The joy of software licensing on the desktop
Does anyone understand the options out there?
Workshop One of the joys of working as a manager of desktop and laptop systems is to be found in the weird and sometimes surreal world of software licenses. Not really, of course. In fact, trying to ensure that the organisation is buying only the licenses it requires at the best price, while making sure that no unlicensed applications have materialised on corporate kit, can be enough to drive a budget-holding IT manager to despair. But just what are the challenges to be faced, and how can they be addressed? In this article we try to shed a little light on the murky waters of licensing.
Anyone who has waded through the terms and conditions associated with a software license will tell you that you probably need to have a degree in mumbo jumbo appreciation, or law as it is more commonly known, to be able to make any sense of the muddle of words employed.
The bottom line is that software licenses are complex, and adding to the problem is that every single publisher of commercial software manages to use license terms and conditions that vary in subtle, but important ways. This complexity is compounded still further when one takes into account that some software vendors offer a range of license models for the same application. While the flexibility undoubtedly provides options for the would-be user, it can be difficult to navigate the options.
Typical license models for commercial software include the “per PC”, “per named user” and “concurrent user”. Such licenses may be purchased outright with an option to buy some form of support-and-maintenance contract that allows bugs to be reported and software updates to be received. Alternatively the license may be in the form of an annual subscription which gives no permanent rights to use the software, simply the ability to use the software for as long as the subscription is maintained.
While selecting amongst these options is complex enough, one must also bear in mind that more and more users now seek to utilise their own equipment when working from home or as a standard operating arrangement. Though some vendors now include the right for a business to purchase a single copy of the software but allow it to be used not just on a company PC but also on a user’s home machine, this is by no means the case across the board.
Meanwhile, the idea of “discount for bulk purchase” has long been a factor in IT. The more you buy, the cheaper the units become. In the software world this has led some vendors to offer their licenses as individual units or bundles. Beyond these bundles, many vendors also offer site licenses or enterprise agreements. On the “home use” point, whether such enterprise agreements apply to employees using their own machines for company business may well need discussion with the vendor.
In all scenarios it pays to spend some time with a large sheet of blank paper and a calculator (or to make good use of some properly licensed spreadsheet software) to map out the various options to try and minimise software costs. Choosing amongst the options takes effort and understanding.
It is fair to say that few salespeople in the software reseller community are entirely comfortable working out license options, but at least they will have some idea. However there are very few IT professionals who have any specialisation in handling software licences. It is highly possible that any with such experience are snapped up by the main vendors, making life harder for both the general reseller community and end user organisations. As a consequence, both customers and channel partners would welcome some license model consolidation and simplification amongst the ISVs.
Now, I know that by this stage some readers will be saying “no licensing problems when you use open source software”. But is this true? In fact, the answer is probably not. Indeed, when talking with the senior managers of several of the major open source software vendors it is clear that they, too, struggle with explaining clearly to users the terms under which their software is distributed, and more importantly, supported.
In fact, most of the players in the space require that if you want support on their software you must have a subscription contract for all machines on which the software is to be deployed, or possibly for every machine in the company, irrespective of whether the software runs on all machines or not. Clearly, using open source software in important business systems does not mean that licensing and especially support and subscription terms do not need careful consideration.
At the same time, we have spoken to IT decision makers in end-user organisations large and small, who have expressed their concerns about what the different flavours of open source license mean, and whether they have implications for the companies’ own in-house applications if they are developed in conjunction with open source. While there are advantages and disadvantages of all forms of licensing, open source or not, it is clear that you should be undertaking sufficient due diligence whichever model you choose to adopt.
One last topic that deserves mention is the growing interest organisations are expressing in virtualisation on the desktop. Reg readers have already told us that they are looking at the various options that desktop virtualisation now encompasses. But the licensing impact of running any desktop virtualisation solution should not be underestimated, as few vendors make it clear how they would license software running in any virtualised environment.
So, where to start with desktop software licensing? On the plus side, there are now numerous good software inventory discovery tools available that can help work out just how many copies of each software package are deployed in the business. These can also identify, should local legislation and practice permit, which software is actually being used as opposed to just loaded but never run. Such software license management tools are now much simpler to deploy than in the past, and can perform regular audits without placing an unacceptable burden on systems.
Using such solutions, it becomes relatively straightforward to audit software deployment and usage to reconcile them with licenses and support contracts purchased. It can also help ensure that only authorised software is used in the business, and highlight any areas that may need further attention if unsanctioned software is being utilised for business purposes. Of course, auditing hardware which runs company-purchased software but is not owned by the organisation may pose challenges concerning privacy issues.
It is clear that software license management is by no means straightforward, but perhaps you think it's a solved problem. If you have good examples of how to manage software license complexity and software usage we would be very happy to hear your advice. ®
COMMENTS
Open Source does completely eliminate *Licencing* woes
*Support Agreements* are an entirely different set of unrelated problems.
For example, as a small business I can purchase 10 Windows 7 and MS Office licences for my 10 PCs.
That doesn't entitle me to any support from Microsoft whatsoever - if I want that support, I have to enter into a second contract. This may be a special 'licence-plus-support' agreement, but usually is not.
Equally, I can choose to install 10 copies of Ubuntu and Open Office on those same PCs.
This also does not entitle me to any support from either Ubuntu or Sun. If I want that support, I again have to enter into a second contract.
In both cases there are various free online self-help systems, generally based around forums.
So the only difference between the 'Closed' and 'Open' source options is that in the 'Closed' situation, should I decide to install that software on an 11th PC or break the licence terms in another way I am likely to be open to civil action for breach of the licensing agreement.
In the 'Open' situation this is never the case.
Breaching either support contract is a different kettle of fish, which could of course occur in either case. The nature and consequences of such a breach depends on the details of that support agreement, but has nothing to do with the licensing model.
When it comes to the use of 3rd party components for my product, that again is a different matter that is generally decided on a per-product basis. (What royalties or other component-specific limitations can we afford to handle, given the benefits of X?)
If I use 'closed' components I am bound by the terms of that licence (eg Windows Embedded has a per-product-shipped and other licensing fees, and various limitations on what can be done), and if I use 'open' components I am bound by the terms of that licence.
What is a license?
It becomes a struggle when trying to deal with a large amount of software with completely different license agreements, some single boxed copies, some multi user agreements about what exactly you have to prove you have a license to use it. Anyone who has taken over another company or got a new role as head of IT will recognise the problems if meticulous paperwork hasn't been stored.
Is it the receipt/invoice, the physical CD, the license agreement envelope, the sales contract, an e-mail conversation, a license certificate, the licensing server, the Help:About screen information?
It becomes even more complicated with OEM software, how much of a PC can you upgrade/replace before the OEM license is not valid. You aren't, for instance, allowed to buy 20 identical PCs with OEM Windows and clone to them a company hard drive image which was made with Windows OEM off one of those machines, or are you?
All of those options have flaws and there is no standard. If software always had a standard certificate or card that explained the terms of the license and how many it was licensed for it could be so much easier. Maybe for SMEs it could be a sticker per PC or a Card per license that gets kept with the PC. Maybe every piece of software should have a licence certificate with the exact details that is stored in a fireproof safe. Maybe there should be an encrypted license file that is sent or downloaded that you install on a standard licensing server which can be set to Audit PCs at a certain interval to make sure concurrency or user count are not exceeded?
Peace of mind.
I'm surprised that this issue hasn't been THE primary driving force for people to migrate to FOSS.
Its nice to KNOW that you are correctly licensed.
(I'm biased I work on linux to fix MS issues)
BTW another nice thing about FOSS is that people try to get it all working, rather than hide the fact that bits dont.
OSS can work but it requires effort
and in my experience most ICT departments cannot be arsed to migrate away from the likes of windows or office even though usage does not warrant the constant upgrade path.
In one site we audited the use of office and found only 40% of users used word within 1 month and apart from some prolific excel users the remaining software was unused. One could also argue that those using the software rarely got close to the potential supplied by the package. I have no beef with Microsoft (other than they are greedy and unimaginative) but their software can be very functional. most users never use that function yet are happy to re-buy the product every few years,
I have used Open Office for over 6 years for tender documents, advanced budgeting, presentations etc and all have been without issue. How many companies have support contracts for MS Office and if they spent some time getting use to alternative they may be surprised. Lets face a lot of SANs and old VMWARE all use *nix platforms!
Easy
All you have to do is this: Whenever you make a copy of *anything* for *anyone*, always give them the Source Code.
Do that and you'll stay in compliance with the GPL; better than in compliance with BSD- or Apache-type licences; and if the vendor won't let you have the Source Code in the first place, then they probably don't want you making copies of the binary either.
