Caught by a Microsoft Audit on Nonproduction Systems (May 3, '15)



Return to News & Media

 

Terms of use

SAM Summit 2015 John Grubb

Caught by a Microsoft Audit on Nonproduction Systems

When Microsoft decides to audit a customer, the software titan looks for specific red flags. No one is surprised when the auditor checks usage against paid licenses or digs into their virtualized environment. But few customers are prepared for the bill Microsoft hands them after auditing their non-production systems.

"For Microsoft, non-production software is low-hanging fruit. Most people don't pay attention to it, so they don't have it properly licensed," says John G. Grubb, founder of software asset management firm SoftwareAdvocates and longtime Microsoft technology strategist.

Grubb is leading three sessions at the 2015 IBSMA SAM Summit in Chicago, June 8-10. On June 10, he'll discuss licensing for Microsoft non-production systems (one of the top ten Microsoft compliance gotchas he'll discuss on June 9).

Cracking the code

Most SAM managers find licensing for non-production systems to be a grey area that may require a combination of production licenses and MSDN (Microsoft Developer Network) subscriptions. MSDN subscriptions are licensed individually, and everyone who uses the software to develop, design, or test applications must have a subscription—and that's where compliance gets especially hazy, according to Grubb.  

"MSDN is user based, so everybody who touches it—except for qualified user acceptance testing—must have a license. This includes even the people who are system admins, people who build and manage the servers for the developers." In other words, employees you don't consider part of your development, testing, or QA teams require MSDN subscriptions for you to maintain compliance.  

Grubb points out that licensing non-production systems seems complex until you "crack the code on it." All MSDN licenses aren't created equal, and Microsoft may disagree that you're using your subscriptions properly. Some levels of subscription don't cover every product that you may be using in your testing systems, for instance, or you may have accidentally purchased the wrong ones. In the worst case scenario, you may have 50 MSDN licenses, but all 10,000 people in your organization have access to the non-production systems.   

"Even if all 10,000 people didn't touch those systems, Microsoft assumes that if they could, they did—and you could be held liable for this oversight," says Grubb.

Noncompliant non-production systems are surprisingly common. In fact, the majority of the customers Grubb speaks with have gaps. This becomes an extremely expensive licensing oversight during an audit, especially when Microsoft starts digging into your databases. Grubb describes creative ways to cover the licensing of non-production systems, but, as he says, "You have to be really savvy."

He points out that licensing non-production systems is likely to get even trickier because, with Visual Studio 2015, Microsoft is making major changes to its MSDN offerings.

Learn how to assess your non-production systems and mitigate licensing issues (and the other nine common mistakes SAM managers make when licensing Microsoft software) from Grubb during his SAM Summit sessions.

View the full 60-plus session agenda including the new Microsoft Track at SAMSummit.com.

Additional reporting by Leslie T. O'Neill

Photo: John Grubb, 2014 SAM Summit, by Patrick T. Power Photography

Published by ECP Media LC
P.O. Box 1549 | Ann Arbor, Michigan 48106-1549 U.S.A.
ECPweb.com | Office and fax: 1.734.930.1925

ECP articles are provided to IBSMA by arrangement with ECPweb.com.

Terms of use

This publication is designed to provide accurate and authoritative information regarding the subject matter. Neither the publisher nor the author(s) is offering legal, accounting or tax advice. Although care has been exercised and every attempt made to verify the information in this publication, neither the publisher nor the author(s) is responsible for errors or omissions. Neither the publisher nor the author(s) is affiliated with nor endorsed by any organization listed here or by any subsidiary company. Trademarks are the property of their respective owners. ITIL® is a registered trademark of the United Kingdom's Office of Government Commerce. The Certified by ECPweb.com logo is a licensed trademark of ECP Media. The publication may be printed for personal use. The publication MAY NOT be printed for distribution in a public or private venue (i.e., conferences, trade shows, direct mailing, etc.).

© 2015 ECP Media LC (ECPweb.com) No part of this publication may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form, or by any means (electronic, mechanical, photocopied, recorded or other) without the prior written permission of both the copyright owner and the publisher.

IT IS ILLEGAL TO DISTRIBUTE OR RESELL THIS PUBLICATION IN ANY FORM WITHOUT THE EXPRESS WRITTEN CONSENT OF THE PUBLISHER. THIS PUBLICATION IS LICENSED FOR PERSONAL USE. IN ADDITION TO LEGAL ACTION, THE ORIGINAL PURCHASER MAY BE CHARGED FOR ALL ILLEGAL COPIES.