Software License Forensic

My earlier blog on Software License Management talked about intentional non-compliance by organizations. Organizations go to an extent whereby they uninstall the unlicensed versions when a publisher approaches them for an audit. They feel that they have met compliance issues as Publisher will not be able to detect the non-compliance.

Publishers deploy expertise and technology during the audit that does a deep dive into the systems to get the history of what has been used. For example registry entry can provide significant information regarding what software was deployed. Such deep dive is termed as Software License Forensic Analysis

Software License Forensic is an investigative approach to identify the actual license usage by an organization that is under Publisher review. Such forensic techniques and methodologies provide a complete or detailed picture of the software deployment in an organization. This provides valid and sufficient proof to the Publisher to decide the future course of action.

Software License Management

Organizations use software. The software should be licensed. With the increase in number of people working in an organization, there is increase in complexity in managing the licenses and ensuring that unauthorized copy of any software is not installed. So there could be a situation that organizations have software for which they do not have a license or for which the number of licenses is less than the instances used. This makes Software License Management a very important and critical activity of Software Asset Management.

Organizations are legally liable to the publishers if:

• They have any unlicensed version of software deployed, or
• They do not comply with any of the terms of license agreement

Software Compliance is a key activity of Software License Management. It has to ensure that an organization complies with the publishers licensing requirements.

The activity that organization performs to ensure that they are in compliance is termed as software license audit. IT departments struggle to keep track of licensing usage. This needs the specialized Software Asset Management Team to help track and manage licenses. There are tools to help asset management team identify the software that are deployed in the environment. Manual audits are also performed for a certain sample to authenticate the discovery data.

Non-compliance to the licensing terms could be unintentional or intentional. In case it is unintentional then internal software license audit gives opportunity to the organization to ensure compliance. Organizational growth and restructuring besides Mergers and acquisitions contributes to the chaos in terms of unknown license usage/consumption even if an organization has a good software asset policy.

On the other hand there are intentional non-compliance cases where organization tries to save on the license costs.

Software publishers have to manage and enforce their intellectual property rights besides ensuring that their customers are paying for what they use.  A Publisher can ask for an audit at any time. Such audits are termed as Publisher Audits. It is during this course that an organization could readily agree for an audit or might decline the request. There is a typical negotiation that happens at this stage. Publisher provides their data of what they presume is the licenses consumed by the organization. Organization may negotiate and agree at a figure and buy the licenses.  On the other hand there might be a dispute. In such a situation Publisher can take a legal action. The worst for the organization can be that it may face a closure of business due to non-compliance.