Turmoil has engulfed the IT department. The licensing of software critical to outlying lines of business is under dispute…
When it comes to software licensing, the worst-case scenario is the dreaded vendor audit. The risk is real and it’s not a scare tactic. A Gartner analysis from 2014 showed that 68% percent of companies would face at least one audit in the next year. The frequency of audits and audit-like activity by software vendors continues to change as they explore new ways to extract revenue from existing clients.
Software license compliance audits can take anywhere from six to eighteen months to complete, consuming valuable internal time and resources. Also, fines for non-compliance range from hundreds of thousands to millions of dollars. A 2013 study found that businesses found non-compliant had paid up to 10% of their revenue in fines or settlements. Despite the threat, many companies don’t have a formal ITAM practice in place.
More and more businesses are adopting Software Asset Management (SAM) best practices and automated tools. But, they are having trouble getting started. License compliance is a complex professional practice that not only requires the right tools to collect and analyze asset information but also the specialized knowledge to derive the necessary insights. Most businesses simply do not have this kind of expertise in-house. The responsibility often falls to procurement or IT, who do not have the time or money to become experts. The added complexity of cloud computing, virtualization, and BYOD only make the issue worse.
Many ways to fail
Software vendors have great incentive to protect their intellectual property from non-compliant or illegal use. Under some license structures, differences between purchased and installed software can generate non-compliance issues. In other words, vendor audits target inconsistencies between what a licensee is entitled to and what they have installed. This is the case even when there is an unintentional configuration error.
Businesses found in violation must pay for the software and, depending on the audit type, full retail price, retroactive payments, or penalties. That is, they pay full price and then some for any unlicensed software running in their environment identified during an audit.
In the case below, the Softchoice SAM team detected a potential compliance gap that could have cost our clients tens of thousands as the result of a vendor audit. This was due to a configuration issue introduced by the software vendor.
Software Affected: SQL Server Standard (versions 2012, 2014 and 2016)
The Scenario: A third-party auditor found SQL Server Enterprise licensing requirements where the client was certain only the Standard version had been installed. As the cost of the Enterprise license is almost four times that of Standard per core, the differential would have been significant.
Our SAM team investigated and discovered that the SQL Server Standard installer presents the user with the option to install “Data Quality Services” via checkbox. According to Microsoft documentation, this component is not a feature of SQL Standard. But, it is included in SQL Server Enterprise.
Our Recommendation: We suggested that when our clients install SQL Server Standard they ensure the checkbox for the offending component remains un-checked. We encouraged those already running SQL Server Standard to make the necessary adjustments to remove it. We advised Microsoft that this was not a compliance issue since it was caused by an issue in the SQL deployment process.
The Results: Our client running SQL Server Standard in the affected version was saved hefty license fees due to a configuration issue that was not their fault.
Let the Experts Help
Software compliance audits are no casual matter. The best way to prepare for one is to make sure it doesn’t happen in the first place. The roots of non-compliance are anywhere from process failure to evolving business needs and lack of internal knowledge. To build a successful SAM requires the right tools and product expertise.