The term “Software License Audit” brings many thoughts to the minds of most people whether on a personal or professional level and those thoughts are rarely favorable. Even when we feel we have nothing to hide, the idea of someone in authority checking to ensure we are compliant can create a very stressful situation. It is important to note that whenever we install a Microsoft® product, whether as individuals or corporations, we are agreeing to comply with the terms of the End User License Agreement (EULA) which specifically grants Microsoft® the right to dictate how we use the software and grants MS permission to audit our use of their product(s). While it may seem redundant to some, it’s important to remember that we don’t “buy” software but rather, we buy licenses to use software and those licenses come with certain terms and conditions.
Licensing audits are nothing new for Microsoft® Volume Licensing (VL) customers, but as MS faces increasing competition and declining sales of Windows, they are increasing their efforts to ensure that they maximize their revenue wherever they can.
This is the first in a series of articles intended to assist Volume Licensing customers to prepare for and manage the process in the event of a Microsoft® licensing audit. Whether you are audited or not, the required discipline and record keeping should be a valuable exercise, even if only to ensure that your company is compliant and not needlessly over-spending for software.
While the concepts and actions we will explore on the subject are primarily focused on Microsoft® software audits, the same may be applied to a number of other software companies.
There are multiple factors that may initiate a licensing audit. Many audits are a result of disgruntled employees who report potentially unlicensed software usage to the Business Software Alliance (BSA). There may also be channel partners who suspect non-compliant usage, even if for the self-serving reason of anonymously attempting to generate future sales as the offending customer is forced to become compliant. It would also be reasonable to suspect that MS may randomly increase their audits as a means of potential increases in revenue.
The first step in the Microsoft® licensing audit process is usually a letter requesting that your company perform a self-audit. This can be used as a constructive reason to perform a comprehensive inventory of your installed software and the results may also be helpful during your next true-up, but the exercise and potential consequences for non-compliance need to be taken very seriously. The cost of a self-audit varies greatly with the size of the organization and amount of data captured, but unless the organization is nearly or completely compliant, the cost of the audit will likely be less than the consequences if proven otherwise.
There are a number of applications available to at least partially automate the process of performing an inventory of licensed software, but they are rarely enough by themselves to provide an accurate or comprehensive assessment which would satisfy Microsoft®, the BSA, or the courts.
Organizations have to account for OEM licenses, servers, employee owned devices (including home PCs, tablets, and smartphones), retail purchases, legacy systems, and other hardware which may be running MS software. A Software Asset Management (SAM) tool is an excellent place to start, but the results will likely need to be accompanied by proof of licensing of all other applicable devices which use or access the MS software. In addition to reports generated by your SAM tool, it’s important to gather and organize all receipts and authorization documentation for all systems. In the case of onsite hardware, if it is running MS software, you need to have some form of documentation to verify that it is compliant. This may be EA or Select Agreements including User and/or Device CALs, applicable Product Key(s), paid invoices, OEM licenses, Partner Pack documentation, and anything else that will prove the software has been appropriately licensed. In short, you need the ability to prove that any device or user which is running or accessing MS software has a license to do so.
We’ll address that which MS is really looking for in the next installment of this series but in the interim, we suggest that whether you have received a request for a self-audit or suspect that one may be forthcoming, or even if you’re merely being proactive to ensure compliance, it’s wise to conduct an inventory of your software. Even if you’re not subjected to a formal licensing audit, the data collected will be crucial and save a tremendous about of time as you prepare for your next true-up or license renewal.
For further information or if you have specific questions, please contact us at http://emerset.com/contact.