Software Compliance
  • Home
  • What We Do
    • Services
    • Tools
    • Experience
    • FAQ
  • Resources
    • Company >
      • About Us
      • Careers
    • Agreements
    • Documentation >
      • Brochure
      • Datasheet
      • Security Measures
      • ComplianceWare >
        • Software
        • Hardware
        • Cloud Configuration
  • Contact Us
  • Latest
  • Search

What? ... Cloud options restrictive and costly?

22/9/2023

0 Comments

 

Now who would of thought.

US ​Government Accountability Office (GAO) finds restrictive software licenses associated with commercial cloud contracts have resulted in increased costs and limited choices in service providers.

Picture
The GAO analyzed six randomly selected Department of Defense (DOD) programmes based on fiscal year 2023 budget size and grouped the investments into three groups — greater than $100 million, between $100 million and $10 million, and between $10 million and $1 million, with key findings that vendors:
  • limited the ability to migrate the department’s software obtained through pre-existing, traditional commercial software licenses to cloud computing;
  • established terms and conditions that limited DOD access to previous versions of software;
  • established terms and conditions that impeded the department’s use of specific software by requiring compatibility with specific versions of software from other vendors;
  • limited software available for cloud computing in certain commercial markets where the vendor had significant market share;
  • restricted DOD’s use of software to the vendor’s proprietary cloud or a limited number of competitor cloud solutions;
  • prevented DOD from operating software on specific cloud platforms; and
  • sold software that met DOD requirements only in packages with other software not needed to meet requirements.
Not a good story, although no doubt a common one that, given CIO's and CTO's relentless push to the cloud in recent times, (fully endorsed by doe-eyed executive committees and boards clambering to chat that 'yes, we're doing that too') are unlikely to get air time in that respect - just glowing reports of progress and ever increasing (perhaps slowly)  'number of migrated applications' statistics.
Now we're not saying there is no place for the cloud - there is - but per the recommendations of the GAO from this report, it needs to be formulated through guidance and plans that fully address identifying, analyzing, and mitigating the impacts of restrictive software licensing practices on cloud computing efforts.
And therein is the problem. Many CIO's and CTO's would rather rely on vendors or consultants recommendations rather than their own in-house expertise across IT, SAM and procurement teams who know in detail what - and where - costs and impacts are likely to arise.
So if nothing else, perhaps try to use the GAO's Examples of Reported Restrictive Software License Practices table below as a minimum checklist of what to consider with your next cloud migration programme - it might bring some future issues to light and maybe even save just a little grief! 
Picture

0 Comments

Don't Forget Development Licensing

19/7/2023

0 Comments

 

Although it's easy to overlook regular reviews of your development environments - it's still necessary.

Consider one of the most prolific of these - Microsoft's Visual Studio, with an updated 2023 ​Licensing Whitepaper for the Microsoft Visual Studio Product Family and Visual Studio Subscriptions.
Picture
Focusing on the 2022 edition of Visual Studio, the guide complements the standard Product Terms and/or the EULA for retail and community versions, with the Visual Studio License Directory also a good reference site covering all things related to Visual Studio, including prior versions.
Firstly, aside to the Community Edition (being the free, full-featured IDE for individual developers and small organizations with 5 or less developers, and for education and open source software), what are the available options:
Picture
The licensing fundamental with all Visual Studio subscriptions and Visual Studio Professional is that they are licensed on a per-user basis, meaning each licensed user may install and use the software on any number of devices to design, develop, test, and demonstrate their programs. Visual Studio subscriptions also allow the licensed user to evaluate the software and to simulate customer environments to diagnose issues related to your programs. Importantly, each additional person who uses the software in this way must also have a license.
You'll also need to consider the environments in which Visual Studio can run, as although the licensed user can install multiple versions on multiple devices, it cannot be used in a production environment or environments that constitute production environments such as:
  • Environments that connect to a production database
  • Environments that support disaster-recovery or backup for a production environment
  • Environments that are used for production at least some of the time, such a server that is rotated into production during peak periods of activity. 
So keeping in mind these two base conditions - ie. everyone who uses the software (with some exceptions such as acceptance tests) must have a license, and use is limited to certain environments - review the paper for guidance specific to your situation and ensure you are compliant, as remedial costs attached to any breach can be very (and that is Very) costly.
0 Comments

HCL Pricing Policy Update

22/6/2023

0 Comments

 

HCL announce that as of July 15 2023 a standard 15% annual increase will be applied.

... with the caveat (aka incentive) that "prices and uplifts may vary depending on the unique selling scenarios, including multi-year renewals, expansion license sales, cross-selling a new product into the customer portfolio, conversion to term licensing, and other selling and promotional opportunities"
Picture
Published on their Customer Support website HCL have advised that charges across renewals and the full software catalogue price list are increasing by a hefty 15%, which is likely to burden already stretched IT budgets. And while the impacts of this jump are fully considered, keep a lookout for similar announcements from other software vendors - these announcements tend to come in waves.
So best get prepared for your upcoming renewals with those arguable positions, concessions, additions or any available means to minimize your uplifts, along with the inevitable explanations to those in your organization who believe (others) costs should only go down, never up!
0 Comments

Changes to IBMs PA Agreement

16/3/2023

0 Comments

 

Why. So. Serious ??

Changes announced under revision 11 to the Passport Advantage® Agreement (IPAA) and Passport Advantage Express Agreement (IPAEA) are likely to prove onerous to all.
Picture
Tucked away (as usual) outside the summary of updates is clause 4.1 - License Verification and to a lesser extent 10.2 - Client's Reporting Responsibilities (applicable to sub-capacity licensing), which compound compliance and reporting obligations - lets take a look.
Firstly, clause 4.1.(a) states the "Client will, for all Programs at all Sites and for all environments, create, retain, and each year provide to IBM upon request with 30 days' advance notice: i) a report of deployed Programs, in a format requested by IBM, using records, system tools output, and other system information; and ii) supporting documentation (collectively, Deployment Data)". Unlike version 10 of the PA Agreement (November 2017) which contained a much more lenient requirement that "Client agrees to create, retain, and provide to IBM and its auditors accurate written records, system tool outputs, and other system information" which would occur simply "on reasonable notice" rather than a regular, annual basis.
Adding to this, where running under sub-capacity licensing as before you are then required to "properly install, run, and maintain the most current version of the applicable license reporting tool within 90 days of Client's first deployment and produce a report. Unless IBM approves a different reporting tool, the Client agrees to the following tools.
  • Sub-Capacity Products -Client will use the IBM License Metric Tool (ILMT) and to subscribe to the ILMT support notifications at http://www.ibm.com/support/mynotifications and promptly install any updates.
  • Container Products – Client will use the IBM License Service tool and Client is responsible t to correctly configure according to the Eligible Container Product's documentation"​
Ok, no real change there and easy enough right? Well yes, you're still required to run and keep reports at minimum quarterly and retain for a two year rolling period - and remember to have an individual(s) who is assigned the "authority to manage and promptly resolve questions on reports or inconsistencies between report contents, license entitlement, and the applicable license reporting tool". Better check that's been added to the appropriate JD's along the way.  The new clause 10.2.(e), is somewhat favorable to the client in that it provides an avenue to address (with IBMs consent) deviations from the sub-capacity model, which in most cases would probably result from  operating systems becoming non-eligible over time.
What we (and others) have always attested to though is being solely reliant on one reporting tool, like ILMT, can prove very problematic in that where improperly configured you could easily be over-reporting and paying much more than you should - having an independent product (like ComplianceWare) is often the best - or only - way to reconcile outputs and ensure accuracy.

so ... when does all this start?

Well, basically now:
  • from 1 February 2023 for new IPAA Client enrollments and new IPAEA transactions; and
  • from 1 May 2023 for current IPAA Clients notified on 1 February 2023 of the new terms which will be effective for them on 1 May 2023 per the terms of IPAA. 
0 Comments

The Oracle Java Precept

23/2/2023

0 Comments

 
Picture

New Java pricing model ...
​... new cost.

Oracle have announced (January 2023) a new pricing model for its Oracle Java SE Universal Subscription offering that is based on the number of employees rather than the prior per user or per processor metrics, and that could prove costly to many customers - firstly, lets look at the Employee definition:
Employee for Java SE Universal Subscription: is defined as (i) all of Your full-time, part-time, temporary employees, and (ii) all of the full-time employees, part-time employees and temporary employees of Your agents, contractors, outsourcers, and consultants that support Your internal business operations. The quantity of the licenses required is determined by the number of Employees and not just the actual number of employees that use the Programs. For these Java SE Universal Subscription licenses, the licensed quantity purchased must, at a minimum, be equal to the number of Employees as of the effective date of Your order. Under this Employee metric for Java SE Universal Subscription Programs(s), You may only install and/or run the Java SE Universal Subscription Program(s) on up to 50,000 Processors, If Your use exceeds 50,000 Processors, exclusive of Processors installed and/or running on desktop and laptop computers, You must obtain an additional license from Oracle. 
Key points - Count all employees, not just users, and this includes those outside the organization that support your internal business operations! How many individuals might that definition capture in a large enterprise, if you can indeed identify and track them accurately at all !! Then you're facing a tiered per user monthly subscription cost (that reduces based on higher volumes, phew) that would see a shop of 500 Employees facing $7,500 per month in subs!

So what are my Java options ...

  • Oracle Open JDK is free, but you'll have to upgrade every six months to stay current (including with security patches) - note though, as Open Source there are other JDK options from other vendors that offer further support.
  • Oracle JDK has Long Term Support (LTS), ie. fully supported by Oracle with quarterly updates and a 2 year LTS release cycle, free for development etc, but you'll likely have to pay for use in production (refer below).
So lets look at the licensing currently available for Oracle Java SE releases​:
  • Oracle OpenJDK releases are under the open source GNU General Public License v2, with the Classpath Exception (GPLv2+CPE) (available since Java 9).
  • Oracle JDK 17 (the 'Program') and later is available under the Oracle No-Fee Terms and Conditions License which permits free use inclduing for your own business operations, however, if you distribute software You must not charge Your licensees any fees associated with such distribution or use of the Program, including, without limitation, fees for products that include or are bundled with a copy of the Program or for services that involve the use of the distributed Program.
  • Oracle JDK 11, Oracle JDK Java 8, and Oracle JRE with Java Web Start in Java 8, are available to Oracle Customers via My Oracle Support and also under the OTN License Agreement for Java SE. This OTN license permits personal use, development, testing, prototyping, demonstrating and some other limited uses at no cost.
  • Oracle JDK 7 releases are available on My Oracle Support for Oracle Customers only.

And how do the LTS and non-LTS releases co-exist?

For product releases after Java SE 8, Oracle will designate only certain releases as Long-Term-Support (LTS) releases. Java SE 7, 8, 11 and 17 are LTS releases. Oracle intends to make future LTS releases every two years meaning the next planned LTS release is Java 21 in September 2023. For the purposes of Oracle Premier Support, non-LTS releases are considered a cumulative set of implementation enhancements of the most recent LTS release. Once a new feature release is made available, any previous non-LTS release will be considered superseded. For example, Java SE 9 was a non-LTS release and immediately superseded by Java SE 10 (also non-LTS), Java SE 10 in turn is immediately superseded by Java SE 11. Java SE 11 however is an LTS release, and therefore Oracle Customers will receive Oracle Premier Support and periodic update releases, even though Java SE 12 was released.
Picture
This fundamentally raises some questions and no doubt financial concerns for many, so if you haven't done so already make sure you're across your Java landscape and can quantify not only future costs, but future efforts, and make the right decisions for how you want to continue with your Java developments and solutions.
0 Comments

SAM Practices - The NASA Experience

25/1/2023

0 Comments

 

Internal Audit Report highlights flaws in NASA's SAM Practices that many organizations will relate to.

Oh oh ... it's 2023 yet we see it all here again: "Software Asset Management practices at NASA currently expose the Agency to operational, financial, and cybersecurity risks with management of the software life cycle largely decentralized and ad hoc."
Picture
The OIG summary of their SAM audit says it all: 
  • Efforts to implement an enterprise-wide Software Asset Management program have been hindered by both budget and staffing issues and the complexity and volume of the Agency’s software licensing agreements.
  • NASA has not implemented a centralized Software Asset Management tool to discover, inventory, and track license data as required by federal policy.
  • NASA’s Software Asset Management policy is not comprehensive or standardized, leaving roles, responsibilities, and processes unclear.
  • Training for software license use and management is inconsistent across the Agency, with aging web-based training randomly assigned to personnel and a lack of a general software licensing training course available to the entire workforce.
  • NASA’s current efforts to compile a complete and accurate report of annual software spending is a time consuming and mostly manual effort.

... with all of the above quantified in cost terms as:

​We estimate the Agency could have saved approximately $35 million ($20 million in fines and overpayments and $15 million in unused licenses) and moving forward could save $4 million over the next 3 years by implementing an enterprise-wide Software Asset Management program.
All very compelling to implement improvements and progress NASA’s Software Asset Management from “basic” — the lowest of the four rating options in the Software Asset Management Maturity and Optimization Model developed by Microsoft — through the scale as per tiers and representations below:
  • Basic. Software is managed on an ad hoc basis with few, if any, comprehensive policies.
  • Standardized. The agency uses a discovery tool or data repository for tracking assets, although the information may not be complete or accurate enough for decision-making.
  • Rationalized. Assets are actively managed, and the agency has put in place policies, procedures, and tools integrated into the full IT asset life cycle.
  • Dynamic. Assets are optimized, with near real-time alignment with changing business needs.
The report is an insightful read for all SAM practitioners - and responsible management and executives - with clear language and succinct descriptions of the scope and challenges in the field of software asset management, and a pragmatic approach to the creation of an effective SAM Practice that applies to any size organization with a notable software inventory, not just those on the NASA scale.

So, to the findings ...

It was recommended that the Chief Information Officer:
(1) establish enterprise-wide (institutional and mission) Software Asset Management policy and procedures;
(2) implement a single Software Asset Management tool across the Agency;
(3) align the Agency Software Manager position to report to the Agency Chief Information Officer;
(4) establish formal legal representation and guidance for vendor software audits;
(5) establish a software license awareness training ‘short course’ focusing on approvals, compliance, and other issues a general user might encounter;
(6) implement a centralized repository for NASA’s internally developed software applications; and
(7) develop an Agency-wide process for limiting privileged access to computer resources in accordance with the concept of least privilege.

Additionally, to strengthen the financial aspects of NASA’s Software Asset Management it was recommended that  the Chief Financial Officer:
8) implement a “penalty spend” classification in SAP to track license infractions and true-up payouts and
9) centralize software spending insights to include purchase cards.

Nothing fresh there, just the usual (and often unheeded) advice. 

0 Comments

Enterprise Software Licensing and Audit Trends - 2022

30/11/2022

0 Comments

 

Despite all of the advances of IT provisioning and supply in recent years (BYOL, managed instances, cloud based offerings etc) it seems nothing in the context of software compliance and audit outcomes has really changed - companies are still getting slammed.

Picture
Unisphere Research, a division of Information Today, Inc., surveyed the readership of its Database Trends and Applications publication, which consisted of database managers, developers, CIOs, and IT directors.  The survey, which sought views and experiences with software licensing and audits, was conducted in partnership with LicenseFortress gathering a total of 283 usable responses of which 155, or 69% of survey respondents, reported having been audited within the past three years, and 79% reported having been subject to a software audit within past five years. 

And the key findings? - the same fundamental approach and issues persist:

  • Moving to the cloud has not alleviated issues or concerns with software licensing and audits. Close to eight in ten enterprises report software compliance issues have either increased or remained the same after moving to the cloud.
  • More than half of enterprises in the survey report being audited by one or more software vendors. Of respondents reporting audits within the past three years, Microsoft was the most frequently cited vendor requesting audits. Activating features outside of original contracts and confusion over virtualization are creating the most license issues.
  • Companies being audited by Oracle incurred the greatest costs. There are hidden costs as well, even if the vendor does not levy additional charges. Most audit processes required at least three employees, and 40% of companies had their CIOs involved with the process.
  • A majority of audited companies did not seek outside assistance to guide them through the process. While many depend on tools or software asset management to support their efforts, a majority fail to keep track of software changes on a continuous basis.

Lets take a closer look ...

Interestingly, with all the hype and suggested benefits and advantages of moving to the cloud, close to 80% report that it has not changed their software compliance issues, or, in the case of 38% of respondents, it has increased compliance concerns. Only about one-fifth - 21% - say cloud has reduced their compliance issues. And even with close to half - 46% - reporting significant amounts of applications and data in the cloud (defined as greater than 25%), more than half of enterprises reported being audited by one or more software vendors!
Similarly, audits themselves haven't changed much at all with 60% of respondents reporting their software audits lasting up to two months, 30% reporting audits lasting between three to six months, and 10% had audits extending more than six months into a year and beyond. The length of audits had 41% of smaller companies wrapping` up audits within a month, while half say the process lasted beyond three months, and 64% incurring additional charges for noncompliance. A substantial portion, 35%, had to pay $100,000 or more to achieve compliance with the vendor, while 10% saw $1 million or more in fees.

So, in summary :

Unsurprisingly, given the outcomes haven't essentially changed, the underlying good practice principles have also not changed - Software Asset Management is seen as critical to mitigating the impact of software audits by a significant share of respondents. Close to half, 44%, see SAM as essential to reducing the costs of their software, which is impacted by vendor audits. Another 41% cite the importance of SAM in avoiding compliance issues, with the leading choice being an internal software asset management/IT asset management (SAM/ITAM) team supported by SAM specific third-party tools. Disappointingly, it seems many respondents still remain reliant on vendor resources to support their audit. 

For some of the key underlying data click through the graphs below ...

0 Comments

IBM launches New License Information Site

26/10/2022

0 Comments

 
Picture

A slick new consolidated (and overdue) look for all IBM terms from one convenient site.

The site contains IBM's standard terms, you can access and view online. Below is a summary list of the standard terms hosted on the site:
  • IBM Client Relationship Agreement (CRA) is the single agreement used to procure most IBM offerings.
  • The CRA family of agreements provide Clients with the flexibility to acquire a specific set of offerings with only the terms necessary to support the acquisition of those offerings. The CRA family of agreements, includes but is not limited to, the Cloud Services Agreement (CSA) and the CRA – Services.
  • Attachments to the CRA family of agreements. When a Client uses one of the CRA family of agreements for a prior transaction involving only a specific offering and chooses, at a later time, to expand the terms of their CRA family of Agreement to include other offerings, they may do so by adding an attachment containing those supplemental terms when desired.
  • IBM Data Processing Addendum (DPA) and Statement of Limited Warranty (SoLW) and other standards required to meet specific regulatory, legal and offering specific requirements.
Use the filter function to view specific content by selecting the applicable category, country and language.
Picture
The Software license terms (all post May 1999) are searchable via the 'Licensing & Compliance' filter category, by time frame or license information (Program name/number, document form/part number, License Information (LI) number or License Information (LI) title):
Picture
The (incremental) search then returns a tabular list of qualifying documents (this example for Message Broker):
Picture
Which on selection provides the License Information detail in the familiar (and traditional!) format:
Picture
So nothing new or revolutionary on that front, however the ease of use and in particular the layout, share, download, and notification options provide all of the basic /requisite features you'll need - all in all, a welcome step forward from the IBM licensing team!
0 Comments

Opentext to acquire Micro Focus

9/9/2022

0 Comments

 
Picture

Opentext have announced the cash acquisition of Micro Focus in a US$6B transaction expected to be finalised in Q1 2023.

On completion, the revenue and operating scale is stated as a combined total addressable market (TAM) of US$170 billion

Firstly, lets take a look at the Terms of the Acquisition (all figures approximate)
  • Total purchase price of $6.0 billion, inclusive of Micro Focus' cash and debt
  • Total purchase price is 2.2x Micro Focus' pro forma TTM revenues(1)
  • Total purchase price is 6.3x Micro Focus' pro forma TTM adjusted EBITDA(4)
  • Expected cost synergies of $400 million, including Micro Focus' previously announced cost savings program of $300 million (net of inflation), as well as $100 million in additional cost synergies
  • Targeting to be on the OpenText operating model within 6 quarters of closing
  • Expect meaningful expansion of cloud revenues, adjusted EBITDA and cash flows in Fiscal 2024
  • All-cash consideration for the Acquisition to be funded by $4.6 billion in new debt, $1.3 billion in cash, and a $600 million draw on our existing revolving credit facility
  • The Announcement can be found at https://investors.opentext.com. This press release should be read in conjunction with, and is subject to, the full text of the Announcement.
  • The Acquisition is expected to close in the first quarter of calendar 2023, subject to the satisfaction (or, where applicable, waiver) of the conditions set out in Appendix 1 to the Announcement.

... all very interesting, but what might it mean to us as customers?

Well if you've ever been involved in an audit with either of these organisations you would have first hand experience of their approach best summed up in one word - aggressive, so at least they're both well aligned on one core practice.
And as we know, any merger or acquisition tends to generate a lot of audit interest and activity as a quick 'revenue win' to expedite and boost returns from such sizeable change and investment.
So if you are a client of either Opentext or Micro Focus it would seem timely to review your licensing position in detail, ie. collect:
  • evidence of your entitlements (PoE's, PO's, Invoices)
  • current deployment figures (fully accounted, ie. extrapolated metrics etc)
  • contracts, addendums, and any variances that have occurred over time
If you detect any discrepancies deal with them as a priority (remembering of course that there are likely footprints across your IT landscape  over a good period of time), so remediate knowingly and accordingly.
Also review your renewal dates and plans - if it falls into or around Q1/Q2 2023 it might serve well to request a renewal quote early to use as a comparison should the actual transaction occur under any new conditions or contracts.
And as we've said before, keep an active watch on the Account Exec's/Managers you have with these two vendors - where changes are communicated it can be a pretty reliable indicator that there might be an audit letter in the post.
So once again, a market shift that means its time to review, validate, confirm and ... prepare!
0 Comments

Oracle Cloud Infrastructure - License Manager

26/7/2022

0 Comments

 

Oracle have announced the availability of a free License Manager tool to assist moves to OCI.

Picture
New optional tool supports Bring Your Own Licensing (BYOL) for Oracle Database products to OCI DB PaaS services, and tracks usage of Oracle DB products or third-party products by Compute resource, with basic management, monitoring and reporting capabilities.

While somewhat limited, the License Manager tool may well suit those organisations that don't run a full featured SAM system (such as ComplianceWare), and still need oversight across their OCI deployments.

Currently, License Manager supports the following Oracle products and options:
  • Oracle Database Enterprise Edition
  • Oracle Database Standard Edition
  • Oracle Database Standard Edition One
  • Oracle Database Standard Edition 2
  • Real Application Clusters
  • Multitenant
  • Active Data Guard
... although Oracle have stated that they are 'are expanding the scope of products and image repositories supported in the coming months', so this list may well soon be extended.
It also provides some further capabilities such as apparently automating the license portability rules and API's that could prove useful for batch loads and integration with related systems, ​so if it might fill a gap in your SAM programme could well be worth a look.
0 Comments

Broadcom's VMware Acquisition ...

27/5/2022

0 Comments

 

A 'rapid move to subscription licensing' is telegraphed by Broadcom to expedite returns.

Picture
It was only December when we wrote about 2022 potentially being the 'beginning of the end for perpetual licensing', and with Broadcom's announced acquisition of VMware we are surely seeing the telling signs. 
The transaction is expected to add approximately $8.5 billion of pro forma EBITDA from the acquisition within three years post-closing, which, as reported by the Register, is a significant undertaking given VMware currently produces about $4.7 billion. Their strategy to accomplish this? According to Tom Krause, president of the Broadcom Software Group, who stated on a Broadcom earnings call that they would embark on a “rapid transition from perpetual licenses to subscriptions.”

and that can only mean one thing ...

... higher costs to the customer. 

Of course, there will be the usual designs on new customers etc, but fundamental growth can surely only come from the existing client base. The formula no doubt has been carefully crafted, planned for the coming months and years, and be executed slowly and purposefully renewal by renewal.
As we know with any push to a subscription model the initial proposition will be quite compelling - savings on the spot! Existing investments in perpetual licenses will be recognised and applied! No wastage - pay only for what you use! No downside at all - wait hold on - you're adding consumption? That'll be at a different rate - its new workload after all. And the next renewal - well we've had to add some research and development investment there, as well as account for our additional operational costs, so yes, admittedly quite a jump there.
However with CIO's and CTO's promoting the relentless move to cloud and subscription based platforms for the short term ROI, it'll be awhile before those 'would it be more cost effective to run this stuff in-house' questions emerge in the boardroom, and by then, the changes will be irreversible and well ... just too late.
So we will watch with interest what else might develop over the year in this space, be it via M&A or just plain changes in vendor offerings and models. What does seem to be more and more clear though - perpetual licenses are indeed an endangered species.
0 Comments

Vendors Performing Your System Installs?

26/3/2022

0 Comments

 

A caution when relying on vendors to deliver projects with software installs.

Picture
Many projects require the expertise of vendors to install, configure and productionize their software and systems, however as the client and end-consumer you need to be aware of what exactly is making its way into your environments.
All too often following discovery we'll find unaccounted for vendor software, which typically after an onerous investigation is found to be remnants from the vendor-led project, anything from desktop clients to entire VM's, each of which can have dire compliance implications and cost.
But "hold-on - we didn't install it - the vendor did" is the common response, however a quick pointer to the relevant contracts will soon expose that this does not offer any defense - the customer is always responsible for compliance, even if it is the very vendors software in question.
At a more concerning level is when a vendor installs another vendors software - while this is not uncommon with the extent of partnerships and interoperability in the modern industry, it still needs to be clearly and formally covered, ideally contractually or by reference to the vendors right to distribute and use any IP they don't own. These artefacts need to be registered and retained in the event of an audit that questions your usage rights - in the worst case scenario  if the vendor has breached another parties IP rights you too could end up subject to an infringement claim, and that's no place you want to be.

So, while the vendor might be responsible for the project, you'll still be accountable for the end product.

That means ensuring your project team stays across all vendor activities - enforce your BAU practices and protocols for distributing and installing software - in all environments - for traceability and tracking purposes. The project shutdown then needs to include a close-out phase where what's been installed (anywhere) is reconciled to what you've acquired, and also what you're actually entitled to use (aka Read The Contract). Where there are gaps you'll need to either recalibrate, purchase, decommission, or have the vendor explain and resolve - all before the project can be declared finished and complete.
And never rely on the vendor's personal emails or assurances that 'all is well' - none of that will hold-up under audit (even if they are still there). When it comes to IP all bases need to be formally covered, and if that's proving to be a problem, well you might want to be even more wary.
0 Comments

Adobe Reader Distribution Rights

10/1/2022

0 Comments

 

Does your company distribute Adobe Reader to employees? ... if so, make sure you have a valid Distribution License.

Picture
Many companies are unaware of their obligations when they distribute Adobe Reader software within their organisation, that is ...
 ... even though it's free it still needs a license arrangement with Adobe.
Now it's not as onerous as it sounds - it can all be done online, so lets look at some of the detail.

When do I need it?

A Distribution License Agreement is required for:

  • ​Corporations and organisations that want to distribute Acrobat Reader or the Acrobat Reader mobile app on a company intranet site or local network.
  • Commercial vendors that want to bundle Acrobat Reader or the Acrobat Reader mobile app on physical media such as a CD or DVD, on OEM hardware such as computers and mobile devices or with OEM hardware such as scanners.
Individuals interested in the software for personal use can download it free without applying for a Distribution License.
​

Note: You do not need to apply for a Reader Distribution License if you prefer to direct users from your website to Adobe.com to download Reader.

What does the Agreement allow me to do?

You will be authorised to:
  • Distribute the current version of Adobe Reader within your organisation, for internal use only, from ​a copy of the software installed on a file server for the purpose of downloading and installation to computers within your internal network.
  • Distribute the software on a standalone basis on physical media including a hard drive.

What are the key restrictions?

You must:
  1. Only distribute the version of Adobe Reader stated in your confirmation email.
  2. install only one copy of the software on a file server for the purpose of allowing use via NFS, Citrix or other virtualisation technologies.
  3. Within 6 months of the release of a major new version by Adobe, cease distributing the current version and move distribution to the new version.
  4.  Not configure or distribute the software for use without installation, other than as provided for under (2) above.

Ok, got it ... what do I do now?

You'll need to apply for a desktop license which will take just a few minutes and is required to determine how you intend to use Reader. After you complete the short online form, you'll receive an email with a link to the installers. You'll also need to mark a renewal date 12 months from receipt to reapply - the agreement is only valid for one year.
0 Comments

Will 2022 be the beginning of the end for Perpetual Licensing?

28/12/2021

0 Comments

 

The Software Landscape is now ripe for vendors to lock-in Subscriptions and eliminate what (to them) are much loathed Perpetual Licenses ...

Picture
If your organisation - like most - is relentlessly moving workloads to the Cloud have you taken stock of your revised licensing position, or are those changes masked by the attraction of those fully provisioned platforms?
What you might find is the staple of perpetual licenses that you have acquired over the years are now in the throws of obsolescence, to be forever replaced by subscription only licensing.
And worse, all of this might erase your investments, and all be happening by stealth.
please complete our Quick Poll as you go ...
Perpetual licensing - loved by customers, loathed by vendors. Loved by customers because their investment is largely that - theirs. Loathed by vendors because their investment is - to a certain extent - lost. How is it lost? When a customer decides not to continue with maintenance and support, but is entitled to keep running the software.
Submit
Submit
Its not only the investment factor though, its also control.
​Vendors are way less comfortable sending their valued IP off to those reckless customers who might copy and over install their software - and the only way to keep across that issue is to enforce the much detested regimes of self-reporting and audits. Then, with the emergence of alternative support providers, other companies are taking revenue away from those vendors - all on the back of their own IP!

So what could be done to solve their predicament - enter Subscription Software!

What better way to secure your IP than run it solely on your own infrastructure (or infrastructure under your control) - think no leakage of software, auditable at will, chargeable based on actual consumption, and easy to scale up for more revenue! (or down you say? well that's a completely different proposition!)
Submit
Submit
And by offering some nominal discounts to get rid of (sorry - convert) those pesky perpetual licenses problem solved! No more residual entitlements in the hands if customers - just ongoing annuities, even when the next wave (aka cycle) of 'we need to get off the Cloud' thinking hits the boardroom and management - a simple move to on-premise subscriptions with integrated remote management and portals will be just the ticket!

So make sure your cloud strategy includes a proper evaluation of licensing - ask where will I end-up following that journey from a commercial perspective? 

Everyone will say 'Better-off' ...

but you might find in the long term that's not necessarily the case.

0 Comments

Free Open Source Software  + Compliance?

26/11/2021

0 Comments

 

The Software Freedom Conservancy sues Vizio, Inc. for alleged violations of the GNU GPL covering software incorporated into certain Vizio smart TVs.

Picture
Companies are often unaware of their obligations when it comes to Open Source licensing with solutions they develop that include distribution of software built on the likes of the GNU General Public Licensing terms, and that can leave them exposed to lawsuits just as it can with commercial software ...
An early and widely publicised example of the impacts of such non-compliance was the 2008 lawsuit initiated by the Free Software Foundation (FSF) against Cisco Systems that alleged several of Cisco's consumer network routers used GPL licensed code. The litigation was settled with Cisco releasing the source code, making a contribution to the FSF, and appointing a compliance officer. Quite the kicker.
In this latest action SFC asserts that all consumers of copyleft code deserve the opportunity to know, access and modify the code on their devices and is seeking the release of the complete, corresponding source (CCS) for all GPL’d components on Vizio TVs. The benefit? Well much as it was with the older analogue hardware TV's that would be repaired by technicians, coders would have the option to repair the software when the supplier potentially stops support for their older models (surely not from 'built-in obsolescence'?) 
And lets not forget the ethics involved given the FOSS history and the principles that underpin it. From its fruition in the 1990s and early 2000s when Linux and other GPL’d software was considered nothing more than experimental. From those curious beginnings grew the community of enthusiastic developers whose software has benefited and furthered the rights and freedoms of individual users, consumers, and developers around the globe. It is a culture worth preserving and that means keeping organisations who benefit from that culture honest.  (SFC refers to this as 'Ethical Technology' meaning technology that serves its users rather than the corporations who profit from it and preserves and promotes the rights of those impacted by it). 
So if you are an organisation using open-source software, and in particular, incorporating it in proprietary commercial products, make sure you understand your compliance obligations with the relevant open source licenses. If you don't, you might soon find that letter arrives requiring you to release all of the IP you've built on top of the most excellent Free and Open Source Software that we all benefit from.
The Software Freedom Conservancy is a 501(c)(3) nonprofit organization that is supported largely by individuals who care about technology and advocates for software that has been designed to be shared (using copyright licensing that allows users to freely use and repair it, and, in particular, forms of software licensing that use the restrictions of copyright to promote sharing called “copyleft”, such as the GPL).
0 Comments

The Burden of Proof ...

28/10/2021

0 Comments

 
Picture

Ensuring you have
complete records of
purchase is an often
​overlooked SAM essential.

In the absence of strict procurement practices and robust record keeping its all to common to see organisations struggling to retrieve their records of purchase backing-up their claim to entitlements. In fact how often do we hear "yeah we've got 20 licenses for that - they're listed on Dave's spreadsheet".
Now lets be clear - the fact that it's on Dave's, or Susan's or anyone's spreadsheet does not constitute evidential fact. For that, you'll need the Proof of Entitlement if issued by the vendor, or the (signed) Contract containing the license grant, or the Order issued under it for the products in question. At a minimum if those are lost in the tracks of time (no doubt residing only in someone's email who has long departed the employ of the company), you'll need the latest invoice that shows the products and quantities that were covered by the last payment (ie. either actual purchase or renewal).
Again, its all too common that it's not until an audit that organisations are forced to scramble through the purchasing, legal, IT et al records looking for some artefact to substantiate the otherwise baseless right of use claim for the vast overage of licenses that have been deployed! This trek down memory lane can be the most time consuming - and often fruitless - use of specialized resources, the cost of which is not generally recognized by management and similarly overlooked in the justification of a dedicated SAM function.
So what's the alternative? Quite simply a process that ensures those essential records are properly recorded in an organized and readily accessible system, and are kept current through routine and ongoing ownership - once established this is not as much of an overhead as it might seem, and having all of that data at hand when challenged by a vendor can go a long way in underlining your disciplined approach and credibility in such a way that you'll be last on the next audit round list, if in fact on their radar at all.
Now this will no doubt rally those skeptics with their "wait - I just call my reseller and say give me a list of what we own" approach, and while this might offer some solace it doesn't necessarily constitute proof in the same way that last document of fact - the invoice - does. How's that? Well for one example think of step-up licenses that will be printed there for all to see, but what about the original license it is based on (and worse, what if that original license is actually still in use!), or those 'from-SA' uplifts that require unravelling potentially years of purchase history to properly determine entitlement. All best avoided by having a routine practice supported by a specialized system in the first place ... 
... and for that, you might want to check out:
Picture
0 Comments

Microsoft announces increases to 365 Plan Costs

23/8/2021

0 Comments

 

As of 1st March 2022 all plans will increase anywhere from 8.5% to 20%

Picture
Picture
Stating that it is the "first substantive pricing update" since its launch in 2011 Microsoft have announced uplifts to all of its Office 365 plans early next year, citing the addition of 24 apps to the suites —Microsoft Teams, Power Apps, Power BI, Power Automate, Stream, Planner, Visio, OneDrive, Yammer, and Whiteboard — and the release of over 1,400 new features and capabilities in the three key areas of Communication and collaboration, Security and compliance, and AI and automation as justification for the rise.
As a sweetener they have also added unlimited dial-in capabilities for Microsoft Teams meetings across the enterprise, business, frontline, and government suites over the next few months, currently only available under the E5 plans. This will allow users to access Microsoft Teams meeting from virtually any device regardless of location when unable to access an internet connection.

So what are the prices changes?​

Per User charges as of 1st March 2022 will be as follows:
  • Microsoft 365 Business Basic increases from $5 to $6  (+20%)
  • Microsoft 365 Business Premium increases from $20 to $22  (+10%)
  • Office 365 E1 increases from $8 to $10  (+25%)
  • Office 365 E3 increases from $20 to $23  (+15%)
  • Office 365 E5 increases from $35 to $38  (+8.6%)
  • Microsoft 365 E3 increases from $32 to $36  (+12.5%)
So biggest increases to the lower cost plans, with the popular O365 E5 attracting the smallest hike. The increases will apply globally with local market adjustments for certain regions, and there are no changes to pricing for education and consumer products at this time.
With Microsoft Teams being industries tool of choice lately the rise is unlikely to cause much of a stir in the marketplace, however worth leveraging your enterprise agreements and overall spend to get the best discounts available — ​larger orgainsations could be up for a hefty and no doubt unexpected budget blowout if they're unlucky enough to be renewing next year!
0 Comments

SAM Foundation Series - (#2) Compliance Reporting

24/6/2021

0 Comments

 

In this second part of our SAM Foundation series we look at Compliance Reporting and the importance of understanding your deployment position.

Picture
In part one of this series we covered the importance of a full data collection across your data sources and contract and licensing information, now we look at how to bring that together into a compliance position.
The first realisation is - wow! - that's a lot of data we have out there! So just as we needed tooling to perform the data gathering exercise we are going to need analytics to decipher not only what's important but how to interpret it all, for which there are two aspects:
  1. Scale Reporting; and
  2. Direct Examination and Querying.
Now what exactly do we mean by 'Scale Reporting'? Basically this means a reporting facility that enables you to stipulate variable parameters from product to vendor to company, with the output organised by device in a concise and easily readable form - for example ComplianceWare's powerful python & pandas based analytics engine that slices and organises the data into output as a familiar Excel workbook.
A snapshot of the output as below:
Picture
The analytics should also consider base licensing metrics such as server core and PVU minimums, apply relevant bundling rules  to avoid double counting, and recognise non-chargeable installations such as clients and free-edition software.
So we now have our first view of what's deployed where - and that's a good start, but it doesn't mean the jobs done. You'll want to perform some spot / sanity checks across the report, and that's where the 'Direct Examination and Querying' comes in. Here, your tool should allow you to easily interrogate your data collection (which can span many millions of rows) for further review and confirmation, and that's accomplished via smart features that enable you to slice, limit and target the fields and items of interest. Again, with ComplianceWare as an example you can easily navigate through the data by vendor, product, data source, and perform smart searches with inclusion and exclusion parameters to dynamically find exactly what you are after.

ok ... we're happy with our deployment report - now what?

Now it gets interesting - does what's reported as deployed match what we're actually entitled to? While some products can be automatically tallied (eg. products with simple install or device metrics) others will require more effort such as resource based metrics like cores or logical licenses such as users, and those in more complex environments such as virtual environments where physical v virtual considerations must be taken into account.
Here there are no short-cuts - it will require a knowledgeable individual (preferably with prior experience in the environment) to work through each product in a methodical and calculated manner to (a) derive the optimal licensing construct and then (b) reconcile against the recorded (and evidenced) level of licensing. As this progresses it is imperative to capture your findings and ensure they are lodged as an artefact for audit readiness and as a baseline for future reporting cycles (again with ComplianceWare this can be stored as 'Verification' material alongside the updating of actual usage figures).
And just how often should the whole exercise be performed? We'd recommend that you cover your major vendors at least annually, and institute a program of work that targets a select number of products or vendors quarterly. The good news is that once you've completed one cycle others become easier as you'll have a baseline to compare or commence from.
So to summarise:
  • Make sure your tooling includes a specific and effective software analytics engine;
  • Ensure results (and data) can be reported, interrogated, and manipulated as required;
  • Look for built-in smarts that alleviate some of the licensing complexity (eg. core / PVU counts, bundling);
  • Invest in at least one knowledgeable and experienced individual assigned fully to your SAM function;
  • Ardently track results and store the output of each exercise;
  • and as with Part One - repeat as necessary!
0 Comments

SAM Foundation Series - (#1) Data Collection

27/5/2021

0 Comments

 

In this series we'll cover the foundations of SAM, and what they mean.

Picture
and firstly...

​you can't derive anything meaningful unless you can measure it.

​
Lets take a look at the essential data required for an effective  SAM programme.
Data is the essence of SAM, much as it is with most of technology. It's all there, somewhere, amassed over time, stashed away in the recesses of the organisation. It may exist (hopefully) in electronic form, or (lamentably) physical records filed and stored, most typically both. So we know the data's out there, the question is how - and where - do we start?
The first step is to determine what data sources you can tap into, from the raw systems themselves through other collection platforms you might run such as CrowdStrike, Microsofts SCCM, IBM's ILMT, HCL's Bigix Inventory etc. With larger organisations the issue is always completeness - be it running agents or agentless via remote extracts - how do we know we're capturing everything we should ... and that can be a much more difficult proposition than it seems.
The approach is to source as much data as possible and compare it, merge it, blend it, and massage it to get the best quality information you can - the issue today is not so much sourcing the data, its how to filter through it to find what's important, and to do that you'll need tooling.
That means firstly figuring out what is most workable - and also most repeatable. This could be as simple as providing system logins to run application specific extracts, or remote connectivity as a centralised administrator, or even integrated access via API's. All act as feeds to your SAM system that will then do the hard data crunching and reporting work for you (for which ComplianceWare's pandas driven analytics engine is purposely designed).
So that covers the inventory side of things - collecting the deployment information and associated identifiers (ie. the editions, statistics, capacities etc) necessary to derive your consumption levels, but then you'll need the associated Contracts and Licensing material as well to compare to your entitlements and establish your compliance position, and that's where things can get tricky.
Most organisations - even those that are largely centralised - have some degree of local procurement (all the way down to problematic credit-card purchases) that make it difficult to collate the full and complete record of ownership. So you'll need to start with what is known, match that to the inventory you have identified exposing the shortfalls and gaps, and go looking for those great unknowns.
This can be a long and even fruitless exercise at times, sometimes reliant purely on the knowledge of individuals (if they're still with the organisation that is), extending from business to technology teams, from legal to procurement, all depending on how controlled and robust the procurement processes are. The key here is to capture that information so its recorded and available from there on, and the whole exercise doesn't have to be repeated (as it would in the case of audits). 
Ideally your SAM system then allows you to maintain that connection of inventory to entitlements, organised by the contracts they were acquired (and operate) under. Any compliance issues can then be dealt with in a managed and controlled way, along with the potential benefit of savings from license consolidation, decommissioning, harvesting, or reuse,  but we'll cover that in Series (#2).
And the kick - data collection isn't a one-off, its an ongoing process that should be repeated as often as necessary based on the frequency and fluidity of change in your environment. On the plus side, once you have established the process it becomes much easier and efficient to rerun, and depending on your SAM system gain more intelligence each time (for example, ComplianceWare can compare different data captures and report the differences so that you can quickly identify what's changed, and what might need attention).
Key takeaways then are:
  • Identify your data sources;
  • Implement effective and efficient processes to repeatedly access and source the information you need from them;
  • find and capture the associated contract and licensing information;
  • repeat as necessary.

Keep in touch for the upcoming SAM Foundation Series (#2) - Compliance Reporting.

0 Comments

Microsoft Product Terms - Online Only

20/3/2021

0 Comments

 

The February 2021 edition of Microsofts Product Terms Document will be the last.

A little under two years ago we reviewed Microsofts new approach to licensing terms in our June 2019 blog here - now its being further revamped.
As announced on the front page of the February PT document:
Please note this is the last Product Terms Word document. Going forward, the terms will be published on the Product Terms site available at https://www.microsoft.com/licensing/terms/productoffering. Archived versions will continue to be available. For more details, go to https://www.microsoft.com/Licensing/product-licensing/products. 
What does it look like - the landing page as shown below:
Picture
So quite clear and compact, although you will need to be quite savvy with their license programs and models to get the most out of using it.

... and when put to the test?

We decided to take on one of their more convoluted product licensing models - Power BI - and, well, it didn't seem any simpler. With prerequisites like "Power Automate per user with attended RPA plan, or Power Automate per flow plan" (ok...), and Extended Use Rights such as "Power Apps Portals that map to licensed Dynamics 365 application context and, Power Apps Portals that map to the same environment as the licensed Dynamics 365 application" (right...), the format might have changed but the content is still not that intuitive is it?
So while access to dynamic and current licensing information is always a good thing, simpler licensing models and metrics would we think resonate much better with software customers in general. After all, we all want to be compliant, so why make it so hard we wonder - any thoughts / comments ?$$?
0 Comments

And so ends 2020 ...

19/12/2020

0 Comments

 

A year of challenges and differences to all (recent) others.

Picture
It wasn't until March that everything changed here.
And change it did.
With so much disruption and uncertainty ...
​where did we arrive at come December?
Perhaps not surprisingly the IT industry did its part in the battle with Covid-19. Mobility became essential - workers were confined to homes, offices were shutdown, usual communication and interactions were stifled.

... enter video conferencing on a whole new level

From Zoom, to WebEx, to Teams everyone had to find a way to adapt. Not only did meeting online become the norm for but also the stand-in for the social watercooler or coffee break gatherings, or even the swell of welcomes and farewells.
That all worked well and is undoubtedly with us for good.
But what about licensing? If you recall our March Blog we called out the possibility of easily becoming non-compliant in the rush to stay connected to your workforce and customers. With the new year imminent its now time to regroup and review. Are all of those rapid changes squared off? Have you reconciled usage to entitlements? Or are you perhaps uncertain of exactly what state you have now found yourself in?
Be particularly concerned if you used the likes of Citrix to enable access to desktop applications - if unconstrained you could be liable for all potential usage, not just actual usage.
Or if you inadvertently permitted a level of multiplexing by routing traffic or enabling access at the simplest level (think generic logons, or joint application connections) you'd best tidy things up.
Don't be complacent thinking there has got to be some vendor leniency out there - we are already aware of audits being undertaken - there is no compromise when revenue is at stake.
So as always, take stock of your situation - get on top of your compliance position and be ready to assert your view rather than just accept what state your vendor tells you you're in.

... and if you need help to do so, just contact us

0 Comments

Are You A Microsoft Open License Customer?

30/9/2020

0 Comments

 

If so ... Changes are coming.

Microsoft have announced that as of January 1st 2022 the Open License Program will be withdrawn for its commercial customers.
From then on, if you're still wanting to procure perpetual software licenses you'll need to do so through a Cloud Solution Provider (which your current license partner might well already be).
Picture

What do you need to do?

All services, products, and offers in Open License program today will remain available until January 1, 2022. To plan for future purchases, ask the partner you’re currently buying software licenses from about your options. Your partner can help you decide the best steps for you, whether that’s new licenses or online services subscriptions. If you don't have one, you can Find a Microsoft partner.

Are there any other options available?

Yes - depending on what you want to purchase you can make use of the Open Value or the Open Value Subscription program:
  • ​The Open Value program is recommended for future purchases that include Software Assurance.
  • The Open Value Subscription program program doesn’t offer perpetual software licenses but is a lower-cost subscription that gives you rights to use the software during the agreement’s term and also includes Software Assurance.
Here's a reminder of the differences between the current programs:
Picture
So nothing alarming in this announcement, more just an evolution of a 20 year old program to align with Microsofts contemporary go to market structures. While 2022 might seem some time away you can be sure the changes will begin to emerge through 2021, so just something more to be aware of and prepare for in the ever changing world of software licensing!
0 Comments

Java SE - 18 Months On

25/7/2020

0 Comments

 

So, what has the uptake of Java SE Subscriptions been like?

There have been regular communications from Oracle promoting the value of their Java SE subscription service since version 8 went end-of-public-update (EoPU) in January 2019, but what has the uptake actually been like?
The latest (July 2020) statistics have been published as below, with 57 vulnerabilities reported since the EoPU of Java 11, with 7 attaining a CVSS (Common Vulnerability Scoring System) of 7 or more (reflected below). The question being, is that enough of a concern to pick up the phone and make the call to your Java Business Rep?
Picture
A reasonable question, and one for which we don't have a definite answer. Anecdotally, the view would be not generally, however this is unsubstantiated so we'd be keen to get a view from the industry - please take the time to complete our quick 2 question poll below:

    Quick Java SE Poll

Submit
Thanks for taking the time to contribute - we'll publish the results soon!
0 Comments

Licensing DR Environments

30/5/2020

0 Comments

 

Vendor DR licensing requirements can be vague ...

... here's some insight into a select few with differing views and terms across their infrastructure software.

Picture

Picture
Oracle's approach is pretty easy to sum up - you pay for everything because ...
​it's installed!
Refer the extract below from the Oracle paper 'Licensing Data Recovery Environments':
Picture
Data Recovery Environments using Copying, Synchronizing or Mirroring Standby and Remote Mirroring are commonly used terms to describe these methods of deploying Data Recovery environments. In these Data Recovery deployments, the data, and optionally the Oracle binaries, are copied to another storage device. In these Data Recovery deployments all Oracle programs that are installed and/or running must be licensed per standard policies documented in the Oracle Licensing and Services Agreement (OLSA). This includes installing Oracle programs on the DR server(s) to test the DR scenario. Licensing metrics and program options on Production and Data Recovery/Secondary servers must match.

Picture
Some recent changes to SA Benefits have extended DR for SQL Server ...
... but you still need Software Assurance to take advantage of DR Rights 
Picture
Servers – Disaster Recovery Rights: For each Instance of eligible server software Customer runs in a Physical OSE or Virtual OSE on a Licensed Server, it may temporarily run a backup Instance in a Physical OSE or Virtual OSE on either, another one of its Servers dedicated to disaster recovery, or, for Instances of eligible software other than Windows Server, on Microsoft Azure Services, provided the backup Instance is managed by Azure Site Recovery to Azure. The License Terms for the software and limitations apply to Customer’s use of the backup Instance. 

Picture
You might think the friendly types at VMware would be lenient when it comes to DR ...
... thats not the case.
If its installed, it needs a license.
Picture
If its not specifically called out in the VMware Product Guide it will need licensing, and that means everything other than Continuent and vRelaise for Log Insight. Surprisingly, VMware deem an install to be 'use' of the software - yep - just binaries sitting on a disk.

Picture
With RHEL its nice and simple ...
... if its deemed COLD 
But it can't update until its run.
Picture
RHEL ​Linux Subscription Guide: Cold backups: The server has software installed and configured, but it is turned off until the disaster occurs or for periodic disaster recovery procedure tests. For Red Hat Enterprise Linux, this means that the customer is allowed to preload the bits as a courtesy. However, Red Hat Content Delivery Network cannot be used to update the system until the disaster happens. Then, the paid subscription on the failed machine transfers to the cold backup sever. In this case, a customer does not need two subscriptions. The customer will consume only one subscription at any point in time. Red Hat will allow the customer to pre-provision the software bits onto the cold backup machine as a courtesy. If a customer is found to be running more units of Red Hat Enterprise Linux than the customer has subscribed for because the customer has found a use for these pre-provisioned servers other than this cold backup use case, the customer is obligated to pay Red Hat. 

Picture
IBM's DR Policy has not changed since 2003 ...
... ​ for PA products Cold & Warm DR is no-charge
But don't run any 'Productive' work.
Picture
Backup Use Defined: For programs running or resident on backup machines, IBM defines 3 types of situations: “cold”; “warm”; and “hot”. In the “cold” and “warm” situations, a separate license for the backup copy is normally not required, no additional charge applies, and IBM does not need to be notified. In a “hot” backup situation, the customer needs to acquire another license. All programs running in backup mode must be under the customer’s control, even if running at another enterprise’s location. 
0 Comments

Changes to Microsoft SA Benefits

28/12/2019

1 Comment

 

New for 2020 - Microsoft to reduce Software Assurance Benefits

Changes to Microsoft's SA Benefits have been announced  effective 1st February 2020 which will see the end of some of the most useful aspects of the program, in summary:
  • all cloud services will be retired from Deployment Planning Services in favor of FastTrack deployments;
  • removing Azure training from eligibility and training days will no longer be used to convert to Planning Services days; and
  • ​beginning in February 2021, support eligibility criteria and replacement of incident-based support with as-needed support and credit toward Unified Support.
Deployment Planning Services
FastTrack is now Microsoft's primary implementation support offering applicable to Azure, Microsoft 365, and Dynamics 365 engagements. All on-premises Deployment Planning Services offerings and the respective engagements will be available until January 2022 and you can continue to redeem your deployment planning days through the current process from qualified partners or Microsoft Consulting Services to help you plan your deployment—whether on-premises or in hybrid environments. ​
Training Vouchers
Training vouchers can still be used until January 2022 with the exception of Azure training, which will be removed from the Software Assurance course catalog in February 2020. The Training Vouchers benefit will be fully retired on January 1, 2022. 
The right to access training vouchers expires with your Software Assurance coverage. If you create a training voucher before the expiration of your Software Assurance coverage, the voucher remains valid for 180 days after the date it was created.
Software Assurance E-Learning was replaced with Microsoft Learn  on November 1st 2018, which offers a free-of-charge way to learn about Microsoft products and services. Instructor-led training is available, and Microsoft are introducing role-based courses and advanced workload courseware, along with new certifications. ​
24x7 Problem Resolution Support
Customers will no longer earn a limited number of support incidents based on spend, agreement type, and product(s) but instead will get as-needed support with a Software Assurance spend of $250,000 or more annually. ​
Starting in February 2021, customers that spend more than US$250,000 per year on Software Assurance will get as-needed basic phone support for Severity A and online support during business hours for Severity B and C with a 24-hour response time. Customers will also have the option to upgrade to Microsoft Unified Support.  
Customers that spend less than US$250,000 per year on Software Assurance with no enterprise support agreement (Premier/Unified) will be directed to a partner for support or purchase Professional Support incidents from Microsoft.
So time to review all of your enrollments and make sure you convert all of your SA Benefits to get full value out of your investment in these programs. As a refresher, take a look through the list below.
Picture
1 Comment
<<Previous
    • ​+
    • +
    • +
    <
    >

    Categories

    All
    Adobe
    Agreements
    Appliances
    Audit
    BCP & DR
    Cloud
    Compliance
    ComplianceWare
    Contracts
    Forums
    HCL
    IBM
    Intel
    ITAM
    Licensing
    Mainframe
    Marketplace
    Microsoft
    Negotiating Deals
    Open Source
    Oracle
    Partnering
    Red Hat
    Roles
    SAM
    Software Metrics
    SQL Server
    Support
    Windows Server

    Archives

    November 2023
    October 2023
    September 2023
    August 2023
    July 2023
    June 2023
    May 2023
    April 2023
    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016

Unravelling license complexity for Business
ACN 623 529 751

Privacy Policy | Terms of Use
Copyright © 2016-2024 (SWC) ​​

  • Home
  • What We Do
    • Services
    • Tools
    • Experience
    • FAQ
  • Resources
    • Company >
      • About Us
      • Careers
    • Agreements
    • Documentation >
      • Brochure
      • Datasheet
      • Security Measures
      • ComplianceWare >
        • Software
        • Hardware
        • Cloud Configuration
  • Contact Us
  • Latest
  • Search