Microsoft Software Asset Management Review SAM
-
Well worth reading:
Microsoft is auditing its customers at a brisk pace, and no company is immune. All software vendors retain the rights to audit their clients, and we feel that it is fair to expect these periodic compliance checks. But Microsoft is auditing customers at a 2 to 1 rate over other vendors like Adobe, IBM, and Oracle—58% of executives surveyed said they have been audited by Microsoft in the last 12 months.*
That means that a normal company is audited more than every two years!
-
From the article:
Also, keep in mind that while SAM is indeed a compliance check, it also must be an ongoing mission. And it is not strictly an IT affair. Real ongoing asset management must also involve:
- Purchasing standards
- Active and continual allocation, de-allocation, and re-allocation of software assets
- Executive buy-in and enforcement of asset management policies (or it simply won’t work)
-
What's a corporate council?
-
@Carnival-Boy said:
What's a corporate council?
That's the US term, at least, for your senior attorney, the lawyer who oversees the business' legal affairs.
-
I suppose CLO would often be a better term (Chief Legal Officer) but I have never seen that used before. But corporate counsel is normally part of the C suite.
-
Well, he definitely doesn't have a copy of any agreements.
-
These days, sadly, the top skill needed work working with Microsoft products is legal and licensing skills, not technical ones. I think more companies need a good understanding of the actual cost, overhead and risk involved in choosing to work with Microsoft products. Most would still chose them, but the skills and investment that they put into tracking them would be different.
-
@Carnival-Boy said:
Well, he definitely doesn't have a copy of any agreements.
Who agreed to the volume license agreements then?
-
I suspect it is in the EULA as well.
-
@scottalanmiller said:
@Carnival-Boy said:
Well, he definitely doesn't have a copy of any agreements.
Who agreed to the volume license agreements then?
Me.
-
@Carnival-Boy said:
@scottalanmiller said:
@Carnival-Boy said:
Well, he definitely doesn't have a copy of any agreements.
Who agreed to the volume license agreements then?
Me.
I don't suppose that you have a copy?
I think that if you log into the volume license center than you can get a copy of it, but I am just guessing.
-
Also check the EULA, might just be in there.
-
This is a big reason why, when dealing with brand new companies, I try to make them think VERY carefully about if they need Windows. The penalty is huge.
-
If you use tons of Windows, the penalty is small overall. But bringing in that one Windows server in an otherwise Windows free shop can create a lot of overhead.
-
@scottalanmiller said:
I think that if you log into the volume license center than you can get a copy of it, but I am just guessing.
I assumed so, that's why I asked how to get it as I couldn't find it. But I've found it now. Or at least, I've found a copy of our Open Licence Agreement. But I can't find anything there that say Microsoft can audit everything - even non-Microsoft software and hardware. Where did you get this information from? Are you sure you didn't dream it?
All I can see on auditing is this passage:
- Verifying compliance.
Customer must keep all usual and proper records relating to the Products Customer runs. Microsoft may request that Customer conduct an internal audit of all Microsoft Products in use throughout Customer’s organization, comparing the number of Products in use to the number of effective Licenses issued in Customer’s name. Following any audit, Customer agrees to deliver to Microsoft a written statement signed by its authorized representative, certifying that either (1) Customer has sufficient Licenses to permit all usage disclosed by the audit, or (2) Customer has ordered sufficient Licenses to permit all usage disclosed by the audit. By requesting an audit, Microsoft does not waive its rights to enforce this agreement or to protect Microsoft’s intellectual property by any other means permitted by law, including conducting an onsite audit.
-
@Carnival-Boy said:
@scottalanmiller said:
I think that if you log into the volume license center than you can get a copy of it, but I am just guessing.
I assumed so, that's why I asked how to get it as I couldn't find it. But I've found it now. Or at least, I've found a copy of our Open Licence Agreement. But I can't find anything there that say Microsoft can audit everything - even non-Microsoft software and hardware. Where did you get this information from? Are you sure you didn't dream it?
All I can see on auditing is this passage:
- Verifying compliance.
Customer must keep all usual and proper records relating to the Products Customer runs. Microsoft may request that Customer conduct an internal audit of all Microsoft Products in use throughout Customer’s organization, comparing the number of Products in use to the number of effective Licenses issued in Customer’s name. Following any audit, Customer agrees to deliver to Microsoft a written statement signed by its authorized representative, certifying that either (1) Customer has sufficient Licenses to permit all usage disclosed by the audit, or (2) Customer has ordered sufficient Licenses to permit all usage disclosed by the audit. By requesting an audit, Microsoft does not waive its rights to enforce this agreement or to protect Microsoft’s intellectual property by any other means permitted by law, including conducting an onsite audit.
Doesn't that cover the scenario? You are being asked to do the former in the hopes of avoiding the latter?
-
You can always grab a solicitor and see what they think that you need to do.
-
I'm sure that what you are bound to do is different in the UK than in the US.
-
@scottalanmiller said:
Doesn't that cover the scenario?
No. The agreement says I have to audit our Microsoft licences. You say I have to audit our Linux Workstations. They are completely different things.
If it said "Microsoft may request that Customer conduct an internal audit of all Microsoft Products and any other non-Microsoft products that we specify in use throughout Customer’s organization" then I'd get your point.
Maybe it is different in the US. I know the US is a pretty crazy country at the best of times.
-
@Carnival-Boy said:
@scottalanmiller said:
Doesn't that cover the scenario?
No. The agreement says I have to audit our Microsoft licences. You say I have to audit our Linux Workstations. They are completely different things.
If it said "Microsoft may request that Customer conduct an internal audit of all Microsoft Products and any other non-Microsoft products that we specify in use throughout Customer’s organization" then I'd get your point.
Maybe it is different in the US. I know the US is a pretty crazy country at the best of times.
Maybe you don't have to. You'd have to ask a solicitor. It's a self-audit, so they only know what you choose to disclose. But that means you don't need to mention printers, phones, etc. either.