Top engineering software compliance risks
In this guest article, István Fekete from OpenLM explores the most common software compliance risks when it comes to engineering-specific software.
You need to understand the terms of your EULA, as it includes important information about the types of licenses end users will have access to, and their expiration dates.
Engineering software often has its own specific nuances and quirks that need be considered. MathWorks for example states clearly that its software can only be used on assets owned by the company, e.g. only on computers owned by the organization, and only by its employees.
Software usage: Company employees and company hardware
So, for example, if you have 20 Matlab licenses, only your employees can use them, and you cannot allocate them to contractors. But how do you define a contractor?
A big organization has specific projects that they outsource to smaller organizations, and they will be the contractors.
So, if organization A owns 20 Matlab licenses but outsources the project to organization B, it cannot share the Matlab licenses with the latter. If it does, it has compliance issues. The actual software usage is limited to the company employee on the hardware owned by the company.
If you forget this and share the license with a contractor or a freelancer hired to help you with a specific project requiring Matlab software, you are breaking the license agreement signed with the vendor.
A vendor’s license manager is unable to prevent this from happening, so you need a software license management solution such as OpenLM. Using the license usage reports, you see
- usernames;
- hardware details;
- the hostname or workstation name;
- IP addresses.
These details are missing from the reports of a license manager provided by the vendor. The gap is filled by software asset management or software license management systems.
In cases where people are working remotely or from home, such information plays an important role. As the pandemic has inevitably changed how people work, the personal computers used by employees can cause a breach of compliance in license usage.
For example, if an employee connects to the company VPN using his or her personal computer, he or she can pull a floating license from the company’s license manager, but since that’s not a company asset, it means that the employee has a compliance issue, which, if left unmanaged, can cost the organization hefty fines.
Cross-geography software usage
In cases when an organization has purchased a pool of licenses limited to a certain country – let’s say, the UK – if the organization has offices in many countries and an employee from France or Germany intentionally or unintentionally pulls a floating Matlab license, we are talking about cross-geography software usage.
Once again, that is a breach of compliance, as the agreement with Matlab limits the license usage to the UK.
The license manager is neither able to prevent this nor help the SAM/License/IT manager to manage the situation, because it lacks the toolset to do so. This is where software license management tools come in handy, yet again.
Every office has a set of IP ranges. By using this small feature, software license management tools can filter unauthorized access and prevent the checkout of a license, hence preventing a breach of compliance due to cross-geography software usage.
Old versions
Whenever a vendor releases a new version of its software, it will provide its customers with a new license file. This file is backward compatible, but the compatibility limit varies by vendor. Matlab, for example, says all licenses permit access to older releases of the software down to R11 for most licenses. However, backward compatibility differs in how it is implemented in network and individual licenses.
SolidWorks licenses are also backward compatible, but Autodesk has a different policy: it allows access to the latest version of the product and up to three versions back. If you contact the Autodesk Virtual Agent (AVA), you can get access to up to five previous versions.
This means that if you have 3DS Max 2023 subscription, you can access
- 3DS Max 2022;
- 3DS Max 2021;
- 3DS Max 2020;
- 3DS Max 2022 with Softimage;
- 3DS Max 2021 with Softimage;
- 3DS Max 2020 with Softimage via the Autodesk Account.
If your organization has older versions, you are non-compliant. Therefore, in the case of an audit, you can expect a fine from the vendor, as reported on the Autodesk forum, to come back into compliance.
The publisher doesn’t want you to have any trace of earlier, non-compatible versions of the software on your workstations, so check your licenses’ backward compatibility with the vendor.
When it comes to network licenses, software license management tools can help you spot old versions of the software with ease so you can avoid hefty fines from the vendor.
Simply put, if you want to know what affects the overall quality of service (QoS) of end users, you read the denials report, where the software license management tool will display the error message.
This way IT managers know they need to step in and eliminate the old software for two important reasons: improving QoS and avoiding non-compliance fines. Software decommissioned.
VDI usage
Virtual desktop infrastructure (VDI) is widely used in the automotive industry, as it helps organizations save on hardware costs while giving them access to the required computing power. In this virtual environment, organizations can run engineering software.
Since car manufacturers work with many subcontractors (cars have many small components), let’s take an example from this industry. If organization A owns the VDI and allows organization B to access it and install the engineering software it owns, organization B is non-compliant. Despite accessing the engineering software from their asset, the VDI infrastructure is owned by a different company, organization A.
So, even with VDIs, organizations need to play by the same rules mentioned above: software usage is allowed only by the organization employees on the asset the organization owns. Once again, the software license EULA will be your guide: organizations need to know exactly which is the metric the vendor uses to measure compliance (user location or device location).
Conclusion
Unfortunately license managers fail to inform you about being non-compliant, but software license management tools will come to the rescue. Just run the license usage report, and the hostname checking out license(s) will help you spot any non-compliance issues.
Software license management solutions fill the information gap SAM/IT managers need to avoid hefty compliance fines. In case you haven’t deployed any, now is the time to select the one that best suits your needs.
Can’t find what you’re looking for?
More from ITAM News & Analysis
-
Software Vendor Insights: What do the numbers tell us about the opportunities for ITAM negotiations?
What software vendor insights can be gained from the latest financial results from Amazon, Google, Broadcom, Salesforce, IBM and SAP? An important part of ITAM is paying close attention to the health of the companies we ... -
Flexera is first SAM tool vendor verified for Oracle E-Business Suite applications
Flexera has announced that it has been verified as the first software asset management (SAM) tool vendor for Oracle E-Business Suite applications. Almost anyone with an Oracle estate will be familiar with the company’s License Management ... -
ITAMantics - March 2024
Welcome to the March 2024 edition of ITAMantics, where George, Rich and Ryan discuss the month’s ITAM news. Up for discussion this month are. Listen to the full ITAMantics podcast above or queue it up from ...