Virtualisation 'creates licensing risk'

Matt Fisher pic
Matt Fisher: warns of risk of breaking software licensing rules

Companies that are virtualising their IT environments could be losing control of their software licensing, according to a developer of licensed management solutions.

License Dashboard said a straw poll of 31 client companies revealed that, while 97% had virtualised their servers and 87% claimed to factor this into their software asset management, only 42% were using a dedicated licensing solution.

Of the others, 39% were using an IT asset management or procurement system to track licences. The company said these are often too simplistic to factor in the implications of virtualised environments. The other 19% did nothing.

Matt Fisher, director at License Dashboard said: "Under virtualisation, organisations operate many instances of a software program on a single physical machine. With the traditional device-centric software licences that are the mainstay of most organisations today, such as Microsoft Office and Windows licenses, the organisation is required to license each virtual machine separately.

"While many vendors, including Microsoft, have added user-centric elements to their licensing terms, since the licence remains at its core a device one, licensing under virtualisation remains a grey area. As a result, licensing each virtual machine separately is often the safest approach to avoid the risk of being non-compliant."

He added that the issue becomes more complicated with technologies that dynamically allocate IT resources, as this could lead to an application being used on every virtual machine. This would require a licence for each one, and companies would be open to fines for not having sufficient licences.

Fisher also told TRBC that midsized companies are often the least likely to have a proper policy in place.

"Our experience shows that the 1,000 to 5,000 employee organisations are often lacking in document policies and procedures around the deployment of virtual servers and associated licensing requirements, so it is safe to assume that these organisations are at most risk of failing to monitor and control their licensing obligations," he said.