I have often written about how to prepare for software licensing audits and what to expect during the process, but I rarely mention the errors we witness during mitigation. As you’re probably aware, major software companies such as Microsoft® and Oracle® typically perform some sort of audit on their customers approximately once every three years. These audits may be performed by a third party, but the most common practice is to instruct the customer to perform a self-assessment of their deployed software and report the findings to the software provider. The customer will be required to buy licenses for any discrepancies between the deployed software and their existing entitlements, often at full retail price. None of that should come as a surprise to most, but the part that many fail to recognize is that the findings are not always accurate, whether discovered during a self-assessment or even when performed by a third-party “expert”.
It’s important to carefully evaluate and scrutinize reported compliance issues. At Emerset, we have discovered approximately forty areas which are frequently reported inaccurately during an audit. The list below is just a sample of errors we have discovered while assisting our clients with licensing mitigation:
- Device CALs vs. User CALs (audit counted all devices and did not recognize that many were licensed under User CALs)
- Multiple copies of Office® installed on a single device and counted as multiple machines
- Multiple versions of Visio® and Project (Standard and Pro on the same machine, a new and old version that wasn’t removed when the product was upgraded)
- Inactive users within Active Directory® that haven’t been removed
- BYOD devices that were counted as organizational devices
- Counting virtual Windows® Servers as physical licenses
- Use of wrong licensing metrics for SQL Server® Windows Servers
- Failure to recognize historical entitlements (products purchases 3-9 years ago) that can be used to mitigate current licensing gaps
- Licenses from mergers and acquisitions
A proactive Software Asset Management program will prevent some of these errors, but it’s important to thoroughly review all claims of non-compliance, rather than simply pay for additional licenses without challenging the results.