It often seems to me that license compliance is an after-thought for many companies adopting workplace virtualization. While attending a Gartner asset management conference in London last month, my perception was confirmed. Many people I spoke with said the decision to pursue virtualization is driven by technical departments in the organization. (This is likely related to increasing BYOD initiatives, Windows 7 migrations, and IT people seeking to increase user flexibility.) The problem is that technical people often overlook compliance issues in regards to software licensing.
The cost of failing to reach license compliance can be staggering. In addition to violating copyright laws, a failed audit could result in missing the usual discounts and other perks you’re used to receiving from a vendor. In some cases, your organization would be responsible for paying the list price and the penalty fee on top of it – which can be more than twice what you normally pay per license. Suffice it to say, this will not go over well with upper management, and you’ll likely feel the wrath of your CFO.
If you’re thinking about virtualization you should contact those in your organization who understand licensing and how it’s impacted by virtualization. To get you started, here are my top three license compliance tips for organizations that are virtualizing the workplace. These are especially helpful in avoiding extra costs and other unwanted surprises to come at “Audit Time.”
- Research your current state of compliance. First, identify the current major software vendors for your organization. In addition, evaluate the current status of your license compliance – what apps/solutions are currently in use, and which licenses you need. Do you have too many/too few? From this research you can then determine which vendors to talk to about virtualization.
- Ask for a written statement from the vendor. Every software vendor is free to define proprietary rules and terms that apply, which could result in differences between one technology and another. Make sure to describe your preferred virtualization scenario and talk to your major vendors about license compliance in such a scenario. Possibly take into account your current status of compliance and ask your vendors for a written statement that resiliently gives you a clear understanding how license compliance is affected. Your definition of virtualization and a vendor’s definition could be different, so this extra homework upfront will save aggravation later on. Ask the vendor to include information on how virtualization aligns with your current infrastructure. Find out which virtualization scenario is right for you and how much it will cost, and get it in writing.
- When operating in a virtualized environment, make sure every operation change that impacts virtualization is recorded and validated by both organization and vendor. A future audit could claim that changed virtualization configuration may leave you incompliant even if you have been compliant before. All too often, an organization with good intentions for virtualizing their workplace winds up on the wrong side of compliance because operations changes were not validated.
I urge all organizations to look at this matter closely. Organizations typically are concerned with the technical aspects of virtualization but not with the contracts and licenses inherently associated with them. Device licensing is still the most common metric in vendor contracts, so ensure everyone in your organization working on virtualization in both the desktop and data center is aware of the impact of virtualization on correct licensing. It is worth bringing in a finance team member familiar with compliance rules and who can validate license changes before an audit occurs.