Oracle has changed the Java licensing rules several times over the last few years. Java went from free, to not free, to sometimes free under specific circumstances, to free in theory but in reality you probably have to pay for it. As typical with changes like this, not everyone gets the memo, and Oracle customers are caught off guard as sales teams put the pressure on to sign new Java ULAs. The result frustrated and confused users while Oracle rakes in billions of dollars.
Oracle LMS is now involved in Java audits
One thing, however, was consistent throughout these licensing changes. Oracle was not auditing their customers over Java. Oracle was using their sales teams to put pressure on customers and threaten audits. That has now changed. Oracle’s audit team, License Management Services, or LMS, is officially involved in these activities.
Official audit letters have gone out and LMS is getting in front of Oracle customers, pushing those customers to run scripts, and generally supporting the Oracle sales teams to get the customer worried enough that they sign a Java ULA.
While Oracle LMS has been sending out Java audit letters, the primary push for Java compliance discussions continues to be the Oracle sales teams. Oracle Sales is reaching out to customers and conducting soft audits. These types of Oracle Java soft audits are particularly dangerous because you are not getting that official notice. That means you may not know you are being audited, and you may not be activating your audit defense playbook. This is a very effective Oracle tactic to get around all your defenses.
Whether or not you have an official audit letter from Oracle, a good rule of thumb to follow, if walks like an audit, talks like an audit, and smells like an audit, then it’s an audit. And here we have some very smelly audits.
How to run your defense against an Oracle Java audit
The key in these situations is not to be bullied into doing things you are not required to do. Running software or scripts sent to you by Oracle sales is probably not something that’s in your contract. You are required to stay in compliance. Don’t give Oracle an opportunity to put you in a bad place with Java. If you have an official audit letter from Oracle LMS then we need to go back to your contracts to see what you are specifically obligated to do in this situation.
What should an Oracle Java customer do? Simple. Get out in front of this before Oracle takes the lead. Educate your team on Java licensing. Conduct a self-audit of Java. Optimize your Java licensing position. And remember you must do all this better than Oracle does it. Do you have that capability in house? I wouldn’t look to Oracle for free help here. Oracle has gone on record saying they won’t give you access to their compliance scripts unless you work with their audit team. Crazy but true.
Palisade Compliance conducts audits of Oracle software better than Oracle does. We have to be better because our clients depend on us and Oracle is always looking for an opening. If you are using Oracle Java, reach out to us for a free consultation with one of our licensing experts. Either you take control of your Oracle Java licensing, or Oracle will take control of you!
