In the dot com boom, I headed up a technical team. One of my responsibilities was the hardware and software needed by our team and other teams in the company. Back then, software was typically boxed and came with packs of licenses. I had an internal software audit routine to check that all of our computers were correctly licensed.
In my own business, I’m part of a two-person team. Many of our software licenses are purchased far less formally and are for one user only. We also rely on a huge amount of Software as a Service, where there is no box or permanent license to use the service. As owner-managers, we sometimes buy something using a personal email address or bank card, despite it being for company use. Also, we contract third parties to do work for us, and they purchase software or create accounts on our behalf. With no physical boxes, or volume licenses to keep track of, small companies now develop websites and software in a far more informal way.
It’s a common pattern we see at Perch: the company contacting us has had a website developed, and sometime later the person who developed the site and bought the software license leaves the company. The company has no idea how to access the license information, and password reset attempts go to a now-dead email address. Sometimes the account is linked to a personal email address, or was even bought by a third party who had been contracted to build the site.
With accounts spread around between owners, employees, and contractors, businesses can easily leave themselves exposed. Services get canceled because no one saw the reminder that a credit card had expired. Domains fail to auto-renew, leaving the company in danger of losing them. Software purchased via an employee or contractor becomes inaccessible due to that person leaving. Therefore, I propose that every business needs a software and services audit. Collate all of this information, then make sure it is accessible to you and other trusted team members.
What should we audit?#section1
What should you take a look at? To get you started, I’ve listed a few key areas that most web agencies and software businesses will recognize. Once you start this process, you will no doubt think of more. (If you think of something other business owners might forget, add it to the comments.)
Domains and DNS#section2
Does the company own all of the domains you use, or are any linked to personal accounts?
Can you move all of the domains and DNS management to one location? Services such as DNSimple offer domain hosting and DNS management, and can be a better choice than having domains registered alongside your webhosting.
Do you have a solid way to track expiration dates? Are domains set to auto-renew with up-to-date payment details? Do all of the domains have correct contact details?
How many email accounts are being used in your business? Are you, or your employees, using personal addresses for company business?
Is important and valuable information stored in your email, or in the email of employees? For example, if you work with clients by email, who has the history of the conversations?
Is email securely backed up?
Software used on your websites#section4
Many websites rely on paid software-whether that is a full CMS like Perch, or paid add-ons to WordPress. Who owns those licenses?
Which email address is linked to these licenses? The developer might use it to let you know of important security updates to the software.
Do you have access details for any account on the third-party website?
Do you know where and how to get support for any of the components of your website that haven’t been developed in-house?
If you develop websites for clients, you may be able to help them to manage this better by providing a handover pack on payment that includes all of the key details and clarifies their significance.
Go through your bank and card statements. What does your business pay for, monthly or yearly? Cancel anything you don’t use.
For services you do use, check if you can save money and bookkeeping by switching to an annual plan.
Check that the plan you are on is up to date and still the right one for you. SaaS companies often introduce new levels of service—you might save money or get new functionality by switching.
Keep a list or spreadsheet of services and the date on which you last checked them. You can repeat this process every six months, to make sure you don’t pay for things that you are not using.
Start with one small thing#section6
Auditing everything you use in your business is likely to save you time and stress in the long run, but with our limited time it’s an area we can find easy to avoid. You don’t need to do this all at once. Next time you have a couple of spare hours, pick off one area and start there.
In a couple of hours you could list all of your domains, check when they expire and make sure that you can access the registration for each. You may need to add another to do to your list to consolidate them at one provider, or to update contact details. However, you have moved forward just by knowing what the status of your domains is. You are already less likely to have the nasty surprise of waking up to find a website offline due to the domain expiring.
Let me know in the comments if this is an area you struggle with; or if you have found good ways to store, maintain, and share this kind of information.