Software audits—in which vendors probe enterprise customer implementations for overuse of licenses or unauthorized installations—are becoming a big business—and an emerging source of revenues. Whether on-premises or accessing services through the cloud, many companies report having been the subject of software audits, often resulting in tens of thousands of dollars of assessments.
That’s the word from a new survey published by Unisphere Research, a division of Information Today, Inc., the parent company of Database Trends and Applications, in partnership with LicenseFortress, a software audit service. A total of 283 usable responses were received, of which 155, or 69% of survey respondents, reported having been audited within the past three years, and 79% reported having been subject to a software audit within past five years (“Managing The Software Audit: 2022 Survey on Enterprise Software Licensing and Audit Trends,” September 2022). The purpose of the research was to better understand the scope of software audits, as well as the costs incurred.
As applications move from on-premises environments to the cloud, it seemed that many licensing issues would be resolved. However, this has not alleviated issues or concerns with software licensing and audits, the survey showed. Close to eight in ten enterprises report software compliance issues have either increased or remained the same after moving to the cloud. While many applications and data sets have moved to the cloud, respondents reported that there was no appreciable impact on their software compliance issues. Seventy-nine percent report the move to cloud has not changed their software compliance issues, or, in the case of 38% of respondents, it has increased compliance concerns. Only about one-fifth, 21%, say cloud has reduced their compliance issues.
Many vendors maintain comprehensive controls over licensing rights and responsibilities outlined in their contracts. They may require customers to support and run scripts that monitor usage—and may also invasively track other parts of the infrastructure. The terms may change with the purchase of additional licenses, or at contract renewal time.
In addition, there is the possibility that second-tier software vendors may get acquired by firms that seek to play hardball with licenses, as has been the case with so-called “patent trolls” that aggressively seek monetary compensation for what they claim is unauthorized use of software.
More than half of enterprises in the survey report being audited by one or more software vendors. About 69% of survey respondents report having been audited within the past three years, and 79% report having been subject to a software audit within the past five years.
It’s important to note that software vendors have a right to ensure they are being compensated for the systems and services they build, provide, and maintain to their customers. The challenge to enterprises is software compliance, which can be complicated with services or capacity engaged that is unknown to IT or business users.Examples of non-compliance may include a purchased license tied to a specific application that is being used for a different application; or licenses restricted to internal-business-use-only where access has been opened to external customers. Survey respondents report that activating unlicensed features, and issues around virtualization, are the issues most likely flagged by software vendors.
What impressions do vendors leave from their audits? In most cases, the encounter was courteous—the majority, 88%, say the tone of the vendor’s representatives was friendly and professional. More than one in 10, however, still encountered hostility or pushiness on the part of the vendor.
Among companies audited by vendors in the past three years, 64% were leveraged additional charges for noncompliance. A substantial portion, 35%, had to pay $100,000 or more to achieve compliance with the vendor, and 10% were leveraged $1 million or more in fees. Vendor charges incurred following an audit reflect company size. While more than half of the smallest companies had no charges, only 24% of the largest companies caught such a break. At the same time, while 20% of the largest companies were assessed amounts exceeding $1 million, these numbers were not seen among their smaller counterparts.
Along with the assessments made by vendors for non-compliance, there are hidden costs as well, even if the vendor does not levy additional charges. Most audit processes required at least three employees, and 40% of companies had their CIOs involved with the process. Given the time spent at hourly rates, this can add up quickly.
A majority of audited companies did not seek outside assistance to guide them through the process. While many depend on tools or software asset management to support their efforts, a majority fail to keep track of software changes on a continuous basis.
In today’s turbulent economy, many software vendors have been looking for sources of additional revenue, and they have found it—through customer software audits. These software audits have become a big business, serviced by prominent accounting and consulting firms on behalf of vendors, and often incurring millions of dollars of extra charges to customers.