The potential perils of software asset management
Consider the following case study:
A large enterprise had a long-standing relationship with a major software vendor, who provided a critical software product used widely for many purposes across the enterprise.
The price for this product was set based on the power of the computer running it. A license would cost less for computer with 4 cores and 1 gigabyte of RAM, than it would for a computer with 16 cores and 8 gigabytes of RAM. The largest computers required the most expensive licenses.
The goal of virtualization is to use one powerful physical computer to consolidate more lightly-loaded computers as “virtual machines”. This can provide significant savings, which the enterprise in question was seeking.
Over the course of 3 years, the enterprise described here virtualized about 5,000 formerly physical computers, each of which had been running the vendor’s software.
However, a deadly wrinkle emerged in the software vendor’s licensing terms. The formerly physical computers were smaller machines. The new virtual farms were clusters of 16 of the most powerful computers available on the market. The vendor held that EACH of the 5,000 instances of its software running in the virtual machines was liable for the FULL licensing fee applicable to the most powerful machine!
Even though each of the 5,000 virtual machines could not possibly have been using the full capacity of the virtual farm simultaneously, the vendor insisted (and was upheld) that the contract did not account for that, and there was no way of knowing whether any given VM had been using the full capacity of the farm at some point.
The dispute escalated to the CEOs of each company, but the vendor held firm. The enterprise was obliged to pay a “true-up” charge of over $100 million (9 figures).[1]
[1] Adapted from Agile IT Management: From Startup to Enterprise, by Charles Betz © 2016
This is not an isolated instance. Major software vendors have earned billions in such charges and continue to audit aggressively for these kinds of scenarios. Software licensing audits have become a major source of revenue for companies whose licensing sales are down. These firms are experiencing competitive pressure from Cloud alternatives, and stories such as the above are increasingly common throughout the industry.
This is why contracts and licenses should never be taken lightly. Even startups could be vulnerable, if licensed commercial software is used in un-authorized ways in a Cloud environment, for example.
How can data quality help?
Without a thorough understanding of the IT asset base (physical and virtual servers in particular) the organization risks licensing non-compliance. Software vendors expect the customer’s records to be accurate. When they see discrepancies, the vendor’s auditors become more aggressive and dig further into the usage of their software. As Stephanie Overby notes, “Anything from use of software on non-named servers to lack of centralized software asset management processes to inadvertent including of software on a base image can raise red flags.”
Inaccurate records make it even more difficult to contest a vendor’s claims that you have improperly used their software. On the other hand, if everything they see in their tests is also available in your system, that starts to build confidence that your records are sufficient. You need a clear understanding of licenses, virtual machines, physical machines and the supply chain that delivered them.
Of course, data quality all by itself is not going to solve your software licensing problem. You also need controls and processes to ensure compliance. The change management, asset management, procurement, request management and provisioning processes need to work well together. But, in the final analysis, effective process and quality data are two sides of the same coin. You need both to save the much larger quantities of coin that may otherwise be at risk with poorly managed software licensing.