Microsoft VDA 101: Is VDA Add-On Licensing Right for You?

Dec 15, 2020Microsoft

If you want to understand Windows VDA and VDA Add-on Licensing, it’s best to start with some background on Microsoft’s rather complicated Windows licensing history. First, however, let’s acknowledge just how ubiquitous Windows truly is. In the area of desktop and laptop computers, Microsoft Windows is the most commonly installed OS, with estimates ranging between 77 and 88 percent globally. Today, more than 800 million devices run Windows 10.

Microsoft’s Windows Client OS has been around for decades and has long been a bread-and-butter product for the vendor. Even so, it continues to be the subject of some of the most misunderstood licensing terms and requirements of any Microsoft offering. Part of this has to do with how Windows is sold, but it’s also reflective of changes in the IT enterprise ecosystem and how customers purchase and access the technology they use.

Let’s start with the former. The fact that business customers can primarily purchase their end-user computers Windows OS perpetual licenses through their hardware supplier and not through their Microsoft volume licensing agreement is befuddling to many. Microsoft has structured a licensing arrangement with OEMs that require them to sell the Windows OS prepackaged with their equipment (if it’s a Windows device). Because of this, Microsoft does not sell a perpetually-ownable Windows OS base license through any of its volume licensing agreements.

The challenge with this approach is that it doesn’t accommodate current trends in usage. The cloud, BYOD and more distributed workforces have fundamentally changed enterprise usage requirements. One way Microsoft has responded to this challenge is by offering Virtual Desktop licensing.

What is Microsoft VDA and Windows VDA Add-on Licensing?

VDA licensing allows enterprises to effectively “rent” Windows licenses for virtual or remote devices and users through their volume licensing agreement. But VDA doesn’t always mean virtual. Its primary purpose is to license a device or user that does not have a full base Windows OS license for use in the customer’s environment. It could be for a user that’s not an employee but is doing work on the company’s behalf in their environment, such as a contractor. It can also mean an employee that has a non-Windows device, such as a Mac or Chromebook, and requires a virtual desktop to perform their job.

In either scenario, it’s important to point out that a VDA license for a device or user is not a “valid” full Windows OS. In the past, Microsoft account teams haven’t done a great job educating customers on when VDA should be considered and correct terms of usage. Not only has this impacted customers’ abilities to make correct licensing decisions, many have found themselves in noncompliance territory. NPI has encountered numerous situations where a client assumed they have full Windows license rights with a VDA or VDA add-on license, but found out otherwise during a SAM engagement or audit.

Prior to 2020, Microsoft didn’t have a valid VDA license that allowed a customer to license with M365 E3 or E5 without losing their suite discount (or Microsoft stepping in and doing some custom licensing “magic”). At the beginning of 2020, Microsoft released the Windows VDA Add-on USL for M365 E3 or E5 (see Figure 1).

Interestingly, Microsoft has not chosen to widely publish the availability of Windows VDA Add-on licensing to M365. As we work on Microsoft license optimization with our clients, we often find that Microsoft account teams have left this option out of their discussions with the customer.

Determining If Windows VDA Add-on Licensing is Right For You

To understand if Windows VDA Add-on licensing is right for you, you’ll need to have a deep understanding of your unique usage requirements and how they intersect with Microsoft’s use rights and licensing terms. The potential for compliance issues can be high for some customers, as is the potential to overbuy and overspend. If you’re unsure if Windows VDA or Windows VDA Add-on licensing is right for you, NPI can help you gain clarity. Our objective Microsoft licensing experts can help you cut through confusion, give you full visibility into best-fit licensing options, and help your team arrive at the most cost-effective licensing strategy for your usage and risk profile.

Bulletin

Remote Hosting and Access Will Cost More for Many Microsoft 365 and Windows Customers – Analyze Your Situation ASAP

Dec 13, 2020Microsoft

Microsoft is making remote access more difficult and more costly for many enterprise Microsoft 365 and Windows users. In a bid to boost Azure revenues, the vendor has issued (and subsequently clarified) changes to terms of service that limit how a customer can remotely host and access M365 and Windows using rival cloud providers like AWS, Alibaba and Google. These changes have the potential to materially increase enterprise license counts and spend.

One risk of hypergrowth for any company (and enterprise software vendors in particular) is that the growth rate inevitably slows down. So is the case with Microsoft and its Azure business. A few years ago Azure’s growth rate was 80+ percent. Today, growth rates are less than half that percentage.

It’s impossible for Microsoft to sustain the higher range of these growth rates forever. As more enterprises move workloads to Azure, there are simply fewer fish in the revenue pond to be caught. But that doesn’t mean Microsoft isn’t trying.

One of Microsoft’s most aggressive Azure revenue tactics to date are changes to terms of service for Microsoft 365 and Windows. In both cases, the changes zero in on remote access. They aim to make remote access for these offerings more expensive for customers that choose to access M365 and Windows via virtual desktop/remote access solutions from rival cloud providers like AWS, Alibaba and Google. By requiring customers to purchase additional licenses or move to Microsoft’s own virtual desktop/remote access solutions, affected customers can expect to pay substantially more and/or encounter significant disruption.

Until recently, spotty enforcement and inconsistent interpretation have kept these changes off of many customers’ radars. But that too is changing. Recent clarifications from Microsoft and more strict enforcement mean customers need to understand how these changes could impact their Microsoft estate and spend at their next renewal.

CHANGES TO MICROSOFT 365 LICENSING TERMS

Under new terms of service, corporate customers are no longer able to remotely access Microsoft 365 applications while using big rival cloud providers such as AWS, Alibaba and Google. Instead, customers must either purchase a Microsoft 365 license through rival providers (which may raise licensing costs), or switch to Microsoft’s Azure service (or one of the smaller cloud providers Microsoft endorses).

Customers making net new Microsoft 365 purchases will need to determine if they want to access applications remotely through a rival cloud provider or utilize Azurebased remote access, which could also lead to higher Microsoft spend and internal disruption. Enterprises that bought Microsoft 365 licenses before Oct. 1, 2019 will be subjected to the new rules at renewal time. If they currently access Microsoft 365 applications remotely through a rival cloud provider, they should expect to pay more.

CHANGES TO WINDOWS LICENSING TERMS

Windows Virtualization rights: Windows Virtualization Rights allow for a licensed device or user to access virtual Windows desktops either remotely and/or locally, depending on how the device or user is licensed. Customers may choose to use a third party to host their Windows client virtual machines for remote access by their end users. Microsoft requires the third party to be an Authorized Outsourcer and the hosted environment must be on servers dedicated to the customer. An Authorized Outsourcer is restricted from being a Listed Provider and may not use a Listed Provider as a datacenter provider. Currently, Microsoft names Google, AWS and Alibaba as Listed Providers. If a customer is using a third party to host the Windows client virtual machine, the Windows operating system must be licensed with Software Assurance, the user must have an M365 E3/E5 subscription, and the customer must purchase a VDA license for users. Additionally, the third-party must be an Authorized Outsourcer using dedicated hardware.

Windows 10 Multitenant Hosting rights: Customers also have the option to host their Windows client virtual machines for remote access on Microsoft Azure or a third-party shared server under Windows 10 Multitenant Hosting rights. When using a third-party shared server, the third party hoster must be a Qualified Multitenant Hosting Partner (QMTH). The licensing discussed in the section above is still relevant with one exception – device licenses are not applicable, and each license must be on a Per User basis. This means that the user must have an M365 E3/E5 license and a VDA Per User license in order to remotely access a Windows client virtual machine. In this scenario, however, the outsourcer is permitted to use shared hardware.

Windows Virtual Desktop (WVD) in Azure: Why remotely access Windows through a rival cloud provider when you can use Microsoft’s WVD technology through Azure? This is Microsoft’s line of thinking and the preferred option its sales organization is pushing. WVD is a desktop and app virtualization service running in Azure and provides licensed users with access to Windows 7 and Windows 10 virtual machines. In addition to the eligible per user license, customers only pay the base compute and storage costs in Azure. Customers can license users for WVD rights with Windows Enterprise E3/E5 subscription licenses, Windows VDA E3/E5 subscription licenses, or Microsoft 365 suite license on a per user basis.

As these changes become more universally enforced, NPI anticipates significant pushback from affected enterprise customers as they face large spikes in license counts and costs during EA renewals. There is also speculation Microsoft’s behavior could be deemed anti-competitive, which would expose Microsoft to government and industry scrutiny. It’s possible Microsoft will eventually modify or rescind these changes as a result, but – for now – it is within Microsoft’s rights to enforce. And that means it’s in customers’ best interests to prepare for cost mitigation.

For Microsoft 365 and Windows customers who are not currently using Azure for remote access, it’s important to develop license scenarios and cost models to gain visibility into the hard and soft costs of switching cloud providers. Another factor to consider is the possibility of Microsoft pulling established discounts for customers that use non-Azure services. With full visibility into cost and operational impacts, customers can approach new Azure investments with more leverage as well as seek offsetting concessions from rival cloud providers.

The most important cost mitigation tool at customers’ disposal is optimizing purchases and EA renewals. This includes choosing best-fit license and subscription options, re-harvesting unused and underutilized licenses to accommodate areas of growth, and validating pricing and discounts are equal to or better than best in market. These tactics are some of the only ways customer can effectively negate or minimize material increases.

Download the SmartSpend Bulletin™

NPI is a premier provider of data-driven intelligence and tech-enabled services designed specifically to assist large enterprises with IT procurement cost optimization. NPI delivers transaction-level price benchmark analysis, license and service optimization analysis, and vendor-specific negotiation intel that enables IT buying teams to drive material savings and measurable ROI. NPI analyzes billions of dollars in spend each year for clients spanning all industries that invest heavily in IT. NPI also offers software license audit and telecom carrier agreement optimization services.

NPI Vantage™ Pro is the newest addition to NPI’s solution portfolio – a platform developed specifically for IT Procurement Professionals to help them manage growing renewal portfolios, prepare for negotiations, and achieve world-class purchase outcomes. For more information, visit www.npifinancial.com and follow on LinkedIn.

Bulletin

6 Ways to Get More Out of Your Azure Investment and Eliminate Overspending

Oct 19, 2020Microsoft

As companies accelerate transformation initiatives that will increase resiliency and efficiency, IaaS spending on Microsoft Azure is growing. Meanwhile, IT and IT sourcing leaders are under pressure to streamline IT costs and reprioritize business-critical initiatives. How can Microsoft’s enterprise customers better manage Azure costs and get more value out of their investment?

Microsoft’s Azure business continues to grow at a steady clip. The vendor continues to report quarter-over-quarter revenue growth in the 30 to 40 percent ballpark as the market share gap between Azure and market leader AWS narrows, with Azure now capturing more than 20 percent of the market.

The volatility of the last few years continues to benefit Microsoft’s Azure business and its customers. Microsoft, along with other trusted enterprise IT vendors, has played a critical role in helping businesses navigate disruption, shifts in remote working, and fluctuations in demand. Digital transformation initiatives accelerated by the pandemic continue to grow and evolve for many of Microsoft’s enterprise customers.

This draws attention to a growing concern among IT and IT sourcing leaders. As enterprises accelerate digital transformation initiatives that enable agility and resiliency, cloud spending – particularly, IaaS spend – is growing in lockstep at a time when many businesses are under pressure to reduce IT costs. How can customers better manage Azure costs and get more value out of their investment?

THE CHALLENGES OF AZURE SPEND MANAGEMENT

It’s important to acknowledge the challenges associated with managing and forecasting Azure costs. At the top of the list is the significant technical expertise required. While governance protocols can certainly curb Azure overspending to a degree, other culprits for bloated spend include imprecise understanding of infrastructure requirements, unattached disc storage, stranded assets, older-generation VMs, etc. Furthermore, Microsoft doesn’t provide deep visibility into line-item and component-based pricing, which makes it difficult to fully understand what you’re paying for – much less manage if you’re seriously consuming Azure’s cloud services.

Second, it’s tough to establish discount leverage, even for enterprises with sizeable Azure spend. A good rule of thumb is you need to spend at least $5M on Azure in order to get Microsoft’s attention. But even if your consumption reaches that level, the efficacy of discounts dwindles over the long term.

While it is possible to negotiate an above-standard discount with Microsoft, it tends to have a less meaningful impact on costs (especially in comparison to an EA discount) – it’s a bit of Moore’s-law-meets-constant-SKU-invention. Azure capabilities and SKUs are constantly changing and so are customer requirements. An offering may be faster/newer/better six months from now, and what you choose to buy today may not be enough (or may be overkill) by that time. In Microsoft’s current evolution of solution versus customer requirements, there is high potential for misalignment – and that often starts out of the gate. Enterprises regularly under-subscribe or over-subscribe to services which can negate and/or minimize the impact of discounts.

Finally, for the reasons explained above, it’s difficult for customers to price-protect themselves when buying Azure. The old mechanisms of locking in price/discounts simply don’t apply because the solution and requirement landscape is evolving too quickly. It’s also worth pointing out that as the cloud compute market becomes more commoditized more vendors are taking a COGS-driven approach to pricing versus the land-and-expand approaches of years past. It’s one more reason Microsoft, like AWS and others, is rarely motivated to cut margins.

HOW ENTERPRISES CAN REDUCE MICROSFT AZURE COSTS AND GET MORE OUT OF THERE OVERALL MICROSOFT INVESTMENT

Accurately sizing workloads and eliminating idle spend are the two most effective ways to rein in IaaS costs with any vendor, and the foundation upon which strong IaaS cost management is built. Beyond that are several other tactics to help enterprises derive maximum value from their Azure spend and lower their IaaS costs:

Understand subscription and SKU options to avoid over/under-utilization. There are hundreds of Azure SKUs to choose from and, similar to other areas of Microsoft’s business, it’s difficult to determine the right choice for your unique technical and business requirements. Choosing the best-fit option can eliminate costly over/underutilization and toxic spend.
Separate Azure discussions from your Enterprise Agreement negotiations. Microsoft typically won’t discount Azure costs in an EA unless the Azure spend is well above a certain (and very high) threshold. With that in mind, enterprises should focus on getting the best deal possible on their EA. Performing IT price benchmark analysis, license/subscription optimization and optimization of cost-related business terms can yield significant savings on your EA, which can offset a lack of discount on Azure.
Perform IT price benchmark analysis on purchases being made in Azure Marketplace. Microsoft now allows some customers to burn 100 percent of their monetary commitment through purchasing via its Azure Marketplace. For certain customers, it will accelerate commitment consumption thereby helping Microsoft lock in more customer spend over the long term. Also, while solution vendors typically offer competitive pricing on marketplaces, there is no guarantee this pricing is within fair market value range. As such, NPI strongly suggests clients perform price benchmark analysis on large marketplace purchases to ensure they’re receiving the best possible deal.
Carefully consider the competition. Enterprises that consider themselves a Microsoft shop may default to Azure, but Google and AWS may meet requirements for less cost. It’s important to conduct a thorough competitive analysis to understand how competitors differ (and are similar), how they handle privacy/sensitive data, and their ability to meet certain software/networking requirements. Some vendors have historically demonstrated more willingness to customize customer agreements and even build data centers to customer specifications while others do not. In some cases, Microsoft may exhibit more flexibility if a valid, demonstrable competitive threat is in play.
Leverage cutting-edge AI capabilities. Advancements in AI have produced a host of tools/software that provide data-driven recommendations and predictions to help you determine idle assets that may be draining your IaaS budget as well as when it makes sense to modernize and move applications to the cloud. In addition to providing cost savings and avoidance, these tools help companies accelerate their digital transformation initiatives and lower risks associated with cloud migration.
Approach Microsoft’s Cloud Economics Assessment with caution. One way Microsoft is capturing more Azure revenue per customer is through its Cloud Economics Assessment. While presented to customers as a way to help them plan migration of workloads to the cloud, the outcomes of these engagements are designed to benefit Microsoft’s bottom line in several ways – including overselling compute and storage resources based on suboptimal scenario modeling. Another way is by using the assessment to sniff out licensing noncompliance, which can lead to vendor-side leverage to overcommit to Azure spend. These engagements are Microsoft-funded, facilitated by Microsoft’s own tools, include an automated discovery process to gain a clear picture of your Microsoft environment and collect license/usage data under the auspices of cloud migration planning. NPI advises clients to approach Microsoft’s Cloud Economics Assessments with caution. Consult a non-partisan compliance analysis expert to proactively identify and remediate any license compliance issues before providing Microsoft access to your deployment environment, and then to validate Microsoft’s findings if any purported issues are identified. One other area to find savings that can contribute to reducing the cost of your Microsoft estate is to periodically conduct M365 license optimization assessments. Like any large SaaS footprint, M365 administration is challenging and it takes a formal, user-level inspection to identify license currency that can be reclaimed and overpowered license assignments that should be tuned. NPI recently assisted a F500 CPG company with this and identified $4M in annual savings – it can make a meaningful contribution to overall Microsoft cost reduction.

Download the SmartSpend Bulletin™

There are numerous challenges associated with managing and forecasting Azure costs. It requires significant technical expertise, the efficacy and availability of discounts are compromised, and it’s difficult for customers to price-protect themselves.

Blog

Microsoft – Big Changes to Dynamics 365 Licensing

Sep 17, 2020Microsoft

Recent changes to Dynamics 365 licensing underscore the one constant in Microsoft licensing. Just when you think you have a good understanding, even for just one particular offering, Microsoft changes the whole thing.

That’s exactly what Microsoft did this past April with Dynamics 365. Previously, customers could purchase a suite that would include the primary services they required. Microsoft even offered one big suite that covered most services. Now, the vendor has broken out each specific service area out into its own suite.

Why? Microsoft will claim it’s all about streamlining and simplification. But based on the pricing changes that accompany this shakeup, it’s also fair to say the changes are a tactic to increase revenue.

There are now 8 different functional areas: Marketing, Sales, Customer Service, Field Service, Finance, Operations, Commerce and Human Resources. Microsoft calls this ‘2020 release wave 1.’ Below are visuals from the most recent version of the Dynamics 365 Licensing Guide showing how Microsoft breaks them down.

Dynamics 365 Licensing Just Got More Confusing

Dynamics 365 continues to be generally available in all major enterprise volume licensing programs, including: Enterprise Agreement (EA), Enterprise Agreement Subscription (EAS) and Server and Cloud Enrollment (SCE). If you don’t qualify for an Enterprise Agreement, you may purchase through a Cloud Solution Partner (CSP) or Microsoft Products and Services Agreement (MPSA) or Microsoft Online Subscription Program (MOSP).

Where purchasing gets confusing is that Core Business Applications are bought individually. So if you need to purchase more than one, you must first purchase a Base License at the highest price and then purchase the additional Business Application Licenses. A user that needs multiple Core Business Applications will purchase as many Attach SKUs as needed at the lesser price. In other words, the customer must (1) Purchase the first or Base License at standard pricing, then (2) Purchase additional eligible Attach Licenses at a reduced price.

Here are some extracts from Microsoft’s licensing information to show you just how complicated it is getting:

This is just the tip of the iceberg of Microsoft’s recent changes to Dynamics 365 licensing. In addition to the structural and naming adjustments, there are extensive changes within each function, module and application.

Remember – Microsoft’s licensing changes are one of many ways the vendor systematically extracts more revenue per customer. Enterprises looking to invest in Microsoft’s CRM and ERP solutions (or expand their existing investment) need to model the cost of current and future-state requirements and understand the usage pros and cons of the various license types in order to determine best-fit SKU choices. It’s a complex undertaking, especially if you are facing a three-year commitment.

Blog

Negotiating an AWS Discount

Aug 13, 2020AWS

As the cloud war wages on and commoditized pricing persists, many enterprises wonder if it’s possible to negotiate a discount with Amazon Web Services beyond what the vendor publishes publicly. For some customers, the short answer is yes – an additional AWS discount is possible.

While the numbers steadily evolve, recent data indicates AWS continues to be the dominant market leader with over 30% market share. Combined, Microsoft, IBM and Google account for approximately another 30%, with the rest of the market belonging to another 20+ suppliers (Alibaba, Centurylink, NTT, Orange, Rackspace, etc.) who in many cases are delivering more custom designed enterprise-facing services.

Publicly, AWS is known for its refreshingly transparent pricing. Customers simply go to the AWS portal and the portfolio of services, pricing, and discounts are easy to find. This works well for customers just getting started with AWS, but what if your company is spending $5M, $10M, $15M or more per year with AWS? Is it possible to get discounts incremental to those published on the website?

As AWS sought to earn more enterprise customers, it introduced its Enterprise Discount Program (EDP) several years ago. The EDP has not changed much since its inception but is now more commonly presented as a Private Pricing Term Sheet (PPTS). Although the discounts are not published, the pattern of having a tightly scripted discounts tied to volume of spend mirrors the transparency of pricing on the website. In other words, there is very little deviation between discounts granted to customers that are spending the same amount of money.

In addition to the standard EDP/PPTS terms, customers with unique demands for specific AWS resources may get customer-specific pricing or discounts on those services. Although less frequent, customers with significant spend may also negotiate more favorable terms for the Enterprise Support Program or for AWS Professional Services.

Historically, non-public AWS discounts have been hard to come by. But that’s changing, which brings us to the point – don’t assume AWS’s history of price transparency means your AWS quote is priced at fair market value. In all likelihood, there’s room to negotiate a better deal.

Blog

Microsoft M365 Changes – What’s New?

Jul 27, 2020Microsoft

The pandemic has caused many shifts in the enterprise IT landscape, including the hastening of new changes from Microsoft. This is especially true as it relates to Microsoft’s security and compliance offerings – particularly numerous M365 changes in the last few months.

Microsoft released several new bundles in April: M365 E5 Information Protection and Governance, M365 E5 Insider Risk Management, and M365 E5 eDiscovery & Audit. These new offerings are in addition to the existing M365 E5 Security and M365 E5 Compliance offerings. The E5 Compliance offering has had somewhat of an overhaul and includes these new “mini-suites” as a bundle within a bundle.

Before delving into the details, it is important to understand that Microsoft has two “Cadillac” products – M365 E3 and M365 E5. These are the products that Microsoft wants to sell to every customer. As such, expect to hear about these products during your next renewal as the sales reps are incented to emphasize them. The company has even told Wall Street that the growth of Microsoft will be tied to these products (and Azure). Another important thing to keep in mind is Microsoft is a master when it comes to product bundles. The individual products are not always “best of breed” when viewing competitive offerings, but they almost always make a compelling price picture when bundled with other products.

Let’s also recap the basics of M365 E3 and E5. Simply put, M365 E3 includes Office 365 E3, Enterprise Mobility & Security E3, and Windows E3. These product bundles are all licensed on a Per User basis. M365 E5 is simply a higher edition with the “E5” versions of O365, EMS, and the Windows OS. Microsoft would love to have all customers move to E5 editions. But there’s one slight problem – the E5 version is almost twice as much as the E3 version. Ouch!

Microsoft M365 changes highlight demand for improved security, compliance and governance

Back to the new security, compliance and governance offerings announced in April – what are they? They’re all subsets of the various components offered in the M365 E5 offering. If you’re not quite ready to make the leap to M365 E5, but need more robust security/compliance/governance, you have the option to purchase one or more of the new bundles. But how does the math work out? What’s the breakeven?

Let’s look at an example for a customer with 7500 qualified users, purchasing under the Enterprise Agreement at Level C pricing. The E5 product is $52.26 per user per month, while the E3 product is $29.71. Purchasing M365 E3, plus the E5 Security bundle and the E5 Compliance bundle would provide use rights for all of the security products, and would be priced at $49.91 per user per month. That’s an annual savings of over $211,000, which is not insignificant – but the customer is far short of the benefits and functionality of the M365 E5 product, which includes Phone System, Audio Conferencing, Power BI, and the full version of My Analytics.

Different customer requirements will present different cost scenarios, considerations and breakeven points. However, some cost increases may be mitigated leveraging historical discounting, license/subscription optimization on other areas of the Microsoft estate, purchase/renewal timing, and Microsoft’s current period revenue target.

Another important element for customers that have deployed more than 7,500 Microsoft 365 licenses is to be sure your house is in order – a detailed inspection of usage to find dormant or underutilized licenses, double-assignments, licenses that are mis-matched with profiles and other overhead can reveal from 10 to 20 percent waste (or more!) and is a wise thing to do as you approach a true-up or renewal. (NPI calls this a Usage Optimization Assessment – it’s a tedious, but fruitful, activity. Contact NPI to learn more about this service.)

Optimizing your Microsoft 365 licensing and cost is a complex undertaking. Customers need to get under the hood in order to assure that they are buying the best-match SKUs for their needs.

Blog

Enterprise IT Security – Should You Pay For an Incident Response Retainer?

Jun 17, 2020

Times of crisis make attractive targets for bad actors, and it’s certainly true for enterprise IT security. The CSO Pandemic Impact Survey indicates 61 percent of security and IT leader respondents are concerned about an uptick in cyberattacks targeting employees who are working from home. As of mid-May, researchers at Check Point Software Technologies reported 192,000 coronavirus-related cyberattacks per week, a 30 percent increase compared to the previous three weeks.

Which brings us to a key tenet of enterprise IT security sourcing – don’t wait until your organization has suffered a security breach to begin vetting vendors. Most companies’ security needs have evolved considerably over the last three months. Now may be a good time to reinspect your cybersecurity vendor agreements to make sure solutions and business terms are aligned with your current security requirements and priorities.

Does an Incident Response Retainer make sense for your enterprise IT security requirements?

One way to ensure you receive the protection and prioritization you need if a security incident occurs is entering into an Incident Response Retainer (IRR) with your enterprise IT security vendor(s). Full disclosure – IRRs can be expensive, and they may not be feasible for every IT budget. But if you plan ahead, the costs are much lower than what vendors will charge if you pick up the phone and yell “FIRE.”

Most vendors offer significant IRR discounts to customers that already use their solutions. They use these retainers to staff up for the eventuality that they are called into action, as well as to better understand customers’ unique security requirements. That’s important – especially now – when more customers are reporting more incidents and requiring more service. An IRR gives you priority over other customers that don’t have an IRR in place.

The costs of an IRR vary by vendor – and there are more options than ever before, ranging from traditional information security boutiques to enterprise security juggernauts. There are businesses that specialize in security incident and response first, and there are those that are simply in the business of cyber consulting where incident response and breach mitigation are among many offerings.

Vendor selection takes many things into consideration – innovation, cost and size are three. Another is collaboration, and this one can be tough for some companies to get their head around. Do you want a provider who is intimately involved in your network and strategically involved in the day-in/day-out intricacies of your business? Do you want a provider who can not only mitigate the damage and conduct the forensics on your situation, but also spin any damage after the fact to ensure your business passes public scrutiny? Or do you want a provider who simply shows up and responds to incidents as needed?

The answer to these questions depends on a number of factors. A medical trials company handling sensitive patient and research data may have different needs than a consumer retailer who has already been through a major security breach and has protocols in place.

Whatever situation your company finds itself in, remember cost is just one element of consideration. Yes, there is a difference between vendors that charge $800 to $1000 per hour and those that charge $300 to $500 per hour. But there has to be a synergy between you and your vendor that transcends the agreement and results in your business being secure from both an enterprise IT security and public opinion perspective.

Blog

Software Maintenance Annual Increase: Cost-Reduction Best Practices

Jun 9, 2020Contract Negotiation, Price Benchmarking

Procurement organizations have the opportunity to drive maximum value for almost every budget dollar spent in an enterprise. And in some cases – like a software maintenance annual increase – procurement’s actions (or inactions) can impact the financials for many years to come.

Most procurement organizations are measured by a series of KPIs, one of which is savings. Savings goals for procurement are quantified in two ways. The first is hard savings or a tangible reduction from the prior year’s fees that will apply to the current balance sheet. The second is cost avoidance.

Procurement organizations tackle their savings goals with vigor – they are tangible contributions to the balance sheet. Because it’s not captured on the P&L, many enterprises fail to apply the same rigor and focus on cost avoidance, which can have huge financial impacts for organizations in future years. This is especially true in IT, particularly as it relates to software maintenance.

Understanding the Math (and Margin) of a Software Maintenance Annual Increase

Software maintenance, while declining in frequency due to migration to the cloud and subscription-based pricing models, still continues to comprise a material amount of spend for the typical large enterprise. It’s usually paid on an annual basis, and will increase approximately 3 to 10% each year.

Software maintenance provides significant profitability to vendors as the margins are extremely high.

Vendors will often negotiate annual software maintenance fee increases. These negotiated values can have significant impacts to the bottom line over time.

Here’s An Example

Assume an annual maintenance of $5,000,000 with a 3% uplift. This means that in Year 1, the customer’s maintenance cost will increase $150,000 over the prior year, then 3% again the following year and so on. But what happens when the vendor agrees to remove the uplift? The following is a renewal scenario where the uplift is removed for 3 to 5 years vs. paying the uplift:

While this cost avoidance isn’t visible as compared to what was paid last year, it is certainly significant from a future balance sheet perspective. After three years, the renewal costs $918,135 more than if the uplift was removed. After five years, the total delta would be $2,342,049. More specifically – the contracted renewal amount in year five will have increased by $796,370 as compared to year one.

This is an example of how IT vendors take advantage of shortsightedness to build in extra revenue year over year. While not all software vendors behave exactly this way, many do fall into some form of this example. Every year the required budget increases just to keep up with the status quo from the previous year. The chart above illustrates how important it is not only to perform price benchmark analysis on IT maintenance spend to understand what you should be paying and to learn how to protect against or minimize future increases, but also to make sure IT buyers are operating with an eye to long-term cost controls.

Hard-dollar cost reduction is a critically important KPI for IT sourcing and procurement organizations. However, attention to the soft savings can pivot also impact your future bottom line significantly.

Blog

On-Premise vs. SaaS – Enterprise Software Pricing Considerations and Negotiation Insights

May 20, 2020

While some have said on-premise software is the new legacy, there are plenty of enterprises that are still wrestling with the transition. Two factors are amplifying the debate.

First, current economic and industry volatility is accelerating certain IT initiatives – particularly remote workforce and digital transformation initiatives that will improve productivity, efficiency and customer experience. Second, vendors are pushing (if not forcing) their customers to make the move away from perpetual licensing to subscription-based models.

Why? The short answer is SaaS is good for vendors. Subscriptions generate recurring revenue, which is one of the holy grails of valuation, and over time, they generate more revenue than their perpetual-license-fee-plus-maintenance counterparts. But those aren’t the only reasons. Others include:

It’s cheaper for the vendor to maintain
Gives the vendor increased control of security, and that benefits customers too
Reduces software piracy
Allows for easier deployment of upgrades for both vendors and customers

There are many things to analyze when considering the move from on-premise to SaaS:

What is the value to your organization in moving away from a perpetual license model?
Is there additional functionality in the SaaS offering that you would use?
Does your organization benefit from easier access to the software that a SaaS model provides?
Do you struggle with upgrades under a perpetual model that go away with SaaS?
Do you have viable alternatives to moving to a SaaS model?
What are the cost implications of the move over the long term?

Much has been discussed about the pros and cons of on-premise pricing vs. SaaS. The basics are this: Subscriptions tend to start at a lower cost than buying software licenses. But when you already own perpetual licenses and pay support, your current annual support costs are much lower than subscription costs. The good news is the delta can typically be negotiated, and leverage will depend on the answers to the questions above regarding value to your organization, along with your options.

Speaking of negotiation, as my colleague pointed out in this post, the belief that SaaS subscription pricing isn’t negotiable is fake news. Over the last several years, we will admit that discounting for SaaS subscriptions has trended lower. This is because many vendors have established more reasonable initial price points. Their cloud offerings have also gained traction which means fewer vendors are “giving away” SaaS as a means to meet their internal market share metrics and establish cloud beachheads within the enterprise footprint.

However, in many cases, price points remain inflated enough that most vendors still have room to maneuver on price. Many enterprise SaaS vendors (especially those with roots in legacy on-premise software) aren’t behaving that differently than the generations of software vendors before them. IT sourcing pros should approach SaaSdeals with the same scrutiny as an on-premise software deal, and with the same expectation to negotiate a better deal than the vendor is offering. Performing price benchmark analysis on a SaaS quote will uncover savings targets and provide a clearer picture of cost as companies consider their next move.

Blog

Healthcare IT: Are You Paying Too Much for Medical Abstraction Services?

May 6, 2020

Healthcare organizations are digging deep for IT cost reductions like never before. One category that’s often overlooked is professional services. It’s an area where NPI regularly finds material savings and negotiates lower pricing and stronger discounts for project consulting and rate cards.

One service we’re seeing more often this year is Medical Abstraction Services – essentially migrating paper charts into an Electronic Medical Record (EMR). As healthcare systems have moved to EMR systems, one of the greatest challenges has been how to get all the paper records into the EMR. Many organizations have tried to do it “real-time” where the nurse – or even the doctor (the most expensive resource in the office) – is entering the record when the patient comes in for their regular visit. This is time-consuming and inefficient – not to mention a costly use of resources.

Enter the birth of Medical Abstraction Services. Vendors like CSI, Q-Centrix, and MDAbstract are offering consulting services that will take paper charts and digitize them into the customer’s EMR of choice. Not surprisingly, these vendors have been pricing their services on a “per record” methodology. Pricing per record can be between $10 to $20 depending on a number of factors, including which EMR the data is going into (EPIC, NextGen, etc.), whether or not the data includes patient problems (AMI vs PAMI), and several other factors. These engagements can be sizable and quite costly, with contracts over $1M in several of the transactions we’ve analyzed for our clients.

Negotiating a Better Deal for Medical Abstraction Services

To make sure you’re paying a fair price for Medical Abstraction Services, NPI recommends customers request much more detail than vendors typically provide in their proposals, including stats on the abstraction process. What is the average number of records that a resource can process in one hour? How many resources are expected to be on this project? Vendors may sometimes push back on providing these numbers, but customers should require this level of transparency. Given the size of these investments, customers have a right to know and it’s unwise to simply trust that the vendor is giving you the best deal possible.

Using these numbers, we can then break the pricing down to an average cost per hour per resource. That hourly rate can be compared to industry benchmarks to be sure they are in line with market. Given these vendors are incurring a degree of risk and handling highly sensitive PMI data, it’s reasonable to expect a certain mark-up – but when we break down the proposed cost, we can ensure that the vendor isn’t overcharging.

NPI continues to specialize in helping healthcare organizations optimize the cost of their IT purchases and get the most value from every dollar spent. That includes obvious targets like EMR and productivity software – as well as not-so-obvious areas like Medical Abstraction. Bottom line – in today’s unusual business climate, it’s important to leave no savings stone unturned!

Bulletin

IBM Mainframe Software Overspending is Rampant – How Do You Stop It?

May 4, 2020IBM

One often overlooked area of IT overspending is mainframe software, particularly with IBM. Thousands of companies still rely on legacy mainframe applications to conduct business and there is widespread complacency in how this spend is managed. That’s led many IBM customers to overpay for their ongoing software costs. Bringing transparency to this element of IT spend can deliver significant savings – frequently in the ballpark of seven figures.

Thousands of the world’s largest companies still depend on legacy mainframe applications, which are purported to power over 70 percent of the world’s transactions. While IBM may have its sights set on the competitive battlefields of cloud and AI, mainframe software continues to be a significant moneymaker within IBM’s business.

HOW IBM’S MAINFRAME IMPACTS REVENUES

There are other reasons why mainframe continues to play a material role in IBM’s revenues. One is customers’ complacency in managing recurring mainframe spend. IBM’s monthly license charges (MLCs) for its mainframe computing solutions are notorious for their lack of granularity – and IBM is an expert on managing revenue-per customer to each customer’s budget.

Another reason is the internal mainframe expertise within most enterprises is aging out of the workforce. More and more of today’s companies lack the knowledge to adequately manage mainframe costs.

As a result, many companies are significantly overpaying for IBM’s mainframe solutions – 10 to 22 percent in many cases, and as much as 50 percent in others. That level of overspend warrants closer investigation, particularly as these fees don’t advance companies’ digital transformation agendas (which typically entail a list of unfunded or underfunded projects).

FOUR IBM MAINFRAME TIPS FOR ANALYZING SPEND

To achieve material savings on IBM mainframe software costs, companies need visibility and validation of their current spend to develop a benchmark-based cost reduction plan.

NPI recommends companies conduct an IBM mainframe software assessment that includes the four following tips:

Inspect monthly license charges for errors.

IBM’s MLCs are typically difficult to decipher. In many cases, charges fall under a broader, bundled, auto-pilot maintenance fee. This makes it easy for companies to miss billing errors – which are surprisingly common. The onus is on the customer to validate the accuracy of fees on an ongoing basis.

Confirm you’re only being charged for supported products.

This IBM mainframe tip is a no-brainer, but a surprisingly common offender of overspending. NPI has seen numerous cases where IBM charges customers for products it no longer sells or supports. Understand your spend at the line-item level to confirm you’re not paying for unsupported products.

Conduct line-item price benchmark analysis on all elements of mainframe spend.

Pricing for mainframe solutions is complex. For many customers it’s an “auto-pilot” budget item that recurs year after year, and no one digs into the details behind the numbers.

IBM mainframe customers should benchmark current pricing against fair market value at the line-item level to identify overspending gaps while considering products, quantity, total spend and current market conditions. This analysis will yield specific cost reduction targets for each line item that will lay the foundation for price renegotiations with IBM.

Apply competitive pressure – regardless of your intent to actually switch vendors.

In addition to identifying over-market costs, companies should identify like-for-like replacements from rivals and model potential savings. Even if “only” used as negotiation leverage, this information is a powerful tactic for negotiating savings.

However, in some cases, companies may find the savings offered by a competitor are incentive enough to switch vendors. In one scenario, an NPI client elected to switch one line item from IBM to BMC after realizing they could quickly and easily realize an 85% cost reduction (over $1M in annual savings).

NOW IS THE TIME TO CONDUCT AN IBM MAINFRAME SPEND ASSESSMENT

For many IBM customers, mainframe software spend consumes much more than its fair share of annual IT operating budgets. While some customers have long-term plans to migrate away from the vendor’s legacy applications, that doesn’t mitigate the need to eliminate overspending between now and whenever those plans are implemented.

Companies that have never conducted a mainframe spend assessment (or haven’t conducted one in the last 24 to 36 months) should act quickly. The potential for seven-figure savings is high for many customers, and that spend could be reallocated to unfunded IT projects in the queue.

If you are looking to reduce IBM mainframe software costs, NPI can help. Our price benchmark analysis and license optimization services frequently deliver six and seven-figure savings for enterprise clients.

Download the SmartSpend Bulletin™

Line item analysis is crucial. One customer learned their IBM Tivoli spend was off-the-charts over market – but it had been hidden for so long under a bundled maintenance fee that there was no visibility into this anomaly. This analysis helped the company save over $500,000 annually on Tivoli alone.

Bulletin

Changes to Microsoft Licensing Terms Target the Cloud and Customers’ Wallets

May 4, 2020Microsoft

MICROSOFT IS SHAKING UP LICENSING TERMS ONCE AGAIN. BEGINNING OCTOBER 1, 2019, CUSTOMERS THAT DEPLOY MICROSOFT’S SOFTWARE ON DEDICATED HOSTS AT CERTAIN CLOUD PROVIDERS (INCLUDING AWS, GOOGLE AND OTHERS) WILL PAY MORE. IT’S A BOLD MOVE THAT UNDERSCORES MICROSOFT’S COMMITMENT TO GROWING ITS AZURE BUSINESS – EVEN AT THE RISK OF ALIENATING SOME ENTERPRISE CUSTOMERS.

Since being embroiled in an anti-trust lawsuit two decades ago, Microsoft has positioned itself as an ally of customer choice. The cloud (particularly IaaS) has tested and, to some degree, emphasized this position. If a customer wanted to run Microsoft’s software using another vendor’s cloud infrastructure, they could do so without penalty – despite the availability of Microsoft Azure.

That’s changing. In what has been touted as one of the vendor’s boldest competitive moves to date, Microsoft has announced a significant change to its licensing terms. Beginning October 1, 2019, customers that deploy Microsoft’s software on dedicated hosts at certain cloud providers will pay more. Here is an excerpt from Microsoft’s announcement:

Currently, our outsourcing terms give on-premises customers the option to deploy Microsoft software on hardware leased from and managed by traditional outsourcers. The emergence of dedicated hosted cloud services has blurred the line between traditional outsourcing and cloud services and has led to the use of on-premises licenses on cloud services. Dedicated hosted cloud services by major public cloud providers typically offer global elastic scale, on-demand provisioning and a pay-as-you-go model, similar to multitenant cloud services.

As a result, we’re updating the outsourcing terms for Microsoft on-premises licenses to clarify the distinction between on-premises/traditional outsourcing and cloud services and create more consistent licensing terms across multitenant and dedicated hosted cloud services. Beginning October 1, 2019, on-premises licenses purchased without Software Assurance and mobility rights cannot be deployed with dedicated hosted cloud services offered by the following public cloud providers: Microsoft, Alibaba, Amazon (including VMware Cloud on AWS), and Google. They will be referred to as “Listed Providers.”

These changes don’t apply to other providers and there will be no change to the Services Provider License Agreement (SPLA) program or to the License Mobility for Software Assurance benefit, other than to expand this benefit to cover dedicated hosted cloud services.

These changes are broad-sweeping and have sparked customer concerns about Microsoft’s willingness to play nice in today’s enterprise IT ecosystem. They also emphasize Microsoft’s laser focus on gaining market share from Azure’s top two rivals – AWS and Google, both of whom have sounded the alarmon Microsoft’s behavior.

Google Cloud President Rob Enslin tweeted: “Shelf-ware.Complex pricing. And now vendor lock-in…Microsoft is taking its greatest hits from the ‘90s to the cloud.” Amazon CTO Werner Vogels called the move a bait-and-switch, saying it’s “hard to trust a co. who raises prices, eliminates benefits, + restricts freedom of choice.”

A DIRECT ATTACK ON BRING YOUR OWN LICENSE

Microsoft’s changes target its stance on BYOL (bring your own license) rules. Historically, customers have been free to use on-premises licenses (including Windows Server, SQL Server and other enterprise software) on dedicated servers hosted by or rented from cloud providers without any real cost penalty.

The new licensing terms from Microsoft eliminate this freedom. Now, on-premises licenses purchased without Software Assurance and mobility rights can’t be deployed with dedicated hosted cloud services offered by the following public cloud providers: Microsoft (more on this in the next section), Alibaba, Amazon (AWS) and Google.

According to Microsoft’s FAQ, the changes affect only net new licenses purchased on or after October 1, 2019. However, if a customer wants to upgrade to a new product version released after October 1, 2019, or purchase a new license after that date, they have to follow the updated outsourcing terms.

Beginning October 1, 2019, customers can license Microsoft products on dedicated hosted cloud services from the Listed Providers using these options:

Microsoft licenses with License Mobility through Software Assurance can now be used on dedicated hosted cloud services with any Listed Provider who is also an Authorized Mobility Partner.
Microsoft licenses with Software Assurance can be used with the updated Azure Hybrid Benefit, including on the newly launched Azure Dedicated Host.
Microsoft software is available to customers through Listed Providers that participate in the Services Provider License Agreement (SPLA) program and through Microsoft Azure offerings where the licenses are included in the cost of cloud services.

A FEW WORDS ABOUT WHO IS (AND ISN'T) NAMED A LISTED PROVIDER

It’s interesting to point out who is and isn’t named a Listed Provider. First, Microsoft has included itself in the list alongside alongside its top competitors (AWS, Google and Alibaba). However, as this article points out, Microsoft is giving some Azure customers flexibility. Examples include:

Windows Enterprise will no longer be permitted other than with Windows VDA (Virtual Desktop Access) E3 or E5. As a concession, affected customers “will have until October 1, 2020, to move their existing Windows Enterprise workloads off Listed Providers’ dedicated hosted cloud services.”

Windows Server is not permitted with or without Software Assurance, except on Azure via Azure Hybrid Benefit. You can still license Windows Server from the cloud provider via SPLA, but you cannot bring your own license.

SQL Server will require Software Assurance with License Mobility, or on Azure via Azure Hybrid Benefit, or subscription via SPLA.

Unlimited virtualization for SQL Server via Enterprise per-core licensing, and Windows Server via Windows Server Datacenter, will no longer be available other than via Azure Hybrid Benefit.

(Additionally, it’s worth noting that Microsoft announced these licensing changes alongside the debut of Azure Dedicated Host – a new single-tenant cloud option that enables customers to host one or more Azure VMs on physical servers that are dedicated to their organization.)

Not included as one of Microsoft’s Listed Providers is Oracle. Microsoft and Oraclehave recently partnered to increase interoperability between their respective clouds.

NEXT STEPS FOR MICROSOFT ENTERPRISE CUSTOMERS

While the changes set forth by Microsoft are bold and broad in scope, they are also in line with other changes the vendor has made over the last several years relative to Software Assurance and License Mobility. Microsoft wants every customer to purchase SA on licenses – especially if those licenses are being deployed in the cloud where the lines between dedicated hosted services and multi-tenant have become blurred, and particularly when competition to Azure is involved.

One thing is certain – Microsoft’s changes will have a varying impact on customers’ spend. Understanding the impact these changes will have on your Microsoft estate will require a deep analysis of your current license inventory (specifically which licenses include software assurance) and how those licenses are being deployed (on-premise, collocated, AWS, Azure?).

Visibility into these licensing specifics has historically been and continues to be incredibly difficult for customers to achieve. Even prior to these changes, many Microsoft customers were (and still are) improperly licensed.

Download the SmartSpend Bulletin™

In what some
say is one of the vendor’s boldest competitive moves
to date, Microsoft announced a significant change
to its licensing terms. Beginning October 1, 2019, customers that deploy Microsoft’s software on dedicated hosts at certain cloud providers will pay more.

Microsoft wants every customer
to purchase SA on licenses – especially if they’re being deployed in the cloud and particularly when competition

Author: Jonah cohen

Microsoft VDA 101: Is VDA Add-On Licensing Right for You?

What is Microsoft VDA and Windows VDA Add-on Licensing?

Determining If Windows VDA Add-on Licensing is Right For You