Microsoft Licensing – Remediating your audit result
Microsoft attempts to audit Volume Licensing (VL) customers every three years. Mostly, this will be a so-called ‘Software Asset Management (SAM) Review’ in which you are asked to list all installed software yourself and ensure appropriate licensing. For every non-compliant instance your organization will be required to purchase additional licenses, often at retail pricing. In some cases the audit may be performed onsite, at your company, by an independent third party.
BSA | The Software Alliance
If a customer is unwilling or unable to remediate, i.e. to reach a mitigation agreement with Microsoft, the case may be turned over to the Business Software Alliance (officially BSA | The Software Alliance). By the time the BSA becomes involved a company will already have incurred substantial cost.
The Software Alliance has the authority to negotiate a settlement on behalf of Microsoft. If your company has failed to reach an agreement with Microsoft directly, expect that the negotiations with the BSA will be even tougher. The Alliance has no other goal than preventing and punishing piracy and non-compliance.
Microsoft audit issue areas
Make sure to carefully evaluate reported infractions after any audit. We have discovered approximately forty license audit issue areas that are specifically Microsoft related. The list below is just a sample of what we frequently discover while assisting clients:
Device Client Acces Licenses (CALs) vs. User CALs: all devices were counted but many were licensed under User CALs.
Multiple copies of Microsoft Office installed on a single device and counted as multiple machines.
Multiple versions of Visio and Microsoft Project: Standard and Pro on the same machine, new and old versions that weren’t removed when the product was upgraded.
Inactive users within Active Directory that haven’t been removed.
Bring Your Own Device (BYOD) hardware that were counted as organizational devices.
Counting virtual Windows Servers as physical licenses.
Wrong licensing metrics for SQL Server Windows Servers.
Failure to recognize historical entitlements (products purchases from 3-9 years ago) that can be used to mitigate current licensing gaps.
Licenses from mergers and acquisitions.
Remediating audit results
Regardless of whether errors are being discovered during an audit, it’s important to try to work with Microsoft toward some sort of settlement, i.e. to ‘remediate’. Microsoft does not want to lose a customer, but surely doesn’t want customers to use their software illegally either.
In case of a settlement, always try to negotiate that the violation and the deal are not publicly disclosed. This becomes increasingly difficult if the negotiations move to the BSA. The Alliance often wants to make penalties public to deter others. The damage caused by negative publicity will exceed the cost and fines of settling by far.
Microsoft’s agreements state that a customer will pay the cost of an audit if a deficiency of greater than five percent of the purchased licenses occurs. Being out of compliance will equal audit plus true-up cost. There are a number of other costs, some of which more tangible than others. The time and distraction as internal resources are forced to focus on an audit must be considered. Additionally, a customer’s credibility may be damaged in the eyes of Microsoft. Microsoft rarely assumes that a customer is intentionally out of compliance but when they do, it will make future negotiations particularly difficult.
Make SAM a priority
Exceptions excluded, Microsoft typically does not suspect that a customer is intentionally non-compliant. But Volume Licensing generates approximately $40 billion annually for Microsoft, so it is critical to their business that their software products are being licensed properly.
From your organization’s point of view: whether a company only has a few employees or tens of thousands, IT represents a significant investment and must be managed appropriately. Software Asset Management is often far more complex than you would expect and failing to make SAM a priority can cause substantial damage to your company.
Four articles – read them all!
The first article in our series on software license audits, focusing on Microsoft, dealt with the importance of being prepared. The second addressed what Microsoft or the BSA may be looking for during an audit. Here we considered what to do after an audit, particularly if the results are significantly unfavorable. In our fourth and final article we’ll discuss what it takes to develop a sound SAM discipline.
If you are in need of extra expertise, and a structured license administration and management approach, feel free to contact B-lay. We will help you make software compliance an exciting opportunity to improve your business!
Richard is one of the managing partners at B-lay. He started to work in the license management industry in 2004 and worked for almost 10 years at Oracle as regional director of compliance. He uses his knowledge of enterprise software vendors (such as Oracle, SAP, IBM and Microsoft) to educate, equip and enable software end users in their challenges regarding proper software license management. Richard holds a master’s degree in IT, from University of Amsterdam in the Netherlands.