software audit & compliance discussion · develop a risk profile and improve it over time with...
TRANSCRIPT
Software Audit & Compliance Discussion
1
Compliance Discussion
2012 LicensingLive
David Welch
NetApp’s Licensing Czar
What we sell…
3
� Storage Systems (Hardware)
� Storage Operating System
� Storage Management Software
� Support & Professional Services
� Packaged Solutions
Financial Tech GovernmentEnergy
Leaders Are Taking Action
4
Information Telco Hosted ServicesHealthcare
Compliance Program… Common view parody
5
What could Brian & Stewie, a generic sales rep, Robot Chicken and Sir Lawrence Olivier possibly have in common?
Data Center Design Is Evolving
Application-
Based SilosPublic Cloud
Zones of
VirtualizationPrivate Cloud
Servers
Apps
Network
7
A flexible and efficient foundation is essential
Shared IT InfrastructureTraditional Approach
Storage
Audit
Common Terms
Entitlement:
Represents the right by contract or agreement to use a particular software product within
a defined scope of use.
License Agreement:
A contract that sets forth the terms and conditions under which a Licensor grants a
License to a Licensee in exchange for compensation.
8
License Key:
An open or cryptic key that enforces software usage compliance within a software product
Compliance Auditing:
The measurement of actual software usage compared to or in accordance with software
Entitlement.
Compliance True-up:
A licensee (customer) compensates licensor (publisher) for software usage beyond the
scope of entitlement as set forth in the license agreement.
Looking for IP Over-usage
� Alignment to entitlement agreement
� Boundaries; region, geo, purpose, time, certification, support plan, etc.
� Programs are built to find over-usage,
Licenses Deployed
9
� Programs are built to find over-usage, but shelf ware licenses are an issue too – the scale can tip the other way
Actual Software Usage
Easily a 2-day topic for only 30 minutes
Common Audit Types
None On-Site
� Your program may fall into one of these categories
� Most successful programs leverage a sliding scale of
effort based on risk indicators
Lo
w T
ou
ch
Hig
h T
ou
ch
10
Self-Serv Remote
� Balance risk/reward, but
remember it’s not all about
revenue recovery… Customer insights
Lo
w T
ou
ch
Hig
h T
ou
ch
� Potential revenue risk
� Sometimes shocking
what you don’t know
Common Audit Types – double click
None On-Site� Potential relationship risk
� Sometimes no substitute
for being there
� Similar to on-site, but
interviews over phone &
using WebEx or similar
� Sometimes a good
substitute for being there
� Customer self-
compliance certification
� Strong partnership
� Integrate with “phone
home” telemetry
11
Self-Serv Remote
Whatever path you choose, it makes sense to keep a “cop on the walk”
Harnessing the opportunity
• Drive revenue through audit settlements and true ups from clients
• Enable sales teams to be active in reaching out for customer up sell activities
Incremental Revenue
Business Insight
Input Creating a holistic compliance Program
Output Realizing value organization wide
Incremental
12
A practical licensing compliance program consistent with Company brand promise, company culture and organization wide
participation
• Drive Innovation and improvements to current licensing and pricing
• A proactive sales culture when it come to customer compliance
• Allow for greater insight into key risks by customer base and geography
Business Insight
• Customer attitudes - cooperative, trustworthy etc.
• Affirm 2-way understanding of software usage
Customer Insight
Incremental Revenue
Thoughts to Consider…
� You don’t need to audit everyone and everything
• Pick the IP and contracts that are most critical or at risk
� Consider a statistical audit
• Could build trust with your product integrated IP licensors to reduce product cost or eliminate the need for license keys
� Develop a risk profile and improve it over time with real world data
13NetApp Confidential – Limited Use
� Get help. Many customers prefer a neutral 3rd party like PwC, KPMG, or Anglepoint for onsite/fieldwork
� Integrate findings back to your customer listening program and product development
� And… absolutely adjust your licensing & entitlement models and
license key implementation to more organically work with customer use cases!
14
© 2012 NetApp, Inc. All rights reserved. No portions of this document may be reproduced without prior written consent of NetApp, Inc. Specifications are subject to change without notice. NetApp, the NetApp logo, Go further, faster, Akorri, AutoSupport, BalancePoint, DataMotion, Data ONTAP, FlexCache, FlexClone, MetroCluster, OnCommand, RAID-DP, SANscreen, SnapLock, SnapManager, SnapMirror, and Snapshot are trademarks or registered trademarks of NetApp, Inc. in the United States and/or other countries. Cisco is a registered trademark of Cisco Systems, Inc. Microsoft, SharePoint, and SQL Server are registered trademarks of Microsoft Corporation. Oracle is a registered trademark of Oracle Corporation. SAP is a registered trademark of SAP AG. Symantec and Enterprise Vault are trademarks of Symantec Corporation. VMware is a registered trademark of VMware, Inc. All other brands or products are trademarks or registered trademarks of their respective holders and should be treated as such.