License Dashboard: expect a vendor audit

Recent research from Gartner and Forrester has sparked Sean Robinson, director at License Dashboard, to explain just why the majority of organisations will be audited by software vendors over the next 12 months. And that organisations will be lucky if this happens just once.

Vendors, Robinson says, audit their customers simply because software sales are a commercial business – as such, the  vendors need to maximise their sales and make sure they pay up when they need to.

Robinson points to 2011 research from Ernst & Young, which combed a list of vendors to find out why they audit their customers. A clear majority said that, simply put, it’s a way to make extra cash.

There are other factors too. Auditing, in the eyes of a vendor, can protect intellectual property rights, encourage better software asset management, and reduce piracy.

According to License Dashboard, though, there are three factors organisations should pay attention to.

The first Robinson notes is inconsistency in purchasing. There are a myriad of ways a business can buy software and plenty of no-brainer cases where there will be a visible difference. “You might buy tens of thousands of pounds worth of software one month and then nothing for the next eight,” Robinson says. “An organisation that typically buys off a volume licensing scheme designed for high volume transactions suddenly switching to much smaller volumes can also arouse suspicion”.

Whether or not an orgainsation is struggling to get its head around a robust software procurement strategy, the above can lead vendors to that perception. Which, according to Robinson, is key.

Another red flag will be a poor history of compliance.

“If an organisation gets audited once and turns out to be in a poor state of compliance,” Robinson says, “it is hardly surprising that the vendor in question may want to revisit the same organisation again in the future”.

He argues that though vendors do go to some effort to help customers learn from audit experiences, they will also keep cautious about the customer’s best practices in the future.

Thirdly, it depends on the size of an organisation. According to Robinson, organisations with under 250 PCs and servers on their network won’t usually expect to receive direct audit request from vendors.

But he does point out that SMEs can’t rest on their laurels, as  they are frequently subject to third party licensing watchdogs like the Business Software Alliance.

Matt Fisher, sales & marketing director at License Dashboard, told ChannelBiz UK that perhaps it is time for the BSA to rethink some of its policies. We put it to Fisher that there is a possibility the BSA’s practices stifle growth for SMEs.

“Any unexpected costs are obviously bad news for growing organisations, but that doesn’t excuse poor software management practices,” Fisher said. “That said, it is perhaps time the BSA reviewed its current enforcement practices; the UK piracy figures have barely changed for a number of years, so that does suggest that current efforts are not fully working.”

“Rather than heeding the BSA’s warnings, many businesses seem to be becoming immune to the threat of audit; and that can’t be good for anyone,” he said.

According to Fisher, it is more about awareness than enforcement.

“The BSA would be better served by focusing on the positive aspects of license management and acting as a facilitator between its software publishing members,” Fisher said, “tools vendors such as License Dashboard and end users.”

Sean Robinson says that changes in an organisation’s size can also trigger an audit. “Especially where a vendor perceives there to be rapid expansion in IT kit or employees,” Robinson says, “historically a time when many organisations fail to keep up with software licensing”.

The only way, according to License Dashboard, to avoid software audits is to demonstrate a coherent software purchasing strategy “right from the start” – to “never fail a software audit”, and to keep a company small enough to avoid the BSA or vendor taking note.

“Clearly this approach is impractical in the real world,” Robinson says, “so the next best solution is to accept that an audit is going to happen at any time and to practice good software asset management”.

Businesses should keep comprehensive software inventory and enforce internal deployment policies so they can dodge accidentally using a piece of software without a licence.