Cherwell IT Service Management Blog
Resources, Best Practices, and Solutions for ITSM Pros

“Non-Compliant” Took On New Meanings In 2009

Posted by

If you Google the term “software vendor audit,” you’ll find no shortage of information on the topic, particularly related to how to avoid and/or survive them. Frankly, though I try to stay on top of all the current research and frequently talk to customers who provide good anecdotal insight, I’ve seen very little recent material that sheds any new light on the matter. But I confess I was taken aback by some of the information revealed in Forrester’s software licensing report, released January 4th.

First, Forrester reports a year-over-year increase in software audit activity during 2009. This comes as no surprise; as software sales slumped during the economic downturn, vendors sought new ways to bolster their revenue streams; one way of doing so is to more aggressively audit their customers and force them to correct their license deficits.

What did surprise me, however, were some of the anecdotes Forrester cited in which vendors required customers to pony up, apparently in a single-minded attempt to extract extra revenue. According to Forrester, “In addition to spotting genuine under-licensing, many vendors’ audit teams seemed to want to meet their revenue targets by exploiting technicalities and loopholes.”

Although I didn’t shell out $499 to purchase the report, according to Computer Weekly’s Cliff Saran (who presumably did), here are a few of the more onerous—and one might argue, troublesome—examples where vendors claimed licensing violations and demanded remuneration:

1) Test versions: A vendor consultant accidentally installed a test version of the software in a production environment, and was made to pay full retail price for the software.

2) Accidental installation: An IT manager inadvertently copied an application onto a standard desktop image, which was rolled out company-wide. Despite the fact that only a few of the employees were actually able to use the software, the company was charged for each installed copy.

3) Inactive users: A business that opened up its user account database to an audit firm to show its detailed licensing documentation got charged for inactive users.

Forrester also warns against other licensing “gotchas” that companies frequently misunderstand but are generally quite explicitly outlined in their software contracts:

4) External access: If a business licenses software internally but provides external access to the same application, vendors may demand that licenses are purchased for those additional users.

5) Multiplexing (A variation on #4 above): Companies whose customers use Application B to access data held within Application A can be charged a license for Application A for each user that accesses it indirectly via Application B.

5) Virtualization: Software vendors may take advantage of confusion and/or ignorance surrounding the correct interpretation of licensing terms in the context of virtualized software and machines.

The takeaway? In tough economic times, organizations need to be more wary than ever of the approaches vendors may use to squeeze incremental revenue from their customers. And though these tactics may seem unreasonably punitive, according to the letter law, publishers likely have every right to pursue these “revenue opportunities.”

It’s clear that a good faith effort at software asset management may not always suffice when it comes to staying compliant—but while it doesn’t seem reasonable to expect that organizations can anticipate every possible human error or licensing loophole, in light of all the companies that are downright reckless with enforcement of their license agreements, a “good faith effort” sure seems like a sensible place to start.