Gartner says audits are up, once again….

Gartner recently put out their annual report: The Software Vendors That Are Auditing Now and What to Do About It. Based on survey data from their IT Financial, Procurement and Asset Management Summits, the research firm found software vendor audits have, once again, gone up. The percentage of respondents who said they had been audited in the last 12 months rose from 61% to 65% in 2011. Also interesting was the top five vendors doing the auditing: IBM, Adobe, Microsoft, Oracle and SAP (which is a new entrant to this list).

Gartner suggests that organizations look more closely at Software Asset Management, and start taking these threats seriously, as changes are increasing that you will, at some point, face an audit by one or all of your vendors. Many respondents also noted that they vendor had to have lengthy discussions with those being audited to explain licensing rules and clarify why they were not in compliance – this tells us one thing – if the customers don’t understand it, they need to be less confusing! You shouldn’t need an expert or an in-house person to explain the licensing to you, but unfortunately you do in order to stay compliant!

The BSA’s “nauseating” anti-piracy tactics

We have often addressed the BSA and their piracy fighting tactics here on this blog as a warning sign for those who aren’t taking compliance as seriously as they should be. PC Pro Magazine recently wrote a story about a small business that was targeted by the BSA and the exact tactics that were used to strong arm them into an audit. Admittedly, the business owner did not know if he was in compliant, but blamed the recession and trying to keep his business afloat as to why licensing fell to the wayside. You can read about the entire ordeal here.

It gives good insight as to what exactly happens when a disgruntled employee turns you in, and how far the BSA will go to validate the claim, which they say are where 20% of their leads come from. Something to think about! And yes, we are in a recession, but what many businesses do not realize, is that managing your software assets can actually save you money- which is a thing of beauty in a recession!

Check out our archived events section, we have several resources on audits and SAM to get you started!

Who should track Oracle licensing changes?

Who is responsible for tracking Oracle licensing? Whose job is it to notify organizations about these changes? Eliot Arlo Colon, President of Miro Consulting, discusses the tracking of Oracle license changes.

Office 365: Today’s Trends in Microsoft Licensing Special Report:

A special report on Today’s Microsoft Licensing Trends is available today. To obtain a copy of this report please visit our free resources page.

Key areas discussed in-depth include:
• Microsoft Cloud Offerings
• Software Assurance
• Office 365 Licensing, Pricing and Considerations
• Pricing and Programs
• Product Use Rights

Your Common Questions On EU Privacy Regulations Answered

The security group at Forrester has been handling a steady stream of client inquiries regarding EU data privacy laws, from both EU and North America clients. While there are many good legal sources out there, we thought it'd be a good idea to compile a list of common Q&A questions about EU privacy laws into a report, to serve as a definitive information source for Forrester clients.

The report, titled: "Q&A: EU Privacy Regulations," is now live on Forrester's website. It is not our intention, by writing this report, to give legal advice. Rather, we envisioned this report to be a repository of the most important information regarding EU privacy laws, updated every 18 months or so. The report has a wealth of information, including links to actual information sources - be that EU's data protection directive web site or interesting studies/analysis done by external parties. For example, one noteworthy study on US Safe Harbor is by Chris Connelly from Galexia consulting. He looked at 2,170 US companies that claimed to be Safe Harbor compliant. Out of these, 940 do not provide information on how to enforce individuals' rights; 388 were not even registered with the US Department of Commerce.

The report also contained information on Model Clauses and Binding Corporate Rules, for which we are beginning to see increased interest. We also discussed new and pending privacy laws in the report, including the EU "cookies" directive and EU's view on geo-location privacy.

We'd love to hear your thoughts on the report, or whether there is anything else that you'd like us to include in a future revision of the report.