Software is playing an increasingly important role at every company. Today it's ERP, databases, and desktop applications; tomorrow it will be embedded systems and ever-more mobile apps. CEO after CEO touts the strategic advantage and cost savings that technology imparts, all of it powered ultimately by software.

Yet, peel back a layer and you'll find CIOs and their IT managers frustrated with the state of software licensing. They view it as having to climb an insurmountable summit imposed by vendors.

In an InformationWeek survey of more than 500 business technology professionals and in interviews with many more industry players, we found that while there isn't much IT leaders can do about tortuously complicated vendor licensing practices, there's plenty they can do to manage contracts and relationships. Instead of being the victim, IT leaders must take charge.

For starters, the 34% of IT organizations represented in our survey that don't involve line-of-business managers in evaluating software licenses need to start doing so. And companies must begin extending their expertise in enterprise software licensing (73% of survey respondents sometimes or most of the time negotiate significant price breaks) to off-the-shelf software. In sufficient quantity, licenses for such software add up to enterprise scale in terms of dollars and risk potential, and IT organizations need to start treating them that way.

Enterprise software like ERP tends to have more mature life-cycle management processes, with RFPs that spell out the scope and contracts that extend licensing terms over at least a few years. Managers of commercial infrastructure software should take a page from that manual. Asset management tools from vendors such as Avocent (LANDesk), Symantec (Altiris), and Flexera can help IT organizations discover, purchase, deploy, maintain, and even dispose of software. Weigh that investment against how much you can recoup when you have a deeper understanding of how many wasted licenses (i.e., ones nobody uses) the company has.

IT leaders also need to come to grips with who owns the software. Whether it's a commercial or open source license, as users we rent--we never own--so it's unrealistic to expect "perpetual" licenses that never change over a software package's life cycle. Software licensing can also change with changes in computing paradigms, such as virtualization and the cloud.

For example, in early 2007 Microsoft realized that customers were virtualizing Windows XP, and it couldn't do anything about it under the old license agreement. So with Vista, Microsoft created a new type of license for the virtualized form of the operating system, called VECD (Vista Enterprise Centralized Desktop). In 2010, Microsoft renamed this license VDA (Virtual Desktop Access).

More recently, with the upgrade from vSphere 4 to 5, VMware started licensing the product by vRAM usage in addition to its base pricing per CPU, resulting in much higher licensing costs for many customers. After a customer uproar, however, VMware softened the blow considerably.

Even hardware is subject to the vagaries of software licensing. For example, the label inside the Lexmark x543 printer states: "Print use is subject to patent license" and "Use of printer acknowledges your agreement to the license terms." See what we mean about software licenses ruling every bit of technology?

Software Licensing

Time for CIOs to Take the Wheel
Become an InformationWeek Analytics subscriber and get our full report on software licensing.

This report includes 32 pages of action-oriented analysis packed with 20 charts.
Get This And All Our Reports

Roles And Responsibilities

With shrink-wrap software licenses committing companies to legally binding agreements, and with enterprise software being such a critical component of business success, you'd think that LOB executives would be involved in evaluating software licenses. But more than a third of our survey respondents say their LOB execs aren't involved in such decisions at all.

Granted, you can't expect execs to get involved in every $100 transaction, and they don't need to be evaluating contracts for infrastructure software (though legal, purchasing, and finance need to review all licenses). However, if LOB execs aren't looking at the license agreements for the software that runs their businesses, that's a problem--100% of executives should understand the terms and conditions under which their enterprise software can be used and will be supported.

For example, buried in a contract for a recent government agency software purchase was language that defined the "site license" as limited to employees of that particular division, which IT probably thought was fine. However, while that software was used primarily by that division, other divisions--and even agencies--had to use it as well. Had the division's director not reviewed the license agreement, it would have been a costly mistake.

It appears that IT organizations are on board with this thinking, as 78% of the respondents to our survey say LOB execs should be familiar with the terms and conditions of software licenses and contracts. And once folks other than IT pros are involved, it appears the right ones are at the table: top management, IT governance, legal, finance, and purchasing.

More than half of survey respondents say the ultimate responsibility for software license agreements resides both with IT and internal service functions. As IT matures, we hope this percentage will rise. Expecting IT by itself to handle software license agreements is a little like expecting finance to spend all of the company's money with no input from departments.

Money On The Table

One reason a company might have a team for large enterprise software licenses but give short shrift to smaller purchases is that it doesn't have visibility into how much the latter set--licenses for software such as Adobe Acrobat and Microsoft Project--costs in aggregate. Enter the discipline of software asset management.

Companies typically leave a lot of money on the table in the following ways:

>> They don't know what entitlements they have, so they buy more software than they need. For example, some licenses let you have a secondary copy of the software on a secondary machine--say, a desktop and a laptop. Companies not aware of that provision might pay for up to double the licenses.

>> They might dedicate more of a full-time employee's time to license management than they would if they had an automated process in place. In our survey, 32% of respondents have a full-time employee devoting 50% or more of their time to managing licenses.

>> They don't know whether installed software is being used at all. IT administrators tend to blast out cookie-cutter software images to users because it's easier to manage that way. But what if a user has absolutely no need for Microsoft Office? A periodic review of software needs will discover overprovisioned software.

Steve Schmidt, VP of corporate development at Flexera, which makes "application usage management" software (a subset of software asset management), says AUM is becoming more strategic to organizations, especially as finance officers question IT-related expenses. And of course, nobody has any money, and everyone's looking in every nook and cranny for overexpenditures.

Then there's the big, overarching concern: Software licensing is extremely complicated. "It would be nice if there were licensing standards," says Arnie DeWitt, CIO of Phillips Plastics, who points to SAP's and Microsoft's models as "overly complicated."

For example, SAP's licenses include many definitions of users. "It's important to understand how the system is being used and if the appropriate license is being applied to that user," Flexera's Schmidt says.

Microsoft's VDA license includes an 11-page white paper and a seven-page clarifying FAQ to help users through the complexities. Really? Does it have to be that complicated?

Manlio Vecchiet, a director of product management at Microsoft, acknowledges that the vendor's licenses can be complex. "But we need to take into account those customers who need fewer licensing rights," he says. "If you offer granularity, it naturally becomes more complex."

In other words, OEM licenses for Windows XP or Office have a limited set of use rights that let you use the software as long as you have that particular PC. To buy a more flexible license would cost more. So if you want to eliminate complexity (buy the whole chalupa by default), you'll have to pay a lot more. If you want cost-effective software, you'll have to deal with complexity.

That argument appears to make sense--if you're a software company using a business model from the previous century. Or to be fair, it's the difference between software as a service (ongoing revenue--if your customers remain happy) and perpetual licensing (where the methodology to create ongoing revenue is to create new versions and stop supporting the old versions).

With all due respect to Microsoft, it doesn't seem that vendors like Google need to offer the aforementioned granularity in order to offer a reasonable price point--in the case of Google Apps for Business, $50 per user, per year. Google actually won't unbundle any of its services. You don't want them? Don't use them. It's still $50 a year, and still quite a deal compared with similar email and document preparation software.

To keep costs down, SaaS and other cloud providers tend to be inflexible about terms of service and service-level agreements. They take the approach: "Don't want this service for this price under these terms? Fine. Bye."

But SaaS licensing can be just as aggravating as conventional software licenses. Consider Salesforce.com's standard license agreement--"onerous as any from Oracle, IBM, Microsoft, or SAP," says Jeff Gordon, VP of Net(net), an IT investment advisory firm. "Their terms and conditions aren't changing just because of the cloud."

While Microsoft has poked fun at Google recently for its alleged harvesting of customer data, fact is that Google's business terms of service actually specify that advertising is defaulted to "off" for accounts, and that your information ("customer data") is yours, not Google's.

The point is, some of the SaaS licensing concerns are real; some of them are FUD. Read the terms for yourself. If you're building a delivery truck system that relies on Google Maps, for instance, and it works most of the time, surely you can live with the fact that the license says: "You understand and agree that you download and/or use Google Maps For Mobile at your own discretion and risk and that you will be solely responsible for any damages to your computer or mobile device system or loss of data that results from the download or use of Google Maps For Mobile."

Such amusing terms also apply to on-premises software, such as: "You agree that you will not use these products for any purposes prohibited by United States law, including, without limitation, the development, design, manufacture, or production of missiles, or nuclear, chemical or biological weapons."

But can we live with: "By using this software in connection with an iTunes Store account, you agree to the latest iTunes Store Terms of Service, which you may access and review from the home page of the iTunes Store"? You may think that iTunes doesn't have much effect on a corporation. But how about when the highest-paid executives all have iPads, which require iTunes for certain types of operations and thus acceptance of the click-through license, which, when Apple posts a new one, you've already agreed to?

Apparently, 43% of our survey respondents think it's OK for a software vendor to change license terms without your consent. While it strikes us as pragmatic to simply ignore the sword over your head and ditch the software if the licensing terms become unacceptable, it's best to go with what your legal department suggests on this one.

Buyer Power Window

As InformationWeek's Secret CIO has pointed out, it's even difficult for enterprise software sales reps to keep a straight face when talking about their companies' myriad and confusing licensing options.

But at least with enterprise software, customers have some buyer power. The vendors know that their failure to accept reasonable accommodations might well mean you'll sign with someone else. Some enterprise software customers require that their contracts stipulate that the vendor can't change the licensing terms between versions of the software. It's also possible to negotiate lower prices on additional modules or professional services.

Bottom line: If you don't get these types of concessions before you sign with an enterprise software vendor, you risk massive price fluctuations. "The most annoying trend lately is software companies transitioning their licensing to new forms--at an upgrade cost, naturally, and never covered by the maintenance costs you're already paying," says Andy Brady, an IT director at a $1 billion energy company. The vendor MO, he says: "Let's increase our revenue by changing the way we license things, not by changing and improving our software."

But take heart. Customer pressures have forced software vendors to quietly change their policies. Amy Konary, IDC's software licensing expert, cites SAP, which a couple of years ago eliminated the basic support option for its enterprise software, forcing customers to pay for premium support. "SAP made a bet that customers would want the higher level because environments were getting more complex," Konary says. But some customers balked; some even filed lawsuits in various countries. About 18 months later, SAP reintroduced the lower tier.

And for Pete's sake, when you're dealing with SaaS spell out that your company owns its own data. Only about half of the respondents to our survey whose companies use SaaS say they "always" put this provision into contracts. One business we spoke with that had adopted SaaS early on found that when it wanted to change providers, its vendor refused to allow an export of the data. The customer had to resort to screen scraping and rekeying all of that data--time-consuming and expensive.

What's Most Important?

When we asked in our survey to choose the most important elements of a licensing agreement or contract, respondents cited the SLA as most important, followed by the perpetual right to use the software and a warranty that the code is free of material defects (see chart, below). Source code escrow was cited as least important--do you really even want the source code to an app if the vendor goes belly up? Probably not.

When they negotiate with software vendors, 73% of our respondents get concessions at least some of the time. Anybody can get 5% to 10% off the list price, but apparently a quarter of these respondents typically get 11% to 15% off and a fifth of them get 16% to 20% off. So don't be shy in asking.

Bear in mind, however, that you usually must agree to something in the terms and conditions to get price concessions. One thing we've seen customers agree to is to pay for the software before the implementation. It might seem scary to agree to pay up in advance, but considering that two-thirds of a software implementation's cost is normally for consulting or other labor, if the project goes off the rails, you will never get that money back--and you'll never get your company's business staff time back either. Software implementations fall into the "failure is not an option" category. So why not pay for the software up front and save a bunch of money?

Use that frantic vendor need to recognize revenue on the software as a lever to also get concessions on things like consultant fees and hold-backs on final payments for implementation.

One final point about commercial software in general. It seems that businesses are more savvy with licensing for enterprise applications than for infrastructure software. It's time to treat important infrastructure software--VMware, SQL Server, and the like--as enterprise software rather than one-off shrink-wrap software. That means planning the ultimate number of licenses and entitlements you'll need, and crafting an RFP and a contract for the expected life cycle of the software.

Leadership Vs. Fear Factor

There's so much agita over commercial software licensing that we had to ask in our survey about the open source alternative. It's a measure of how far open source has come that 41% of respondents don't have a preference either way.

And some of our respondents are big believers in open source. Rich Banta, CTO of Lifeline Data Centers, says the outsourced data center provider has "dedicated considerable resources to converting to open source systems wherever possible" given its frustration with Microsoft's service provider license agreement.

Arthur Koch, president of Koch Environmental Analytical Consultants, finds the commercial software activation process to be burdensome. He likes to experiment with various machines and configurations, he says, so having to activate the software every time he moves from one machine to another is aggravating. Koch says he's careful to comply with software license agreements but complains that commercial licensing "treats me as a potential criminal." Like Banta, he says he's gone to open source as much as possible.

Whether you choose open source or proprietary products, the bottom line for CIOs is that software licensing requires a pragmatic view and active, involved management. It requires skilled negotiation. And it requires the courage to walk when a provider offers unacceptable terms.

InformationWeek: Sept. 5, 2011 Issue

Download a free PDF of InformationWeek magazine
(registration required)