Cherwell IT Service Management Blog
Resources, Best Practices, and Solutions for ITSM Pros

Behind BSA Software Audits: Fact or Fiction?

Posted by

I just read an utterly scathing column in ComputerWorld in which James Gaskin blasts the BSA for what he claims is a common practice of using “extortion tactics” that are especially punitive to small businesses. In his indictment, Gaskin lists a number of grievances he suggests exemplify the “Big Three” software vendors’ (Microsoft, Adobe, AutoDesk) contempt for small businesses. Gaskin asserts that the BSA is notorious for “bullying small companies that don’t understand all the rules, lose their paperwork, or have proof stolen by a reward-hungry disgruntled employee.”

I’ve never been through a software audit myself, so I can’t offer any validation or repudiation of his accusations. As such, my biggest criticism of the article is that Gaskin offers up no examples of or testimony from specific companies or individuals that have actually undergone a BSA audit. His only source on record for the article is a law firm, Scott & Scott LLP, who specializes in defending companies targeted by the BSA—not exactly the most impartial source, if you ask me.

Having spoken with dozens of our own customers about their experiences with software audits, I can’t recall a single one that criticized the BSA with such fury; some even went so far as to say that while the audit experience itself was anything but pleasant, Microsoft’s behavior was downright helpful throughout the process.

Most acknowledged that at the time they were audited, their organizations had no reliable system—nor were they making a genuine effort—to track license entitlements; in fact, most knew they’d find themselves in a world of hurt if they were audited. And it’s not because some guy with a pink slip made off with a few packing slips. Gaskin, on the other hand, implies that the BSA routinely penalizes organizations for minor infractions even if they’ve made a good-faith effort to be compliant.

So I find myself wondering just how many of these tactics are actually put into practice. Do you have any experience with BSA audits? Do you feel you were treated fairly? What do you think constitutes reasonable “proof of purchase”? I’d love to hear your thoughts!