Microsoft Audit & SAM Engagements. Daryl Ullman, Co Founder & Chief Consulting Officer US Tel UK Tel

Similar documents
TOP QUESTIONS ABOUT MICROSOFT AUDITS

MICROSOFT ROADMAP THE NEW OFFICE & WINDOWS 8

SNOW SOFTWARE. Fredrik Spolén Country Manager Sales Director. Norway Denmark Finland

License table for Competency partners

Six Secrets to Offering Commercial Hosting Services using Microsoft SPLA

Self-Hosted Applications

License table for Competency partners. Core licenses

Microsoft Title Groups

Self-Hosted Applications

Microsoft Licensing. Overview over the most important usage rules for Microsoft products at ETH Zurich. Ralph Curschmann 3.11.

Managing Microsoft Enterprise Agreements not as easy as you might think

Compliance Audit Preparation for Microsoft Server Products (Windows, SQL, Exchange)

Software License Asset Management (SLAM) Part 1

BELTUG Paper. Software Licensing Audits Checklist

WHITE PAPER. Meet the BYOD, Computing Anywhere Challenge Planning and License Management for Desktop Virtualization

Program Guide. Server and Cloud Enrollment (SCE)

LICENSING MANAGEMENT SERIES. A Guide to Assessing Windows Server Licensing

EXAM Designing and Providing Microsoft Volume Licensing Solutions to Large Organizations. Buy Full Product

Volume Licensing Guide

License table for Microsoft Action Pack partners

Windows Server 2012 Licensing & Pricing FAQ

Microsoft Title Groups

Effective and Efficient SAM execution to manage software Spend and Compliance

Building Your IT on Hosted Microsoft Infrastructure

Software License Asset Management (SLAM) Part II

Growing your business through small business opportunities.

SOFTWARE LICENSING AWARENESS IN DYNAMIC ENVIRONMENTS

SPLA Compliance Your Check List!

How To Get A License From A Business To A Computer (For A Business)

MICROSOFT LICENSING: WHAT'S INCLUDED

Licensing Microsoft s Virtual Desktop Infrastructure Technology

Microsoft Services Provider License Agreement Program

HOW TO SURVIVE A SOFTWARE AUDIT AND DEAL WITH A REQUEST

Cracking the Code on Software License Management

Licensing & Pricing FAQ

Transition: Let s have a look at what will be covered.

Lizenzierung von Applikationen

SQL Server 2012 Licensing Datasheet

Licensing Guide for Customers. License Mobility through Microsoft Software Assurance

Product Release History

SQL Server 2012 Licensing Datasheet

Please contact Cyber and Technology Training at for registration and pricing information.

Guide to Microsoft Volume Licensing. Guide to Microsoft Volume Licensing

LICENSING MANAGEMENT SERIES. A Guide to Assessing Exchange Server Licensing

Software License Compliance Review

License Mobility through Software Assurance

Leveling the License Audit Playing Field. How to save time, aggravation, and millions of dollars with an effective defense for license audits

Software Audits Three Ways to Cut the Cost and Pain of a Software Audit

Licensing Guide. Published: March 2013

Microsoft licensing for the Consumerization of IT

THE PRESCRIPTION FOR A PAINLESS AUDIT

Licensing Windows for VDI Environments

Justifying projects in software license compliance

MICROSOFT OPEN PROGRAMS GUIDE. Microsoft Open Programs Guide

Software Assurance Planning Services

Summary What s new in this brief Details Step-up License availability as of November

Matrix42. License Compliance of Virtual Workplaces

Volume Licensing Product Terms Explained

Licensing Windows for VDI Environments

Brought to you by Licensing School

The Power to Take Control of Software Assets

Program Guide. Enterprise Agreement

Enterprise Software Licensing

Product Release History

Enrollment for Education Solutions

How To Be A Services Provider For Microsoft (For Pc)

Summary... 1 What s New in This Brief... 1 Details... 1 Customer Scenarios... 3 Frequently Asked Questions... 6

SAM Benefits Overview SAM SOFTWARE ASSET MANAGEMENT

The Convergence of IT Operations

January 2013 Price List Guide

How Microsoft runs IT. Ludwig Wilhelm CIO Central & Eastern Europe Microsoft IT

Microsoft Volume Licensing Reference Guide

Answers to your Top 20 Questions

Agenda. Enterprise challenges. Hybrid identity. Mobile device management. Data protection. Offering details

The leading IT infrastructure solutions company. Lithuania. Baltic. Nordic.

Service Provider License Agreement (SPLA) aka Shared Platform License Agreement. Licensing for Software As A Service (SaaS)

WAYS TO CUT SPENDING ON MICROSOFT SOFTWARE. Reduce licensing costs by up to 30% with Software Asset Management

Student Advantage FREQUENTLY ASKED QUESTIONS FOR PARTNERS

Private and Hybrid Custom Cloud Hosting of Microsoft Applications For Enterprises and Government Agencies

Microsoft Client Licensing in Virtual Desktop Environments

Microsoft SQL Server Review

Mobile and BYOD Strategy

Program Guide. Enterprise Agreement

Automating Software License Management

BizTalk Server 2013 R2 Licensing Datasheet and FAQ Published: May, 2014

Answer: C. Answer: C. Answer: B

SQL Server 2012 Licensing Datasheet & FAQ

8 Minute Overview. The Premier Agentless License Management Solution. Modern IT & The Importance of Software Asset Management

Expert Reference Series of White Papers. Microsoft Assessment and Planning (MAP) Toolkit Version 9.x

Comprehensive Resource for Licensing and Pricing

The SAM Spotlight A Publication of Soft-Aid for the ITAM/SAM Manager Community. Microsoft Server Licensing 101. CAL Who?

Mobility Challenges & Trends The Financial Services Point Of View

Licensing Windows for Virtual Desktops

SOFTWARE ASSET MANAGEMENT

SQL Server 2012 Licensing Strategies. Presented by Paul DeGroot Senior Consultant Software Licensing Advisors Dec. 19, 2013

How To: Choosing the Right Catalog for Software License Management

Microsoft Volume Licensing. Microsoft Products and Services Agreement Licensing Manual. August 2015

BizTalk Server 2013 R2 Licensing Datasheet and FAQ Published: July, 2014

Microsoft Enterprise Agreement

Transcription:

Microsoft Audit & SAM Engagements Daryl Ullman, Co Founder & Chief Consulting Officer daryl@emerset.com US Tel 646-475-2103 UK Tel 44-203-318-3611

About Emerset We do one thing Software Licensing 2

Agenda What is a Microsoft Audit? Audit Process Audit Mitigation Summary Q&A 3

What is a Microsoft Audit THIS DOCUMENT CONTAINS THE CONFIDENTIAL INFORMATION OF EMERSET LTD. AND IS PROTECTED BY INTERNATIONAL COPYRIGHT LAWS. DISCLOSURE OR COPYING OF THE CONTENT OF THIS DOCUMENT IS PROHIBITED. Emerset Consulting Group Inc. 2016. All rights reserved. THIS DOCUMENT CONTAINS THE CONFIDENTIAL INFORMATION OF EMERSET LTD. AND IS PROTECTED BY INTERNATIONAL COPYRIGHT LAWS. DISCLOSURE OR COPYING OF THE CONTENT OF THIS DOCUMENT IS PROHIBITED. Emerset Consulting Group Inc. 2016. All rights reserved. 4

What is a Licensing Audit? Whenever you install a Microsoft product, whether as an individual or a corporation, you agree to comply with the terms of the End User License Agreement (EULA) which specifically grants Microsoft the right to dictate how you use the software and also grants them permission to audit the use of their product(s). A Microsoft Licensing Audit can take the form of a 1. Self-audit 2. An on-site audit 3. Possibly as an automated script query in which the results are sent back to the auditor (in many cases, a Microsoft partner). 5

BSA WHO? This too is Microsoft The BSA (aka The Software Alliance) is a consortium of many of the world s largest software companies whose objective is to reduce software copyright infringement. It is well-funded by member companies and through the settlements it wins against offending companies. One of the main ways in which the BSA learns of piracy is via disgruntled employees. They have run campaigns such as the above Nail Your Boss! 6

Why Are Audits Increasing? The terms of your Volume Licensing (VL) Agreement grants Microsoft the right to perform an audit once each year with 30 days notice. Microsoft s policy dictates that Select, SPLA, ISV, Open, and Enterprise Agreement (EA) customers should expect an audit at least once every three years. Volume licensing generates a significant $40 billion + annually for Microsoft, and there is literally no cost to Microsoft to request and enforce an audit (especially if you are found to be more than 5% out of compliance); so don t expect to pass under the Microsoft audit radar. Increased pressure to close the revenue gap in midst of Microsoft s transition to the cloud 7

What Are The Risks Of An Audit? Unbudgeted spend Audit cost Legalization penalties Allocation of unplanned resources Management focus Negative PR Legal Action Damaged vendor relationship 8

Types Of Audits Don t be mistaken; these are all audits License Review SAM Self Audit Independent Auditor 9

Audit Initiation MS Compliance Group/Emplo -yee or MS Sales rep. Independent auditor or self audit (SAM) Audit Letter 30 day notice Start of Audit 10

Microsoft s Audit Rights Business and Services Agreement paragraph 8. Verifying Compliance. 11

Microsoft is out to get me why should I cooperate with their audit request? Microsoft is definitely not out to get you. The company attempts to audit all of its Volume Licensing customers once every three years, and a recent survey found that nearly 60 percent of respondents reported getting audits from Microsoft within the last year. In most cases, this is in the form of a Software Asset Management (SAM) Review in which you would be asked to perform a self-inventory of installed software to ensure that it is all appropriately licensed. 12

Audit Process THIS DOCUMENT CONTAINS THE CONFIDENTIAL INFORMATION OF EMERSET LTD. AND IS PROTECTED BY INTERNATIONAL COPYRIGHT LAWS. DISCLOSURE OR COPYING OF THE CONTENT OF THIS DOCUMENT IS PROHIBITED. Emerset Consulting Group Inc. 2014. All rights reserved. THIS DOCUMENT CONTAINS THE CONFIDENTIAL INFORMATION OF EMERSET LTD. AND IS PROTECTED BY INTERNATIONAL COPYRIGHT LAWS. DISCLOSURE OR COPYING OF THE CONTENT OF THIS DOCUMENT IS PROHIBITED. Emerset Consulting Group Inc. 2016. All rights reserved. 13

Audit Process Notification Letter to your CIO and/or CFO. Microsoft License Review = Microsoft License Objective to determine compliance issues Single Point of Contact Kick Off Meeting / Call Audit! ($) and cross/upsell opportunities ($) 14

Audit Notification Don t be mistaken. This is an Audit! 15

What kinds of things do I need to inventory for a Microsoft Audit? Your organization has to account for: OEM licenses Servers data Employee owned devices (including home PCs, tablets, and smartphones) Retail purchases Legacy systems Vendor-owned machines running organizational software. Vendors that have access to internal applications and customer-facing application DR servers Development and test environments 16

Microsoft Audit Process - Entitlements What documents do you need to prepare? License Statement Microsoft Business & Service Agreement (MBSA) Enterprise Agreement Enterprise Enrollment EAP ECI SCE Open Partner Licenses OEM Licenses Reseller Invoices 17

Microsoft Audit Process Data Collection Independent Auditor Self Inventory / SAM Self developed scripts MAP Tool / SCCM or 3 RD party tools A Software Asset Management (SAM) tool may be a good place to start, but there will almost certainly be additional work required to obtain an accurate and comprehensive usage assessment. Most inventory tools don t account for CAL types, nor do they perform adequate analysis of virtual scenarios or remote or employee-owned devices, including home PCs, tablets and smartphones. Differentiating between OEM licenses and retail purchases is also nearly impossible to do with only a SAM tool. 18

Microsoft Audit Process Data Collection I m using the Microsoft Assessment and Planning tool (MAP). Does this cover me in case of an audit? It is unlikely your company will ever be able to rely solely upon automation tools to conduct an accurate licensing or software inventory. Microsoft offers a free Assessment and Planning Toolkit (MAP) which leverages SWID (Software Identification Tags). The MAP Toolkit is quite effective in determining software installed on-premises and can be a good starting point for a software inventory, but it will not provide a comprehensive list of devices or users who may access on-premises systems. 19

Microsoft Audit Process - ELP Final deliverable from the auditing company - Effective License Position document (ELP) Qualified Device Count 13584 Qualified User Count 13038 Product Version Deployment Entitlement Active SA Entitlement Minus Deployment Downgraded from Reconciliation Downgraded to Net Licensing (After Downgrades) Incomplete Items: MSDN machines Visual Studio user analysis SQL Server developer user analysis Core CAL - Qualified Users Windows Server Exchange Server Standard SharePoint Server Standard *SharePoint Server Enterprise Lync Server Standard System Center Configuration Manager System Center Endpoint Protection 13,038 15,000 15,000 1,962 1,962 Win Pro - Qualified Devices Windows Enterprise w/ MDOP 13,584 15,000 15,000 1,416 1,416 Windows Server Windows Server Datacenter 2012 R2 84 89 89 5 5 Windows Server Datacenter 2008 R2 - - - - Windows Server Standard 2012 R2 462 714 50 252 252 Windows Server Standard 2012 - - - - Windows Server Enterprise 2003 R2-2 2 2 Windows Server Enterprise 2003 3 11 8 8 Windows Server Enterprise 2000-8 8 8 Windows Server Standard 2008 R2 1 1 - - Windows Server Standard 2008 - - - - Windows Server Standard 2003 R2-129 129 129 Windows Server Standard 2003 5 302 297 297 Windows RDS Device CAL 2012 5,329 6,200 871 871 20

Undergoing An Audit? Things To Consider Data confidentiality Which results are shared when, and with whom from Microsoft Sales? Can data gathered leave your premises? What is the performance impact of the Microsoft Audit tools proposed? Questions to ask the auditor Why is this data collected? What data will be collected? From where is this data collected? How will this data be used? What will Microsoft do with the data collected? Where will the Microsoft store the data collected? Who can access the data collected? What will happen with the data at the end of the audit? 21

Audit Mitigation THIS DOCUMENT CONTAINS THE CONFIDENTIAL INFORMATION OF EMERSET LTD. AND IS PROTECTED BY INTERNATIONAL COPYRIGHT LAWS. DISCLOSURE OR COPYING OF THE CONTENT OF THIS DOCUMENT IS PROHIBITED. Emerset Consulting Group Inc. 2014. All rights reserved. THIS DOCUMENT CONTAINS THE CONFIDENTIAL INFORMATION OF EMERSET LTD. AND IS PROTECTED BY INTERNATIONAL COPYRIGHT LAWS. DISCLOSURE OR COPYING OF THE CONTENT OF THIS DOCUMENT IS PROHIBITED. Emerset Consulting Group Inc. 2016. All rights reserved. 22

Why Is An Audit So Complex To Mitigate? Office 365 vs. on-premise Server Virtualization BYOD Desktop Virtualization 23

Microsoft Audit Process Settlement Letter L i c e n s e I n v e n t o r y 24

Who Pays The Cost Of An Audit? Typically you, the customer, incur most or all of the cost of the audit. If the audit reveals that your organization is using greater than 5% more than you have licensed, you, the Microsoft customer, will be required to pay legalization prices for all unlicensed products plus the cost of the audit. You may also be required to pay a fine if you are under licensed. A recent study found that more than half of respondents reported audit fees of $100,000 or more, and more than 20 percent of organizations reported true-up costs of $1 million or more. 25

Audit Mitigation Common Auditing Errors Device CALs vs. User CALs (audit counted all devices and did not recognize that many were licensed under User CALs). Multiple versions of Visio and Project (Standard and Pro on the same machine, a new and old version that wasn t removed when the product was upgraded). Inactive users within Active Directory that haven t been removed. BYOD devices that were counted as organizational devices. Use of wrong licensing metrics for SQL Server Windows Servers. Failure to recognize historical entitlements (products purchased 3-9 years ago). Licenses from mergers and acquisitions 26

Summary THIS DOCUMENT CONTAINS THE CONFIDENTIAL INFORMATION OF EMERSET LTD. AND IS PROTECTED BY INTERNATIONAL COPYRIGHT LAWS. DISCLOSURE OR COPYING OF THE CONTENT OF THIS DOCUMENT IS PROHIBITED. Emerset Consulting Group Inc. 2014. All rights reserved. THIS DOCUMENT CONTAINS THE CONFIDENTIAL INFORMATION OF EMERSET LTD. AND IS PROTECTED BY INTERNATIONAL COPYRIGHT LAWS. DISCLOSURE OR COPYING OF THE CONTENT OF THIS DOCUMENT IS PROHIBITED. Emerset Consulting Group Inc. 2016. All rights reserved. 27

Common Misunderstandings & Issues Not cooperating or delaying an Microsoft Audit is ok!? Misinterpreting a SAM review End users being reactive in terms of managing Microsoft licenses and becoming (too late) active/ pro-active at the start of an Audit. We are using Microsoft s MAP tool so we are compliant It s all in the details: - No clarity on the real license entitlements - No clarity on the real license deployment and licensable usage 28

Internal Preparedness For The Audit Risk Assessment Share and manage risks and potential outcome with management Internal Governance, Communication and Escalation Model Microsoft internal project team Project Manager Legal IT Vendor Manager Steering Committee C-level / Board Members Internal communication plan (data leakage prevention) 29

Additional Reading www.emerset.com/resources 30

Q&A 31

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information