Software licensing has become more complex as IT environments have become more complex. Mobility, the cloud, multiple IT vendors with different licensing rules, and evolving licensing models are causing many organizations to fall out of compliance. In fact, 75 percent of companies believe that at least a portion of their software is overused or otherwise in violation of vendor license agreements, according to a recent survey.
This fact is not lost on software vendors, such as Microsoft, Adobe and Oracle, who have been cracking down on such violations with more frequent software license audits. For example, Oracle will typically audit customers every three or four years, or whenever noncompliance is suspected.
A software license audit is designed to ensure that every copy of software installed within an organization is properly licensed. If not, the vendor will demand that the organization pay the difference between the purchased licenses and actual usage (so-called “true-up costs”).
According to the survey, 65 percent of organizations were subject to a software license audit within the past year, while 23 percent were audited at least three times. And the costs are piling up as software vendors seek to maintain and build revenue through audits. Almost half (44 percent) of surveyed organizations paid $100,000 or more in true-up costs to vendors due to noncompliance, a sharp increase from 25 percent the prior year. Twenty percent paid more than $1 million in true-up costs, more than double the previous year (9 percent).
In addition to the financial impact, responding to an audit takes up valuable IT resources, which is particularly painful for small to midsize organizations with limited in-house IT resources. The more complex the IT environment, the longer it takes to respond to an audit, putting IT initiatives on hold and causing friction in an organization’s relationships with its software vendors. Because Oracle licensing is rather complex due to a number of a variables that affect entitlement calculations, many organizations struggle to respond to Oracle’s license review requests.
When responding to an audit, it’s not uncommon for organizations to discover that they’re wasting money on unused or underused software, referred to as “shelfware.” In fact, 93 percent of survey respondents admit that they spend money on shelfware. Three in 10 say that more than one-fifth of their software budget is wasted on shelfware. In many cases, this is the result of purchasing additional licenses as a way of overcompensating for software license compliance concerns.
Security is another consideration. Unlicensed software may not be supported by the vendor, which means that it won’t receive security updates and patches. Hackers target users of unlicensed software because it often has known vulnerabilities that are relatively easy to exploit. A security breach can be far more expensive and have longer lasting effects than a software license audit.
In the next post, we’ll discuss what to expect from a software audit, how to respond, and how to tighten up your software license compliance strategy.