This week, organizations far and wide are stressing quite a bit about the General Data Protection Regulation, which we’ve written about many times over here at Associations Now, including an overview of how associations have been preparing for the May 25 compliance deadline and a report last week on how the regulation may improve trust between organizations and their constituents.
GDPR, the European Union’s big play to protect the private information of EU residents, is a messy reminder of the dance that compliance and technology play with one another at the corporate level.
But it’s not the only reminder out there. In fact, IT departments can face numerous other kinds of compliance headaches related to their asset management structure, including from the companies that supply them or their vendors with software—whether directly or indirectly.
In recent years, large companies such as Oracle and SAP have increasingly turned their businesses toward licensing audits, with the goal of squeezing a little more revenue out of clients that can afford to pay.
These audits have been both costly and controversial. According to a 2016 InfoWorld article, the candy maker Mars, Inc., faced an in-depth software audit at the hands of Oracle. The saga led to 233,089 pages of documentation and a court battle between the two companies. Mars eventually agreed to an out-of-court settlement.
For other big tech companies, the audit approach has created public relations problems. Last year, Microsoft compliance guru Patama Chantaruck had to write a blog post defending the firm’s software asset management program as not being the same thing as an audit.
SAP, meanwhile, launched a Licensing Transparency Center last fall, in the wake of negative headlines around its software audit battle with the alcohol giant Diageo. A British court found that SAP’s indirect licensing rules were legal—meaning that, at least in the UK, it can legally charge money for indirect uses of its software.
(Diageo is only one of SAP’s recent targets. Anheuser-Busch InBev recently settled a $600 million lawsuit filed by SAP.)
We could argue all week about whether software auditing rules are fair or represent bad PR. But they’re out there, and for organizations that use complex business software, it can be a real shock to the system to get notified of an upcoming audit.
But for the software industry, there’s a case to be made that companies leave significant amounts of money on the table if they fail to act against improper use of their products. A 2016 study from BSA: The Software Alliance found that nearly 40 percent of software installed on machines globally wasn’t properly licensed. Part of the problem was a lack of control over so-called “shadow IT.”
Most associations don’t have operations on the scale of the companies that make M&Ms and Bud Light, but many nonetheless rely on enterprise software that often gets quite complex down the line. A few considerations for IT departments looking to get a better grasp on licensing questions:
The cloud’s complications. Recently, Amazon Web Services CEO Andy Jassy showed up on CNBC and effectively admitted that AWS is building database solutions designed to let companies get past complex licensing structures. “I think over the last few decades it’s been a rough place for enterprises because they’ve had to contend with the old-guard database providers like Oracle that are expensive, very high lock-in, and also they constantly audit their customers and fine them if they find something,” Jassy said. His point highlights an Achilles heel of cloud computing in the enterprise space: Infrastructure changes, such as those from servers to cloud, can introduce new licensing headaches due to the way contracts are written. When building out your infrastructure, be aware of how existing contracts can complicate these moves.
The open-source factor. A couple of pieces of software commonly used by associations that are unlikely to ever be subject to a software audit are WordPress and Drupal. The reason is that the content-management platforms are open-source, and as a result, they both are free to use and made of software that’s free of any licensing surprises. Not every piece of software out there can promise that. However, be mindful of those open-source licenses as well: If you create a commercial product that integrates open-source software, the rules can change. You may have to pay for that right or release any changes you’ve made to the code under the same license. Do your research.
The vendor equation. With big companies like SAP going after indirect licensing as well as more traditional kinds of access, you can run into a hornet’s nest around the many hands that touch your technology, including through your vendors. It’s good idea to have a general awareness of what’s in your vendors’ software stack, particularly whether they rely on proprietary rather than open-source software. It could help prevent some headaches down the road.
Some commentators are optimistic that we’ll see changes in this model, which feels consumer-hostile. Computerworld contributor Daryl Ullman, for example, recently wondered whether downloading SaaS applications directly from the vendor could help make licenses easier to track.
But consider this a reminder that the software licensing issue is out there and you have to think about it. Better now than when you’re getting audited.
"*" indicates required fields
Software Asset Management is a business practice that involves managing and optimising the life cycle of software within an organisation.
Software asset management is relevant to many facets of a business - take a look at some of the roles that it can form part of the focus of.
Software vendors come in all shape and sizes - all with their own set of licensing models and rules. We take a look at just a few of them.
As a constantly evolving subject, SAM is not without its challenges. We take a look at some of the most common ones.
Wondering what an investment in SAM could do for your business? Fill out a few details and find out what return you could get!
Answer a few questions about your SAM infrastructure & experience, and we'll put together a personalised recommendation for the future.
A simple health check of what's being used across your Office 365 estate in this FREE, Microsoft backed and easy to setup review.
Just like you would with your vehicle each year, get an annual check up of your software asset management programme.
Overwhelmed by the task of documenting the steps for a successful SAM programme? Get the experts in to help!
Concerned your SAM tools aren't covering your whole estate? Or on the look out for an entirely new tool? Get us in to assist.
Not content with covering all things SAM related, we've teamed up with Capital to provide a comprehensive hardware asset management review.
A simple, one-time reconciliation of the software you have deployed versus the licence entitlement you own.
A regularly scheduled analysis of your organisation's estate, specifically adapted to your needs and budget.
A full appraisal of your Microsoft 365 setup and how best to optimise it through automated recommendations.
An add-on to our SAMplicity One, MOT and Plus offerings, quickly diagnose your ability to migrate your resources to the cloud.
In collaboration with law firm Addleshaw Goddard, ensure the legality of your SAM programme and get assistance with any contract disputes.
Available as standard with SAMplicity Plus, ensure you're compliant if you're unexpectedly audited by a vendor.
We've teamed up with some of the forefront experts in licensing knowledge so you can teach yourself to be an expert too.
Stumped by the continually evolving complexities of SAM? Join us for one of our comprehensive courses, either in-person or online.
It’s chock full of useful advice, exclusive events and interesting articles. Don’t miss out!