Category Archives: «Blogs»

While the over-arching concept underlying a software audit initiated by a publisher like Microsoft or IBM is the same as that in an audit initiated by the BSA | The Software Alliance or the Software & Information Industry Association (SIIA) – a comparison of softwa......

It has been said that software is the new oil. It fuels the information revolution. And in this metaphor, software audits are the meters that measure the flow—and extract maximum revenue for software makers. The auditors arrive on your company doorstep to “true up” y......

Agreements often contain clauses allowing the parties to review books and records, “Books and Records” clauses. These are often boilerplate clauses included in agreements without much consideration from the contracting parties. When a Books and Records clause is used......

Microsoft’s Services Provider License Agreement (SPLA) is the principal licensing agreement for companies that want to use Microsoft products to deliver hosted software solutions over the Internet. Microsoft’s standard volume license agreements expressly prohibit usi......

Software publishers know that the vast majority of their customers are, to varying degrees, out of compliance with the terms of license agreements governing their use of the publishers’ software products. Especially in larger enterprises, managing and maintaining a com......

Software audits initiated by software publishers or representative entities, such as the Business Software Alliance (“BSA”) and Software & Information Industry Association (“SIIA”), are often resolved by an out-of-court settlement. Read More → 11 Secrets......

Businesses often have close relationships with software vendors, and that closeness usually is in direct proportion to the extent and importance of those vendors’ software products in the businesses’ network environments. However, despite their best marketing efforts......

Many software-solution vendors utilize third-party infrastructure or application programs as frameworks for embedded solutions that they sell to their customers and install on their customers’ computers. Licenses for those third-party products typically can be acquired......

Many businesses contact Scott & Scott, LLP regarding Services Provider License Agreement (SPLA) audits after providing extensive information to Microsoft’s auditors and receiving compliance demands that would be ruinous for their bottom lines, if paid in full. At t......

The BSA | The Software Alliance (“the BSA”) investigates claims of software copyright infringement in behalf of its member software publishers to determine whether any companies end users have unlicensed software installed in violation of The Copyright Act. The BS......

In the software licensing world, all audits are not created equal. On one hand are the “true,” contractual audits. Here, the applicable license agreement gives the software publisher the right, usually upon notice and sometimes limited in frequency or scope, to dema......

Enterprise-level software solutions often entail complex licensing challenges. Many of the thorniest questions often center on how to license software in virtualized environments, especially if the goal is to use something less than the full processing power of the hosting......

In defending against software audits initiated by publishers such as Microsoft or IBM, many businesses make the mistake of assuming that those publishers or their designated auditors know what they are talking about when it comes to determining what licenses need to be p......

In late August 2022, Microsoft announced significant changes to several of its licensing models that will have big impacts especially on cloud and hosted solution providers and the services they offer to their customers. While the new licensing terms are not set to be reveal......

BSA | The Software Alliance (BSA) and the Software & Information Industry Association (SIIA) are organizations that represent software publishers seeking to enforce the copyrights in the products they publish.  In furtherance of this goal, these entities routinely send ......

IT service providers that include early termination fees in their contracts must decide if they want to seek reimbursement when a customer terminates a contract early. MSPs find themselves asking: Is anything owed? Can I collect? What is the cost? Here are key points to cons......

Software license compliance is a task that typically requires constant vigilance. Despite a CIO’s best efforts, it is almost inevitable that software will be deployed on a company’s computers at some point without having the necessary licenses to permit such use. For......

For many businesses, the allure of moving their software platforms, applications and/or databases to The Cloud lies substantially in the promise of ridding themselves of license-compliance concerns. The pitfalls of a Cloud-based architecture are worth accepting for many ......

Many businesses have teams of third-party vendors to assist with their business operations or to provide independent services – like software development or website design – that require access to company servers. For Microsoft products like Windows Server that requi......

...

In many cases where we are retained to assist companies targeted for software audits after software-deployment data already has been submitted to the auditing entities, we have the regrettable obligation to let our clients know that they have disclosed too much. Over-discl......

Of the many complex licensing arrangements Oracle offers to its customers, none seem to generate as much confusion and consternation as the Unlimited License Agreement (“ULA”).  For companies that have already determined that they are not going to renew their ULAs w......

IBM software licensing can present an array of interpretive and compliance challenges for even the most sophisticated licensees. Here are three of the most important things to keep in mind when planning to license IBM products under the company’s standard-form agreemen......

In order to effectively manage their software usage and to mitigate compliance exposure, companies need to know how to gather and analyze information regarding their product usage. While some software products may have unique data-collection requirements that ordinarily ......

                  Companies faced with a demand for a software audit from a software publisher or an entity such as the Business Software Alliance or Software & Information Industry Association a......

When an MSP begins a relationship with a new client, it is important they agree on certain terms and conditions by which business will be conducted. This is known as the Master Services Agreement (MSA). These are the foundational terms that all business will adhere to un......

What to include in your managed services customer agreement? ...

...

How Managed Services Providers Can Mitigate Risks ...

Most providers of hosted software solutions traditionally have delivered those solutions over the Internet from their own servers. However, an increasing number of businesses are interested in outsourcing not only their internal-use IT infrastructure but also the systems u......

In order to effectively manage their software usage and to mitigate compliance exposure, companies need to know how to gather and analyze information regarding their product usage. While some software products may have unique data-collection requirements that ordinarily ......

In our experience, many companies facing software-licensing audits initiated by vendors like Microsoft, Oracle or IBM seem to be under the impression that auditors have a nearly unfettered right to information. This is not the case. However, too many audit targets discover t......

Without a contractual provision to the contrary, ambiguous terms in a software license will be construed against the software publisher. Provided that there are no other business factors that would make litigation unwise, an ambiguous license agreement is the situation m......

Virtualization can reduce the number of physical machines required in an environment and have several other benefits, but it can also require an understanding of complex technical and licensing concepts. Failure to properly license the environment can subject the company t......

No one likes to be audited. In most cases, there is little that a business can do at the outset of an audit to avoid licensing exposure, if that business has historically inadequate software asset management processes. However, there are steps that all audited companies us......

Even though software audits are commonplace in many businesses, recipients of audit notices make many mistakes when it comes to audit responses.  Because software publishers can often assert claims for copyright infringement if the audit goes badly, it is important to m......

It is not unusual for companies to use virtualization technologies to reduce costs, ensure redundancy, and reduce physical size of the network. Some of these companies are turning to VMware to manage their virtualized environments. Virtualization can involve complex tech......

Businesses that have endured software audits from industry groups like the BSA and the SIIA or from software publishers like Autodesk likely are familiar with the basic audit process of counting the total number of installations for audited products and comparing those ins......

Software audits can be intensely frustrating ordeals for businesses to navigate. Many publishers will go to great lengths to cajole their customers with assurances of amicability and license-optimization opportunities, but most IT managers know that the reality of audits i......

Microsoft, like other software publishers, routinely audits customers to help ensure that it is protecting the value of its intellectual property.  Microsoft verifies its customers’ compliance using several methods. Contact Us Microsoft License Verification ......

Facing a software audit is a daunting process, which takes time, money, and resources to complete. Typically, the first question the target of an audit asks is whether the audit is legitimate, closely followed by why the company has been selected for an audit. Contact U......

It is standard practice for software vendors to include clauses in their license agreements giving the vendors the right to invoke audits or some other mechanisms to ensure that the licensed products are used in a way that is consistent with agreed licensing restrictions......

Most companies with more than a handful of computers in their IT environments rely on the results of network-inventory tools to gather the deployment data needed for accurate software audits. Without the tools, a business would be required to assign valuable resources to......

Monthly recurring revenue and multi-year contracts have been the driving force behind managed services for years. They have been the basis for the tremendous growth in managed services over the years. The length of the term of a service agreement is very important as ......

Most businesses that try to plan for software audits and to estimate the potential exposure they could incur in the event of those audits know that the primary cost components of that exposure typically are the prices associated with any licenses they may have failed to ......

Microsoft licensing is a complex, multi-faceted undertaking, with different rules and license metrics applying to different products. In the context of software audits initiated by Microsoft, it is important to keep in mind the fact that the auditors hired to perform tho......

The risks for Managed Service Providers are constantly evolving. New cyber threats and regulatory compliance requirements present significant challenges for MSPs. The most important way to mitigate privacy and security risks for Managed Service Providers is by including ......

IBM software is expensive. In some cases, very expensive. While this may represent a necessary cost of doing business for many companies with mission-critical software solutions developed on or using IBM applications, all IBM customers clearly are incentivized to maximiz......

Over the past ten years regulation of data privacy and security has proliferated at the international, federal and state levels. Several industry-based federal regulations have been developed such as HIPAA for healthcare and GLBA for financial services. Other geographica......

Software auditors such as KPMG, Deloitte and PriceWaterhouseCoopers like to have things their way. It’s an understandable impulse – with likely hundreds of audits pending at any one time, the natural inclination is to standardize the process around a single set of tool......

Microsoft does not make licensing SQL Server easy, either under SPLA or under volume licensing agreements. Here are the three most significant problems that our clients face when trying to license that product: Four-Core Minimum – Microsoft allows SQL Server to be lic......

Some Oracle customers are not aware that by simply installing an Oracle program (even if it is never used), you agree to the terms and conditions of Oracle’s license agreement. During an Oracle License Audit or compliance review, the software publisher is looking fo......

This past week I had the opportunity to present on the topic of managing risk in managed services to the OTX Roundtable.  I want the thank the OTX Roundtable and Mark Jennings in particular for inviting me to speak.  What follows is Mark’s transcript of the meeting. ......

Managing a complex IT environment very challenging, even before becoming involved in an external software audit from a software publisher or a third-party auditing entity. Businesses facing VMWare audits in particular should be prepared to take a number of steps to ensure ......

Often the single most arduous and time-consuming task facing companies who are the subject of software audits is collecting entitlement information to prove ownership of licenses for software installed on its networks. Once a company receives an official audit letter from ......

Most Microsoft software products – especially server products – can be licensed under multiple different models and metrics. SQL Server probably is the best example of a product that presents companies with multiple decision layers when analyzing new use cases: • C......

Disputes involving software usage are on the rise for businesses of all sizes. In some cases, technical teams respond to a software publisher’s or a third party’s audit request and provide significant amounts of data without notifying anyone on the corporate governan......

Have you received notice of an impending Oracle license audit? If so, it’s not necessarily time to panic. It’s normal practice for Oracle to audit its customers -- software license audits are a significant revenue source for the company. Many well-meaning compa......

Software license agreements often contain clauses allowing the licensor to review books and records, “Books and Records” clauses. These are often boilerplate clauses included in license agreements without much consideration from the contracting parties. When a Books ......

There is a growing trend for software publishers to keep software audits in-house and avoid using external organizations to pursue copyright infringement claims. Often, the compliance teams at the software publishers seek payment for software non-compliance through contr......

The end of the year is a busy time for software publishers and entities like the BSA | The Software Alliance (“BSA”) and the Software & Industry Information Association (“SIIA”) to resolve an audit target’s copyright infringement dispute by entering into se......

A software audit may come in many forms, ranging from an offer for a free Software Asset Management (SAM), a License Verification, or a request by a representative organization, such as an outside law firm, the Business Software Alliance (BSA) or Software & Informati......

Many larger companies feel an understandable desire to move toward, centralized, enterprise-level software licensing agreements. Such frameworks often have the advantage of allowing licensees to spread their license spends more evenly over the term of the agreement and to ......

Software-compliance audits initiated by IBM can be extremely burdensome and time-consuming and can force companies to face challenges that are somewhat unique among major-publisher audits. For one example, a significant component of IBM’s business model is the acquisitio......

CTOs who have read Microsoft’s volume license agreements and product use rights documentation know that Microsoft has a special place in its heart for contractual “grey area.” To some extent, that fact likely arises from the practical impossibility of trying to acc......

The General Data Protection Regulation (GDPR) became effective on May 25, 2018. GDPR is the widest sweeping privacy regulation to hit the global market since the 1995 EU Data Protection Directive. GDPR is a regulation that requires businesses to protect the personal data......

At this stage, if your company has not faced a software audit, you are probably on borrowed time. Many software publishers are initiating software audits using their in-house compliance teams instead of outsourcing to law firms or third-party vendors. Often, compliance t......

Previously, I wrote an article about poor advice that can get you sued for copyright infringement in software audits.  While some of the main auditors have changed, the advice has not. The following is the most common bad advice that can result in litigation. Softwar......

Companies are sometimes fielding multiple software audit demands from multiple software vendors simultaneously, which can significantly impact in-house counsel. Software audits may be initiated by publishers or through outside entities such as BSA | The Software Allia......

Responding to a software audit can be an arduous, expensive, and time-consuming process for a company. The remediation process to close compliance gaps may vary slightly depending on whether the audit is initiated the software publisher itself or outsourced to an agency ......

One of the most overlooked sections in a technology-related contract is the insurance section. Whether that contract involves IT services, development, Software as a Service or Cloud Services, the insurance section is just as important as the other risk-allocating provis......

One of the most critical steps of any business faces in any software audit is conducting an internal analysis of deployments to entitlements, preferably before any audit data is shared with the auditors. That internal review serves several purposes, including (1) identif......

In recent years, Microsoft seems to have been shifting an increasing volume of its license-compliance resources toward what it calls Software Asset Management (SAM) reviews. These “optional” engagements typically are proposed by Microsoft personnel with whom a compan......

How to Protect Your Company against Copyright Infringement Claims by Disgruntled Employees Seeking a Reward In an effort to enforce the copyrights of its members, Business | The Software Alliance (“BSA”) offers the potential for monetary rewards to any informant tha......

Mergers and acquisitions typically require extensive financial and legal disclosures, due diligence, and complex contract language to protect buyers from legal issues that may arise from the purchase. Potential liability arising from intellectual property issues is a sig......

Many companies would like to know whether and to what extent their existing Oracle software product licenses entitle them to use that software in a third-party cloud-hosting environment – such as Amazon Web Services’ (AWS’s) Elastic Compute Cloud (EC2) environment – ......

Most software license agreements used by major publishers like Microsoft and IBM are in many ways vague with respect to license restrictions and metrics. This leaves licensees in the position of having to interpret the agreements based on whatever guidance may be availab......

Many software copyright infringement claims are resolved informally and often the terms are set forth in a settlement agreement. The critical terms in every settlement agreement purporting to resolve copyright infringement claims include the release of liability, confide......

Software as a Service and Cloud Service offerings have become ubiquitous digital platforms for many enterprises and small businesses in their quests to provide a single unified platform to their employees and customers. Providers offering Software as a Service and Cloud ......

Most software audits pertaining to products licensed under perpetual licenses (such as licenses acquired under a Microsoft Select Agreement, MPSA or (usually) Enterprise Agreement) incorporate a snapshot-in-time approach, where licenses owned generally are compared to deploy......

Many of our clients ask us questions after receiving an audit letter from Autodesk.  Part I of this series focused on new trends by Autodesk’s auditing, and included in Part II is a list of potential issues arising during an audit.  While this list is not comprehensive, ......

The recent ransomware attack involving Kaseya’s VSA product has left managed service providers (“MSPs”) and end users evaluating what, if any, legal recourse they may have against Kaseya. The onerous limitations of liability provisions and indemnification clause in......

Large companies that invest heavily in software licensing are familiar with the extremely one-sided nature of most software license audit clauses. It is a pleasant surprise when such clauses do not give software publishers rights to conduct audits at any time and for any......

There is a set of related questions our software-audit clients frequently ask us that boil down to variations on one or more of the following: Why am I being audited? What if anything did I do to cause this? How can I avoid it in the future? Unfortunately, those questions......

Kaseya, a large technology solutions company, recently reported that its on-premises VSA product was the “victim of a sophisticated cyberattack.” (See generally, Kaseya's announcements here). Specifically, third-parties were able to access computer endpoints using Ka......

As most MSPs have likely heard, Kaseya and many of its customers recently experienced a wide-spread ransomware attack. As victims are learning more about the potential impact of the attack, many are evaluating whether they can hold Kasey legally responsible for any damag......

In a civil copyright infringement claim, many users of copyrighted material are surprised to learn that once the copyright owner has demonstrated that it owns a copyright in the work, the burden shifts to the copyright user to demonstrate that it had the right to use the......

One of the most common mistakes I encounter in software audits is what I call the post-effective date software buying spree. The buying spree occurs in response to a letter from a publisher or publisher's attorneys requesting a self audit. Many clients are discouraged to......

Negotiating with software, SaaS and hosting vendors is a leverage game. Market leaders like Microsoft, Oracle, IBM, Adobe and SAP know this. Those vendors have structured their sales processes to maximize their ability to exert control over the negotiations framework and......

Autodesk introduced subscription plans in 2016 and shortly thereafter, began to phase out perpetual licenses. However, many perpetual users were able to continue upgrading to the newest version of Autodesk products if they had an active maintenance plan. Last month, Auto......

Software audits are a means for software publishers to enforce and regulate use of their copyrighted software, and publishers regularly outsource enforcement of their copyrights to law firms or entities such as the BSA| The Software Alliance (“BSA”) or Software &......

Businesses contacted by Adobe for software audits can be lulled into thinking that those investigations entail less exposure risk than audits by other publishers, like Microsoft or IBM. Adobe audits typically are conducted directly by Adobe representatives, rather than b......

Enterprise-level software solutions often are very complex products requiring a level of expertise that may be outside the experience or skill sets of generalist IT teams. Many businesses therefore rely on the services of independent software vendors and consultants to eva......

More and more businesses are considering accessing hosted software rather than purchasing on-premise software.  They are also placing data in third-party public or private clouds instead of selecting on-premise software.  This article will explain the key considerations ......

In recent years, many software publishers began using software audits as a means to increase revenue by penalizing customers for perceived compliance issues. Software publishers often conduct direct audits, or audit through companies such as the BSA | The Software Allian......

Often, after signing a Master Service Agreement (“MSA”), a service provider and its client will memorialize the details of the project by crafting a Statement of Work (“SOW”). The importance of the terms in a SOW is sometimes overlooked by both business and legal t......

...

For more than a decade, IBM has allowed its end users to license IBM software products on a sub-capacity basis.  For IBM licensing purposes, sub-capacity licensing required customers to accept the sub-capacity licensing terms (originally in a separate sub-capacity licen......

During a global pandemic, health care organizations may have believed that they could focus solely on providing health-care services to their customary patient-base, along with those affected by COVID-19. Many of those organizations were surprised to learn that they were......

Many businesses that identify a need to acquire “commercial hosting rights” in connection with hosted solutions incorporating Microsoft software have two options for acquiring them: through a Services Provider License Agreement (SPLA) with Microsoft or through the Self......