RSS

Tag Archives: SAM

Slaying the dragon and saving the princess – audit style

We all love stories.  All of us. We love to hear about good overcoming evil – the prince saving the princess, the bad guy that's captured by the good guy.  In short, what we love are fairy tales.  The reality is we do not live in a world of fairy tales and sometimes, yeah, the bad guys do win. The prince, admired by many, is not such a good prince after all.  We trust without knowing they can be trusted.  So, what does this have to do with audits?

Businesses are built based on one concept – to solve a customer's problem.  You are their hero to save whatever pain they have or problem they can't seem to overcome.  You, are (as the story goes) their knight in shining armour.  Your customer needs someone to deliver a solution, you are just the good guy to do it.

Fast forward a couple years, your business is booming, your customers are happy, and in walks every IT nightmare…the auditor.  Eye glasses the size of saucers, a necktie tied just a shade too short, and a laugh that is about as annoying as a nail on a chalkboard; you are succumbed to a software audit.

How do you defend such evil?  The biggest mistake a hosting partner (or enterprise's in general) often makes is being fearful.  They give the auditors everything they ask.  That's not always bad, but if you don't understand why they are asking for certain things or feel they are painting you in a corner, take a step back.  Don't give in without understanding what they are asking and why.  Why do they want to know who your customers are?  Why do they ask about customer owned licenses?  Software Assurance? Historical information?  If you can't answer "why" maybe you need help.  In walks SPLA Man.  Nah, in walks Mrs. SPLA Man, every auditor's worst nightmare.  She put together the following list on how to better prepare yourself for the unexpected.

Mrs. SPLA Man's List

  1. Don't be fearful – no matter what, it's your business and YOUR customers.
  2. Have a plan.  Know what's in your customer agreements.  If you need to refresh your agreement language, do it.  Software licensing rules change daily, if you have not updated your contracts on license mobility or datacenter outsourcing, update it now.
  3. Don't bring unwanted attention to your organization.  Always report usage on time and pay on time.  80% of all delinquent reporting has nothing to do with the reseller or Microsoft.  It has everything to do with a SPLA partner's account payable dept.
  4. Don't have one person manage your usage reporting.  In a lot of cases, a person leaves a company who was the only one who worked with the reseller directly.  When that person leaves, who is responsible for reporting?
  5. Don't be pressured.  Audits can take up a lot of resources.  Don't give up customer engagements to satisfy an auditor.  Your customers are the lifeblood of your business, don't delay meetings with your clients.
  6. The publisher needs you.  You are their sales arm.  You bring the hybrid cloud to life.
  7. Find out from the publisher who manages your account.  When was the last time you spoke to them about strategy or best practices?
  8. Relax.  It's not the IRS auditing you (yet)
  9. Don't settle just to settle.  You didn't grow your business to the magnitude you've grown it without having negotiating skills (and guts).
  10. Don't be scared to ask for help.   Have a question?  Email info@splalicensing.com

Thanks for reading,

Mrs. SPLA Man

PS – Slay that dragon!

 

 

 

 

Advertisements
 
Leave a comment

Posted by on August 10, 2017 in Compliance

 

Tags: , , , , , , , , , ,

Steps to take to limit SPLA audit exposure

It’s the fourth quarter at Microsoft, this means audits are in full swing.  One of the easiest ways to collect large upfront payments are through SPLA audits.  Knowing this, what steps can you take to limit your audit exposure?

  1. Inventory – Although you submit a SPLA usage report each month, licenses are missed inadvertently.  When collecting inventory of what you should and should not report, be sure to include customer owned licenses.  If ANY customers are bringing licenses into your datacenter, they must have software assurance if it’s a shared environment.  Secondly, make sure to take a hard look at SQL.  To no one’s surprise, SQL is very expensive.  If you miss license SQL, it can add up really quickly.
  2. Agreements – Which MBSA agreement did you sign?  Don’t know what a MBSA agreement is?  Please ask your reseller for a copy.  Every SPLA customer has a signed Master Agreement.  This is the umbrella that ties all your Microsoft agreements together including SPLA.  There’s specific language in the agreement that goes over audits and the timeframe in which they are able to audit historically. Look closely at your agreements with your customer.  Did you mention they are responsible for licenses they bring into your datacenter?  Did you send them a license verification form for license mobility?  Do you have language that states they are responsible for anything under their Microsoft agreement but you are only responsible for yours?  Do you make the end user license terms (part of your signed SPLA) available to all customers?  Don’t know what an end user license terms agreement is?  Ask your reseller.
  3. Check AD closely.  Do you have administrative accounts that you are reporting?  What about test accounts?  Read your Microsoft SPLA agreement around testing, developing, and administrative access.
  4. Label server names appropriately – Label if a server is “passive” and label a server if it’s “development”.  This can save you time with the auditors.
  5. Check server install dates – If a server was active June, 2013 but nothing was reported on that server until June, 2015; Microsoft is going to ask A) what that server is doing and B) Why haven’t you reported it.  If it’s doing nothing, than shut it down before the audit.
  6. Check SAL licenses –  Do all users who potentially HAVE access are being reported?
  7. Check Office licenses – Do all users need access to Office Pro Plus?  Can they get away with Standard?  Did your engineers inadvertently publish Visio to every user when it only needs to go to a handful of end users?
  8. Double check server versions – Did your engineers accidentally install SQL Enterprise when it should be Standard?
  9. Are you taking advantage of all the use rights available?  As a SPLA, are you aware you can provide demonstrations to your customers at no charge?  Are you aware of the admin rights?  Are you aware you can run 50% of what you are hosting externally – internally?  (must actually report it all under SPLA – they are not free).
  10. Virtualization rights – Are you reporting SQL Enterprise to run unlimited VM’s? Are you running Windows Datacenter?  Remember, you do not license the individual VMs for Windows Server.  (You count physical cores which allows 1 VM for Standard or unlimited for Datacenter).
  11. MSDN, VDI, and other restrictions – No, you cannot host VDI and MSDN in a shared environment.  If you are, dedicate the servers immediately.  If you are hosting from the same hardware you are running internally, this also must be separated.
  12. Hiring Experts – Are they really experts or just advertise as such?

Hope this helps.  Any questions email info@splalicensing.com

Thanks for reading,

SPLA Man

 

 
Leave a comment

Posted by on April 25, 2017 in Compliance

 

Tags: , , , , , , , , , , , , , ,

Help me SAM!

I was on a call the other day and the customer was pleasantly surprised to learn about the SPLA program. Although I do not manage the program in its entirety like the old days, I will say this was a refreshing surprise. When you mention SPLA to a customer, account manager, or even Microsoft, more times than not you here a groan. ABS – Anything But SPLA! I am sure if there are resellers reading this, they would probably agree. Why no love for a program that is growing exponentially year/year? What are better alternatives…buy the licenses outright?

I don’t think the issue is with the program itself; after all, the ability to get started with zero upfront costs from a licensing perspective is pretty cool! I don’t even think the licensing is all that difficult once you get started. The pain point is understanding all the “gotcha’s” and the “in’s” as well as all the “outs” to make sure what you are doing is both compliant and cost-effective.  SPLA is an honor based system, but if you are found dishonest, it will cost you.

One of the biggest hurdles is tracking licenses. With the release of Azure, license mobility, and regular SPLA licenses, the ability to track licenses is becoming more complex.  End customers do not want to double pay for licenses already purchased and service providers don’t want to report SPLA if they don’t have to.  So what do you do?

That’s where my old friend named Sammy comes in. On premise customers have used SAM (Software Asset Management) for years as a mechanism to track licenses purchased and/or deployed.  This is not a one time snapshot, (although I guess it could be if you want it to be) but an ongoing strategy to make sure licenses are being consumed properly.  If they are not, at least they catch the problem before they get audited.

Service providers are different; very few have a SAM strategy.  Most service providers are taking part in license mobility and customer owned licenses more regularly. If you don’t believe me check out all the license mobility partners on Microsoft’s website.  If you thought SPLA is complex, try combining on premise licensing and SPLA and see what you have!

What does SAM really do? It’s a strategy. It will give you tools and a team of experts to help guide you through the ever-changing license use rights (SPUR or PUR for those playing at home).  In most cases, it provides you with the necessary resources to help protect you from vendor audits.  There are different levels of SAM to cater towards different types of environments.  Just like service providers, no two environments are the same.

Here’s my advice (if you are wondering) – if you are a service provider, get a SAM strategy in place.  There’s a saying I read somewhere ( I believe LinkedIn) that said if you think audit prevention is expensive, try being audited.  (paraphrased here but you get my point).

If you don’t have a SAM resource, email me, (blaforge@splalicensing.com) I can be your SPLA/SAM resource.  I guarantee I know the program better than most.  You can also check out our SAM services at SoftwareONE here

As always,  hope you find this helpful and gives you some ideas.

Thanks for reading,

SPLA Man

 
Leave a comment

Posted by on August 11, 2014 in Compliance

 

Tags: , , , , , ,

 
%d bloggers like this: