by Scott Lewis
Software licensing is one of the most common traps that companies and IT people find themselves in. It is complex and confusing, and now with cloud computing and the popularity around cloud we have opened up a whole new can of worms around licensing. In our business we work with many companies helping them determine if they are in compliance, or how to get into compliance with software laws and regulations.
One important thing to remember is when you buy a piece of software you do not own the software, all you have done is purchase licenses to use the software based on the EULA (End User Licensing Agreement) that you didn’t read but checked the box anyway. However, now you have entered into a contractual agreement that includes fines and penalties if you are caught misusing the software. Some of those fines or fees could be based on what is called, true up, which is basically when your auditor uncovers that you are using more copies of the software than you have licensing for. In a 2014 Information Week software licensing survey, it was discovered that 37% of companies have been audited in the last 24 months, and companies with more than 500 employees have been audited more than 40% of the time. Information Week also states that fines and penalties can reach well into the six and seven figure mark when discrepancies are found to exist.
What are some of the most common ways that companies get caught in the software licensing trap? It is rare to actually find a company that is willfully violating software rules and laws, however it does happen, but most of the time it is simply by accident and lack of understanding of software rules and regulations that create pitfalls.
Beware of the cloud, just because you are moving to the cloud doesn’t mean that you are now immune to software licensing rules. In some cases it has become more difficult and confusing. As an example, the cloud only works if you are connected to the cloud. So what happens when you work disconnected? Not all applications provide for cloud licensing or virtualization licensing so make sure that if you are migrating applications to the cloud that the providers will be able to properly license the application.
Confusion between OEM (Original Equipment Manufacturer) and other licensing programs like Open Licensing, Enterprise Licensing, and other licensing programs offered by different manufactures can occur. Some programs allow you to move software between systems, while others don’t, so the simple computer swap out can become more costly if the licensing is not of the type that allows you to move it from one computer to the next.
Loading demo software or temporary licensing is a common mistake among companies. They want to try out new software, or something they found online, or the next whiz bang thing, so they download it and agree to the licensing without realizing that if they don’t uninstall the program within a certain time line than they could be charged for the software. Or they simply forget about it, until it shows up in an audit. If you are doing proper software searches, than the need to load demo software should be at a minimum, because if you have a good needs and features analysis than you will know before you ever load the software if it is going to fit your business.
Not keeping software agreements current and active can cost you big when it comes time to upgrade, or do a true up on your licensing so you can load the new versions of the software, but it could become a compliancy nightmare if you were audited. We always coach our clients to keep all software agreements current and active. Yes it is a cost against your IT budget, but in the end, it can insure and protect your company from an audit compliancy perspective.
Software audits really do happen and potentially can be very disruptive to your organization while they are going on, and rarely do they ever work out in the favor of the customer. Typically you have already agreed to the audit in the EULA (End User Licensing Agreement) when you loaded the software and the boundaries of the audit are typically spelled out in the fine print of the EULA. Depending on the outcome of the audit there are many classifications that you could fall under, from minor infractions to willfully violating software agreements. The fines and penalties can range from a couple hundred thousand dollars into the millions depending on the severity of the infractions.
Controlling your software should be one of your highest priorities. It can be very costly to your business and typically the cost to fight this far outweighs just doing it right from the beginning. The executives of your company must have a commitment to software compliancy or it can easily spin out of control, and not only become a compliancy issue but a security issue as well. Don’t load unnecessary software on your systems, lock your systems down to insure that users can’t download and install programs without the company’s knowledge and permission. Remove old versions, unused software from your servers and workstations and realize that software compliancy and risk mitigation is something you have to train and repeatedly raise the awareness of your users to insure that if you are audited that you come out squeaky clean.
Scott Lewis is the president and CEO of Winning Technologies Group of Companies, an international technology management company. Scott has more than 30 years of experience in the technology industry and is a nationally recognized speaker on technology subjects such as colocation, security, CIO-level management, data and voice communications, and best practices related to the management of technology resources. Learn more at www.winningtech.com or by calling 877-379-8279.
Submitted 9 years 242 days ago