By John Smith
Apart from certain geographic exceptions, businesses generally want to be compliant with the contracts of their software vendors. Their motivations are both individual and corporate:
- Company officers do not want to be held responsible for software license breaches
- Corporations do not want to attract software audits by their suppliers-- audits are expensive, not only in terms of unbudgeted true-up costs and potential penalties, but also from the standpoint of the staff time it takes to prepare the audit response
So in general, license compliance breaches result from some combination of failing to follow software asset management procedures, the absence of such procedures, and/or failing to use license management tools that would help prevent an actual breach from occurring.
The most notable example I have encountered was a semiconductor company that was discovered using licenses that were provided at zero cost for use by development engineers and were actually being used for production purposes. Concurrent licenses for technical applications such as these are delivered by a license server and are checked out by engineering users when they run the application.
In this case, it was not a deliberate misuse of licenses, as the development licenses were originally served from a server only available to development engineers. Rather, an over-zealous and unknowing license server administrator decided to improve operational efficiency by retiring an old license server and consolidating these licenses with the main group running on a production license server.
Despite this being an oversight, when the software vendor's auditors detected the situation, a sizeable settlement was demanded and paid.
The take-away from this incident is that the customer is ultimately responsible for maintaining software license compliance according to the terms of the license agreement. Software asset management policies and procedures are required to be implemented and followed. The process must include communication of license terms and conditions across departments-- for example, from IT procurement to license administrators in IT operations. License management technology can help by providing a central repository for software license contracts and entitlements. In this case, they could also have used the capabilities of the license management system to reserve the development licenses for use by members of a select group, so that production engineers would not have been able to use them and the license compliance breach could have been avoided.