Over the years I've worked with a number of companies and what has become obvious to me is that - it is rare that a company knowingly pirates software.
So, how do so many companies become non-compliant on their software agreements?
1) Lack of proper processes (and adherence to those processes) for software acquisition, deployment and retirement.
2) Lack of a good asset inventory tool that will accurately and easily report on what is installed.
3) Lack of records of what is owned.
4) Misconception or lack of knowledge of product use rights.
5) Misconception or lack of knowledge of volume licensing agreement rights.
Of all of these, I find the last two to be the most universal and it's a combination of misconception and lack of knowledge. Of the two I find misconception the most dangerous...because the company thinks that they're doing things right so they never ask for help.
How do the misconceptions happen? Generally, through outdated knowledge or guesswork.
Some things to be aware of:
1) Different use rights exist for different versions as well as different forms of acquisition.
For example, Microsoft 2007 software (Office, Server, Operating System) acquired OEM normally does not allow for downgrade; however, if acquired through Open, Select or Enterprise it normally does allow for downgrade. This was not always the case, in the past it had been allowed...was it allowed when you did it? Reference - http://download.microsoft.com/download/d/2/3/d23b9533-169d-4996-b198-7b9d3fe15611/downgrade_chart.doc). How were you planning to handle those OEM Office 2007 that are coming in the door? Were you going to downgrade those to 2003 until you're ready to upgrade?
2) Test and Development servers need to comply with product use rights same as Production.
3) Your Developers may have the "Professional" version of the software for development purposes but not be licensed for those for business use - be careful what's being installed on their production machines.
4) Vendors selling you a solution dependent upon another companies technology may not always provide you with full/accurate information about the licensing requirements...do your homework.
5) Client Access Licenses - in general if you're using the resources of a server, you need some form of client license for each user/device. Watch this carefully, it's the most common problem we find.
Just to name a few...
So, how do you keep up and still do your job? Frankly, you don't. You bring in professionals to educate you and provide you with documentation from the publisher supporting that education (do not rely on anything else...if a problem comes up, you're the one holding the bag) which you retain in a centralized location until those licenses (and their future upgrades) are no longer in use.
Questions? Comments? Would love to see them...