vulnerable) applications.

According to SIE Consulting which specializes in IT asset management and license optimization, “Many organizations postpone the implementation of SLM [software license management] since “IT is working” – often saying we can put the effort off until next quarter (and the quarter after that).”  The company cautions that delaying a commitment to SLM puts agencies at risk for paying for software that is not used, paying too much for software, having unsecured software deployed, and prolonged non-compliance and poor FITARA/MEGABYTE scores.