Slashdot Mirror

← Back to Stories (view on slashdot.org)

Software Audits: How High-Tech Software Vendors Play Hardball (infoworld.com)

Posted by BeauHD on from the code-of-omerta dept.

snydeq writes: InfoWorld's Dan Tynan offers an inside look at how high-tech software vendors such as Adobe, Oracle, and IBM play hardball over software licensing, pushing customers to "true up" to the tune of billions of dollars per year -- and using the threat of audits as a sales tool to close lucrative deals. "When it comes to software audits, the code of omerta prevails," Tynan writes. "It's not a question of whether your organizations' software licenses will get audited. It's only a question of when, how often, and how painful the audits will be. The shakedown is such a sure thing that nearly every customer we contacted asked us to keep their names out of this story, lest it make their employers a target for future audits."

6 of 162 comments (clear)

  1. After Microsoft forced us to buy... by Anonymous Coward · · Score: 3, Informative

    several times as many CALs as have employees, we're moving what we can to Linux.

    1. Re:After Microsoft forced us to buy... by guruevi · · Score: 2, Informative

      In the Microsoft licensing scheme you have to pay both device CAL's and user CAL's. So for each device you buy a device CAL and per user you pay for a user CAL. Server's also have to pay per processor (which is a toss-up between physical processor, core and thread depending on product and vendor or a combination of them).

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    2. Re:After Microsoft forced us to buy... by sexconker · · Score: 3, Informative

      Everything with separate user and device CALS I've ever seen lets you choose whether to buy a user CAL or a device CAL.
      Some things require you to license only one way or the other. For an RDS service you can't mix user CALs and device CALs. It's one or the other, so you have to determine which is cheaper overall.
      For server software like SQL, it was per socket for ages. Recently they started charging per core, and a typical license allows you to run on 2 cores, so you need to buy packs of licenses covering all the cores you need to run on.
      For Windows Server itself, you've got a similar situation as above, but you get to run 1 physical and 2 virtual instances per licensed copy of Windows Server. I believe you have to use their visualization shit, but I'm not sure if virtual instances have to run in the physical instance or not. We use VMware and our Windows servers are virtual already, with virtual CPU allocations mapping to physical CPUs. We're already virtualized, so I see no need in running additional virtualization layers.

      Making sense of MS's licensing schemes is a nightmare, especially when they keep changing them. Their sales people don't know what the licenses actually grant you, can't tell you what you need, and have no chance in hell of ever linking you to a place where you can buy a license that matches the name of what they said you should buy. The whole software industry is like this though. I can't buy a software license for an Adobe product and get an actual description of what I'm buying. Buying Acrobat DC got me Acrobat 2016, and I have no clue what type of license it actually is. It installed though, and I gave them money. If they want to audit anything they can read the email logs between myself and their own sales people.

    3. Re: After Microsoft forced us to buy... by Anonymous Coward · · Score: 2, Informative

      You're wrong. You do not need both user and device CALs for the same product, except in very weird/niche scenarios. If you were audited, and this was what you were told, you should take legal action against the auditing company (not Microsoft) as they probably gave you incorrect information.

      Do bear in mind that it is your responsibility to know the licensing terms and argue your side. The auditing company can often be clueless, or have an incentive to rip you off.

  2. Re:Ok, so how should it work? by dbIII · · Score: 5, Informative

    Four years ago I was sent some audit paperwork (Microsoft SAM) as part of a shakedown with the excuse that the business I work for bought an NT server licence and 10 CAL licences in 1998. That was the last licence purchase from MS apart from OEM licence since the place was a *nix shop and moved to SAMBA around 2000 (no point having a single MS server - should have at least a backup domain controller anyway since MS server is so fragile). So in 2012, FOURTEEN YEARS after buying licences the vultures turned up.
    I took a look at it, it had dozens of pages of things unrelated to the actual licences including questions about the number of android, mac and linux devices. I decided that it was a very offensive fishing expedition and marketing exercise and that I had no desire to ever be in the situation where they could legally inflict this upon me. so I told them the licences were not current and not in use so I was not their customer - several times, and eventually they stopped contacting me.
    It was a whole lot more than just sending them details of current licences (of which I had none) and clearly was designed as a combination of shakedown and very intrusive marketing information aquisition.
    So it's not just about satisfying them that you have current licences, they want to know about what else you have from other vendors, number of employees, company income etc which is none of their business.

  3. Re: Phony FUD story. by Anonymous Coward · · Score: 2, Informative

    I agree.

    But, having done many myself, what actually happens is that the Chef will try charging you for 6 sandwiches. You will say, hey, look, I only got 3. And he will say, prove it. So you have to measure your feces to prove it is only the weight 3 sandwiches would produce. He will then reply, maybe you are constipated, so that isn't proof. You then take a laxative, and show him that your bowels were empty, and indeed only received 3 sandwiches. He will then agree over the phone, and send you an updated license position statement, clearly showing you received 3 sandwiches, but only paid for two. You then have to go through the whole exercise again before the Chef understands. Meanwhile, you spend 30+ unproductive hours convincing some "sandwich artist" you aren't a thief.

    I think for every hour over 2 spent on an audit that doesn't result in "fines", the client should be reimbursed at market rate for IT in that area. VL are more expensive than advertised when you include the audits! From my recent experiences, it looks like MS is making them more frequent now too, closer to every 2-3 years instead of 5-8 like it used to be!