Solved

Microsoft Assessment and Planning (MAP) Toolkit for Audit

Posted on 2012-03-29
3
1,255 Views
Last Modified: 2012-03-30
We have a client who got notification that Microsoft has ordered an audit to be conducted on their network.  They were asked to run the MAP tool to generate a software license usage report.  Any unlicensed software that the tool finds can be purchased to get "current and legal".  As a result, no legal actions will be taken against the client.   This is a new client that came to us from a vendor who still has access to their Open License account.  The client told us that they know they are not in compliance on some software.  They also said that their previous vendor had three other clients call this week about upcoming audits.

Question:

Is it advisable for us  (or all of our clients) to run the MAP tool to verify compliance?

We stress to our clients the importance of being compliant.  

Since we have not used this tool, we want to MAKE SURE WE DO NOT trigger an audit by running the assessment!!!  Could this trigger an audit?

NOTE:  We use other tools to gather network and licensing information, such as Belarc, Spiceworks, and MS Baseline Security Analyzer.
0
Comment
Question by:sfjcpu
  • 2
3 Comments
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 250 total points
ID: 37785626
In my experience and in conversation with people who developed MAP and other MVPs who use it, MAP does NOT report ANYTHING identifiable back to Microsoft.  I wouldn't hesitate to use the tool.

Indeed, if I understand this correctly "They also said that their previous vendor had three other clients call this week about upcoming audits." what probably happened is a disgruntled employee or someone who heard a radio commercial probably decided to report them to the BSA in hopes of collecting a reward for reporting license violators.  More info, reference:
http://www.bsa.org/country.aspx?sc_lang=en
0
 
LVL 37

Assisted Solution

by:Jian An Lim
Jian An Lim earned 250 total points
ID: 37785634
the tools will not trigger audit.

audit was trigger because a improper practice (or whistle blow) on a vendor as a result all the client get audit.

If you do the right thing as best as you can, you don't need to worry an audit.

you can ask your client to run a MAP tool to verify compliance to increase sales :)  you got nothing to lost.

Of course, if some one complain to microsoft, and did an audit on your client and found some is not compliance, then microsoft might start to audit your other clients.

again, it is not your responsible, it is the company responsible to make it up to date, and you are assisting them to do the right choice (although the right choice also come with a cost)
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 37785645
I'll also add that if the client squares up and gets all the necessary licenses BEFORE receiving the letter requesting an audit then they should not be liable for any fines (as I understand the process).  If you have seen the letter, great... my understanding comes mostly from http://blawg.bsadefense.com/
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VPN problems 4 62
Disable network connection item via group policy? - is this possible? 4 37
Unidentified Network 12 54
Cannot join domain and UNC paths 9 49
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question