Is every copy of software installed across your organization properly licensed? Very few can answer this question with any level of certainty.
According to a 2016 survey conducted by BSA and IDC, 39 percent of all installed software was not properly licensed. Even in highly regulated industries, software license noncompliance was alarmingly high. For example, 25 percent of software used in the banking, insurance and securities industries was unlicensed. While CIOs estimate that 15 percent of their employees download software on the company network without permission, 30 percent of employees admit to doing this.
Mobile, the cloud and complex software compliance rules that often vary from vendor to vendor are creating massive compliance headaches and blowing up budgets. In fact, one IDC executive estimated that, on average, up to a quarter of an organization’s software budget is spent navigating the complexity of licenses.
Regardless of the causes of the problem, the software vendors, particularly Microsoft, have become less tolerant of noncompliance. Like any business, they expect you to meet the terms of your licensing agreements. Otherwise, they lose revenue. At the same time, fines and true-up costs – the cost to become compliant with your software license entitlements – add up to a lucrative revenue stream. As a result, software license audits are on the rise.
A Flexera study found that nearly two-thirds of enterprises have faced software license audits. Sixty-one percent were audited or reviewed by Microsoft in the past year, and one in five ended up paying at least $1 million in license audit true-ups, up from 9 percent the previous year. Forty-four percent of organizations paid at least $100,000, up from 25 percent the previous year.
While large enterprises are the primary target of audits, vendors aren’t letting smaller organizations off the hook. Because there are so many small businesses and they grow so rapidly, it’s worth the vendors’ effort to go after them.
In addition to penalties and true-up costs, the cost of simply responding to an audit is significant, especially for small to midsize businesses. Time and resources must be devoted to gathering the information and documentation requested by auditors. Many smaller companies have limited in-house IT resources and take a piecemeal approach to purchasing software, which make software licensing and the audit process more complicated and time-consuming.
The financial hardship goes beyond managing software licenses and responding to audits. Many companies purchase too much software to reduce the risk of a compliance violation. According to the Flexera study, 93 percent of surveyed organizations wasted money on unused or underused software, appropriately called “shelfware.”
The use of unlicensed software also increases the risk of a security breach. Unlicensed software might not receive security updates and patches if the software isn’t supported by the vendor. If the software was purchased without IT’s knowledge, there’s a good chance the software won’t be monitored and security policies won’t be enforced.
In the next post, we’ll offer recommendations about how to respond to a software audit and develop a software license compliance strategy that reduces risk and waste.