Microsoft SAM – An Audit by Another Name

When I heard a Microsoft executive recently explain its new approach to software license compliance enforcement, I couldn’t believe my ears. Statements like, “Microsoft does not endorse audits,” and “Microsoft believes that most of its customers want to be in compliance, they just need help with tool deployment and reconciliation,” sounded to good to be true. In reality and not surprisingly, the program was not playing out as presented.

The Harsh Reality

Very quickly after Microsoft’s Software Audit practice was disbanded and its SAM Engagement program implemented, clients began calling with questions and concerns about Microsoft’s proposal and approach. For example, while Microsoft officially touts its SAM Engagement service as being completely voluntary, clients are given the impression to the contrary by veiled threats that the “matter will be escalated to legal” if they begin asking too many questions.

Microsoft Official Position

Microsoft’s official position on its SAM initiatives is extremely positive. Microsoft has certified a group of partners to assist companies with Microsoft license reconciliation and to assist customers with implementing software asset management best practices within their organizations. In theory, Microsoft has it right. Helping share the burden of the “compliance tax” imposed by its products is smart business. And because most companies are honest, Microsoft will yield the revenue from audit activity that currently is consumed by the BSA and the SIIA when they conduct more adversarial audits on Microsoft’s behalf.
Why Is Microsoft Paying Its Partners?
Interestingly, Microsoft even pays its certified partner to deploy an automated discovery tool, conduct the license reconciliation and share the information with Microsoft and the customer. Unfortunately, in practice the SAM engagement is just an audit by another name. Unless properly managed these audits can be expensive and disruptive to your business.

How You Get Targeted?

Evidently, Microsoft is reviewing previous and current purchase activity to develop a profile of its customers most likely to have a compliance gap. Thereafter, Microsoft and its partners approach the target to propose assisting them with dealing with any compliance problems they have. Microsoft appears to be focusing it efforts on mid-market enterprises with 500 to 2000 computers.

The Partner’s Conflict of Interest Problem

Unfortunately for businesses, the SAM partner is operating under a conflict of interest, and will naturally want Microsoft to yield more revenue from the end customer than for which it has been paid by Microsoft. Further, the SAM partner is obligated to turn over the results of its findings to Microsoft, creating an additional conflict of interest. Regardless of how it is presented, Microsoft is paying its partners to audit customers so they can extract incremental revenue related to licensing gaps that are present with virtual certainty in the average company.

Get an NDA With the Partner

Before agreeing to proceed with the SAM engagement, I advise clients to require the SAM partner to enter into a Non-Disclosure and Confidentiality Agreement precluding the company from sharing any of the information it discovers during engagement with any third party, including Microsoft. If the partner is to act as the target company’s consultant, they should be expected to sign an industry standard NDA.
Get an NDA and Settlement Discussions Only Agreement from Microsoft
After you present the partner with an appropriate NDA, the Partner will disclose that its contract with Microsoft requires it to share the information it gathers during the engagement and the next question that will certainly arise is, ‘how will Microsoft be informed regarding your purchase needs?’ The answer is you will agree to share the information directly with Microsoft provided that Microsoft signs an NDA with appropriate language that protects the information shared during potential settlement negotiations. By requiring these two agreements, you place the engagement on a footing consistent with the way Microsoft is marketing the program. Unless both parties agree to these agreements, I advise clients to decline the SAM engagement.

Cooperate Without Placing Your Company in Jeopardy

A properly managed SAM engagement can be extremely valuable and can reduce the drain on internal resources that may be less experienced than the SAM partners at conducting project-based license compliance reviews. The key is to restructure the relationships between your business, Microsoft and its SAM Partner to avoid the conflicts of interest, preserve confidentiality, and insure that you are able to negotiate with Microsoft from a position of strength.

Negotiate From A Position of Strength

In addition to protecting your business with the appropriate contracts going into the engagement, it is important that you engage an attorney with expertise on Microsoft licensing to review the Partner’s work-product before it shared with Microsoft and to protect your legal interests. Microsoft licensing is subject to interpretation and is frequently ambiguous regarding how the rules pertain to a particular situation. For this reason, it is critical that the Partners’ license reconciliation, which will be the starting point for negotiations, is thoroughly reviewed and analyzed by experienced counsel. Only by understanding the issues pertaining to all alleged deficiencies will you be able to negotiate from a position of strength.