Date:
20 Dec 2022
Author:
PREO AG
Used software
What is a software audit?
In a software audit, the manufacturer such as Microsoft checks whether its software is being used within the contractually agreed scope of the license or whether deviations occur in practice. Auditing is usually part of the license agreement that a company concludes with the manufacturer for the purchase or lease of a software product. In this agreement, the manufacturer secures the right to audit the agreed scope of services. The licensee is then obligated via corresponding clauses to provide or make accessible to the auditors all information required for the audit. As a general rule, everything that is used must also be licensed accordingly. And proper licensing also includes complete documentation of the license chain.
Smaller medium-sized companies with a few hundred employees in particular have not always implemented professional software asset management or use appropriate SAM tools. So it happens time and again that the auditors commissioned by the manufacturer find their IT environment either under licensed or overlicensed. However, it only becomes problematic in the first case. The missing licenses usually have to be licensed again at the expensive new price of the respective product. This can be accompanied by substantial penalties, which can only be legally challenged in a time-consuming and cost-intensive manner, and often with little chance of success. Unforeseen payments in the six-figure range are therefore not uncommon, depending on the size of the company and the offense, and represent a considerable financial risk.
How does a vendor-specific software audit work?
The software audit process typically begins with written notification from the vendor and follows these steps:
- Written announcement of the software audit by the licensor, for example Microsoft, Adobe, Oracle, etc.
- Start of the 30-day preparation period of the software audit for the licensee to review and provide all records documenting the scope and use of the software.
- Review of the compiled documents and conducting initial talks with the IT or SAM managers by the auditors, usually from an independent auditing company, in order to obtain an overview.
- Sample checks of the information, e.g. by equipment checks at individual workplaces.
- Evaluation of identified results. This is presented to both license partners for reconciliation and clarification of open issues.
- Preparation of the license balance sheet after approval by the licensee. The license balance sheet also includes the consequences in the event of possible subsequent licensing.
Good to know: The actual relicensing (adding licenses), including the handling of possible penalty payments to the licensor, is no longer part of the audit and is subsequently settled between the license partners.
PREO security tips: Implement SAM tools and internal ‘friendly audits’
Hay varios sistemas de gestión digital que sirven para organizar la gestión de sus activos de software. Usted mantiene una visión de conjunto en todo There are a number of digital management systems that can be used to organize the management of your software inventories well. You maintain an overview at all times and, if necessary, are warned in advance if underlicensing is imminent or overcapacities arise. Efficient and successful management is possible even for medium-sized companies with a low 3-digit number of employees.
In our experience, event-driven or regular internal audits have also proven their worth, in which the license inventory is checked practically as a test run in order to identify possible deviations in advance and in particular, gaps. Ideal occasions are for example, restructuring, outsourcing projects, mergers or site expansions.
Draw the right conclusions from the result of the software audit
If underlicensing or overlicensing is actually identified during a software audit, action must be taken and the right conclusions for the future drawn.
Missing licenses must always be added on within a specified period. However, manufacturers usually only offer the latest license version, which does not automatically have to meet demand. Especially in the case of large license volumes for widespread applications, operating systems or servers from Microsoft, a previous version is often sufficient to provide all the necessary functions at the respective workstations. Here, adding on licenses with used software is an option, as it is significantly cheaper than the latest manufacturer license for the same functionality, even if it includes a downgrade option.
Existing licenses that are no longer needed can be sold again to generate cash and thus relieve the IT budget or also serve to refinance the internal costs of the audit. PREO's licensing experts will be happy to advise you personally and provide you with a free and non-binding offer.
This is what you should consider when using used software
When using used software, complete and accurate documentation of the proof of origin is crucial. Therefore, the following fundamentally applies: The more previous owners, the more difficult it is, as a rule, to document the license rights chain in an audit-proof manner. For this reason, PREO acquires 99 percent of the software licenses it offers from the initial licensee, because transparency, security and compliance have the highest priority.
For each license that a customer purchases from us, he/she receives detailed information and the necessary proofs about
- who the previous owners were by name
- from which type of license agreement the software originates
- what the contract numbers are
- The used software was properly uninstalled or deleted by the previous owner.
By the way: You can read more about security in the trade with used software in this blog post.
Pass software audits safely with the PREO Safe3 system and blockchain
Despite the clear legal framework in the EU for the use of used software, existing reservations regarding audit security and compliance are steadily but slowly being reduced among many CDOs and IT managers. As one of the pioneers in the German and European trade with used software, PREO therefore offers you the Safe3 system and integrated blockchain solution, which was established several years ago, with a level of security that goes far beyond the usual industry standards:
1. Complete transparency of the rights chain
For all transfers, we fully disclose the chain of title. This includes proof of what type of contract (including contract numbers) the software came from, who the previous owners of the software were, and that they properly uninstalled the software. You will also receive full details of the update history.
2. Our licenses pass every software audit
PREO's license experts, in cooperation with our own legal department specialized in licensing law, put every license through its paces before purchasing it and do not shy away from even the most complicated cases. This legal examination is practically equivalent to a preliminary software audit, so that you can be sure that all used software licenses offered at PREO will withstand an audit without any problems. As proof: In the trade with far more than one million used licenses, all manufacturer audits have been passed without exception so far.
3. Our insurance for the worst case scenario
Even if the software has been running at your site for a long time, we still care about your compliance. All our transfers are therefore insured against financial loss by a reputable insurance company. The insurance covers any financial damages up to an amount of 10 million euros for an unlimited period of time.
PREO Blockchain Solution
In our Safe3 security system, we provide tamper-proof ownership of your used software assets by storing an abstract hash value generated via an encryption mechanism in our independent and privacy-compliant blockchain solution.
Process software audits faster with efficient documentation
We store all important information on each individual license for our customers in our license portal, which they can access online at any time. Thanks to this simple and efficient documentation, a software audit no longer causes a great deal of effort.
Numerous customers from a wide range of industries, for example hospital, logistics, IT, finance or hotel and tourism, have already benefited for years from our security standards when using used software. Convince yourself or let us advise you personally.
Hassle-free: Used software from PREO passes vendor audit from Microsoft
Demmin District Hospital, which is run by a local authority and has around 350 employees, is considered one of the most progressive hospitals in Mecklenburg-Vorpommern. This also applies to the area of digitalization, including the use of second-hand software. Microsoft has now certified the public institution's lawful use of PREO's used software. However, the manufacturer criticized used software purchased in parallel from another dealer due to insufficient proof of origin. The consequence: a financially not insignificant re-licensing.
In this customer case, you will learn why the IT managers are convinced of PREO when using used software, and not only in terms of security..
