No doubt enterprise organizations run on a foundation of software. Often, that comes with costly licenses for users within the organization. Falling out of compliance with licenses can result in an expensive audit with a true-up bill that might leave you with sticker shock. It doesn’t pay to be an accidental software pirate, and that’s what we are going to explore in this post.
CFOs Beware of Accidental Software Pirates
A 2014 report, conducted by Flexera Software in tandem with IDC, found that 85% of enterprise businesses are out of compliance with software licenses. Most of these businesses have been audited by software companies within the last 2 years. Failing to stay in compliance with software licensing can result in accidental piracy. CFOs must understand the ins and outs of all company software licensing and stay on top of subscriptions to avoid steep true-up expenses and accidental piracy.
BMC Helix: Next Generation ITSM
Most Organizations Have Them
Of course, I’m referring to accidental software pirates. These accidental stealers of software occur at all levels of an organization. It’s easy for expired licenses to go unnoticed if you don’t have compliance auditing in place to ensure all license requirements are fulfilled.
Even a savvy CFO could miss a license renewal without the right tools, people and best practices in place to ensure that doesn’t happen. Here are a few tips on how your organization can avoid getting caught up in accidental piracy:
Create a Culture of Accountability
Many times whistleblowing occurs at an enterprise when a current or former employee feels disgruntled or otherwise disenfranchised by the organization. When you create a company culture that includes accountability, employees feel empowered to ensure that software compliance regulations are met.
Reassess Assets After Mergers and Acquisitions
If you acquire or merge with another company, it’s time for a deep-dive software compliance audit. Only through an internal audit can you ensure you have legal copies of software. Further, you know when it’s time for your licensing to be renewed, avoiding any lapses causing non-compliance.
Purchase Only Legal Copies of Software
It may go without saying, but only purchase and operate legal copies of software. Always make sure you are purchasing from a reputable source, such as directly from the software company itself.
Keep Good Records
The key to a successful compliance audit, should you be approached by a software company about compliance, is to maintain good records of use and licensing terms. By using an asset manager, companies can ensure all software is accounted for and other important information as well, such as subscription and licensing dates and agreement terms. If you’re working on spreadsheets, you should consider upgrading your compliance technology to BMC Remedy with asset management features.
Complete Routine Compliance Audits
Companies should run their own internal compliance audits, at least, annually, to ensure they remain software compliant and avoid accidental piracy. By preparing your files for audit routinely, you can easily accommodate a software company issuing an audit to your organization.
Audits are Brutal
One finding in the previous study suggests that businesses incur millions of dollars in penalties, including backpay for software licenses and hefty true-up fees. A true-up fee is a fee tagged onto the amount you need to bring your licenses and subscriptions current. For some businesses, these costs can be downright painful.
Software audits occur in more than 60% of organizations, which means you’ll probably incur an audit at least once in a two year period, maybe more. Although Microsoft is the most aggressive auditor, all the major software companies audit for compliance, including Adobe, IBM, and Oracle.
In most cases, piracy occurs in organizations, because employees are accidentally using software that hasn’t been paid for, either because a license lapsed or the license was purchased from a disreputable vendor. These mistakes can be avoided by implementing a top-down approach of accountable compliance asset management.
What is Enterprise Asset Management?
Enterprise Asset Management (EAM) is a process by which organizations focus on the lifecycle of assets to ensure they are being used safely, effectively and efficiently as possible. In other words, this refers to a company with an emphasis on EAM implementing software suites that aide and automate asset management processes and best practices.
True-Up Before You Get a Bill
A true-up occurs when a company compares the number of actual software license users to the good faith estimate of the initial contract. Then, the company pays the difference in the licensing fees. Large software companies have a keen interest in ensuring that enterprise clients pay for licenses they are using and will often conduct audits.
One way to keep good records and maintain accountability for use of software licenses is through a detailed EAM. You can also conduct your own internal software audit following the steps below:
Step 1: Determine What Software to Audit
For some, this may be a good time to take inventory of your software. If you already have a comprehensive software inventory, use it as a guide to determine which software is due for an audit. Discovery and dependency mapping software is often a good place to begin.
Step 2: Run a Usage Report
Run a usage report of your software, making sure to note any software that is not being used for removal. Then you can focus on true-up for applications that are currently in use within your organization.
Step 3: Determine Versions and Licenses are Up-to-Date
Now that you have a list of software being used within your organization, make sure you are running the up-to-date, legal version. Repeat this process until all software has been evaluated.
Many enterprise software vendors require organizations to complete the true-up process annually. Here are some best practices for ensuring your annual true-up is deployed successfully:
- The process is everything: Maintain a defined process of your true-up so you are better organized, more efficient and more successful.
- Stay on top of inventory: Analyze your server, device and user inventory during the true-up to ensure legal use.
- Consult with an expert: Consult with someone who understands your EAM in and out.
- Match inventory with licenses: Match your inventory numbers with your software licenses to determine that no pirated software is in play.
By staying organized and prudently facilitating internal software auditing for true-ups, you can honor the true-up commitments of your software provider agreements. The recommended timeframe for conducting this process is 90 days from the anniversary of your agreement.
BMC Can Help
For BMC customers, Helix ITSM has the asset management protections to ensure your company remains compliant in any situation. Remedy Asset Management offers the following for enterprise customers:
Visualize Your Assets
With dashboards and visual reporting, you can see how your assets are being used from moment to moment. No surprises.
Centralization of Assets
Consolidation of assets into a single access point makes managing assets easier than ever before. With Remedy, everything you need is accessible from one place and the information is easy to read and internalize.
Plan for Purchases
Use the information to implement cost savings and make future purchasing decisions. CFOs can make informed decisions based on real usage information.
Automate Asset Management
When integrated with BMC Helix Discovery and Dependency Mapping, asset management tasks can be automated, making the process even easier and more efficient.
Use this tool to audit for compliance, ensuring you meet requirements of internal and external agencies.
BMC Helix: Next Generation ITSM
BMC Helix ITSM combines the latest in digital and cognitive automation technologies to enable best-practice ITSM principles, helping you to provide intelligent and predictive service management across any environment. Learn more about BMC Helix ITSM
- Optimized for ITIL® 4
- Predictive service management through auto-classification, assignment, and routing of incidents
- Integrations with leading agile DevOps tools such as Jira
- Delivered in containers to enable operational and cloud deployment efficiencies
These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.
See an error or have a suggestion? Please let us know by emailing email@example.com.