RSS

Category Archives: Compliance

Microsoft SPLA Audit Notifications…

Tis’ the season to be merry!  To bring a little holiday cheer, Microsoft is gifting you an audit!  In this article, I will break down some of the tricks to stay ahead of the game when Mr. Audit comes knocking.  If you need help, please email us at info@splalicensing.com We have the resources and the expertise to help navigate through the process.

Do’s of an audit:

  1. Do a pre audit yourself.  This is best to engage a third-party to know what is in your environment and what the auditors will look for.  I like to think of it this way, if you pay your reseller 20k dollars a month (as an example) don’t you want to make sure you get it right?
  2. Use your own tool or method to collect the information.  We know (and so does Microsoft) that you may not be collecting everything that auditor’s will  look for but that’s one of the reasons why you should engage a third-party.  We can use your data but we will compare it against the licensing rights so we know the risk before it becomes a risk.
  3. Know and understand customer owned licenses.  Auditors will look at everything that is installed in your hosted environment.  You need to know what you should be reporting and what you can get away with not reporting.
  4. Engage with the publisher, not disengage.  Avoiding the notification will not solve anything and put you in a tricky situation.
  5. Keep calm.  Overreacting doesn’t help your cause.

Don’t’s of an audit:

  1. Similar to 4-5 mentioned above, don’t be a jerk.  Kind of like getting mad at another driver at a stoplight, it never solves anything.
  2. Hire a law firm to work with Microsoft on your behalf.  If that happens, the publisher will engage their legal and it becomes very black and white.  In this case, my bet is on the company with the billions of dollars in their bank account.  If you engage in a third-party, it’s best to work with the third-party directly with your organization, not the third-party work with the publisher.
  3. Give the auditors everything they ask.  Sometimes they ask for things that are not relevant to the situation.
  4. Throw in the towel.  Even organizations who never report SPLA but are hosting can find a way to negotiate.
  5. Rush to close it.  There are strategies that work out to your benefit if you hold off.  Another benefit is it may give you better financial options.

Happy Holidays!

Thanks for reading,

SPLA Man

 

Advertisements
 
Leave a comment

Posted by on November 27, 2017 in Compliance, Uncategorized

 

Tags: , , , , , , ,

SPLA Audit Season…

The air is getting colder (at least on this side of the hemisphere), the leaves are changing, and the aroma of burning firewood fills the night time air.  That’s right, audit season is upon us!

Why audit season?  Microsoft is concluding their first half of the fiscal year in December, which means revenue demand is a high priority.  It happens at the end of the year and in June when the fiscal year closes.  There’s no easier way to achieve revenue targets than going after organizations in the form of an audit.  Don’t be left in the dark.  If you are going through an audit, we have the resources to help support you.  Our team consists of:

Ex Microsoft auditors who know the game and negotiation tactics.

Licensing experts (who else has a blog dedicated to the nuances of licensing)

Cost optimization professionals

Audit tools and license management as a service

If you are going through a SPLA audit, don’t do it alone. You don’t want to pay more money than you have to just to please a vendor.  If you have questions on the process or need a recommendation, you can email blaforge@splalicensing.com

Thanks for reading,

SPLA Man

 

 

 
Leave a comment

Posted by on September 13, 2017 in Compliance, Uncategorized

 

Tags: , , , , , , ,

Slaying the dragon and saving the princess – audit style

We all love stories.  All of us. We love to hear about good overcoming evil – the prince saving the princess, the bad guy that's captured by the good guy.  In short, what we love are fairy tales.  The reality is we do not live in a world of fairy tales and sometimes, yeah, the bad guys do win. The prince, admired by many, is not such a good prince after all.  We trust without knowing they can be trusted.  So, what does this have to do with audits?

Businesses are built based on one concept – to solve a customer's problem.  You are their hero to save whatever pain they have or problem they can't seem to overcome.  You, are (as the story goes) their knight in shining armour.  Your customer needs someone to deliver a solution, you are just the good guy to do it.

Fast forward a couple years, your business is booming, your customers are happy, and in walks every IT nightmare…the auditor.  Eye glasses the size of saucers, a necktie tied just a shade too short, and a laugh that is about as annoying as a nail on a chalkboard; you are succumbed to a software audit.

How do you defend such evil?  The biggest mistake a hosting partner (or enterprise's in general) often makes is being fearful.  They give the auditors everything they ask.  That's not always bad, but if you don't understand why they are asking for certain things or feel they are painting you in a corner, take a step back.  Don't give in without understanding what they are asking and why.  Why do they want to know who your customers are?  Why do they ask about customer owned licenses?  Software Assurance? Historical information?  If you can't answer "why" maybe you need help.  In walks SPLA Man.  Nah, in walks Mrs. SPLA Man, every auditor's worst nightmare.  She put together the following list on how to better prepare yourself for the unexpected.

Mrs. SPLA Man's List

  1. Don't be fearful – no matter what, it's your business and YOUR customers.
  2. Have a plan.  Know what's in your customer agreements.  If you need to refresh your agreement language, do it.  Software licensing rules change daily, if you have not updated your contracts on license mobility or datacenter outsourcing, update it now.
  3. Don't bring unwanted attention to your organization.  Always report usage on time and pay on time.  80% of all delinquent reporting has nothing to do with the reseller or Microsoft.  It has everything to do with a SPLA partner's account payable dept.
  4. Don't have one person manage your usage reporting.  In a lot of cases, a person leaves a company who was the only one who worked with the reseller directly.  When that person leaves, who is responsible for reporting?
  5. Don't be pressured.  Audits can take up a lot of resources.  Don't give up customer engagements to satisfy an auditor.  Your customers are the lifeblood of your business, don't delay meetings with your clients.
  6. The publisher needs you.  You are their sales arm.  You bring the hybrid cloud to life.
  7. Find out from the publisher who manages your account.  When was the last time you spoke to them about strategy or best practices?
  8. Relax.  It's not the IRS auditing you (yet)
  9. Don't settle just to settle.  You didn't grow your business to the magnitude you've grown it without having negotiating skills (and guts).
  10. Don't be scared to ask for help.   Have a question?  Email info@splalicensing.com

Thanks for reading,

Mrs. SPLA Man

PS – Slay that dragon!

 

 

 

 

 
Leave a comment

Posted by on August 10, 2017 in Compliance

 

Tags: , , , , , , , , , ,

Yikes…how to move from one cloud to the next.

The latest buzz word in this crazy IT world in which we live is not “Cloud” it’s “Hybrid Cloud”.   Even the definition of hybrid cloud has evolved throughout its short existence. Having a mix of on premise workloads and cloud workloads has transformed into having workloads spread throughout different cloud vendors as well.  “Cloud Sprawl” is born and guessing is here to stay.

In this article, we will review how the licensing works to move a customer’s workload from one cloud to another; customer’s owned licenses back to on premise; and customers on premise licenses back to your cloud.  As the title of this article states..Yikes!

Moving away from your cloud to another cloud

So, your sales rep “accidentally” promised the world to your customer that he/she could not deliver.  Unfortunately, they now want to move to another provider.  First thing to do is fire the sales rep.  Second thing to do is read your SPLA agreement.

When you sign a SPLA agreement (or any Microsoft agreement) your license keys are your license keys.   The data is not yours, but the keys are (at least while you have an active agreement – remember, SPLA is non-perpetual license). License keys are not to be transferred, resold, etc. over to another datacenter provider.   Where does it say that?

In section 6C, page 5, of the 2017 SPLA Indirect Agreement “Copying and distribution of Products and Software documentation” states: “customer may distribute original media or software contains products only to outsourcing company and affiliates.”  Another cloud provider is not your affiliate or outsourcing company, they are your competitor.  The section continues: “Customer may distribute original media or software containing client software and/or redistribution software to its end users.”

What that statement is saying is the service provider can provide the image to their client but not to another service provider.  If they do this, Microsoft requires the license keys to be removed first.  Remember, your keys are your keys, not theirs. As mentioned, the data is not yours either.  An end customer has the right to transfer their data from your datacenter to another provider.  You can also transfer the media to your customer, but not to another service provider as the statement suggests.

Over the years, the transfer of data, transferring images, and using outsourcing companies has made it difficult to track which media/keys belong to which company.  My recommendation is to have language in your agreement that is like the one in your SPLA to protect you.  Is this a gray area?  Absolutely.  My other recommendation is that no matter which keys belong to which organization – be sure to license the environment correctly; in the end, that’s the most important part.

Customer’s owned licenses back to on premise 

The same sales rep screwed up again.  They promised the customer that by moving to your cloud environment they would never be audited again.  Guess what?   They got audited.  Now they are upset and want to move back to on premise.  How does the licensing work?

In this situation, let’s assume the customer is moving workloads that have software assurance (SA) and are using license mobility. (even if they didn’t, same rules would apply.  I just like using license mobility because it’s more common).   Whenever an end customer transfers their own licenses (not SPLA) it’s important to read the Product Terms, not just the SPUR.  The Product Terms is for volume licensing, which applies to customer owned licenses.  The SPUR, as we all know is for SPLA.  Two different programs, two different use rights.

Page 84 (good Lord this is a massive document) of the 2017 Product Terms states “Customer (your end customer) may move its licensed software from shared servers (license mobility) back to its Licensed Servers or to another party’s shared servers, but not on a short-term basis (not within 90 days of the last assignment).

When you buy a license through volume licensing (VL), you assign that license to a server.  That’s one of the reasons you cannot mix SPLA and VL on the same server (different use rights).  When you assign that server to a different server farm (another datacenter provider) that server license cannot move within 90 days of assignment.  If your end customer gets upset and demands you transfer their licenses back to their premise, you can pull out this little blurb in the Product Terms.  I would recommend having language in your agreement that states the same.

You might be wondering – “isn’t the benefit of Software Assurance the ability to move workloads freely without worrying about the 90-day rule?”  That’s true and I’m glad you brought that up.  If it’s within the same server farm, workloads can move freely.  Pay attention to page 84 of the Product Terms as well as the definition of a server farm.

One of the best lines in the Product Terms happens to be on the same page (84).  “Customer (again, customer in this example is your end customer) agrees that it will be responsible for third-parties’ actions about software deployed and managed on its behalf” I would definitely include that statement with your customers.

Moving back to your cloud

You gave your sales rep an ultimatum, win the customer back or lose your job!  Your sales rep won the customer back.  Now your customer can move back to your cloud, but make sure you follow the license mobility use rights as mentioned above.  Remember the 90 day rule.  Once a customer assigns a license back to their premise, they have to wait 90 days to move it back.  Secondly, if they do not have SA, you must dedicate the entire infrastructure for your customer.  Dedicated means the hardware used to support the solution.

The moral of this story?  Make sure you have a good sales rep!  Secondly, read the SPUR, Product Terms, SPLALicensing.com, and have language written in your agreement to protect yourself.  Lots of talk about moving to the cloud, moving away from it is just as important.

Thanks for reading,

SPLA Man

 

 

 

 

 
Leave a comment

Posted by on August 3, 2017 in Compliance

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , ,

Don’t be Jimbo

Jimbo had a small IT firm for which he provided backup, security, and hosting for two clients.  He also purchased Office 365 licenses for a handful of users directly from the Microsoft Office 365 website and would bill them accordingly.  Jimbo also had an application he tried to develop to help end users better communicate with one another. It was similar to SharePoint, but more seamless and had better integration with third-party applications.  He had a SPLA, and had one person who submitted their usage report to their reseller.  Unfortunately, that person got sick and passed away.  Jimbo was sad and so was the rest of the staff.

To put his mind at ease, he spent every waking hour improving his application.  He thought it was going to be the next best thing.  I experienced the application firsthand myself, and found it to be a powerful tool.  I even asked to invest in it, but without any money, (Mrs. SPLA Man spent it all at Target), I had nothing to invest with.

Fast forward a year later.  Jimbo is still working on improving the application, and he's still hosting.  One day, Jimbo received an email from Microsoft.  It was titled “Self-Audit”, Jimbo was getting audited.  One thing left unmentioned, Jimbo is the nicest guy on the planet. He replied to Microsoft and in the end, provided them with everything.  All his server information, customer name, and reporting history.  It was an auditor’s dream.

Several weeks later, Microsoft provided Jimbo with the findings.  He owed $450,000 in unreported licensing fees.  Why so high?  No usage was being reported since the lady who reported SPLA passed away.  When she was reporting, she reported the wrong thing.  Instead of licensing Windows Datacenter, she reported Standard.  Instead of reporting physical processors and/or cores, she reported per VM.  Everything was a mess.  Jimbo, who neglected his hosting practice for months to focus on his application, was left feeling very uncertain about his future.  He did not have the funds to pay for licenses.

It’s unfortunate, but Jimbo had to shut down his hosting business.  The application he built?  Stopped.  He tried to sell it, and last I heard very few were interested.

Why such a depressing story and was it true?  Yes, the story is true (although slightly embellished).  Why share it?  I am telling you the story because there are too many organizations doing the same thing.  They have one person who manages the licenses, one person who was in contact with the reseller, and one person who knew what they were reporting.  What happens if that person leaves?  Too many organizations are also buying Office 365, but not getting the best discount.

Licensing is challenging, and in the case of Jimbo, his love wasn’t reporting usage, it was developing an application.  He should have had allocated resources to help manage his SPLA, so he could focus on what he knows best, the technology.

I am always asked why I created splalicensing.com and what's so different about SPLA Man than other blogs.  I think the main difference is honesty.  I am your licensing Siri or Alexa.  I am SPLAlexa. (that was bad).  Don’t be Jimbo.

Thanks for reading,

SPLA Man/SPLAlexa

 

 

 

 

 

 

 

 
Leave a comment

Posted by on July 24, 2017 in Compliance

 

Tags: , , , , , , , , , , , , , , , , , ,

Opinion – Microsoft audits will skyrocket in 2018

Microsoft compliance programs are not going away and will increase significantly in the coming years.  Why such a doom and gloom outlook?  In this article, I will highlight some of the reasons but more importantly the ways to stay ahead of the game before Mr. Audit comes knocking on your door.

This past week, most of my articles had to do with CSP, Azure, and more CSP.   To no surprise, CSP is the direction Microsoft is moving towards for the partner community.  Check out my friend www.csplicensing.com 🙂 Licensing is not getting easier, in fact it’s getting harder.  Check out my Azure Stack article if you don’t believe me.  That article will either put you to sleep or give you a headache.

In today’s world, a service provider is not just licensing SPLA, they are combining on premise licenses, different cloud vendors, and hybrid licenses.   Unless you focus full-time on licensing, one misstep can ruin an organization.  In the coming weeks and months, I will focus heavily on all the cloud transitions and as the title of this blog site states ‘uncover the complexities of SPLA licensing.”

So why will audits rise?   There’s two reasons: 1) Licensing is confusing.  Publishers know there’s no “one-size fits all” solution to solving all licensing complexities and scenarios.  2).  With the push towards the public cloud (such as Azure), CFO’s and owners will start to wonder why they mess with the licensing at all, especially after a large compliance settlement  from an audit.  The goal will be to move to AWS or move to Azure and let them deal with the complexities licensing.

What do you do?   Throw in the towel and say, “they win” or develop a strategy to maintain compliance and create a solution to help your customers?  My advice? Don’t throw in the towel.

  1. Develop a license management practice.  Licensing is a full-time commitment (Full-time job).
  2. Don’t cave in.  I get it, that’s easier said than done – even for SPLA Man.  I HATE confrontation in all areas of my life but compliance.  I always like to see the underdog win the audit battles.  When SPLA started, I felt it was the rest of the world v. the SPLA community.  ABS – Anything But SPLA.  I still feel that way today (even stronger).  When was the last time you talked to a representative or were offered advice to help grow your business?  I am an advocate for the hosting community and the primary reason I started this blog in the first place.  Checkout my “About” section written over 4 years ago.  Don’t get bullied into the tricks of the audit.  If you need help, ask.
  3. Eliminate risk before it becomes a risk during the audit.  Going back to point #1, create a practice, understand the areas of concern, and correct it before the auditors force you to.  The time is now.
  4. I promote 3rd party advocacy for support.  I like to say, “there’s the publisher’s way and then there’s the real way” both are compliant, but one will cost you a lot more than the other.

Will audits be on the rise in 2018?  Yes. And 2019, 2020, and 2021.  After that who knows, we might be flying around the moon and vacationing on Mars.  Licensing is a dangerous game but everyone can win – if they have the right strategy in place.

Thanks for reading,

SPLA Man

 
Leave a comment

Posted by on July 19, 2017 in Compliance, Uncategorized

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , ,

What is a Service Provider?

The year 2017 has brought on A LOT of change for the hosting community.  A hosting company used to be an organization that hosted Exchange – fast forward to today and a service provider takes on a whole new meaning.  In this article, we will take a look at defining a service provider and how it applies to licensing.   Let’s play a little game called “Do they qualify”  Have a question?  Email info@splalicensing.com

An organization that provides or extends  litigation software (that they leased from the publisher) to law firms and other legal entities who are not wholly owned by the organization providing the solution. Does this organization qualify for SPLA?

Yes.  If you are an avid reader of splalciensing.com, you probably read my article on EMR Software The same holds true for any software (not just EMR) that runs on Microsoft technology that you do not own, but lease from a third-party.   Remember “AS”  If you are providing software AS a service that’s hosted from your datacenter environment,  SPLA must be part of the equation.  Why does this solution qualify for SPLA?

#1 they don’t own the software they are hosting

#2 they do not own the organization(s) who are consuming (using) the software for their benefit.

An organization who sells a product on a website to external users –   do they qualify for SPLA?

No.  Although they are selling something to consumers via the internet, the software used to deploy the solution benefits the e-commerce company, not the end-user.   Where SPLA does fit is if the web company decides to host a website on behalf of another organization.  The web company would fall under the SPLA rules.  Who benefits from the access is a key question to ask yourself.  Second question – is the access used to run their business or my own?

An organization who provides SharePoint to end users to share information.  Do they qualify?

No.  Simply sharing information does not qualify.  If the organization was hosting SharePoint on behalf of another organization, that’s SPLA.

A company hosts Exchange on behalf of another organization but does not charge for this access.  Does this qualify for SPLA?

Yes.  Microsoft doesn’t care how much money you make from the solution.  The question remains – are you providing this “as a service” for a third-party?

A company decides to use AWS as their datacenter provider to host an application they use internally.  Do they need SPLA?

No.  In this example, you are the end-user.  AWS has a SPLA to cover all infrastructure products they host on your behalf.  If you were to use AWS as a datacenter provider to host SharePoint to your end customers employees; you would pay AWS for Windows and SQL and report on your SPLA SharePoint SAL licenses.

 

I have 25 Linux machines that I host for my customers.   Do I need SPLA? 

No.  You have 25 Linux machines.  If you had 24 Linux machines and 1 Windows VM, you would have to license the host machine to cover that Windows VM through SPLA.

My reseller told me I didn’t need SPLA because the access qualifies for Self-Hosted.  The auditors told me it does not qualify.  Why?

All software used to deploy the solution has to be self-hosted eligible.  I bet you are running an application that does not qualify as part of your solution.  This would be SPLA.  Secondly, if you did not buy the software with software assurance, that is out of compliant.

Thanks for reading,

SPLA Man

 
Leave a comment

Posted by on July 18, 2017 in Compliance, Uncategorized

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

 
%d bloggers like this: