What Are Software Company Compliance Managers Thinking? (Dec. 9, '14)

Return to News & Media


Terms of use

What Are Software Company Compliance Managers Thinking?

The more customers understand about software vendors, the better they'll be at managing software

By Steven Russman, Director of IBSMA

It’s that time of year again when I change hats, so to speak. I focus on developing the Compliance Manager Summit agenda for software industry compliance executives. As a software asset manager you may think that I’m siding with an adversary; the auditor, the sales-driven enforcer. But the truth is that the more you understand the motivation, needs and habits of the software vendors, the better you’ll be at managing software and avoiding audits.

IBSMA launched this conference in 2013 and it’s been growing every year. It’s our way of bridging the gap between software publishers and you—the customers—to elevate understanding and promote innovation in the software industry.

Executives from Hewlett Packard, Oracle, Adobe and EMC implored fellow compliance managers at the 2014 Summit to trust their customers more and audit less. The result, they said, will be greater returns.

"We were considered the hammer—we took what we needed. And we got this really bad reputation in the industry,” said Melissa Alexander, Oracle’s license management services senior manager, enterprise accounts, at the Summit’s opening panel discussion. “We've spent over a decade trying to fix that. Now we want to be that helpful partner.”

The drive to change the dynamics around software license compliance from enforcement and audit to education and transparency is still underway. The panelists described a slow shift from dreaded regulators to a perhaps grudgingly accepted partner. They advised attendees to aim for a delicate balance: Build a friction-free partnership with customers while also driving revenue through software compliance.

Mutual dislike for audits

"If I never have to do another audit, that would be a really good thing," said Christian Pruitt, Hewlett-Packard's director of worldwide compliance of software, hardware and support. I'm not altruistic in this business—all of my metrics derive around driving revenue. But I can do it without audits. I can drive value through the educational model.”

SAM managers often struggle with understanding both what software they have installed across their enterprises, and what the licensing contracts are for each application from myriad vendors. Increasing SaaS and cloud deployments further complicate the licensing picture for most compliance managers. 

"We understand it's difficult to know what they've deployed. We'll help those accounts build that picture of hardware and software. We'll work with them so they can make decisions about how to get from where they are now to where they want to be," said Jared Collins, world wide director of asset management services at EMC Software.

He pointed out that EMC customers often come to him looking for help. They need to gain a clearer picture of the software and hardware they've purchased and the maintenance contracts they've signed. And Collins realizes that until they better understand their contractual obligations, they may refuse to make any additional purchases.

Collins, Pruitt, and Alexander all described a sort of dance they do to protect their companies' software while preserving the existing relationships with their customers. They described the ways they engage with customers to try to minimize the tension inherent to an audit, whether they send a notification letter or not. They each try not to begin the process as a suspicious adversary, trusting that the customer will be as honest as they can be with the information they know.

"We talk with complete transparency and establish a baseline for customers so they know what they need to purchase,” said Summit panelist Bonnie Pau, Adobe's director of Americas, license management. She added that even though customers might view her department's work as "just a sales pitch," they're actually trying to help them avoid dealing with an expensive compliance shortfall.

For Pau that means focusing the conversation with noncompliant customers on data about the customers' software deployments, usage and entitlements. She advises full disclosure when sharing the data with customers and demonstrating to them how the data was verified and validated because taking a data-driven tack enables customers to understand gaps in their licensing contracts and identify what they’re required to pay for.

Hewlett-Packard's Pruitt said he asks, "[it's] not do we trust you, but do you have what you need to manage our intellectual property? This leads to a more collaborative environment with less friction."

Stay tuned for more insights from the 2015 Compliance Manager Summit, March 12-13, San Francisco.

Leslie T. O'Neill contributed to this post.

Published by ECP Media LC
P.O. Box 1549 | Ann Arbor, Michigan 48106-1549 U.S.A.
ECPweb.com | Office and fax: 1.734.930.1925

ECP articles are provided to IBSMA by arrangement with ECPweb.com.

Terms of use

This publication is designed to provide accurate and authoritative information regarding the subject matter. Neither the publisher nor the author(s) is offering legal, accounting or tax advice. Although care has been exercised and every attempt made to verify the information in this publication, neither the publisher nor the author(s) is responsible for errors or omissions. Neither the publisher nor the author(s) is affiliated with nor endorsed by any organization listed here or by any subsidiary company. Trademarks are the property of their respective owners. ITIL® is a registered trademark of the United Kingdom's Office of Government Commerce. The Certified by ECPweb.com logo is a licensed trademark of ECP Media. The publication may be printed for personal use. The publication MAY NOT be printed for distribution in a public or private venue (i.e., conferences, trade shows, direct mailing, etc.).

© 2014 ECP Media LC (ECPweb.com) No part of this publication may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form, or by any means (electronic, mechanical, photocopied, recorded or other) without the prior written permission of both the copyright owner and the publisher.