Banking

How to prevent or navigate an audit by Adobe

The CEO of Animus Solutions, Inc., a management consulting firm helping organizations solve the toughest enterprise issues, gives some tips on dealing with an Adobe audit and some gotchas regarding licensing.

It's no secret that software vendor audits are on the rise. With the economic conditions over the last two years and software budgets being cut, vendors had to determine the best way to keep revenue flowing and keep their shareholders happy. We often hear about Oracle and Microsoft audits, as well as some smaller players, but one in particular, Adobe Systems, is perhaps the friendliest of the bunch but also one that requires a lot of care in order to remain in compliance. Because Adobe's audit "ways" differ from those of other vendors, it's often misunderstood. Most organizations do not view Adobe in the same regard as Oracle or Microsoft because they use Adobe software far less often than the others.

Most software vendors will audit their customers' licenses regularly and simply collect the noncompliance fees as added revenue. The organization must then also purchase additional licenses to become compliant, and the whole ordeal can be very costly! Adobe, however, is mostly concerned with guarding its intellectual property -- meaning they want their software used properly. They aren't out to make an extra buck off of noncompliance. Unlike other vendors, Adobe will also work with the audited parties to achieve compliance, with the end goal being focused on compliance -- not fees (although there are still fees involved). We recently supported a client through an Adobe audit and were pleased at the outcome. What was potentially a $2-million compliance gap cost the client less than 25% of that. This was achieved by working closely with Adobe to identify their concerns and outline a specific set of executable activities. Of course, there was still cost associated with the audit, in addition to additional licenses that needed to be purchased, but the outcome was not nearly as bad as the initial estimate.

What is the catalyst for an audit?

Unlike other players, Adobe conducts their audits. They do not outsource them to third parties. This can be good or bad, depending on how badly the organization is out of compliance. Cooperation is key and will result in less of an expense for the organization and also leave you in good standing with Adobe. Many organizations wonder why they are chosen for an audit -- how they are "found out." Often, vendors will look to their peers to see who has successfully been audited recently. There is a good chance that if one software vendor has conducted an audit, others will be soon to follow. Additionally, vendors will watch for major business changes. M&A activity is a common trigger, as the organizations are so distracted with day-to-day business operations during times of change, software assets fall to the wayside. Unfortunately, this happens often, but it should be a key consideration when going through a major business move!

Another way -- and probably the worst way -- is from a disgruntled employee or someone looking for reward money. Believe it or not, organizations like the BSA offer up to $1 million for tips on software piracy.

A few tips for dealing with Adobe licensing:

Keep an eye out for Creative Suite -- Creative Suite changes just about every year. We had a client that under their premium suite had 12 products listed, and in the following year, only 9 were listed. They then had to prove compliance for the additional three products that were no longer listed as part of the Suite. The constant change year after year makes it difficult to keep track of what products are covered under your contract and, more importantly, which are not. Adobe will often make a product "obsolete." Once they do so, compliance is out the window if you happen to be using it! Upgrade rights -- Unlike Microsoft that offers Software Assurance, Adobe does not have any type of program to deal with upgrades. In fact, an upgrade license can sometimes cover licenses back several years. You must keep track of how far back your licenses go, as it can give a false sense of confidence. In order to be sure the right licenses cover the right products and are being used properly, it's imperative to keep up-to-date records that include not only how many licenses there are across the organization but how they can be used according to the contract. Versions -- When tracking inventory of software licenses, it is important to keep in mind that not only should all licenses and assets be recorded, but versions and editions must also be included. Particularly with Adobe, where many organizations use both free and paid versions, each instance must be tracked. Also, pay close attention to the usage rights of the free versions, as they have very specific guidelines on use, which may mean noncompliance for enterprise users. Volume Licensing -- The common volume licensing program for Adobe users is Cumulative Licensing Program (CLP). Each product's usage right under the CLP will differ -- with each product and respective version differing. This is why it's so very important to track each version, its installation, and its individual usage rights. Don't assume that under volume licensing all versions will be covered and that it's blanket usage, because this is not the case. Free Versus Fee -- This is a very common problem with Adobe, because so many organizations use free versions of their software. Be aware that if your company is using free products, such as PDF, Flash, or AIR, in conjunction with fee products, appropriate licenses for all parts of the system must be acquired. Save the Shrink Wrap! -- It seems a little silly to save the plastic that software comes wrapped in, but believe it or not, many Adobe products have seals located on the shrink-wrap. If you happen to toss out the shrink-wrap, you could negate the proof of purchase. In addition to meticulous electronic records, save receipts, shrink-wrap, and any and all paperwork that came with the software. Otherwise, you may end up having to purchase it again!

Whether it's Adobe, Microsoft, Oracle, or any other software vendor, the most effective way to mitigate an audit is to have an up-to-date software asset repository with an automated discovery tool. The repository should be reconciled at least every six months, and software licensing should be a part of the corporate policy manual to ensure that all licenses are being used as they are intended. In addition to meticulous record keeping, stay on top of your vendors! Be sure to watch for any licensing changes that may affect the licenses in your organization. They change rapidly, and many times, organizations are out of compliance without even knowing it. Noncompliance can cost hundreds of thousands to millions of dollars that are better spent elsewhere! Get ahead of it and be prepared when the auditors come calling!

Phara E. McLachlan is the CEO of Animus Solutions, Inc.

2 comments
Marco Parillo
Marco Parillo

So, which Adobe product is so valuable that you can justify to your boss grinding your team to a halt to comply with an audit? Especially on that seems designed to maximize the gotchas.

bboyd
bboyd

Keeping the sticker on the wrapper or be fined... good job Adobe! /sarcasm off