Salesforce – License Compliance Risks

More and more customers upgrade their IT assets from on-premise to the cloud. Moving your infrastructure to the cloud has undoubtedly great benefits. From a licensing or subscription perspective it’s quite tempting to think that you don’t need to worry anymore about your license compliance position. But in reality, you will find out that this is not the case at all. Especially with a highly customizable SaaS solution such as Salesforce CRM, you should constantly monitor your actual cloud consumption, since compliance risks can be easily triggered. One of these risks is represented by the Indirect Usage, that was earlier explained in our article: Salesforce – Indirect Access.

This article briefly describes some generic Salesforce license compliance topics that you should be aware of, including:

  • Included features and their limitations
  • Restricted use licenses

Included features and their limitations

Most Salesforce subscriptions (e.g. Sales Cloud, Lightning Platform, Marketing Cloud, etc.) provide the right to make use of certain included features. To name a few, this includes the right to make use of custom objects, custom apps, API calls, storage, contacts, automations. Many of these features can be used for free, but only up to a certain amount. The limitation mostly depends on the cloud service, edition and subscription type you purchased.

When reviewing your license compliance position for Salesforce, you may tend to focus more on the number of users who have a certain subscription. The fact that you should also be checking the consumption of the features included is often forgotten. Some of these features are technically restricted (and you can’t use more than you purchased) but some of them are not, allowing you to use more that you should.

Let’s look at an example:

You may have the right to deploy a certain number of custom objects within your organization, as per your agreement. When you reach the maximum limit, you won’t be able to deploy more custom objects, unless you either remove (some of) the existing ones, or you purchase additional custom object subscriptions. In this case, the best approach is to review what custom objects can be removed from your organization before you purchase additional subscriptions. As per Salesforce’s program documentation, you should however be aware that certain custom objects do not count towards the organization’s limit, depending on their source and type. A similar situation is applicable for many other features. Knowing which custom objects count towards your organization limit is not an easy task. Nevertheless, identifying those can reduce your requirements.

Restricted-Use licenses

There are some individuals in your organization who don’t need to use a service or feature at its full capacity. As such, besides the Full-Use subscriptions, Salesforce also provides Restricted-Use subscriptions. Their purpose is to grant end users rights to use a tailored made subscription model meeting an end user’s specific business requirements, typically at a lower price than Full-Use subscriptions.

For example, you may acquire Service Cloud Restricted-Use subscriptions which allow your users to have full use access to only a few objects and have read only access to a couple of others. This is a contractual restriction and is not technically enforced. As specified in all order forms which include such Restricted – Use subscriptions, it is the customer’s responsibility to ensure that the individual users do not breach the contractual restrictions. Otherwise, the Restricted-Use subscriptions are converted into Full-Use subscriptions and additional fees are applicable, starting as of the first date on which the first violation started until the end of the subscription term.

What can you do?

The first step is to thoroughly check your contractual documents (order forms, order form supplements) related to the purchased subscriptions. Next to this, you should determine any usage limitations and restrictions as applicable for your Salesforce subscriptions.

Secondly, you should perform periodic reviews of your Salesforce consumption and determine any required remediation actions that may be needed. This, to pro-actively maintain your Salesforce organization. If your usage exceeds your contractual limitations, you should first do a clean-up of the items that are no longer necessary in order to re-use part of the use rights as granted.

As some of you may have already found out, there’s no simple way to keep track of your license compliance position for Salesforce. This is mostly due to the numerous standard or custom features, all coming with specific consumption and deployment rules. The existing documentation and in-app usage reports are focused mainly on service adoption rather than on creating visibility in terms of license compliance. In case you need assistance to start setting this up correctly, please let us know and we are happy to help.

This article was published on 07-07-2020