Perpetual licensing is no more. It is not resting ... it is stone dead.Further to the update in our May'22 blog Broadcom have announced a 'simplified offering lineup and licensing model' that will - of most interest - put an end to the availability of perpetual licenses. The statement itself is quite definitive:
To challenge any degradation in your position you'll need the facts - the basis of your original position to compare to where you have arrived, and this may well be some years down the track, so again this is where a robust SAM function will step-up with the analytics and the matter of record to enable such a conversation to occur. Overall - a sad chapter in the history of software licensing. Where choice is removed from the client it can only be bad.
0 Comments
in a major narrowing of ITAM / ISAM providers in the market ...Flexera's announcement would suggest that the "Joint offering and strengthened partner network will provide customers with more data and capabilities to understand their IT environments, manage cost and reduce risk", and interestingly (at least for now) state that they will "continue to innovate, enhance, maintain, and support both Flexera and Snow solutions". Now for those organizations that aren't flush with funds, and don't need a full FinOp's solution, but perhaps just want to get across their IT hardware and software landscape and garner control of those assets why not look at the niche solutions market here - including our own ComplianceWare product - you might well find that you can have a product at a much lower cost that meets your needs and solves the problems you have, without over investing in inflated platforms that are over-loaded, over-sold, and over-priced for what you actually need.
The GAO analyzed six randomly selected Department of Defense (DOD) programmes based on fiscal year 2023 budget size and grouped the investments into three groups — greater than $100 million, between $100 million and $10 million, and between $10 million and $1 million, with key findings that vendors:
Not a good story, although no doubt a common one that, given CIO's and CTO's relentless push to the cloud in recent times, (fully endorsed by doe-eyed executive committees and boards clambering to chat that 'yes, we're doing that too') are unlikely to get air time in that respect - just glowing reports of progress and ever increasing (perhaps slowly) 'number of migrated applications' statistics. Now we're not saying there is no place for the cloud - there is - but per the recommendations of the GAO from this report, it needs to be formulated through guidance and plans that fully address identifying, analyzing, and mitigating the impacts of restrictive software licensing practices on cloud computing efforts. And therein is the problem. Many CIO's and CTO's would rather rely on vendors or consultants recommendations rather than their own in-house expertise across IT, SAM and procurement teams who know in detail what - and where - costs and impacts are likely to arise. So if nothing else, perhaps try to use the GAO's Examples of Reported Restrictive Software License Practices table below as a minimum checklist of what to consider with your next cloud migration programme - it might bring some future issues to light and maybe even save just a little grief! As announced by HCL with the release of BigFix 11, support (across all BigFix Platform components including Root Server, Relay, Client, Console, Web Reports) for version 9.5 will end. Users are encouraged to upgrade to either version 10 or 11 (free under S&S subscriptions) or face potential extended support costs if still running 9.5. As a result, IBM have also announced that their License Metric Tool (ILMT) will withdraw support for BigFix server and clients in version 9.5 at the end of Q4 2024. While it doesn't mean that you'll be ineligible for PVU subcapacity, it does mean that you won't receive support from IBM if your environment stops working correctly, and no doubt prove increasingly problematic in various ways. So while its 9 months away its best to get the upgrade onto your plans now, as that time will all too easily disappear leaving you with a budget shortfall to cover what is typically hefty extended support fees!
Although it's easy to overlook regular reviews of your development environments - it's still necessary.
Focusing on the 2022 edition of Visual Studio, the guide complements the standard Product Terms and/or the EULA for retail and community versions, with the Visual Studio License Directory also a good reference site covering all things related to Visual Studio, including prior versions. Firstly, aside to the Community Edition (being the free, full-featured IDE for individual developers and small organizations with 5 or less developers, and for education and open source software), what are the available options: The licensing fundamental with all Visual Studio subscriptions and Visual Studio Professional is that they are licensed on a per-user basis, meaning each licensed user may install and use the software on any number of devices to design, develop, test, and demonstrate their programs. Visual Studio subscriptions also allow the licensed user to evaluate the software and to simulate customer environments to diagnose issues related to your programs. Importantly, each additional person who uses the software in this way must also have a license. You'll also need to consider the environments in which Visual Studio can run, as although the licensed user can install multiple versions on multiple devices, it cannot be used in a production environment or environments that constitute production environments such as:
So keeping in mind these two base conditions - ie. everyone who uses the software (with some exceptions such as acceptance tests) must have a license, and use is limited to certain environments - review the paper for guidance specific to your situation and ensure you are compliant, as remedial costs attached to any breach can be very (and that is Very) costly.
Published on their Customer Support website HCL have advised that charges across renewals and the full software catalogue price list are increasing by a hefty 15%, which is likely to burden already stretched IT budgets. And while the impacts of this jump are fully considered, keep a lookout for similar announcements from other software vendors - these announcements tend to come in waves. So best get prepared for your upcoming renewals with those arguable positions, concessions, additions or any available means to minimize your uplifts, along with the inevitable explanations to those in your organization who believe (others) costs should only go down, never up!
Recognizing that customers have adopted a predominantly hybrid cloud deployment model IBM has expanded its cloud collaboration offerings and will now allow clients who purchase IBM SaaS Software in AWS Marketplace to be eligible to draw down against their AWS Enterprise Discount Program commitments, quoting from the announcement: Building on IBM Software being available as-a-Service (aaS) on IBM Cloud, this first-of-its-kind agreement between IBM and AWS will provide clients with quick and easy access to IBM Software that spans automation, data and AI, security and sustainability capabilities, is built on Red Hat OpenShift Service on AWS (ROSA), and runs cloud-native on AWS. The two companies are also committing to a broad range of joint investments to make it easier for clients to consume IBM Software on AWS, including integrated go-to-market activities across sales and marketing, channel incentives, developer enablement and training, and solution development for key verticals and industries such as Oil and Gas, Travel and Transportation, and others. The availability of these SaaS products complements IBM's extensive portfolio of 30+ Software products that currently can be deployed manually in AWS Marketplace and the ability to Bring Your Own License (BYOL) for users that already have their own license so they can deploy the software faster. Together, this gives organizations a comprehensive set of options to build and run software in the way that best meets the unique needs of their business. The comparative pricing options and benefits of BYOL vs the AWS drawdown credits will prove the interesting point at a client/product level here, so will now add some extra homework for the licensing experts in your organisation!
... maybe not.
While companies continue to pursue their relentless campaign of 'moving to the cloud' could they be overlooking their on-premise software position? (similarly, if you're not tracking and aligning your cloud consumption accurately you might be overpaying just the same, but lets just look into on-premise). At a recent (2022) webinar broadcast a former Oracle license management services (LMS) manager, Adi Ahuja, said that Oracle's audit has become "a sales enablement tool." Although Oracle states that their LMS "operates independently from any ongoing commercial discussions. Our services are delivered by a global team of highly experienced and knowledgeable consultants who collectively offer unrivaled knowledge on all aspects of Oracle's licensing policy." in practice there was a close relationship between sales and licence audits, Ahuja said. No surprise to anyone who has been subject to such an audit. But lets not single out Oracle - all of the majors undoubtedly co-ordinate an audit internally - bringing in the product team, finance, sales, and of course, the account team. Ok ... we get that, but how does the software baseline assist us in establishing what's really going on?Take the often cited audit line of 'we found a few things, but you'll just need to top up those products'. Easy enough - you buy the products in the renewal at your entitled price and all is good. What you're not potentially seeing though is the compliance cost as a result of those findings that has been built-in to your renewal fees. Compliance cost? The renewal fees look fine - what are we referring to? Well simply, you might have got a better price overall had you been able to breakdown where those costs came from, and that means having a costed baseline (ie. line-item level) that you can apply all of the adjustors to (inflation, price increases etc) and determine whether any 'additional' costs have covertly come in to play - aka, a compliance cost. Only then can you challenge the vendors assertion that 'you'll just need to top up those products' given what the baseline will tell you is how much backdating has been applied, whether the top-up was in fact at entitled price, and ultimately whether the overall renewal fee has been indexed reasonably at all. Consider the room your vendor has to move when you're faced with a multi-million dollar renewal - there are numerous places to 'hide' revenue pulls, and that doesn't change at lower levels, it just scales down. Establishing and maintaining a baseline can be something companies flinch at - they see it as just not worth the effort - by default then delegating this to their vendors, aka granting free rein to manipulate pricing as they see fit. So while it might take a concerted project (or how about an actual SAM practice!) to get going once established - and maintained in a purpose built system such as ComplianceWare - the overheads are much reduced and the benefits more easily returned. Further, it sends a convincing message to your vendors that you actively manage and are across your software landscape and commercial position, which makes them much more wary of any attempts to hoodwink you with a 'great renewal offer that puts any compliance issues to bed'!
Tucked away (as usual) outside the summary of updates is clause 4.1 - License Verification and to a lesser extent 10.2 - Client's Reporting Responsibilities (applicable to sub-capacity licensing), which compound compliance and reporting obligations - lets take a look. Firstly, clause 4.1.(a) states the "Client will, for all Programs at all Sites and for all environments, create, retain, and each year provide to IBM upon request with 30 days' advance notice: i) a report of deployed Programs, in a format requested by IBM, using records, system tools output, and other system information; and ii) supporting documentation (collectively, Deployment Data)". Unlike version 10 of the PA Agreement (November 2017) which contained a much more lenient requirement that "Client agrees to create, retain, and provide to IBM and its auditors accurate written records, system tool outputs, and other system information" which would occur simply "on reasonable notice" rather than a regular, annual basis. Adding to this, where running under sub-capacity licensing as before you are then required to "properly install, run, and maintain the most current version of the applicable license reporting tool within 90 days of Client's first deployment and produce a report. Unless IBM approves a different reporting tool, the Client agrees to the following tools.
Ok, no real change there and easy enough right? Well yes, you're still required to run and keep reports at minimum quarterly and retain for a two year rolling period - and remember to have an individual(s) who is assigned the "authority to manage and promptly resolve questions on reports or inconsistencies between report contents, license entitlement, and the applicable license reporting tool". Better check that's been added to the appropriate JD's along the way. The new clause 10.2.(e), is somewhat favorable to the client in that it provides an avenue to address (with IBMs consent) deviations from the sub-capacity model, which in most cases would probably result from operating systems becoming non-eligible over time. What we (and others) have always attested to though is being solely reliant on one reporting tool, like ILMT, can prove very problematic in that where improperly configured you could easily be over-reporting and paying much more than you should - having an independent product (like ComplianceWare) is often the best - or only - way to reconcile outputs and ensure accuracy. so ... when does all this start?Well, basically now:
Employee for Java SE Universal Subscription: is defined as (i) all of Your full-time, part-time, temporary employees, and (ii) all of the full-time employees, part-time employees and temporary employees of Your agents, contractors, outsourcers, and consultants that support Your internal business operations. The quantity of the licenses required is determined by the number of Employees and not just the actual number of employees that use the Programs. For these Java SE Universal Subscription licenses, the licensed quantity purchased must, at a minimum, be equal to the number of Employees as of the effective date of Your order. Under this Employee metric for Java SE Universal Subscription Programs(s), You may only install and/or run the Java SE Universal Subscription Program(s) on up to 50,000 Processors, If Your use exceeds 50,000 Processors, exclusive of Processors installed and/or running on desktop and laptop computers, You must obtain an additional license from Oracle. Key points - Count all employees, not just users, and this includes those outside the organization that support your internal business operations! How many individuals might that definition capture in a large enterprise, if you can indeed identify and track them accurately at all !! Then you're facing a tiered per user monthly subscription cost (that reduces based on higher volumes, phew) that would see a shop of 500 Employees facing $7,500 per month in subs! So what are my Java options ...
So lets look at the licensing currently available for Oracle Java SE releases:
And how do the LTS and non-LTS releases co-exist?For product releases after Java SE 8, Oracle will designate only certain releases as Long-Term-Support (LTS) releases. Java SE 7, 8, 11 and 17 are LTS releases. Oracle intends to make future LTS releases every two years meaning the next planned LTS release is Java 21 in September 2023. For the purposes of Oracle Premier Support, non-LTS releases are considered a cumulative set of implementation enhancements of the most recent LTS release. Once a new feature release is made available, any previous non-LTS release will be considered superseded. For example, Java SE 9 was a non-LTS release and immediately superseded by Java SE 10 (also non-LTS), Java SE 10 in turn is immediately superseded by Java SE 11. Java SE 11 however is an LTS release, and therefore Oracle Customers will receive Oracle Premier Support and periodic update releases, even though Java SE 12 was released. This fundamentally raises some questions and no doubt financial concerns for many, so if you haven't done so already make sure you're across your Java landscape and can quantify not only future costs, but future efforts, and make the right decisions for how you want to continue with your Java developments and solutions.
Internal Audit Report highlights flaws in NASA's SAM Practices that many organizations will relate to.The OIG summary of their SAM audit says it all:
... with all of the above quantified in cost terms as:We estimate the Agency could have saved approximately $35 million ($20 million in fines and overpayments and $15 million in unused licenses) and moving forward could save $4 million over the next 3 years by implementing an enterprise-wide Software Asset Management program. All very compelling to implement improvements and progress NASA’s Software Asset Management from “basic” — the lowest of the four rating options in the Software Asset Management Maturity and Optimization Model developed by Microsoft — through the scale as per tiers and representations below:
The report is an insightful read for all SAM practitioners - and responsible management and executives - with clear language and succinct descriptions of the scope and challenges in the field of software asset management, and a pragmatic approach to the creation of an effective SAM Practice that applies to any size organization with a notable software inventory, not just those on the NASA scale. So, to the findings ...It was recommended that the Chief Information Officer: (1) establish enterprise-wide (institutional and mission) Software Asset Management policy and procedures; (2) implement a single Software Asset Management tool across the Agency; (3) align the Agency Software Manager position to report to the Agency Chief Information Officer; (4) establish formal legal representation and guidance for vendor software audits; (5) establish a software license awareness training ‘short course’ focusing on approvals, compliance, and other issues a general user might encounter; (6) implement a centralized repository for NASA’s internally developed software applications; and (7) develop an Agency-wide process for limiting privileged access to computer resources in accordance with the concept of least privilege. Additionally, to strengthen the financial aspects of NASA’s Software Asset Management it was recommended that the Chief Financial Officer: 8) implement a “penalty spend” classification in SAP to track license infractions and true-up payouts and 9) centralize software spending insights to include purchase cards. Nothing fresh there, just the usual (and often unheeded) advice.
In a Statement of General Direction IBM states its intention to announce a high-density 24-core processor for the IBM Power S1014 system (MTM 9105-41B) to address application environments utilizing an Oracle Database with the Standard Edition 2 (SE2) licensing model. It intends to combine a robust compute throughput with the superior reliability and availability features of the IBM Power platform while complying with Oracle Database SE2 licensing guidelines. Now that has to present a dilemma for Oracle ... it has clearly positioned SE2 licensing as not affected by the number of cores per socket, so how might it view and react such a direct challenge to such advances in processing power and (more aptly) lost revenue opportunities? This must bring some angst to the halls of Big Red - what to do? The obvious reaction would be to cap the number of cores, however that's a full u-turn on the defining characteristic - and 'promise' - of their licensing terms - "With Oracle Database SE2, customer license costs remain the same regardless of the number of cores in the socket." While there would be nothing legally preventing Oracle from refining these rules it would still very much sour and sully the opinions of their customers, and no doubt cause skepticism longer term. And ultimately, it brings to question consistency - might it be more beneficial to everyone to have uniform metrics across vendors? Ultimately it comes down to processing power, so would a universal metric like mainframe MSUs or MIPs be more appropriate? ... we think so.Unisphere Research, a division of Information Today, Inc., surveyed the readership of its Database Trends and Applications publication, which consisted of database managers, developers, CIOs, and IT directors. The survey, which sought views and experiences with software licensing and audits, was conducted in partnership with LicenseFortress gathering a total of 283 usable responses of which 155, or 69% of survey respondents, reported having been audited within the past three years, and 79% reported having been subject to a software audit within past five years. And the key findings? - the same fundamental approach and issues persist:
Lets take a closer look ...Interestingly, with all the hype and suggested benefits and advantages of moving to the cloud, close to 80% report that it has not changed their software compliance issues, or, in the case of 38% of respondents, it has increased compliance concerns. Only about one-fifth - 21% - say cloud has reduced their compliance issues. And even with close to half - 46% - reporting significant amounts of applications and data in the cloud (defined as greater than 25%), more than half of enterprises reported being audited by one or more software vendors! Similarly, audits themselves haven't changed much at all with 60% of respondents reporting their software audits lasting up to two months, 30% reporting audits lasting between three to six months, and 10% had audits extending more than six months into a year and beyond. The length of audits had 41% of smaller companies wrapping` up audits within a month, while half say the process lasted beyond three months, and 64% incurring additional charges for noncompliance. A substantial portion, 35%, had to pay $100,000 or more to achieve compliance with the vendor, while 10% saw $1 million or more in fees. So, in summary :Unsurprisingly, given the outcomes haven't essentially changed, the underlying good practice principles have also not changed - Software Asset Management is seen as critical to mitigating the impact of software audits by a significant share of respondents. Close to half, 44%, see SAM as essential to reducing the costs of their software, which is impacted by vendor audits. Another 41% cite the importance of SAM in avoiding compliance issues, with the leading choice being an internal software asset management/IT asset management (SAM/ITAM) team supported by SAM specific third-party tools. Disappointingly, it seems many respondents still remain reliant on vendor resources to support their audit. For some of the key underlying data click through the graphs below ...A slick new consolidated (and overdue) look for all IBM terms from one convenient site.
The Software license terms (all post May 1999) are searchable via the 'Licensing & Compliance' filter category, by time frame or license information (Program name/number, document form/part number, License Information (LI) number or License Information (LI) title): So nothing new or revolutionary on that front, however the ease of use and in particular the layout, share, download, and notification options provide all of the basic /requisite features you'll need - all in all, a welcome step forward from the IBM licensing team!
Firstly, lets take a look at the Terms of the Acquisition (all figures approximate)
... all very interesting, but what might it mean to us as customers?
So if you are a client of either Opentext or Micro Focus it would seem timely to review your licensing position in detail, ie. collect:
If you detect any discrepancies deal with them as a priority (remembering of course that there are likely footprints across your IT landscape over a good period of time), so remediate knowingly and accordingly. Also review your renewal dates and plans - if it falls into or around Q1/Q2 2023 it might serve well to request a renewal quote early to use as a comparison should the actual transaction occur under any new conditions or contracts. And as we've said before, keep an active watch on the Account Exec's/Managers you have with these two vendors - where changes are communicated it can be a pretty reliable indicator that there might be an audit letter in the post. So once again, a market shift that means its time to review, validate, confirm and ... prepare!
Well its 2022 ...... so we figure its time for a logo upgrade!Our first logo dates all the way back to 2015, so we figured it was due a revamp - a bit of modernising, a bit of an uplift, a look that reflects the more contemporary state of the company in 2022. While we chose to maintain the colour combination of the prior logo, we've gone with a crisper font and a change from the spiral graphic to a more 'pointed' set of two forward facing arrows, reflecting the journey that is moving a business from an unknown to a controlled state. It's now deployed across our web presence, and will roll-out progressively through the various documents and other published material, so we hope you like it! We'd love your feedback - feel free to leave your comments below.Oracle have announced the availability of a free License Manager tool to assist moves to OCI.While somewhat limited, the License Manager tool may well suit those organisations that don't run a full featured SAM system (such as ComplianceWare), and still need oversight across their OCI deployments.Currently, License Manager supports the following Oracle products and options:
It also provides some further capabilities such as apparently automating the license portability rules and API's that could prove useful for batch loads and integration with related systems, so if it might fill a gap in your SAM programme could well be worth a look.
If you rely on IBM Sub-Capacity licensing its a good idea to check you are meeting the compliance requirements on a regular basis ...You no doubt recall that IBM divested the BigFix portfolio of products to HCL in 2019, however maintained ILMT (which remains based on BigFix Inventory), as their free license measurement tool that can be used to meet the reporting and validation requirements under the sub-capacity rules. There is no escaping the sub-capacity rules - as IBM states: "the use of ILMT is recommended for Full Capacity PVU environments, and is mandatory for use with PVU sub-capacity licensing". There are some exceptions to this requirement, essentially though, its only where you measure everything at Full Capacity. So a quick recap of the base requirements for sub-capacity licensing:
The other validated tools? Only Flexera One with IBM Observability IT Asset Management and Flexera One IT Asset Management at this time. Now there are some 'tricks and traps' in running ILMT that we reported on back in 2020 (refer blog here), so make sure you're aware of and managing those gotcha's, and then you'll need to ensure that your IT team is across the eligible technology requirements - most notably - 'Eligible Operating Systems'. These are regularly updated - with only 180 days notice of any withdrawal - so you might find yourselves exposed to the untenable position of being denied sub-capacity licensing based on the OS you're running - as an example, the earliest eligible version of Windows Server is now 2012 ! It can be very easy to lose sight of these changing conditions, and doing so at best can be very problematic, at worst very expensive, so make sure keeping current is diarized in your (and the relevant IT teams) calendars. Further, ILMT itself will need roles assigned to maintaining versions and your software catalogue, and also meeting the quarterly reporting requirements. Keep in mind ILMT retains historic data, so any late changes might well be contested under audit, so better to keep on top of your situation on an ongoing basis. ... all good reasons to perform a timely health-check across your IBM sub-capacity licensing.A 'rapid move to subscription licensing' is telegraphed by Broadcom to expedite returns.It was only December when we wrote about 2022 potentially being the 'beginning of the end for perpetual licensing', and with Broadcom's announced acquisition of VMware we are surely seeing the telling signs. The transaction is expected to add approximately $8.5 billion of pro forma EBITDA from the acquisition within three years post-closing, which, as reported by the Register, is a significant undertaking given VMware currently produces about $4.7 billion. Their strategy to accomplish this? According to Tom Krause, president of the Broadcom Software Group, who stated on a Broadcom earnings call that they would embark on a “rapid transition from perpetual licenses to subscriptions.” and that can only mean one thing ...
Of course, there will be the usual designs on new customers etc, but fundamental growth can surely only come from the existing client base. The formula no doubt has been carefully crafted, planned for the coming months and years, and be executed slowly and purposefully renewal by renewal. As we know with any push to a subscription model the initial proposition will be quite compelling - savings on the spot! Existing investments in perpetual licenses will be recognised and applied! No wastage - pay only for what you use! No downside at all - wait hold on - you're adding consumption? That'll be at a different rate - its new workload after all. And the next renewal - well we've had to add some research and development investment there, as well as account for our additional operational costs, so yes, admittedly quite a jump there. However with CIO's and CTO's promoting the relentless move to cloud and subscription based platforms for the short term ROI, it'll be awhile before those 'would it be more cost effective to run this stuff in-house' questions emerge in the boardroom, and by then, the changes will be irreversible and well ... just too late. So we will watch with interest what else might develop over the year in this space, be it via M&A or just plain changes in vendor offerings and models. What does seem to be more and more clear though - perpetual licenses are indeed an endangered species.
Original plans had customers entitled to a 24 hour support response time when their Software Assurance spend was more than $250,000 USD - as of next year though, you'll need a Support Contract. That means either a Unified Support arrangement across your enterprise, or the uptake of pay-per-incident support (also available as a 5-pack option that expire within a 12 month period), which doesn't seem a particularly attractive proposition to smaller organisations. If you do have a Unified Support Contract you can transfer any current Software Assurance 24x7 Problem Resolution Support incidents before February 1, 2023. And the costs - well Unified Support is customised based on the actual spend, where pay-per-incident is published at Professional Support For Single Incident – $499 USD for 1 user. Professional Support For Five Pack Annual – $1,999 USD for 1 User. So you might need to revisit those 2023 forecasts just to make sure you've covered any additional costs you might incur - or maybe challenge Microsoft to their commitment that "Our goal is to ensure every customer gets comparable support services at a comparable price, despite the benefit retirement." !
A caution when relying on vendors to deliver projects with software installs.Many projects require the expertise of vendors to install, configure and productionize their software and systems, however as the client and end-consumer you need to be aware of what exactly is making its way into your environments. All too often following discovery we'll find unaccounted for vendor software, which typically after an onerous investigation is found to be remnants from the vendor-led project, anything from desktop clients to entire VM's, each of which can have dire compliance implications and cost. But "hold-on - we didn't install it - the vendor did" is the common response, however a quick pointer to the relevant contracts will soon expose that this does not offer any defense - the customer is always responsible for compliance, even if it is the very vendors software in question. At a more concerning level is when a vendor installs another vendors software - while this is not uncommon with the extent of partnerships and interoperability in the modern industry, it still needs to be clearly and formally covered, ideally contractually or by reference to the vendors right to distribute and use any IP they don't own. These artefacts need to be registered and retained in the event of an audit that questions your usage rights - in the worst case scenario if the vendor has breached another parties IP rights you too could end up subject to an infringement claim, and that's no place you want to be.
And never rely on the vendor's personal emails or assurances that 'all is well' - none of that will hold-up under audit (even if they are still there). When it comes to IP all bases need to be formally covered, and if that's proving to be a problem, well you might want to be even more wary.
Hats Off to IBM for it's new dedicated Licensing and Compliance site.Launched on the 17th February the site is a comprehensive, easily navigated resource for both SAM beginners and experienced personnel alike. Quoting Wes Mantle from the Licensing and Software Sales division: "We hope our Licensing & Compliance website will be a go-to resource for IT executives and SAM/license managers, providing clear guidance for measuring deployment effectiveness and navigating software verification process in an efficient, fair and timely manner."The 'Licensing' section offers a good starting point with links to related subjects and material, and also provides particularly good graphical representations of IBM's many agreement structures along with key terms and clauses, while the 'Measurement' section covers the array of metrics and topics across on-premise, cloud and mainframe platforms. If short on time, on everyone's list should be a read and review of the new licensing Guides that include:
The guides have been re-written in a much more readable and informative style covering all fundamental licensing subjects including the often misunderstood virtualization, backup and recovery, and non-production environment rules and obligations. Of course the site wouldn't be complete without covering IBM's Verification approach, which includes audits, self-declarations and the IASP program. Interestingly, the section doesn't make reference to IBM's new, hosted, software management tool ESMT. The Enterprise Software Management Tool is described as an enhancement over the functionality currently provided by PA Online, providing "a full software inventory which details the number of licenses currently deployed and the number of licenses available to deploy. This can be updated in real-time to reflect any changes in requirement, meaning you always have a contemporaneous view of your IBM license position". What's not clear is how the tool will actually operate in order to provide the view of "how many licenses have been used, where and by whom". This seems to imply some degree of discovery across the client landscape - on an ongoing real-time basis - which would come with its own complexities and certainly, concerns. We'd be keen to hear from anyone who has or is looking to adopt this approach - please comment below or get in touch! What's not raised cynical eyebrows though is IBM's view of the benefits of being in compliance:
... we can all agree on that! So set aside some reading time and work your way through the site - it will be a valuable use of time, and ensure you bookmark it as you'll no doubt have cause to return on numerous occasions!
Does your company distribute Adobe Reader to employees? ... if so, make sure you have a valid Distribution License.Now it's not as onerous as it sounds - it can all be done online, so lets look at some of the detail. When do I need it?A Distribution License Agreement is required for:
Note: You do not need to apply for a Reader Distribution License if you prefer to direct users from your website to Adobe.com to download Reader. What does the Agreement allow me to do?You will be authorised to:
What are the key restrictions?You must:
Ok, got it ... what do I do now?You'll need to apply for a desktop license which will take just a few minutes and is required to determine how you intend to use Reader. After you complete the short online form, you'll receive an email with a link to the installers. You'll also need to mark a renewal date 12 months from receipt to reapply - the agreement is only valid for one year.
The Software Landscape is now ripe for vendors to lock-in Subscriptions and eliminate what (to them) are much loathed Perpetual Licenses ...
So what could be done to solve their predicament - enter Subscription Software!
So make sure your cloud strategy includes a proper evaluation of licensing - ask where will I end-up following that journey from a commercial perspective? Everyone will say 'Better-off' ... but you might find in the long term that's not necessarily the case.The Software Freedom Conservancy sues Vizio, Inc. for alleged violations of the GNU GPL covering software incorporated into certain Vizio smart TVs.
An early and widely publicised example of the impacts of such non-compliance was the 2008 lawsuit initiated by the Free Software Foundation (FSF) against Cisco Systems that alleged several of Cisco's consumer network routers used GPL licensed code. The litigation was settled with Cisco releasing the source code, making a contribution to the FSF, and appointing a compliance officer. Quite the kicker. In this latest action SFC asserts that all consumers of copyleft code deserve the opportunity to know, access and modify the code on their devices and is seeking the release of the complete, corresponding source (CCS) for all GPL’d components on Vizio TVs. The benefit? Well much as it was with the older analogue hardware TV's that would be repaired by technicians, coders would have the option to repair the software when the supplier potentially stops support for their older models (surely not from 'built-in obsolescence'?) And lets not forget the ethics involved given the FOSS history and the principles that underpin it. From its fruition in the 1990s and early 2000s when Linux and other GPL’d software was considered nothing more than experimental. From those curious beginnings grew the community of enthusiastic developers whose software has benefited and furthered the rights and freedoms of individual users, consumers, and developers around the globe. It is a culture worth preserving and that means keeping organisations who benefit from that culture honest. (SFC refers to this as 'Ethical Technology' meaning technology that serves its users rather than the corporations who profit from it and preserves and promotes the rights of those impacted by it). So if you are an organisation using open-source software, and in particular, incorporating it in proprietary commercial products, make sure you understand your compliance obligations with the relevant open source licenses. If you don't, you might soon find that letter arrives requiring you to release all of the IP you've built on top of the most excellent Free and Open Source Software that we all benefit from. The Software Freedom Conservancy is a 501(c)(3) nonprofit organization that is supported largely by individuals who care about technology and advocates for software that has been designed to be shared (using copyright licensing that allows users to freely use and repair it, and, in particular, forms of software licensing that use the restrictions of copyright to promote sharing called “copyleft”, such as the GPL).
|
<
>
Archives
November 2023
|