Feeds

Think enterprise software is complex? Check out the licences

It's simple economics - and you're the simpleton

Top three mobile application threats

Analysis Enterprises shouldn't be surprised to discover they're having trouble understanding their enterprise licensing agreements. While Oracle, SAP and other big players publicly tout transparency and fairness in their licensing and pricing policies, customers often disagree when they get to the bargaining table or open the results of an audit.

Oracle and SAP are in unique positions as the two biggest and most respected enterprise software companies in the world. Combined, they account for more than 40 per cent of the worldwide ERP market. No other enterprise software vendors offer software lineups that are as broad and deep as those of Oracle and SAP.

And with billions of dollars invested in R&D every year, customers of these two firms have come to expect a steady stream of technological innovations that give customers real competitive advantages, such as SAP's HANA database and Oracle's Exadata database appliance.

Customers of Oracle and SAP appear, by and large, quite happy with the functionality delivered by the vendors' wares. But there is a darker side to working with the software giants. Depending on which vendor you're dealing with, you may find the licensing agreements to be extremely complex, rife with vague terminology, inflexible to changes in business structure, or subject to capricious levels of enforcement.

SAP licensing: 'Vagueness' and 'irregular enforcement'

SAP's licensing model is, ostensibly, quite simple. The company lays out the basics in a 26-page white paper, "Licensing SAP Software," which is available on its website. The company says the customer is able to pay for only the SAP software that they use. But the reality is usually something different.

At a high level, SAP sells its flagship Business Suite in two main ways: packaged licences and named-user licences. It's all perpetual licensing with SAP, which offers subscriptions only for two solutions: the SMB-targeted SAP Business ByDesign suite, and CRM OnDemand.

An SAP customer will start by licensing the "enterprise foundation" package, which includes the core SAP ERP software (ERP Financials, ERP HCM, and ERP Operations), at a pre-determined price. On top of this, customers select various "enterprise extension" packages (generic business functions like payroll), industry portfolio packages, and line-of-business portfolio packages.

Each of these packages (except for enterprise foundation) is priced based on a "business metric," which could be anything from the customer's revenue, the number of employees, the number of processor cores the software runs on, or the number of invoices sent out daily. Analytics, mobile, and database products are separately priced, and have their own restrictions. SAP HANA is priced on the amount of memory it can use.

Every user that needs access to the SAP package is required to have a named user licence. SAP sells three main types of named user licences: professional, developer, and employee. The differences in the licences depend on the level of access required and the amount of time they're going to spend working in the SAP software.

Chris Hughes is a SAP licensing expert with Flexera Software, a software licence management tool vendor. In his position, Hughes has an in-depth understanding of the different licence types that SAP uses across its products, and helps customers to minimise their SAP licensing expenditures.

"One of the bigger challenges in SAP licensing is that the licence models are very vague and open to interpretation," Hughes says. "For instance, a professional user licence would be defined as somebody who performs operational duty on the SAP system, whereas the limited professional licence - which has substantial cost differences from a professional licence - is really defined as someone with limited operational actions. That definition of 'limited' is very open to different interpretations and different customers will look on that in different ways."

The vagueness is definitely a challenge, Hughes says. "We're starting to see a trend of SAP being more specific in their contracts, but still have a ways to go before the vagueness goes away."

It's your data, but…

The other big challenge facing SAP customers is something called indirect access. SAP defines indirect access as occurring when a user or product accesses data stored in the customer's SAP system through a third-party interface. Examples of this could be an Oracle Hyperion BI application sucking data out of the customer's production SAP database, or serving data through a Microsoft Web portal.

While the data belongs to the customer, it is being "processed" by SAP software, and therefore SAP demands compensation any time it is used outside of the SAP environment. It may surprise customers to find they don't have the freedom to use their data in any way they like without paying SAP for the privilege, but that's likely because they didn't carefully read their licence agreement.

Licensing experts claim SAP used to look the other way when its audits found customers violating the indirect access provisions of their licence agreements, although SAP disputes this.

While customers own their own data, it can be difficult to determine how many licences would be required for all downstream consumers of that data.

But in recent years, according to the licensing experts and users we spoke to, SAP has started to crack down on indirect access, by charging customers for additional licence fees for indirect access. This has angered SAP customers who have been asked to pay millions of dollars to buy additional named user licences as a result of indirect access discovered during audits.

"SAP customers can get some surprises in an audit situation, where they thought they were following the process, they thought they had a very accurate understanding of their licence position, and suddenly they're being charged for thousands of users that run on this other system that is loosely connected to SAP," Hughes says. "This is a clear area of focus for SAP, and for customers going forwards, it's an area of fear and uncertainty."

The fear and uncertainty over SAP's licensing practices was on full display last fall, when the UK & Ireland SAP User Group conducted a survey that found 95 per cent of SAP customers found the company's software licensing policy "over complicated". In response, the head of SAP's UK business pledged at last fall's TechEd 2012 conference that it would clarify and simplify its licensing models.

SAP defends its licensing and pricing schemes as fair, and says it's taking steps to make its licensing policies simpler and more transparent. Broad-strokes generalisations about weaknesses in its licensing scheme are not possible, SAP says, because each customer's situation is unique. Further, SAP questions the comments made by licence optimisation vendors, saying they're trying to "drum up" business for themselves.

In particular, SAP says named user definitions must be broad in scope because they cover user activities that are role-based, and not function-based. As for indirect access, there's just no "there" there. "The idea that indirect usage is somehow 'new' or a change in practice is simply not true," the SAP spokesman says. "Indirect access is not a new topic at SAP, nor is charging for it a new practice. These terms have been in our contracts for many years."

There's also growing pressure for SAP to publish its full price list, as its rival Oracle famously does. While SAP doesn't publish its prices, the company seldom varies from its internal price list when its salespeople close contracts, according to Upper Edge Consulting, a licence optimisation consulting firm that SAP hired to validate its pricing practices. The same cannot be said of Oracle, Upper Edge experts say.

High performance access to file storage

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.