Software Licensing: Move From Defense To Offense - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IT Leadership // IT Strategy
09:06 AM
Connect Directly

Software Licensing: Move From Defense To Offense

Avoiding audits and vendor fines isn't enough. Take control of licensing to exact deeper software discounts and match purchasing to actual employee needs.

Get the entire Sept. 2 issue of InformationWeek - no registration required.

Look at the software in your organization in three ways: software you've purchased, software you've installed, and software that employees actually use. These are three distinct lists that can get surprisingly out of sync, and it's never good when that happens.

When software installs exceed licenses, you're out of compliance and could lose discounts and face steep "true up" fees or fines if the vendor finds out via an audit. Make that when a discrepancy is uncovered in an audit. Our InformationWeek 2014 Software Licensing Survey, completed in July, reveals that more than a third, 37%, of organizations have been audited within the last 24 months. The percentage is even higher, 40%, for companies with 500 or more employees, and separate research shows that large companies can expect six- to seven-figure fines when there are big discrepancies.

It's surprisingly easy for installs and licenses to get out of sync because enterprise software vendors, including IBM, Microsoft, Oracle, and SAP, make it easy for your employees to download software without paying for it. Vendors of enterprise software seldom lock it up with the kind of license keys used to control consumer software installs. Complicating matters are licensing terms related to virtualization, per-CPU, or business roles that confound even experienced buyers and administrators.

Even worse than getting caught on the wrong side of an audit is paying too much for software straight away. This happens when companies license software but never install it -- the dreaded shelfware. In other cases, companies license and install software that employees never use, yet they have no way of knowing it because they can't track usage. A third form of waste is emerging as more tech buying -- particularly for cloud-based software -- moves outside the IT organization. When 12 different sales and marketing types are buying SaaS-based CRM seats on their credit cards, it's impossible to get the enterprise-scale discounts your organization deserves.

The larger and more distributed the company, the harder it is to keep track of software licenses, installs, and usage. Even without the added complexity of virtualization, SaaS, and hybrid cloud environments, you're kidding yourself if you think you can manage licensing using spreadsheets and paper records.

IT asset management systems and software license optimization software go a long way toward getting software license entitlements, installs, and usage into sync. But tech won't cure all ills. Company leaders must forge a clear buying strategy that balances centralized control and the vendor bargaining leverage that comes with it with the need for departments to get exactly the right software for the job when they need it. Doing so requires IT, purchasing, and business unit leaders to work together. Finally, there's shadow IT. You must educate line-of-business leaders and IT administrators about the consequences of rogue purchasing, unauthorized installs, and changing usage patterns sparked by rising use of mobile devices.

Audits Strike Fear
Let's start with the understanding that software is incredibly valuable and that vendors spend lots of money to develop software functionality. They deserve every penny that's due to them under their stated licensing terms. OK, that doesn't lessen the frustration IT leaders feel when hit with a surprise million-dollar bill after an audit turns up software they didn't know they had installed. But a vendor audit gone sour provides the impetus to improve software license management.

The right to audit is spelled out in the fine print of software contracts, and research points to rising vendor audit activity. The audit compares the software that customers have installed with what they are licensed and entitled to use. If a vendor isn't satisfied with a company's response to an initial inquiry, it has the right to run scripts on that customer's network that will uncover where its software is installed and in use.

Audits rarely turn out in the customer's favor. The average audit true-up cost for companies with about $50 million in annual revenue is $263,000, according to the 2013-14 Key Trends in Software Pricing & Licensing Survey, the latest annual report published by software license optimization vendor Flexera with input from IDC. For companies with about $4 billion in revenue, the average audit true-up cost is $1.6 million.

Apparently, a better than one-in-three chance of an audit and the prospect of a six- to seven-figure fine isn't enough to motivate many companies to take control of license management.

"I've talked to some CIOs who say, 'I don't know what my risk is of being audited, and I don't know that if I'm audited I'll be out of compliance,'" says Amy Mizoras Konary, research VP, software licensing and provisioning, at IDC and a collaborator on Flexera's annual survey. "The attitude is 'I would rather take the risk of being audited than pay to fix a problem that we might not have.' But companies that take this approach are typically rewarded with audits." (See related story, "5 Signs You'll Face A Software Audit.")

Tools Of The Trade
IT's first line of insight (and audit defense) is usually IT asset management software. BMC, CA, Hewlett-Packard, IBM, Symantec, and other vendors provide general-purpose systems that correlate inventories of software and other IT assets to contracts, licenses, and equipment leases. This software is typically aimed at improving IT operations -- providing tools to detect failures across servers, storage, networking devices, software suites, and personal computers. At best, this software might discover and inventory what software is installed on which devices, but it doesn't analyze software usage and compare that with usage rights to give companies some idea if they're spending their money wisely.

In some cases, software vendors offer free tools geared toward deploying their products according to their licensing approaches. Microsoft, for instance, offers the Microsoft Systems Center Configuration Manager (SCCM), which provides remote desktop and server control, patch management, software distribution, operating system deployment, network access protection, and hardware and software inventory. IBM often requires customers to use its License Metric Tool as a way to determine how many PVUs (processor value units, an IBM licensing metric) are in use.

The trouble with vendor tools is that they don't capture every metric and deployment variable needed to manage licensing, says IDC's Konary. What's more, these tools help you with software only from one vendor, whereas

Next Page

Doug Henschen is Executive Editor of InformationWeek, where he covers the intersection of enterprise applications with information management, business intelligence, big data and analytics. He previously served as editor in chief of Intelligent Enterprise, editor in chief of ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
D. Henschen
D. Henschen,
User Rank: Author
9/4/2014 | 9:00:57 PM
Re: Software Licensing
Thanks for your comments. I did mention that the audit-in-the-last-two-years figure is even higher, 40%, for companies with more than 500 employees. I've seen studies from Flexera and Express Metrix with even higher figures for larger companies, but we didn't break out a higher split in our study.
User Rank: Ninja
9/4/2014 | 8:14:48 PM
Re: Software Licensing
What a long-overdue topic for a second look at many organizations. It's refreshing to see an an article so comprehensive on a topic that's so oft-overlooked, especially in a world of quick blogs, vague blurbs, and buzzword-laden tweets. Instead, these points are made here with plenty of numbers to back them up, insights from real people in the industry, and, most importantly, specific tips and best practices for how to do it better at your organization.You can't blame people for wanting to ignore licensing for as long as they can - it's complicated and, frankly, boring. This article makes a great case for not only why you should worry about it, but how to do so without losing sleep.

The numbers themselves do offer a bit of a mixed picture though, don't they? 1/3rd of organizations were audited in the last two years - and that doesn't say anything for the size or industry of those companies, or how those audits turned out. That still makes it sound like an okay bet to stick your head in the sand and pretend like you're not going to be audited. The cost savings and license management benefits are the real kickers to me. There are headaches other than just audits to worry about  when it comes to licensing - and how great if you can get one service that takes care of all of them!
D. Henschen
D. Henschen,
User Rank: Author
9/3/2014 | 8:32:42 AM
Aspera is an independent company, not affiliated with IBM
Thanks for catching that stray "IBM." Beaupoil's quote addressed a prominent IBM licensing product, but his company, Aspera, is not affiliated with IBM. The reference was corrected accordingly.
User Rank: Apprentice
9/3/2014 | 8:13:34 AM
Great summary of SAM/SLO challenges
You say all in 3 pages! This war is not going to stop. Great post.

Remark: I guess it is not true to say "Christof Beaupoil, co-founder and president of IBM's Aspera Technologies", Aspera is not linked to IBM at all. There a couple of organizations named Aspera, the one involved in SAM space is not belonging to IBM.
Charlie Babcock
Charlie Babcock,
User Rank: Author
9/2/2014 | 4:53:27 PM
How big are those vendor audit staffs?
Yes, the best defense is a good offense, especially for the mid-sized companies that don't have large IT staffs. I am surprised that 37% of companies surveyed have been audited in the last 24 months. The software vendors are investing heavily in auditing customers.
User Rank: Moderator
9/2/2014 | 11:36:43 AM
great post
Great post. I can't stress enough the hidden benefits of finding spare software. Talk about getting kudos, when you can circulate an email that says "hey, we have 15 spare unused copies of Photoshop, anyone have a use for them?"


p.s. Microsofts SCCM is not free as is implied. In fact the licensing for it is very complex with client and server licensing and has an entire pdf devoted to trying to figure out how much it will cost you.
D. Henschen
D. Henschen,
User Rank: Author
9/2/2014 | 10:25:55 AM
Best defense is a good offense...
Midsize and larger companies deal with hundreds of software titles, and between different locations and business units, there's no way you can keep track of it all with spreadsheets and paper files. License-management and sofware-license-optimization software can help, but you'll also need policies and procedures to ensure that you're licensing only the sofware that you need and that you're getting every discount you deserve.
Li Tan
Li Tan,
User Rank: Ninja
9/2/2014 | 9:56:31 AM
Proper software licensing is your responsibility
I cannot agree more with the points raised in this post. As IT manager, you cannot simply be reactive for software licensing to fulfil audit requirements. You need to take full responsbility for proper software licensing. It means to become on top of the issue and fully understand/manage the proper licensing fulfilling your enterprise needs.
How to Create a Successful AI Program
Jessica Davis, Senior Editor, Enterprise Apps,  10/14/2020
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
Flash Poll