RSS

Tag Archives: SAM

Steps to take to limit SPLA audit exposure

It’s the fourth quarter at Microsoft, this means audits are in full swing.  One of the easiest ways to collect large upfront payments are through SPLA audits.  Knowing this, what steps can you take to limit your audit exposure?

  1. Inventory – Although you submit a SPLA usage report each month, licenses are missed inadvertently.  When collecting inventory of what you should and should not report, be sure to include customer owned licenses.  If ANY customers are bringing licenses into your datacenter, they must have software assurance if it’s a shared environment.  Secondly, make sure to take a hard look at SQL.  To no one’s surprise, SQL is very expensive.  If you miss license SQL, it can add up really quickly.
  2. Agreements – Which MBSA agreement did you sign?  Don’t know what a MBSA agreement is?  Please ask your reseller for a copy.  Every SPLA customer has a signed Master Agreement.  This is the umbrella that ties all your Microsoft agreements together including SPLA.  There’s specific language in the agreement that goes over audits and the timeframe in which they are able to audit historically. Look closely at your agreements with your customer.  Did you mention they are responsible for licenses they bring into your datacenter?  Did you send them a license verification form for license mobility?  Do you have language that states they are responsible for anything under their Microsoft agreement but you are only responsible for yours?  Do you make the end user license terms (part of your signed SPLA) available to all customers?  Don’t know what an end user license terms agreement is?  Ask your reseller.
  3. Check AD closely.  Do you have administrative accounts that you are reporting?  What about test accounts?  Read your Microsoft SPLA agreement around testing, developing, and administrative access.
  4. Label server names appropriately – Label if a server is “passive” and label a server if it’s “development”.  This can save you time with the auditors.
  5. Check server install dates – If a server was active June, 2013 but nothing was reported on that server until June, 2015; Microsoft is going to ask A) what that server is doing and B) Why haven’t you reported it.  If it’s doing nothing, than shut it down before the audit.
  6. Check SAL licenses –  Do all users who potentially HAVE access are being reported?
  7. Check Office licenses – Do all users need access to Office Pro Plus?  Can they get away with Standard?  Did your engineers inadvertently publish Visio to every user when it only needs to go to a handful of end users?
  8. Double check server versions – Did your engineers accidentally install SQL Enterprise when it should be Standard?
  9. Are you taking advantage of all the use rights available?  As a SPLA, are you aware you can provide demonstrations to your customers at no charge?  Are you aware of the admin rights?  Are you aware you can run 50% of what you are hosting externally – internally?  (must actually report it all under SPLA – they are not free).
  10. Virtualization rights – Are you reporting SQL Enterprise to run unlimited VM’s? Are you running Windows Datacenter?  Remember, you do not license the individual VMs for Windows Server.  (You count physical cores which allows 1 VM for Standard or unlimited for Datacenter).
  11. MSDN, VDI, and other restrictions – No, you cannot host VDI and MSDN in a shared environment.  If you are, dedicate the servers immediately.  If you are hosting from the same hardware you are running internally, this also must be separated.
  12. Hiring Experts – Are they really experts or just advertise as such?

Hope this helps.  Any questions email info@splalicensing.com

Thanks for reading,

SPLA Man

 

 
Leave a comment

Posted by on April 25, 2017 in Compliance

 

Tags: , , , , , , , , , , , , , ,

Help me SAM!

I was on a call the other day and the customer was pleasantly surprised to learn about the SPLA program. Although I do not manage the program in its entirety like the old days, I will say this was a refreshing surprise. When you mention SPLA to a customer, account manager, or even Microsoft, more times than not you here a groan. ABS – Anything But SPLA! I am sure if there are resellers reading this, they would probably agree. Why no love for a program that is growing exponentially year/year? What are better alternatives…buy the licenses outright?

I don’t think the issue is with the program itself; after all, the ability to get started with zero upfront costs from a licensing perspective is pretty cool! I don’t even think the licensing is all that difficult once you get started. The pain point is understanding all the “gotcha’s” and the “in’s” as well as all the “outs” to make sure what you are doing is both compliant and cost-effective.  SPLA is an honor based system, but if you are found dishonest, it will cost you.

One of the biggest hurdles is tracking licenses. With the release of Azure, license mobility, and regular SPLA licenses, the ability to track licenses is becoming more complex.  End customers do not want to double pay for licenses already purchased and service providers don’t want to report SPLA if they don’t have to.  So what do you do?

That’s where my old friend named Sammy comes in. On premise customers have used SAM (Software Asset Management) for years as a mechanism to track licenses purchased and/or deployed.  This is not a one time snapshot, (although I guess it could be if you want it to be) but an ongoing strategy to make sure licenses are being consumed properly.  If they are not, at least they catch the problem before they get audited.

Service providers are different; very few have a SAM strategy.  Most service providers are taking part in license mobility and customer owned licenses more regularly. If you don’t believe me check out all the license mobility partners on Microsoft’s website.  If you thought SPLA is complex, try combining on premise licensing and SPLA and see what you have!

What does SAM really do? It’s a strategy. It will give you tools and a team of experts to help guide you through the ever-changing license use rights (SPUR or PUR for those playing at home).  In most cases, it provides you with the necessary resources to help protect you from vendor audits.  There are different levels of SAM to cater towards different types of environments.  Just like service providers, no two environments are the same.

Here’s my advice (if you are wondering) – if you are a service provider, get a SAM strategy in place.  There’s a saying I read somewhere ( I believe LinkedIn) that said if you think audit prevention is expensive, try being audited.  (paraphrased here but you get my point).

If you don’t have a SAM resource, email me, (blaforge@splalicensing.com) I can be your SPLA/SAM resource.  I guarantee I know the program better than most.  You can also check out our SAM services at SoftwareONE here

As always,  hope you find this helpful and gives you some ideas.

Thanks for reading,

SPLA Man

 
Leave a comment

Posted by on August 11, 2014 in Compliance

 

Tags: , , , , , ,

 
%d bloggers like this: