Microsoft SPLA Contracts
Oh, the joys of software licensing, empowering you with the technology your company needs to grow. Of the software licenses out there, at MetrixData360, we have seen many people come to us asking for help regarding their Microsoft SPLA licensing, a delightful jewel in Microsoft’s licensing crown. Is investing in an SPLA license a smart move for your company? What will happen if you are audited on your SPLA? In this article we’ll tackle some of your most pressing questions regarding SPLAs, so that you can make an informed decision that drives your company’s future development instead of hindering it.
What is an SPLA
Microsoft’s Services Provider License Agreement (SPLA) gives you the ability to play Microsoft’s middleman if your business involves some element of hosting applications, data, or websites. It is the most common license that they offer to their customers who are service providers. When you’re given an SPLA license, you can provide the software you’ve purchased to your end-users and charge them monthly for your software as a service (SaaS).
In turn, Microsoft charges you monthly as well based on your license consumption rate, as opposed to simply paying an upfront fee like perpetual licenses. Unlike other forms of licensing, such as MSPA, where the license merely is transferred through you (Microsoft gives it to you, you give it to your customer and the customer becomes the licensee), with a Microsoft SPLA your name remains on the licenses for the products that your clients use and you report the usage of your licenses back to Microsoft. Being a reseller of Microsoft can be a wonderful business opportunity, creating for you a fruitful income and the option of having a uniquely packaged solution for your customers.
Do I need an SPLA?
Here are the three most common scenarios where an SPLA is required:
- You host a third-party application with Microsoft’s Infrastructure?
- You are Hosting as a Service (HaaS), which includes website hosting, data hosting, and file-sharing?
- You have a Multi-Tenant Cloud platform or have a multi-tenant Infrastructure as a Service (IaaS)?
Benefits of an SPLA
There are many benefits to purchasing a Services Provider License Agreement:
- The services you provide to your customers are tailored to their needs.
- You pay-as-you-go, no start up fees, no long-term commitments, it can prove ideal if many of your customers have seasonal work that needs to be adjusted throughout the year.
- Microsoft will give you and your clients the latest software products.
- Your services can be offered to anyone in any country that you are legally allowed to sell Microsoft to.
- You can sample the products yourself before they are offered to your customers and, in return, you can offer sample products to up to 50 of your clients to test the software for a free 60 day trial period.
- You can sell to academic institutions at specific pricing.
- You can leverage data center providers for IaaS or outsourcing capabilities.
- Your Microsoft Business and Service Agreement (MSBA) needs only to be signed once. After that, all smaller and simpler SPLA licensed can be filed under it, which you need to sign every three years.
The VSA and the SPLA Audit
An SPLA audit reveals the treacherous complexity of the software contract that you’ve signed up for. The reason why Microsoft conducts these audits are to both ensure compliance and to confirm that the MBSA (Microsoft Business and Services Agreement) provides them with the right to audit their customers. You may incur the wrath of either Microsoft’s verified self-assessment (VSA) or an SPLA audit.
It can often be tricky to initially tell if you’ve been notified for either a VSA or a SPLA. VSA notifications are done usually through email (make sure to verify its authenticity before handing over sensitive data or clicking any links, there are scammers out there sending emails disguised as legitimate SAM reviews). A full SPLA audit will usually be sent through a formal letter and will usually disclose whether it is an audit or a VSA. You can expect a SPLA audit or VSA to arrive sooner rather than later if you and your company have experienced any of the following recently:
- You have gone through a merger or acquisition
- You have missed an SPLA report
- Your SPLA reporting has increased or decreased
- Providing a Microsoft Solution to your customers without the SPLA to back it up
- Your reports only display minimum usage while your business shows signs of growth
A Microsoft SPLA Full Audit
Once you have determined the ifs, whys, and hows, the process is pretty similar for VSAs and SPLAs. You will be asked to retrieve data either at the auditors’ beck and call (in a full audit) or using your own internal resources (VSA). A Microsoft SPLA audit runs a similar course to a regular audit and a more in-depth look of the audit procedure can be found in our articles, Software Audits: The Fundamentals, and Software Audit Preparation. There are a few differences between an SPLA audit and regular audit, including:
- An SPLA audit will involve looking at data that goes back much farther compared to the data examined in a regular audit, sometimes looking as far back as three years. For this reason, it’s important to maintain a pristine long-term record of your monthly reports, since a lack of this data will mean that the auditors will assume the worst-case (and most expensive case for you) is the reality.
- Auditors will be interested in data that involves user access to products as opposed to actual usage, since an SPLA has different product use rights compared to perpetual licenses.
- BYOLs and License Mobility will prove a focal point of the audit, since many hosts will allow end users to bring in licenses from their own EAs, and as such, it is important that you verify compliance in regard to these scenarios.
The Self-Certification Audit or Verified Self-Assessment(VSA)
The latest version of Microsoft’s audit, the self-certification audit or verified self-assessment (VSA), runs a little differently from regular audits since you’ll be able to prove your compliance without having to supply your deployment data, as has been the tradition of to this point. Instead, Microsoft will give you the choice of doing your own internal review. From there, you will affirm that you either have no missing licenses, or that you are missing licenses and will purchase the licenses that are required to make up for any unlicensed usage. You will also likely be required to present a corrective strategy that will decrease the likelihood of this happening again in the future. The process can be concluded quickly since there is no need to present evidence or negotiate over a settlement.
Getting Ready for an SPLA Audit
Sadly, audits are inevitable. While you can lower your risk of an SPLA audit by paying attention to the factors that might incur an audit, it’s difficult to avoid them entirely. So, the best thing you can do is to be prepared (an SPLA audit should be expected once every three years). Here are some tips for how you can prepare for your software audit:
- Have all the hosted offers that either directly or indirectly deal with Microsoft products organized and ensure they are appropriately licensed, most often through your SPLA.
- Have a tool that effectively captures the status of your software profile.
- Keep historical records in order, going back many years. Include information such as the machines and users which contributed to each monthly report.
- Be prepared to defend any BYOL scenarios since, as the host, you will be responsible.
- Perform internal audits frequently to assess the health of your software profile and to address any issues before they are brought up in an audit.
- Have an effective software asset management strategy in place to ensure that your software environment is not only compliant but maximizing value from your software licenses.
For More Information
SPLA’s can prove a fantastic asset for your company if used correctly. Software licensing may be a maze (Microsoft in particular is known for their confusing licensing and merciless auditing), but you can learn to navigate these treacherous waters with the right tool kit at your disposal. At MetrixData360, we have dealt with Microsoft for many, many years now. We know how to maximize the value of your SPLA ,so if you would like more information on how you can partner with MetrixData360 for the benefit of your business, click the link below to learn more about how MetrixData360 can help you negotiate your next SPLA agreement.