Article

Microsoft to push self-audits, will keep its own auditing level static

Margie Semilof

Although Microsoft's new licensing policies may make it easier for the company to conduct software audits, a Microsoft attorney said the company has no plans to increase the number of audits it performs.

FOR MORE INFORMATION:
  • Requires Free Membership to View

    Instead, the software maker plans to spend more time educating customers on how to conduct self-audits and keep licenses in compliance, said Tim Cranton, a Microsoft attorney who specializes in software piracy.

    That fact that it's easier to keep track of licenses means it's easier for customers to manage their assets, Cranton said.

    "At this stage we will keep [auditing] programs where they are and continue to look for ways we can help customers self-license," he said.

    IT administrators were caught short when Microsoft said last year that it would change the way it licenses its software. Licensing 6.0, which went into effect Aug. 1, commits customers to paying up front for software upgrades. Customers at companies of all sizes have complained about the program's pay-in-advance nature.

    Many administrators are irked by what they perceive as a program that is both complex and time consuming. Cory Hopple, a network administrator at Abbott Labs in Chicago, said that even though Microsoft offers free seminars, he lives about 60 miles from the nearest one.

    "I don't have time to take a day off to do this," Hopple said. "They need to make their rules easier to follow and understand."

    While customers are making valid points, Microsoft's interest in fighting software piracy is also understandable. The Business Software Alliance (BSA), a software industry trade group, said in its annual study that 25% of all business software is unlicensed.

    According to the BSA, in 2001 the industry lost more than $1.8 billion in revenue in the United States because of software theft. Microsoft has no specific estimates of its own, but relies on industry figures to evaluate the scope of the problem, Cranton said.

    The penalties for pirating software are substantial. In a civil action suit, a copyright owner can request monetary damages of as much as $150,000 for each program copied. Also, the government can prosecute the offender for copyright infringement, according to the BSA. Penalties can include jail, fines or both.

    Cranton said that it's getting tougher for companies to fight piracy, particularly with such widespread digital distribution of pirated copies of software, but that there has been progress in educating people on the importance of intellectual property rights.

    Microsoft has developed a number of resources to help customers conduct self-audits. For one thing, the company has information on its Web site devoted to helping consumers and enterprises determine the legitimacy of their software. Its www.howtotell.com link offers a step-through process to determine whether a particular piece of software is in compliance.

    The company also has an anti-piracy hotline that customers can call if they have questions about their compliance. And there's the Microsoft Software Inventory Analyzer tool -- available on Microsoft's anti-piracy Web site -- to help customers generate an inventory of their software.

    For consumers buying copies of Office XP, for example, Microsoft has created a product activation feature that helps prevent the form of software piracy known as "casual copying." But this feature, which is intended to prevent two people from sharing one software license on two separate computers, does not extend to volume licenses.

    Enterprises use a key to bypass this feature, so each copy does not have to be activated before it's loaded onto a PC. Microsoft also advises customers to create asset management programs, conduct regular software inventories and make sure they have formal software budgets so that purchases are not sporadic or ad hoc.

    Cranton said companies are typically chosen for audits because a Microsoft salesperson thinks there might be a problem.

    Alvin Park, an analyst at Stamford, Conn.-based Gartner Inc., said that all customers should take auditing into consideration any time they are in negotiations with Microsoft no matter what type of licensing arrangement they are considering. "There should always be some discussion with Microsoft about the rules," he said.

    For companies facing an audit, Park makes these recommendations:

    • Request a 60 to 90 day extension, in writing, for completing the audit.
    • Forward a copy of the audit materials to your legal staff, and take legal advice as necessary. Enterprises should not seek legal counsel from law firms referenced by Microsoft.
    • Establish a cross-functional team with IT, procurement, internal audit and business units to handle the audit request, and review all Microsoft contracts and license rights.
    • Give one person responsibility for the audit.
    • Meet with Microsoft reps and reach an agreement on the process to be followed and on the scope of the audit.
    • Understand Microsoft licensing programs.
    • Use software asset management tools and processes to run comparisons of software that is installed and software that is licensed.

    Gartner estimates that "the cost of an audit for an enterprise of about 5,000 desktops can cost from $75,000 to $100,000, excluding compliance payments, depending on the duration, complexity and availability of records."


    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: