Blog

Miro Consulting specializes in software license audit defense, license management, subscription management, and cloud services, for Oracle, Microsoft & IBM.

This Type of Hybrid Environment Just Got Dangerous

Miro-Server-Room-2

UK judge rules in favor of SAP against Diageo’s PLC for using a standard cloud connection

Background
Diageo PLC is the world’s largest producer of alcoholic spirits, with brands like Smirnoff and Johnny Walker. They paid SAP about $70M for use of the mySAP Business Suite, which included licensing and maintenance fees. SAP had sued Diageo for violations of the contract, and a UK judge decided the case in SAP’s favor, awarding SAP an additional $67M, essentially doubling Diageo’s costs.

The Issue
Diageo used SAP’s native APIs to connect its systems to a Salesforce instance. Since Diageo was licensed to use the API, they assumed that such a configuration was authorized by the contract, but SAP disagreed. According to SAP, those Diageo Salesforce users should have been considered as “named users” because they had “indirect access” to data stored in SAP systems.

Lessons Learned

  1.  An API License may not cover users who connect through it. Organizations who use APIs to connect various business systems should do a thorough investigation of those APIs, and their licensing contracts, to determine if this interpretation of a “named user” and “indirect access” puts them out of compliance.
  2. Litigation may not be the best option. Involving legal teams and going to trial is a high risk / high cost decision. Negotiation can be a far better tactic, involving less risk and less cost. Technical consultants (like Miro), can often achieve settlements of pennies on the dollar, by working directly with the vendor to achieve an outcome acceptable to both parties.
  3.  Many Vendors such as Oracle, Microsoft and IBM also consider API connected users to be “named users” and may also consider similar situations to this as being out of compliance.

If you’re concerned about your state of compliance, want a review of your licenses or are being audited by a software or hardware vendor, Miro can help reduce or completely eliminate your out-of-compliance penalties, and negotiate terms and conditions that will keep you safe. Contact Miro today for a brief chat about your environment.

Share

8 Signs You’re About To Be Audited For Non-Compliance

Oracle Software Audits, Microsoft Software Audits and IBM Software Audits can be challenging, time consuming and expensive.  Preparation is the key factor.  If these items apply to your organization, it’s likely you could soon be audited for non-compliance.

1. Merger, Acquisition or Divestment

Software companies like Oracle, Microsoft and IBM know that tracking software assets can be difficult during a merger, acquisition or divestment. When databases get merged and assets combined, licenses are often the last thing on IT staff’s list of tasks. While everyone is focused on getting critical business systems online, software companies take the moment of weakness as an opportunity to audit their clients.

2. Backed out of a purchase

If you recently negotiated a purchase with a software vendor, but then declined to finalize the deal, you are very likely about to be audited. Vendors may assume that you still need those licenses and subscriptions, and that you are trying to avoid paying for them. Unless you are working with a licensing specialists and have complete documentation for your entire environment, an audit is very likely in your near future.

3. Past Noncompliance

If you’ve been audited in the past, you are a prime target for future audits. Some software vendors like Oracle, IBM and Microsoft may audit companies in as little as 18 months from their last audit. During a software audit, compliance teams may look to see if your organization is setting up a system or process for license management.

4. No License Management

If a software vendor is conducting an audit, and they see that the target company is not planning for the future by setting up a process, team or outside consultant to oversee the licenses and subscription management of an organization, they may mark that client for future audits. Not having a license management specialist in place is a sign of vulnerability which vendors may exploit.

5. Reports of Organization Instability

Are there press reports or industry journalists reporting a rising level of instability within your organization? Software vendors have learned that executive departures, office relocations, downsizing or rapid growth are all signs of likely non-compliance at an organization. These red flags may often trigger a software audit.

6. Your Rep is suspicious

Software vendors like Oracle, IBM and Microsoft have trained their sales reps to look for suspicious behavior at the organizations in their territories. If your sales rep is calling you and asking you a lot of questions about your environment, this is frequently a sign of an incoming software audit.

7. Virtualization or Cloud

If you’re organization is looking to move to the cloud or using virtualization, the chances of a software audit greatly increase. There are many complex and ever changing rules regarding virtualization, having to do with processors, cores and server counts. When you factor in virtualization in the cloud, even more rules apply. While companies often employ these technologies to reduce costs, they can lead to audits that cost more in the long term.

8. Your Licensing Expert Leaves

Did your licensing expert just leave the company? If so, your software vendor probably knows. License compliance teams at software vendors like Oracle, Microsoft and IBM keep track of how your organization is managing its licenses and renewals. Using outside consultants is a common strategy used by many large enterprise clients as a way of avoiding audits when personnel changes.

With proper experts managing your licenses and compliance, organizations can be well prepared for the inevitable software license audit.  Miro can help your organization with software audit compliance, license management, subscription management and cloud services.  Contact Miro today if you’re facing a software audit or want to know if you’re ready to be audited.  Our experts can review your environment and let you know if you’re out of compliance or paying too much for licenses and subscriptions.

Share

The 7 Most Common Oracle Support Management Mistakes

Managing Oracle Support contracts is costing your organization time and resources that may be better spent elsewhere.

1. Overpayment of fees

It’s easy to accidentally over pay for support fees if each line item isn’t carefully reviewed. Errors can be made in the costs from year to year. To avoid overpaying, organizations must meticulously check every detail of the contract.

2. Submitting incorrect contracts

There is no verification when uploading POs. This can lead to accidentally renewing a contract which needs revision. Organizations should carefully review all POs and contracts before anything is renewed to assure they are properly submitted.

3. Contract termination due to missed support renewal dates

Missing a renewal date can cause major issues and come with significant costs for an organization. Oracle can terminate contracts if they are not renewed in time. There are costly penalties to clients in the form of reinstatement fees. It is vital for IT asset management teams to assure contracts are renewed in a timely manner, or contract outside experts to manage the process.

4. Missed opportunities for additional discounts, migration and upgrades

Clients often miss opportunities for upgrades, migrations, and/or bundling discounts. Experts like Miro can review and inform clients of options available prior to renewal.

5. Inefficient contract management

It is very difficult to manage 20-30 support contracts with sporadic due dates. Miro can customize the renewals and renewal invoices for our clients to align contracts to a singular, or multiple due dates to assure contracts are managed efficiently and easily. Miro can also assist with charge backs given our ability to bundle or un-bundle line items from renewals.

6. Missing cost allocation

It can be difficult to allocate costs to specific departments, especially if the multiple departments have pulled funds and purchased licenses at a single point in time. Miro can identify and customize renewals so clients can easily allocate renewal costs to the proper departments.

7. Not evaluating 3rd party support options or possible cloud options

Many clients are unaware there are companies offering third party support. These companies usually offer support at a much lower cost than Oracle and generally offer a higher level of customer service. The drawback is you lose the rights to bug fixes, upgrades, etc. There are also opportunities to upgrade to cloud offerings that can capitalize on your on-premise investment.

Miro can prevent these common mistakes.

Leveraging 17 years of experience solving Oracle Support issues, we may turn your Oracle Support renewals from an expensive hassle to an easy turn-key operation. We handle everything including contract preparation, negotiation and cost allocation.

Contact Miro to schedule a brief 15 minute phone call to learn how your organization can save significant time, money and effort by letting Miro manage the process for you.

Please call us at 732.738.8511 x1208 to quickly determine your support savings potential.

Share

AWS Cloud Crash Shows Why Some IT Assets Should Stay On-Premise

The Amazon Web Services (AWS) cloud located in the company’s Virginia data center crashed on February 28, 2017, causing many of the largest sites and apps on the internet to slow or stop working entirely.  Amazon referred to the incident as an “increased error rate” at the time and has now traced the issue to a mistyped command by an Amazon employee.

The outage highlights what many cloud vendors don’t want their clients to know, that some assets are actually better kept on-premise.  While the cloud may be extremely beneficial to certain applications and technologies, others are ill suited or currently impossible to move to a cloud environment.

Without careful planning of cloud migrations, organizations can lose substantial value in their previous investments in hardware and application licenses & subscriptions as they develop their future strategies.  Opportunities for substantial savings can be easily missed when transition teams are unaware of unpublicized special deals that many vendors are willing to accept.

Eliot Colon, Senior VP at Miro said “Companies are increasingly coming to Miro to ask about the ‘pros and cons’, as well as potential ‘gotcha’s’ of moving from on-premise to cloud deployments.   They are mostly concerned about ROI, cost and contractual jargon.  Unexpected outages and security issues are real and occur even in the largest and most secure cloud deployments.”

Migrating assets from on-premise solutions to the cloud can cause problems as well as solve them.  Cloud architecture can lower costs through increased efficiencies, but it also can spread risks in terms of security and downtime.  Where on-premise assets are small, isolated targets, the new cloud platforms are high profile opportunities for hackers.  Even if it’s not your IT assets being targeted, they can suffer collateral damage when sharing space with affected systems.

The cost advantage of using cloud solutions has also decreased over time.  As cloud vendors have seen their licensing profits decrease, they are increasing their cloud costs to make up for the lost revenue.

Customization is also an increasingly difficult issue for organizations looking to migrate to the cloud.   Where the one-size-fits-most model of cloud services works well for many organizational needs, it does not meet them all.  Cloud products often don’t provide the detailed performance information in many cases needed to maximize efficiencies and understand exactly how the systems are running.

If you’re considering a cloud transition or moving to a hybrid environment, contact Miro consulting to learn which assets work best in the cloud, which assets should stay on premise, and how to get the best possible price and terms.

About Miro:

Miro consulting specializes in software audit defense, license management, subscription management and cloud services for Oracle, Microsoft, IBM and Adobe.  Contact Miro by emailing ContactUs@miroconsulting.com, or by phone at 732-738-8511 x1208 or online at MiroConsulting.com.

Share

Compliance Risk – Oracle alters license allocation rules for Microsoft Azure and Amazon Web Services Environments

Oracle has introduced new rules on how to apply on premise licensing for use in Microsoft Azure and Amazon Web Services environments. The changes result in an effective doubling of requirements for most Azure and AWS environments, while keeping Oracle Cloud requirements the same.

Compliance risk to current clients who use Oracle within AWS and Azure environments still remains unknown at the time of this writing, but expect this to definitely impact any future deployments of Oracle on Azure or AWS platforms.

To find out how these changes affect your environment, contact Miro Consulting at <a href=”mailto:sales@archive.miroconsulting.com”>sales@archive.miroconsulting.com</a>.

Share

New Updated Rules Make Oracle Cloud Less Expensive than Amazon AWS

On January 23, 2017, Oracle introduced significant updates to their “Licensing Oracle in a Cloud Environment” guidelines document. Miro has been reviewing the document to identify the key changes, and how they relate to current environments and decisions for future environment plans.

As is typically the case with Oracle, the document does not express a clear view of the true comparative impact of the changes they made against the previous guidelines. The changes appear to favor the Oracle Cloud over AWS and Azure environments when calculating the requirements when applying on premise Oracle licenses. With Oracle’s announcement, using the same configuration in other provider’s clouds, or even on premise, can pose a substantial cost increase, both in terms of licensing as well as perpetual support. The impact may be significant; we are working with Oracle to confirm the conclusions we have made. Once confirmed, we will send you details of the changes and their impact for current and future environments.

Miro will be communicating the analysis of the changes this week, so until that time, we highly recommend that you hold off on expanding any use of Azure or AWS until we confirm the impact. Cloud licensing is very complex. Members of the Miro Support Network are encouraged to contact Miro to discuss your current environment, as well as any plans for transitioning to the cloud.

Share

Adobe Has A New Way of Tracking Non-Licensed Software

Adobe’s new Genuine Software Integrity Service validates installed Adobe Software.  It automatically checks for counterfeit software, invalid licenses and alerts Adobe of fraudulent use. The process looks for illegitimate serial number and if it includes software hacks. Once verified, Adobe notifies the company/violator that their software is not genuine.

Companies still should have a program in place to track the full lifecycle of their software assets, to have full control and understanding on:

  • Software requests vs Actual software need
  • Centralized procurement process to manage the acquisition of software through a standardized channel vs multiple sources.

One key point is to stop users from purchasing from non-qualified resellers.  The service is still very new. We will share more information as we learn more.

Share

Warning: Your Software Asset Management (SAM) Tool is NOT Certified

IT professionals must remember that a tool does not understand the rules

Many software license management tools claim to be certified by Oracle, Microsoft, IBM and others, but none actually are. For example, Oracle’s LMS page does list a number of tools, but only as supplements, not as certified tools, and they often miss 90% of Oracle products.

“Tools from the following vendors have been verified to provide the required data set to supplement a LMS engagement. The scope of the verification process only covers the data collection related to the installation and usage of specific Oracle products, namely Oracle Database and the associated Options. The verification does not include any other Oracle products or the overall capabilities of the vendor’s solution… Please note that the installation and usage of a tool from a verified vendor does not replace an Oracle License Audit or True Up engagement or revoke Oracle’s contractual right to perform a License Audit or True Up.”

IBM has similar language in their rules. “ILMT is a mandatory IBM requirement for all IBM customers who take advantage of sub-capacity licensing, regardless of whether they utilize third party reporting tools.”

Microsoft’s Software Asset Management (“SAM”) program is an audit, albeit a “friendlier” one. In such an engagement, Microsoft will tend to accept the output of virtual any tool. However, if this information is inadequate or incomplete or otherwise not acceptable to Microsoft, the customer could be compelled to use a Microsoft product. These might come in the form of the for-fee subscriptions or products of Enterprise Mobility Suite, Intune, or System Center. Or, in their absence, the Microsoft Assessment & Planning (“MAP”) Toolkit which a free of charge.

But in the case of a formal audit involving a partner (e.g., KPMG, Deloitte, etc.), Microsoft will equip the auditor with a discovery tool. These scripts are typically executed by a member of the audit term (versus by the customer). Sometimes the audit partner has a tool that Microsoft has certified for use in lieu of the Microsoft tool. In this type of engagement, the output of these tools is the only acceptable one.

IT professionals must remember that a tool does not understand the rules. They can lead to false positives, identifying assets as licensed, even when they are not. Most importantly, software asset management tools don’t understand the context of the software as it’s being used in the business, or if the product is being over used or underutilized.

Don’t let these SAM tools give you a false sense of assurance. No tool is a substitute for expert research, evaluation and validation. If you’d like to speak with a Miro Expert about your use of SAM tools, and how Miro can help evaluate your risk of an audit, contact us today.

Share