RSS

Tag Archives: SPUR

Microsoft Online Services Terms – What you need to pay attention to before signing your Azure agreement

There’s a lot of benefits to moving to Azure, I’ll let your Microsoft account team review them with you.  On this website, we are not that concerned about the benefits, all we care about is the licensing.  In this article, we will review the Microsoft Online Services Terms.

What is the Microsoft Online Services Terms?  First starters, it used to be called Microsoft Online Services Use Rights or MOLSUR for short (or long).   It is now called OST pronounced OAST when speaking to Microsoft.  Basically the OST defines how you may consume online services through Microsoft.  You can download a copy here.  Although your legal team should review the document in its entirety, below are some of the highlights I think you will find relevant and are often overlooked.

License Reassignment 

“Most, but not all, SLs may be reassigned. Except as permitted in this paragraph or in the Online Service-specific Terms, Customer may not reassign an SL on a short-term basis (i.e., within 90 days of the last assignment). Customer may reassign an SL on a short-term basis to cover a user’s absence or the unavailability of a device that is out of service. Reassignment of an SL for any other purpose must be permanent. When Customer reassigns an SL from one device or user to another, Customer must block access and remove any related software from the former device or from the former user’s device.” (April, 2017 OST)

What does this mean?

Most Microsoft products cannot be reassigned on a short-term basis, that’s why Microsoft has the use right called license mobility.  In short, pay attention to which users are assigned a license and if/when they no longer need the service.

Hosting Exception “Customer may create and maintain a Customer Solution and, despite anything to the contrary in Customer’s volume licensing agreement, combine Microsoft Azure Services with Customer Data owned or licensed by Customer or a third party, to create a Customer Solution using the Microsoft Azure Service and the Customer Data together. Customer may permit third parties to access and use the Microsoft Azure Services in connection with the use of that Customer Solution. Customer is responsible for that use and for ensuring that these terms and the terms and conditions of Customer’s volume licensing agreement are met by that use.” (April, 2017)

What does this mean?

It allows you (a service provider) the right to use Azure as a datacenter provider.  The last sentence is very important in the above definition “Customer is responsible for that use and for ensuring that these terms and the terms and conditions of Customer’s volume licensing agreement are met by that use.”  In the above definition,  “customer” is you.  If you use Azure as a datacenter provider, purchase Azure via your own volume licensing agreement, and use SPLA for user based products (e.g. RDS) you must follow the OST, Product Terms, and the SPUR!

Azure Services Limitations

Customer may not “Allow multiple users to directly or indirectly access any Microsoft Azure Service feature that is made available on a per user basis (e.g., Active Directory Premium). Specific reassignment terms applicable to a Microsoft Azure Service feature may be provided in supplemental documentation for that feature.” (April, 2017 OST)

What does this mean?

Sounds similar to a SAL license right? “Directly or Indirectly access any Microsoft Azure Service.”  Although if you are using Azure as your datacenter provider, the likelihood of you consuming user based licensing through Azure is not very high.

Security

I encourage you to read the security measures and policy’s set forth by Microsoft for their online services.  You can read it here.  I included a breakdown of the difference compliance and security certifications below:

Microsoft Online Information Security Policy (as of April, 2017)

Online Service ISO 27001 ISO 27002

Code of Practice

ISO 27018

Code of Practice

SSAE 16 SOC 1 Type II SSAE 16 SOC 2 Type II
Office 365 Services Yes Yes Yes Yes Yes
Microsoft Dynamics 365 Core Services Yes Yes Yes Yes* Yes*
Microsoft Azure Core Services Yes Yes Yes Varies** Varies**
Microsoft Cloud App Security Yes Yes Yes No No
Microsoft Intune Online Services Yes Yes Yes Yes Yes
Microsoft Power BI Services Yes Yes Yes No No

 

Last and certainly not least, I get asked A LOT about language that you should include as a service provider.  I would encourage you to create your own online services terms for your hosted offerings.  Too many providers do not have basic language around compliance, licensing, and overall use rights.  At a minimum, you should include a copy of the End User License Terms for SPLA.  If you do not have a copy, please contact your reseller.  If you forget to include licensing terms and conditions, you could be on the hook during an audit.  Don’t be on the hook.

Thanks for reading,

SPLA Man

Advertisements
 
Leave a comment

Posted by on April 24, 2017 in Uncategorized

 

Tags: , , , , , , , , , , , , , , , , , , , , ,

Why Windows 10 in CSP stinks now but could be GREAT later

Microsoft made a pretty big announcement around Windows 10 and CSP.  Here’s a breakdown for those that are interested:

  1. Software Assurance is not included
  2. Windows 10 is available E3 and in CSP only
  3. Customers need a qualified OS license.  In other words, this is an upgrade license only.
  4. Not available under SPLA
  5. Not available in the shared computer activation model.
  6. Per user licensing with the ability to license on up to 5 devices per license.
  7. No minimum and surprise…no maximum either.
  8. Subscription is 1 year
  9. Pricing varies
  10. New use rights highlighted in the Product Terms

So why does this stink now but could be great later?  Pay attention to number 1, 4, and 5 in the list above.  That’s what stinks.   Think this will allow VDI?  Think again.

So why not?  Why the mystery around VDI and SPLA?  If I was Microsoft, I would go ahead and allow it but for only a select few SPLA providers.  Those providers are:

  1. Report on time.  Not one late payment/report during their agreement no matter what the excuse – “My reseller sucks” is not an excuse.  It’s a good reason to work with me though 🙂
  2. Deployed Hyper V (they must have some incentive to do this)
  3. Joined CSP program.

There you have it.  Microsoft wins big time – all that missed revenue from non reporters will get reported. Now you, the compliant service provider, will be allowed VDI in SPLA.

The likelihood of this happening is slim to none.  I do think Microsoft is missing out with the Windows 10/VDI restriction.  Ever since I started in SPLA, I’ve been asked about VDI (or the lack thereof).  That was 11 years ago.

Thanks for reading,

SPLA Man

 

 

 

 
Leave a comment

Posted by on September 29, 2016 in VDI

 

Tags: , , , , , , , , , , , , , , , , , , , , ,

Worried about Windows 2016 Cores?

Yes, it’s the talk of the town.  “Windows 2016!  Oh my!  It’s moving to cores!!!”  That part is true.  What is NOT true is even when Windows 2016 is released, it doesn’t mean you have to license by core – you can still license by processor for all 2012 and earlier editions.  The catch?  Once your agreement expires and you sign a new SPLA after October 1st (when Windows 2016 is released) you must license by core regardless which version you are running.

So what does this mean to you?  If I was a service provider that reports over 2k in Windows and SQL licenses,  I might readjust when my SPLA expires to extend processor based licensing.   Wait…What?   You can readjust when my SPLA agreement expires?  Sure.  I’m SPLA Man.  Anything is possible with SPLA Man.

Thanks for reading,

Windows 2016 Man

 
11 Comments

Posted by on September 9, 2016 in Windows 2016

 

Tags: , , , , , , , , , , , , ,

IaaS Gotchas…

In this post I will highlight new (and not so new) compliance gotchas as it pertains to providing infrastructure as a service.

Let’s start with a common example and go from there.  You provide the infrastructure such as Windows/SQL, your customer provides the applications.  Sound familiar?  You license Windows Datacenter, SQL Enterprise in a shared (aka public cloud) environment under SPLA. You have no idea or really care what applications your customer’s are installing right?  You just provide the support of the infrastructure.  That’s not your concern.  It’s their application, why should you care?  Ahhh…but maybe you should.

Have you ever wondered how they’re accessing the applications?  Are all applications web-based?  I will answer that question for you…no.  So how are they accessing the applications?  Do they use Citrix?  Do they remote into the application somehow?  There’s that word…remote.

If you enable the Remote Desktop Services role within Windows Server – you guessed it…you need to report RDS licenses.  The number of IaaS providers who just report Windows and SQL is astronomical. The number of IaaS providers now reporting RDS is also rapidly growing.  Did they wake up one day and decide they should start reporting RDS?  Unfortunately no.  They were audited.  Shoot me over an email and I will forward the guide that explains RDS and when it applies. Remember when you license RDS, you need to license each user that HAS access to RDS – not who does access.

Let me provide an example of how easily you could be underreporting RDS.   Let’s say your customer has an application from another vendor (outside Microsoft) that’s hosted in your datacenter.  That same vendor provides support to the application.  You are not hosting the application for the vendor but for your customer, you just provide the vendor access to support the application via remote connection.  SPLA allows 20 users to provide support and administration per datacenter.  If you exceed that limit, you are going to have to report those additional users.  Yes, even if you are not charging them.

Other IaaS Gotchas –

While we’re on the topic of customer owned applications, do you have it written in your agreement with the customer that you are not responsible for the applications they install?  What would happen if they install applications that you are not aware of and they don’t have the appropriate licenses…who’s responsible you or the end customer?  Kind of a trick question, it’s both.  You will get audited, it’s installed in your datacenter, you are ultimately responsible.  You need to ensure you have it written in your agreement that you’re not responsible so you can have a nice chat with your customer.  All the big boys do it…you should too.

What about SQL?  Are you virtualizing?  Why aren’t you reporting SQL Enterprise?  Are you utilizing all the use rights that come with SQL Enterprise – unlimited virtualization, DR, mobility within server farms, etc?  What about smaller environments?  Have you considered licensing by user instead of by core for SQL Standard edition?

SQL Web is tempting isn’t it?  Less expensive option but no one really understands what it is.   Here’s a quick synopsis – if you do not host public facing websites, SQL Web is not an option.

How are you managing your datacenter? Do you have System Center installed?  You should report the Core Infrastructure Suite.  Running Hyper V with few VM’s, license CPS. Both products include Windows.  You need Windows to run System Center, so you kill two birds with one stone so to speak.

Ask your customers if they have Software Assurance.  It’s no longer about latest version rights and annual payments.  It’s about moving to the cloud.  Let’s make sure it’s your cloud and not someone else’s.

Conclusion –

I’ve been around this game of SPLA for a long time.  The best advice I can give is to listen to your customers and don’t be afraid to change.  Cloud is evolving, you should evolve too.  Don’t report out of convenience, look into ways you can optimize what you are reporting.  It’s competitive out there, let’s make sure you are getting the most value out of your agreement.

Thanks for reading,

SPLA Man

 

 

 
11 Comments

Posted by on January 31, 2015 in IaaS

 

Tags: , , , , , , , , , , , , , , , , , ,

How I saved a company over $100K a year in reporting

Sounds pretty good doesn’t it?  This is a story about knowing what you are reporting and the reasoning behind it. Windows 2012 was launched a couple of years ago (give or take).  At that time there were several service providers reporting Windows Enterprise.  Their customers had applications that needed the functionality of Windows Enterprise, and since it wasn’t virtualized, Windows Datacenter was not an option. The service provider continued to report/license Windows Enterprise after the launch of 2012.  There’s nothing wrong with this, in fact, the terms of the SPLA agreement state you can continue licensing 2008 use rights up until your agreement expires.  What most providers don’t know is you can do the opposite.  You can run 2008 versions but report 2012.  Why would they do that?

In this case, they had Windows Enterprise installed; but since Windows Enterprise was discontinued with the release of 2012, they could downgrade to Windows Standard edition. Sounds funny doesn’t it?  DOWNGRADE to Windows Standard from Enterprise?  Yes, I said that correct.  Enterprise is discontinued. Again, nothing was virtual, and that is very important. If it was virtual, they would continue to report Enterprise up until the agreement expired and report Windows Datacenter moving forward.   Not only did he save on their monthly usage report, I’m guessing he had added margin since he was already contracted with his customer.

Quick note – not all products discontinued have the same outcome.  In most cases (such as SQL 2012 switch to cores) their costs actually went up

Ahh…but where is this written in the SPUR?  I’ll save you time, it’s not.  That’s why you need to read “Why Timing is Everything” You are bound by the SPUR (i.e.products/versions/use rights) available at the time of signing your SPLA agreement.  Those reporting SQL by processor better pay attention.

I receive 100’s of SPLA questions from the SPLA community about licensing and the cost associated with it. From the largest of the large providers down to a guy hosting Windows Web Server out of his parents basement (which is discontinued by the way), there’s always way you can reconsider your strategy. Moral of the story?  Pay attention to how you report and don’t report out of convenience…It can cost you.

Thanks for reading,

SPLA Man

 
2 Comments

Posted by on December 30, 2014 in In My Opinion, Windows Virtualization

 

Tags: , , , , , , , ,

SPLA Audit start to finish

Your business is doing great, your sellers and customers are happy, you are making money instead of spending money, when out of the blue….BAM…you receive an audit letter.  Sound familiar?

So what do you do?  Your first reaction is panic.  Your second reaction is to call a lawyer.  Your third reaction is to blame your reseller.  I think that about sums it up.  If you disagree, I’m not 100% sure you are being truthful with yourself.  If you do agree, I also think you are making a HUGE mistake.  Sounds a little odd doesn’t it?

First thing you need to understand is it’s not your fault.  It’s not as if you are purposely trying to be out of compliant.  Microsoft knows this as well.  SPLA is a difficult program and very hard to understand. As I pointed out in the “About” section of this blog, there is little information written about the SPLA program leaving service providers vulnerable.  The SPUR?  Forget about it. That’s why I created this blog in the first place.

I think that is why SPLA customers call a lawyer to help guide them.  This may help you sleep at night, but is it REALLY helping?  I will let you determine that after the dust settles.

What does happen during an audit? I don’t care if this is the first step or fourth step but at some point you will have to collect data.  Data that PROVES the reason you reported the way you did.  One of the biggest mistakes a SPLA provider can make is not reporting indirect access.  Again, not your fault.  Who has any idea of what “indirect” really means?  Think of indirect as Microsoft software that is used to run your other applications that you market to your customers.  You have an application that you developed that reports back to SQL using Excel.  Users have no idea they are using SQL, all they know is the application they use.  But since SQL is part of your hosted solution…it must be reported.  Make sense?  That’s also why Windows will always need to be reported.  Try running Exchange without a Windows OS.  Not going to happen.

Data can also mean the licenses that your customers own that they bring over to your environment.  How do you know who owns what?  Are there enough CAL’s?  One of the arguments service providers make is they can go after their customers if being audited.  There’s an easy conversation right?  Remember, you want to keep customers not lose them.

Some service providers have learned that their end customers install software on VM’s without informing them.  How do you know what is actually being installed?  So take a look at your datacenter; are your customers installing software you don’t know about?  Collecting this information after the fact is a difficult process.  This leaves auditors with no choice but to make a best guess.  Best guesses can cost you significantly.

So after all this data is analyzed by the audit team, it is then delivered to Microsoft.  That’s when you present your case.  They will take things into consideration, but understand that if you are missing information, it makes your argument that much more difficult.  Don’t blame your reseller, that doesn’t work.  Don’t rely on a lawyer, that doesn’t always work either.  Educate yourself.  That’s the best advice I can provide.  Just by taking the time to read this I think you are on the right path.

Happy to walk you through the process in greater detail.  I am one of the few that actually gets it. My email is at the top righthand side of this page.

Thanks,

SPLA Man

 

 
Leave a comment

Posted by on September 18, 2014 in Compliance

 

Tags: , , , , , , , ,

Hosting CRM

For anyone that has ever worked with CRM understands it is not the easiest technology to deploy. It integrates with other applications and is becoming a must-have for sales organizations. Where there’s difficulty, comes opportunity for SPLA providers.

CRM for Microsoft SPLA has a few new flavors to align with CRM Online. Similar to Lync, SharePoint, and Exchange, each one comes with different functionality. The flavors under SPLA are the following: CRM Service Provider Edition (it’s the Professional Edition for hosted environments), CRM Essentials (formerly ESS), and CRM Basic (Formerly CRM limited). The actual SKU’s are listed below. For a complete summary of the differences, please check the SPUR, I also found this article on the CRM Online website (CRM Online)

QHH-00028 Dynamics CRM Service Provider Edition
QHH-00089 Dynamics Basic
QHH-00090 Dynamics CRM Essentials

From a licensing perspective, it is licensed by user (SAL) and does require SQL and Windows. Check out my other posts around those offerings and licensing guidance. What’s interesting about CRM is it does not require the service provider to be Dynamics authorized as is the case with Great Plains and other Dynamics offerings. As indicated at the beginning, CRM does require expertise (especially hosting it) but can be very profitable. Once you deploy CRM, you can add other solutions such as Exchange and SharePoint to be a one stop shop for hosted solutions. To install CRM, the license key code will be embedded in the software. Download the media from the VLSC website (see “License Keys and Media” post). It’s a pretty thick file, be patient.

If you have a CRM offering, would love to learn more about it. Hit me up on LinkedIn at the top right of this screen.

Thanks for reading,

SPLA Man

 
6 Comments

Posted by on October 10, 2013 in CRM

 

Tags: , , , , , ,

 
%d bloggers like this: