Why Software License Compliance Management Matters?
Research firm IDC pegs the global packaged software market at $325 billion in 2011. At the same time, the 2011 BSA Global Software Piracy Study finds well over half of the world’s personal computer users—57 percent— admit they pirate software. In fact, the commercial value of pirated software climbed from $58.8 billion in 2010 to $63.4 billion in 2011, propelled by shipments to emerging economies where piracy rates are the highest. Clearly application producers have a lot at stake when it comes to software license compliance management.
Successful business relationships depend on trust between buyers and sellers. However, the software industry has historically struggled with trust as it relates to the exchange of fair value. Many companies find themselves with unintentional overuse despite their desires and best intentions to avoid it. Regardless of the reason, piracy or unintentional overuse of software costs application producers billions of dollars annually. It’s also a problem for corporate users who need to comply with contract terms as a matter of business ethics and compliance with corporate governance guidelines. Ultimately, any disparity between authorized use and actual use undermines the trust between buyer and seller.
Selling software is not like selling hard goods–especially when it comes to the sale of enterprise applications into large corporate accounts. Application producers provide the customer with an application based on an understanding of how the customer will be entitled to use that product across the organization. Application producers typically enforce how the product will be used with a licensing model that protects and monetizes their IP. Over time and depending on the markets and segments the producer serves, the producer may adapt a different licensing model based on changing customer needs or they may choose to adopt multiple licensing models. These dynamics make getting compliance management right very difficult. Those companies that get compliance management right are able to optimize revenues while delivering an even better experience to their customers. And those that don’t, risk losing revenue and alienating their customers in the process.
$63.4 Billion worth of software was pirated in 2011
Throughout this whitepaper we will examine the pros and cons of traditional compliance management approaches, the impact technology has on compliance management, the increasing complexity of software licensing models, and the growing trend towards trust but verify compliance management approaches, including:
- Automating compliance management
- Enabling pay-for-burst and pay-for-use
And lastly the paper looks at revenue, trust and the customer relationship and how Flexera Software addresses the software license compliance management needs of application producers.
Pros and Cons of Traditional Compliance Management Approaches
Compliance management approaches vary greatly from producer to producer and, frequently, from product to product within the same producer. While the industry has gravitated to some common approaches there are diverse options available.
Strict Enforcement – Some companies have implemented a licensing approach of strict enforcement. Under this approach, entitlements are enforced by licensing mechanisms that may either completely disallow access to software when usage exceeds licenses or only allow some limited amount of “overdraft” leeway. This approach provides a high degree of confidence for the producer. It may, however, inconvenience the customer if there is an immediate and legitimate business need for exceeding the license. While strict enforcement will force customers to stay within their license limits, there are situations where it is actually to the producer’s advantage to have them exceed those limits (either temporarily or on an ongoing basis) – so that the producer can realize additional revenue from the additional use
65% of organizations where audited in 2011
- Source Gartner
Software Audit Only – Another common compliance approach is the software audit. The software audit only approach (an approach where producer has chosen not to use any enforcement mechanisms in their products) removes the barriers to software use by making it easy for customers to broadly use the software throughout their business. Under this software audit only approach, the producer undertakes a direct examination of the customer’s use.
This is often accomplished by dispatching either producer or third- party staff to the customer’s site to retrieve usage data captured by some sort of monitoring or usage capture mechanism installed on the customer’s systems and/or to observe usage in real time over a period of time. This approach has the advantage of allowing both producer and customer to discover any use of the software in excess of contract terms, so that fair additional compensation can be paid to the producer, if appropriate. There are many disadvantages to this approach, including:
- Cost of maintaining and dispatching audit teams
- Difficultly auditing the entire organization so producers often audit one location at a time and apply the discovery to the rest of the organization—which is often incorrect
- Audits get settled for pennies on the dollar
- Inability for most producers to audit many of their customers. In fact, most only audit 1-2% of their customers
- Customers perceive an audit as invasive and adversarial
Enterprise (All-You-Can-Eat) License Agreement – Many large companies have long preferred enterprise (all-you-can-eat) license agreements. Under this approach, the producer provides software to the customer without stipulating specific restrictions on use (may include very limited or no enforced licensing) – although certain limits and conditions may be incorporated into the contract to protect the producer from contingencies such as mergers or acquisitions. The advantage of this approach is that it eliminates the need to monitor specific use parameters and address unanticipated fluctuations in those parameters. The primary disadvantage of this approach is that it may not reflect fair value. For the producer, this may mean loss of potential revenue. For the customer, it may mean investing time in completely a true up and possibly paying for more software than is actually being used – which can result in rapid erosion of the business relationship with the producer.
There are pros and cons to traditional compliance management approaches. Each approach may be appropriate under specific conditions but none of them are perfect for all situations. In some cases, for example, an audit may be too costly and/or intrusive. In other cases – such as when spikes in business activity give customers a legitimate reason for temporarily exceeding software license parameters – rigid enforcement mechanisms may be counter-productive and disruptive. As a result, we are seeing a growing trend to towards compliance management solutions that offer trust but verify approaches.