Three Auditees 1097

Here’s the contents of three emails I received from folks who either have
been or are otherwise well aware of software audits, what they entail, and what
can be done so that they can be handled well and easily.

Just Tell Teachers No

I work at a school district and have nervously
been anticipating summer vacation so I can wipe all the illegal software
from our computers. A neighboring school district got raided by the BSA
and had MAJOR fines and headaches all last year. We’ve not raised any
attention but I know we’ve got stuff we’re not supposed to have on some
computers. We’ve got around 90% of our licenses readily available, but
individually installed apps on teacher workstations has gone unchecked
for years. Now it’s time to change all that. We’re tightening the
screws on the computers and what can and cannot be installed. Basically
I must install all applications or somebody in my tech department must
do it. The license must be present and must stay in the classroom. No
“I got this software on my home computer and want it here too”.

Schools have been lax in this practice and the BSA are finding them ripe
targets for software audits. Two things to stay away from in schools if
you don’t want to call attention to yourselves; MS products in general
(we have Macs) and unlocked lab computers so teachers can install 30
copies of Adobe Photoshop.

Be Prepared

To the issue at hand, the thing that caught my attention first off,
was this:

In a March letter, the software giant gave Portland Public Schools 60
days to inventory its 25,000 computers. “Which,” said Scott Robinson,
the district’s chief technology officer, “is a virtual impossibility.”

That’s a problem in and of itself. If this guy is their chief
technology officer and he doesn’t have a clue, he should be working
at a 7-11 instead of being in charge of 25,000 PC’s. There’s simply
no excuse for this as I think most would agree.

Last month, our company just completed the same thing that Portland
Schools is going through. I was heavily involved and served on the
committee that set the guidelines for how we would go about auditing
our current licenses. Now, we only have approximately 3500 PC’s, not
the 25,000 that they are looking at, but Microsoft gave us
approximately 90 days to come up with an audit report. I had mine
done in about a week, and most of that time was speant awaiting
verfication on licenses we didn’t have onsite.

Fortunately for us, we had done a top to bottom audit of everything:
hardware and software alike, for a little event called Y2K. After
that, we just managed to keep good records of all PC deployments,
disposals and upgrades. It’s very simple actually, I used Access and
Excel to do it all. That may not fit the bill for 25,000, but there
are plenty of auditing packages on the market that will.

Another light I’d like to shed on this is that Microsoft, as much as
everyone (myself included) likes to bash them, was very easy going
about this. Now, the date they gave us was set in stone and they
would not budge on that, but when we did provide them with the audit
list, they took it and basically left it at that. Basically, if you
say you have 3500 PC’s and you have proof of 3500 licenses, that was
good enough.

Another nice thing Microsoft lets you do is to purchase the next
version “up” of a product and continue to use the older version.
Then, when you want, you can upgrade to that version at a later date.
This worked well for us because we still have quite a few Windows 98
PC’s in use and we were able to purchase Windows 2000 or Windows XP
licenses in most cases instead of Windows 98. The same follows for
MS Office and any other MS owned application. This, of course, is to
their benefit as well, because they get to charge you for XP now, and
when you actually upgrade, XP 2.0 (or whatever) will be out and
you’ll want to buy that. Microsoft at it’s best.

Now, back to the issue. I also have a little insight with the local
school district here and how they go about getting “donated” PC’s.
First and foremost, I’m not talking about teachers. They do a job no
one else wants to do, for far less than anyone wants to be paid.
However, the bureaucracy ruins it for everyone. When we had
approximately 100 PC’s ready for disposal recently, we asked around
first to schools and then next to employees here. Granted, these
were mainly Pentium(1) 133’s and not many bells/whistles. However,
in every case we encountered, “donating” a PC was simply not enough.
They wanted them installed and setup by us. Well, when you’re
talking corporate America, every dollar counts and having even two
techs out at the local school installing PC’s for *nothing* gets
nixed pretty fast. So what did we do with them? Threw them away,
every last one of them. Sad? Yes, but a reality. This may lend
some insight into the minds of your local school’s bureaucracy. It’s
definitely a “beggars can be choosers” mentality. Had they simply
brought a pickup over and taken the PC’s, they could have had them
and the licenses that went with them.

Sorry this is so long, but I really think I have a pretty good
perspective on this especially since we just went through this last
month. Personally, I didn’t sweat the audit too much. I knew we had
kept very good records and compared to 3500 PC’s, we only had to buy
a handful of licenses to be current. Even then, it wasn’t like we
had copies of XP floating around on PC’s everywhere, it was usually
just a matter of the version level of the software and whether is was
an upgrade or a full version.

So, while Microsoft is definitely no Virgin Mary, they are well within
their rights here and the law is behind them 100%, no matter how much
the bureaucrats want to complain. A better thing for Mr. Robinson to
do would be to work with Microsoft rather than running to the press.
I think he would find them less of a Godzilla, though still not quite
a Bambi.

Starting From Scratch

I just finished reading your article “A Role Model” from April 23/02 as
well as the reference article at oregonlive. I have a few points that
both articles seemed to have only glossed over.

Cost of a software audit

About a year ago I was working at a company that received a similar
software audit order from Microsoft. We decided to do the work
ourselves. In the end, we spent on average half an hour on each computer
in the office copying serial and version numbers for various MS softwares
that could be installed (there was no such thing as a “standard
install” in an attempt to keep licensing costs down).

– a standard work day is 7.5 hours

– there are 25,000 machines

– all machines are configured differently

– a technical person costs $25/hour or $50,000/year

– a “normal” audit takes 30 minutes per computer

– there are 60 days to complete the audit (assumed to be buisness days)

We will end up with the following equations:

25,000 * 30 min = time to audit = 12,500 hours

12,500h / 7.5h per day = workdays = 1667 workdays

1667 workdays / 60 days to complete = number of workers = 28 workers

(the number of workers does not include any management overhead

12,500h * $25/h = cost of audit = $312,500

Remember that the cost of Microsoft’s per machine systemwide ANNUAL
licence is $42. For 25,000 machines the total is $1,050,000 per
year. Also keep in mind that this cost may only be for the operating
system (details are scarce).

Assuming that the schoolboard has 28 workers to spare, they will not be
doing their regular work for those 60 days. If they normally provide
desktop support or network services, they will be unable to resume that
role for 60 days. Just think how devastating 60 days of substandard
performance could be for a school.

If the 28 workers were hired specifically for the audit, then afterwards
the real admins would need to go around changing passwords and checking
for backdoors on all of the 25,000 machines. In a production environment,
you simply can’t trust outsiders. Checking for compromises on a machine
can take up to 3 hours – and even then, you’re not sure you checked

Microsoft vs. Linux in the classroom

A fair number of people have a Windows-based PC at home resulting in their
children becomming accustomed to how it works. This translates directly to
the classroom. If all of the sudden you have to deal with file
permissions, things get a whole lot more complicated.

A local university has one staff member for 60 Unix-based computers. These
staff are specifically trained on security, networking, installation and
troubleshooting. They do a good job, and they are kept busy. Keep in
mind that this is at a university where users are expected to know their
way around Unix by the time they arrive. In a K-12 atmosphere, I would
expect a requirement of at least twice as many staff. Put into dollars,
it would be 25,000 computers / 30 computers per staff * $50,000 sallary =
$41 million per year.

On the other side of the coin, Microsoft products also have a high total
cost of ownership. I won’t pretend to be an MS expert, but keeping on top
of the current software trends alone costs about $1000/machine/year (MS
Office + Photoshop + OS + Edutainment, each having upgrade every other
year). Across 25,000 machines, you’re looking at $25,000,000/year for
software. For people, a ratio of 60:1 for computers to staff – which
works out to another $21 million a year for a grand total of $46 million
per year.


At only $5 million between the two prices, the difference is somewhat
inconsequential. In the short term, it would seem that this particular
schoolboard is screwed no matter how it approaches the audit. In the long
term, if they decide to go with a Linux solution they will need more
staff. If they decide to go with properly licensed Microsoft products,
they will need more licenses.

I would greatly appreciate it if you could ask your readership the
benefits and non-monetary costs of having computers in the classroom.
Offhand, I can see many reasons not to have a computer in a K-6 school,
and very few reasons to have them. I’m very curious to see how others
view the topic.


Be the first to comment

Leave a Reply