Q&A: Surviving Software License Audits

“Be prepared” is one key to an expedited software license audit.

The word ”audit” may strike fear into any IT manager but that needn’t be the case. There are several best practices IT can follow to prepare for -- perhaps even profit from -- software audits. We discuss manual and automated approaches, best practices and ROI issues with Steve Butler, CEO of ManageSoft, a Boston-based provider of enterprise software management solutions.

Enterprise Strategies: What's driving the uptick in software audits?

Steve Butler: With the current state of the economy, overall IT spending is decreasing, driving down software vendor revenue on new license purchases and renewals. Even maintenance payments, which previously were considered fixed operational costs, are now facing increased scrutiny by CIOs and especially CFOs. Software vendors utilize license agreements that are highly complex with lots of “compliance landmines” such as virtualization, enterprise licenses, and hardware dependent licenses.

Consequently, major software vendors are increasing their software license audit efforts to drive revenue from existing customers. License audits typically produce a huge return on investment for the publisher -- a 10x (or greater) return is not uncommon. We have many customers who report that they owed well into seven figures to the publisher after an audit.

How prepared are IT shops for audits?

Preparedness varies widely, but it is surprising how many midsize and large enterprises still rely on manual, spreadsheet-based methods for managing software assets. Manual software asset management (SAM) processes take up a significant amount of IT staff time and they simply are not reliable or cost effective. An audit alone can consume many months, during which software inventory and license entitlement data is collected and analyzed. Manual SAM in an average enterprise requires a staff of up to 15 full time equivalent (FTE) employees.

There are many priorities for an IT organization; unfortunately, many organizations don’t appreciate the financial benefits that can be realized from an automated software asset program, so it’s often not the highest priority. However, IT organizations are starting to see that SAM can provide fast payback. Maintaining software license compliance significantly elevates an organization's negotiating position with software vendors. In addition, there are no unexpected true-up expenses and the organization doesn’t waste its IT staff’s time on audits. An automated SAM solution for that same enterprise of average size will reduce the staff required to perform SAM from 15 FTEs to 5 FTEs.

How should IT prepare for an audit?

There are three basic steps in the audit preparation process:

  1. Collecting software inventory: what you have installed
  2. Collecting “entitlement” or purchase information: what you bought
  3. Analysis: determining your vendor license position

To determine what software is installed throughout your enterprise, you need a process that translates hundreds of thousands of pieces of raw inventory data (installer evidence, file evidence, registry data, etc.) into a list of actual application titles and publishers. Software license types, terms and conditions, and product usage rights must all be taken into consideration to understand your vendor license position. This is what tells you whether you are over- or under-licensed for a given application or product suite. Taking these steps will ensure software audit readiness.

What are some of the biggest problems of managing software licenses?

The process of managing software licenses, vendors, and related contracts across the enterprise has become increasingly complex. Most organizations lack a clear picture of their software installations, licenses, and maintenance agreements, and have overspent on many applications. The problem lies in the growing complexity of software licensing models and contract terms and conditions. There are user-based licenses, processor-based licenses, virtual licenses, upgrade and downgrade rights, and many more parameters in the license management equation. These complexities are often exacerbated by mergers and acquisitions, downsizing, and changes in corporate IT environments.

IT organizations face additional challenges including the effective management of thousands of applications used across the enterprise, dozens of software publishers, and vast amounts of inventory and purchase-order data. It is nearly impossible to track all of this manually.

How do newer technologies affect license management?

Virtualization has had and will continue to have a major impact on SAM and license management. Although there are many benefits to virtualization, there are also a few challenges, including the increased risk of software license non-compliance. There are two key drivers at work here. First, it’s easy to create new virtual machines running copies of operating systems and software applications. Second, software publishers have adopted licensing rules for virtual environments that add significant complexity to the already complicated task of managing software licenses.

Data center software is generally the biggest slice of the application investment pie, with typical costs for licenses in the tens to hundreds of thousands of dollars per server. Most data center software is not self-policing for licensing, so it is extremely easy for companies to get seriously out of compliance. An example would be Oracle databases; many options can be licensed separately, but management is left to the customer.

We are talking about serious money here -- it would not be unusual for a firm to owe millions of dollars annually to a data center software publisher. Therefore, it’s critical to understand whether software is properly licensed on virtual machines to avoid unexpected true-up costs and prevent under or over buying. Virtual environments essentially require an automated SAM solution to manage the complexity of mobile virtual machines running on many physical servers.

Other technologies, such as multi-processor/multi-core servers, also affect license management. In some cases, processor-based license models depend on the actual processor manufacturer or processor class, which requires the collection of detailed hardware information as part of the asset inventory process.

ManageSoft markets an automated tool for license management. What do such tools -- yours and those of your competitors -- do, and what benefits do they provide?

A comprehensive SAM solution enables IT organizations to track which applications are installed and in use throughout the physical and virtual enterprise, allowing them to optimize their software investment, reduce costs, and avoid vendor audit surprises.

ManageSoft provides a software asset and license management solution called Enterprise Compliance Manager (ECM) that automates the inventory collection and application recognition process. It also automatically imports entitlement/purchase data from common enterprise financial and procurement systems. In addition, ECM’s SKU library automates the process of reconciling license purchases with installed software and generates a vendor license position.

Benefits of an automated software asset management solution include: reduced IT license and maintenance costs, continuous license compliance, decreased risk of a publisher audit or license review, and increased operational efficiency. There is no more guesswork about what software is installed, how much it is being used, or if it is even licensed. With accurate data, organizations can stop maintenance renewals for unallocated or under-used licenses, consolidate software vendors and standardize software portfolios across the enterprise. ManageSoft’s customers typically report savings of over one million dollars in the first year alone.

One reason IT is careful about spending is that they want a quick ROI. What's the ROI of license management software? How soon can such software deliver results?

An automated SAM solution has proven to deliver a positive ROI quickly. Savings accrue in at three areas:

  • Reductions in new license purchases by re-harvesting and re-allocating existing licenses
  • Reductions in on-going maintenance and license renewals by eliminating unused and under-used applications
  • Reductions in IT staff labor costs required for IT asset management

Furthermore, by focusing on the major software vendors and high-value applications, organizations can achieve six- to seven-figure savings in the first three to six months of implementing a SAM solution.

What distinguishes your product from your competitors?

ManageSoft Enterprise Compliance Manager automates the SAM process and reconciles software that is owned against what is installed. ECM produces reports that help reduce IT costs and maintain software license compliance. New features that are firsts in the SAM industry include support for Oracle database license management, a VMware server virtualization option, and a 100,000+ stock keeping unit (SKU) library for automated “purchased versus installed” license compliance.

Most SAM tools on the market today lack the intelligence to understand and manage software licenses and the terms and conditions contained in software agreements. As a result they provide gross estimates on over-buying or under-buying at best. ECM has built-in sophisticated models for most software licenses, including terms and conditions in order to provide a highly accurate license position for every title and vendor, in addition to the greater automation in ECM relative to other solutions on the market.