Ahead of the Compliance Manager Summit 10-11 March in Santa Clara, we interviewed speaker and VP Products and Strategy at V.i.Labs, Victor DeMarines about software adoption, license programs, compliance trends and more.
Q. In a nutshell, what is software adoption intelligence?
Software adoption intelligence is the ability of software publishers to collect and analyze data on the use of their applications. The intelligence can be gathered to understand adoption of new features, tracking geographic use, or focusing on detecting and reporting on adoption of unlicensed software (overuse and overt use of pirated software). Unlicensed software adoption occurs when the software vendor’s licensing or activation technology has been tampered with to enable unpaid use. Our customers are able to collect data on the use of their software regardless of whether it has been pirated or is being used beyond the scope of the license agreement.
Analysis of this intelligence can reveal who is using the software without paying for it, insights into geographies and vertical markets where the software is being used, and which features are used most (and least) often. This enables the publisher to make data driven decisions on compliance programs as well as sales, marketing and channel efforts.
Q. Based on your experience – what intelligence or trends can you share about how organizations typically fall foul of license programs?
We work closely with our customers and partners to better understand the scenarios that lead to unpaid use. One scenario that is fairly common is when an organization has a base license, but they require new features in later releases that are too complex to acquire from a licensing perspective. Other times, their maintenance agreement has expired due to budgeting issues. Instead of working through their procurement team, end users will go to sites where they can download the software they need to accomplish their tasks.
We’ve also heard instances where the licensing is too complex. The organizations wanted users to be able to access a subset of additional features, but didn’t want to pay for access to all of the features, and the licensing didn’t allow that flexibility.
Additionally, we’re seeing issues popping up in the supply chain (especially in Asia) where there can be a culture of using pirated software and not getting caught. These cases cause problems upstream and for the western businesses that are part of those organizations.
Finally, in most cases, management is not normally aware of incidents of unpaid use or that they have partners overseas that bring the risk of unpaid use. Communicating with the right level of the organization is key to resolving these incidents.
Q. What primary mechanisms would you recommend for educating users about overuse or compliance issues?
There are two audiences that require education on compliance: end users and senior management. End users can be alerted to compliance issues through in-application messaging that is specifically targeted to them by the publisher. In application messaging can escalate from a simple notification window alerting them to non-compliant use to a response that limits or totally disables use of the application. Senior management requires more strategic notification of compliance issues that should come from a publisher’s compliance team (which may include inside sales personnel who are in a good position to manage the customer relationship and also sell new licenses to organizations using unpaid software). Contact typically begins with a telephone call to senior management and is followed up with email or a certified letter depending on the nature of the engagement.
Q. Can you describe any regional differences in compliance trends, notably emerging compliance economies such as China?
Our customers are seeing 60% of their software intelligence data emanating from APAC regions, specifically China, Taiwan, Korea, Vietnam and Thailand. Much of this data is attributed to the adoption of unlicensed software. In general, these regions have been difficult to enforce, but customers are leveraging their sales teams, outsourced compliance services and supply chain intelligence to target key opportunities. Recently we found that the top 10 manufacturers of mobile phone platforms were using a significant amount of pirated software. Many of the infringements were occurring in Asia, but our customers target their compliance activities at parent companies located in US and Europe to more effectively convert this activity into revenue.
Q. Many software publishers, notably Microsoft and Oracle, prefer a relaxed and open approach to licensing – preferring to allow developers to use their software unrestrained on a trust basis, placing the compliance emphasis on the customer. Can you describe instances of where companies have previously taken this approach but converted to more automated compliance mechanism? (i.e. how do you overcome the objection of allowing developers access to anything they want).
The relaxed and open approach to licensing may be possible by these vendors because they are well practiced on profiling and implementing audits. However, most software publishers don’t have the resources to create large audit practices and are more sensitive to preserving their customer relationships. Audits may be necessary, but if the publisher implements a use-based tracking solution it can be more granular and accurate with whom it targets for audits. These publishers can also reduce their audit expense by focusing in on the right location where overuse risk is the greatest. It should be noted that Microsoft may have a relaxed license enforcement policy, but it has also invested heavily in programs like Windows Genuine Advantage, which, at its foundation, is an implementation of software intelligence technology.
Q. Can you comment on any trends in the licensing space? Perhaps on the impact of cloud delivery and subscription models on compliance?
Virtualization and private cloud trends are going to force both publishers and enterprises to rely more on software intelligence and tracking tools. License enforcement is still needed, but the emphasis on “denial of service” license models will give way to usage or consumption based licensing to allow enterprises to centralize how they procure and manage software.
Q. What would your advice be to someone who is struggling with compliance issues?
From the perspective of an end user organization, they need to proactively invest in resources and tools to baseline their software applications and ensure that their processes extend to subsidiaries and remote locations. If the budget does not allow for additional SAM tools, then the organizations should prioritize their efforts on applications and software publishers that have the greatest compliance risk (an audit risk). The organization should approach the vendors and ask them to provide tools to assist with asset management. Many of these vendors have created utilities and reporting solutions that can give a true count of actual use.
Q. Looking at the industry as a whole, outside of Compliance what do you see to be the biggest issue for businesses when it comes to ITAM?
Software applications and the way in which end users and organizations interact with them is getting more complex over time. Not only do organizations have to manage desktop and middleware software, but they have to extend their SAM to mobile as well as pure cloud application models. For example, how does ITAM extend to cover interdepartmental use of Google Drive (formerly Google Docs), Salesforce applications, Dropbox, and other pure web based services? The ease in which end users sign-up, purchase and virally adopt these solutions creates an increasingly complex ITAM environment.
Q. Finally, where do you see the ITAM industry in ten years time?
Organizations will be driven to consume and leverage more granular intelligence of how the software their organizations are adopting is truly being used. As vendors are driven to offer subscription and usage based license models, the ITAM industry will morph from just focusing on counting and inventorying software to actually understanding how the individuals, group or departments are using specific features.
Thank-you to Victor for taking the time to talk to us. We look forward to hearing from him at the Compliance Manager Summit in sunny California.