I’ve been working in the Oracle world for a long time, and I can state a few things with assurance:
- Chances are high that you are out of compliance.
- If Oracle feels that they can make some money because of it, you’ll get an audit letter.
- You need to be prepared.
In this blog series, I’m going to explore 5 best practices to help you take back control of your relationship with Oracle. And why do you need to take back control?
First, you’re probably out of compliance. The simple answer is that Oracle set it up that way, with a licensing model that’s intentionally vague and amazingly complex. It’s not just my opinion: 92% of customers agree, according to a study from the Campaign for Clear Licensing.
And it’s not just the licensing – there are also a lot of hidden “gotcha’s.” For example, Oracle software automatically installs premium features – it’s up to you to take them out if you don’t want them. Another thing: virtualization may not be part of your contract – at least one online Oracle policy document says it’s “for education purposes only” and it’s not contractually covered.
Even your own hardware refreshes can unwittingly create problems. I know of one company that embarked on a green initiative and reduced the number of servers, but in so doing also expanded its processing power, meaning they went from needing 50 to 150 licenses for their database. So even though they didn’t increase their user base and had fewer computers, Oracle claimed they owed more.
And if Oracle smells money, you’re likely to get an audit notification. Here’s the dirty truth: auditing is not just a way to increase licensing fees; it’s also a sales strategy for increasing negotiating leverage. It even has a name: ABC, for “Audit, Bargain, Close.” A number of my clients have been told they could make an audit go away if they made another purchase. Not quite extortion, but they sure try to put you over a barrel.
So how can you protect yourself? You have to be informed and speak with authority. What does that mean in practical terms? Well, if Oracle asks you how many Oracle database licenses you have, would you answer, “I dunno; I guess around 100?” or could you say, “As of this week, we have 98; we recently decommissioned a server and another went down, which keeps us under our contractual level of 100.” The first answer turns on a big red sign blinking “Audit Me” over your head while the second signals that you’re on top of things and you’re no pushover. That’s the type of authority position you want. Because just like a schoolyard bully, if Oracle senses weakness, they’ll pounce; if you stand up to them, they’re likely to turn to weaker prey.
So, as a first step, you need to find out what you have and how you’re using it by performing your own internal usage audit. Make sure it’s accurate, and keep it up to date. Capture the history of usage.
If just the thought of pulling this together makes you hyperventilate, you can turn to a third-party provider to do it for you. We’ve done this on numerous occasions for our clients, and it’s always an eye-opener. If you’ve got all the details in hand, Oracle may think twice about proceeding with an audit right away. And even if they do move forward, you’re going to be better prepared to respond.
In subsequent blogs, I’m going to dig a little deeper into some of the other compliance best practices. In the meantime, if you have any questions or issues about performing a usage audit that you’d like to discuss, let me know. We’re here to help.