Microsoft Audit question

We are trying to find out if I.T.  should tell management that Microsoft or any other software company can legally come to their place of business at any time and demand to do their own audit to get a count on their software?

Is this true? Has anyone ever been audited.
regsampAsked:
Who is Participating?
 
Dustin SaundersDirector of OperationsCommented:
It depends on how you do your licensing, but for example, two of my companies that are Microsoft SPLA have been audited and it was a 2-3 month process, we did have auditors on site for a few days and had to present our licensing to them with proof collected from the environment using their tools.

If you have any licensing issues, they will bill you for them.  They do have the right to do this per your license agreement with Microsoft (that long EULA you click ok on when you install it) and especially if you are SPLA.
1
 
☁ François Peroux ☁Infrastructure ConsultantCommented:
Hello,

I had couple of clients who had been audited by Microsoft. It's not someone who come physically to your place but they invite you to give them all the information about your licences.

They can do it, and legally.
0
 
regsampAuthor Commented:
I have heard that but what if you do not participate in the invite, can they then legally require you to allow them to remote into the network or physically come to the site to do an audit?
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
☁ François Peroux ☁Infrastructure ConsultantCommented:
They'll never come to your place or take control of your servers/computers.

They'll insist for you to fill the forms they send you, calling you, sending email (like everyday or couple times per week).
0
 
JohnBusiness Consultant (Owner)Commented:
I think you need to allow them to come in to audit (yes, they can do this).

Do not let them remote in.
1. You do not know who is on the other end.
2. You cannot audit paper records (often needed) by using remote access.
0
 
regsampAuthor Commented:
But couldn't someone just fudge the forms? That is how Microsoft takes a count? Then how do people get fined if there is not a way for Microsoft to confirm physically?
0
 
JohnBusiness Consultant (Owner)Commented:
It is pretty easy to spot fudged forms. And Microsoft is entitled to check with the vendor of the software and computers list on the invoices.
0
 
regsampAuthor Commented:
I see. I was just trying to get a general picture of how it worked. Our environment is in total compliance but there was a debate on what to tell management about the specifics and how it works exactly and I am unclear myself.
1
 
JohnBusiness Consultant (Owner)Commented:
If you are in complete compliance (as are my clients) it is generally easy to lay out the necessary paperwork, help them through it and bid them good day.
1
 
regsampAuthor Commented:
Thank you for that Dustin. That is how we do our licensing. Thank you everyone else.
0
 
Dustin SaundersDirector of OperationsCommented:
@regsamp - np, good luck.

Be sure to look through all your active directory users, installed licenses to make sure everything is good.  You have time to fix problems before the audit starts, but when it starts if they find an error you will get billed for that item back to the start of your current SPLA contract regardless of when the item was turned up (i.e.3 year contract & if you have an instance of SQL server you turned up yesterday and you didn't report it, they will bill you for 3 years of that SQL server.)

We have a very large infrastructure here and at my previous company, and both times we enlisted SPLA attorneys to help with the audit.  We were able to avoid any penalties from Microsoft both times, but if your company is large enough you may consider that.
0
 
regsampAuthor Commented:
The experts were quick and gave great advice and insight.
1
 
JohnBusiness Consultant (Owner)Commented:
Thanks and we are happy to help.
1
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.