Ask the vendor how to license a scenario - would you? (Is asking a publisher licensing questions an audit trigger?)

Who of you end users approaches your vendor to ask “how do I calculate the license requirement in abc scenario”?
It shows willing and intent on the end user side to report accurately and it’s a perfectly fair question to ask the vendor, but do you not do this for fear of exposing the downside, namely that you might not have a handle on calculating ELP on your estate?

Have you had experience of this? The only time that your calculations are truly tested are in an audit scenario and none of want a surprise!
Y

Aha! I am going to be a pain and say ‘it depends’!

I have done it in a scenario where our discovery tool was not interpreting the license requirements correctly, and we had a very good response - the vendor worked with us to ensure we got it right. Having said that, we were a wealthy fund management company and all our suppliers were well aware that we owned a big chunk of their stock, so you could say that we regularly went where angels fear to tread!!

I’ve also done it for other vendors for other companies, though, particularly smaller vendors, and it’s not been a problem.

Yes it might trigger audits, but it can also be seen as a relationship building exercise - ‘Dear vendor, we want a constructive mutually beneficial relationship and this is a demonstration that we will be open and honest with you’. Don’t be too paranoid about it!!!

So where would I and wouldn’t I ask the vendor?

I would be more likely than not to work with the vendor if we’re implementing a new solution and there is the potential that we might buy licenses… the vendor will absolutely help you out in that scenario, and I would be making sure I kept a record of everything that was said by the vendor so that we could produce it as evidence if there were problems in future.

I would also be inclined to ask the vendor how to license something if it’s an existing solution, but we have a good relationship with the vendor which includes regular peer to peer meetings, the chance we might buy more licenses in future, and the licenses we do own are properly supported and maintained. I just would make it sound like it was a routine query and I would make sure I didn’t imply there was the possibility of non-compliance.

I would be less inclined to do it for existing solutions where there has been a history of license issues in the past. If the vendor regularly audits you, I would hesitate unless I felt it was a way to improve the relationship by showing that we want to do the right thing. I would also avoid it if I was seriously concerned that we had licensed the solution incorrectly and there was the potential for significant non-compliance UNLESS I’d formally identified it as a risk and had cleared it with Senior Management and they were aware it could mean we had to buy some unbudgeted for licenses.

Anyway, I hope this is helpful!

Kylie

We’re cut from the same branch. Prudent to be cautious where appropriate. A call out of the blue with the vendor to discuss licensing calculations whilst in a poor relationship is risky. Otherwise it’s framed as a new or continued close collaboration with the vendor.
Where you have successfully collaborated to establish correct modelling, were they with trigger happy Tier 1 vendors?
Thanks, Y.

I have filed this under a new category “Audits” rather than “Software Licensing” as the essence of the question is about not wanting to trigger audits. Happy to be persuaded otherwise.

Countless conversations with ITAM pros and through several surveys over the years suggests many orgs are petrified of “poking the bear” by asking perfectly legitimate licensing questions.

It certainly can be, based upon the nature of who is answering.

The reality is that you are typically asking your sales ‘rep’, who is likely NOT a licensing expert in any way, shape or form. Likely, your sales rep is ‘coin’ operated, and such a question will invoke ‘attention’ ( much in the same way that the kids in the movie Jurassic Park gain the attention of the velociraptor when they step on a stick and make it snap).

That said, other factors can also trigger an audit. If you are a public company and you declare an acquisition or short term growth spike, the savvy vendor rep will have an eye on you. Even the ‘lack’ of sales or the vendor’s EOY ( June 30 for MS !) can trigger an audit as much as asking a question.

It may be worthwhile to ask the same question to a 3rd party SAM consultant in order to get a quicker ( and sometimes better) answer, especially if they were a former employee of that vendor.

I align to those who voice, it depends.

I’ve had situations where the software publisher was totally straight on how to get right with their terms. Won’t name names but she was great. Her stance is she was focused on the long term relationships, in turn I wound up investing more. Imagine that.

What we need is a legit way to contact a “non-sales, non-incentive” resource at the publisher in question to pose the situation. We’re all trying to do that right thing which shouldn’t be punitive in return.

I agree with the above contributors and to echo the answer to literally every question in ITAM, “It Depends”!

As the other contributors have noted, it very much depends on the vendor and how the sales rep is currently performing (very difficult to know), how the vendor sees you as a customer (as per Kylie’s note above) and how competitive the solution is within the market. Ultimately it does come down to vendor-customer relationship though and being certain on where the trust lies.

Ultimately as Geoff noted in the Telegram group, a few red flags should be considered, but generally ask some independent specialists (and I know I am one so you could say I would say that), but getting the battle scars from an experienced practitioner can determine how and if you approach the vendor in focus.

Good luck!

Sometimes you can take advantage of changes in your organisation or theirs to get the info you need. If you are going to spend some more money with them as a vendor you can ask if there are any opportunities now available to you, similarly, if they announce a new set of products or add-ons you can ask if licensing will change to accommodate.

Any interaction with a vendor should be considered a potential audit trigger;

• some vendors offer bounties to support staff for reporting non-compliance
• I’ve had IBM audits start suspiciously close after a customer raised support calls about ILMT
• vendors have used evidence of support tickets that they answered to justify reinstating support (why they couldn’t refuse to provide support is beyond me)
• I’ve had a vendor refuse to provide a license key for an upgrade until after an audit because a test system their professional services team reported the test system had more users than the license was for
• SAP will leave your access to downloads open after you terminate support, then try to charge back support if you download anything
• many software products “phone home” regularly, and this data does get used to start audits.
• in more that one case, vendors have produced lists of servers from support tickets to push non-compliance claims.

So for many vendors, asking “how do I calculate the license requirement” may generate an audit. If you can tie it to a new purchase, an upgrade etc, then it can be done. Running it thru a reseller/ partner anonymously, or asking a SAM service provider is ideal. But certainly for Quest, Micro Focus and a few others, the response is more likely to be a friendly “let us show you how to calculate it” followed by a less friendly bill.

I’m going to have to get splinters here, sit on the fence say it varies from vendor to vendor. I’ve certainly reached out to smaller vendors with niche licensing metrics to understand their recommendations for managing compliance, optimisation and any technologies that can be used.

For example, if my ITAM technology wasn’t discovering the consumption correctly, i’d ask them for support on how we can track consumption. Same for certain licensing scenarios that I can’t find any clear guidance for in the T&Cs or documentation provided by the vendor.

For the bigger software vendors I’d much rather contact an independent expert or server to provide guidance rather than the vendor themselves. It could be too risky and spark bigger questions that I wouldn’t want to answer!