Monthly Archives

9 Posts for March 2012

Mar 29

What is Your Software Licensing Headache?

Spiceworks is a community of nearly 2 million IT pros with a very active online forum.  Their roles predominantly are network support, help desk and network administration pros; basically, the administrators of software products for their organizations.

One question that was posed to Spiceworks members asked specifically what their biggest headache was with a very well know software vendor.  The responses flew in and these IT pros were consistent in their dissatisfaction with key licensing elements.  As a software vendor, this information is invaluable in setting up your own licensing structure.

I shared the following comment with this group:

“One of the challenges with licensing schemes like some enterprise software vendors is that a lot of burden is placed on the end user to determine what type of licensing works best. Often users feel like they need Ivy league MBAs just to sort through myriad of options. Software companies that use licensing technology with customer experience in mind will look to monitor key data points, such as usage, number of assets etc, in order to determine what the best licensing option is for a particular customer or market segment. However, too often licensing technology is lumped together with enforcement which has a generally negative reaction from customers.

The challenge with large enterprise software vendors is that it’s sheer size and dominance allows it to take a stand that imposes licensing rather than focus more on customer experience. There are ways to use licensing technology in a way to really make the customer’s life a lot easier. We certainly see a lot of that at SafeNet when we engage with software vendors.

Are you keeping the customer in mind when you develop your software licensing process, or are you giving your customers unnecessary headaches too?

Mar 28

Do software vendors intentionally allow ways to bypass their enforcement mechanism?

This is a juicy question was posed on Quora ( I was intrigued by a couple of the responses and added my own.  Here is my view…

The answer is yes but mostly no. Confused?

Here’s how it usually works…

First, software vendors separate compliance strategy from piracy prevention because they are inherently different beasts. This can be done by placing their customers along a compliance continuum.  On the left you have customers who go to lengths to be compliant and will gladly pay for software they use regardless of whether the software has license enforcement or not. On the right you have users who intentionally use pirated software and wouldn’t pay for it if they couldn’t steal it. The vendor’s focus is clearly on the left end of the scale since this offers the largest revenue opportunity.  The right is often nothing more than noise.

When vendors introduce license enforcement, the most common philosophy (by far) is to consider the enforcement a tool that will help keep their honest customers doing the right thing and to facilitate creative licensing models. All software license enforcement tools have some level of vulnerability. However, the software market usually considers the higher-end commercial enforcement products more than adequate to cover ~90%+ of their continuum, working from left to right.

That 10% is essentially the topic of the original question posed in this post. The software vendor asks itself if it really cares about investing additional time and resources making the enforcement more air-tight to further prevent piracy by users who would never pay them.

All said, there is always a point of diminishing return and vendors choose to not care a whole lot about usage where they’d never see any revenue.

I agree with the premise that many companies would rather see users stealing their software than paying a competitor. However, applying the notion of the compliance continuum, the real money is typically on the left end of the scale with companies that wouldn’t use pirated software in the first place so the revenue in question is likely a fudge factor at best.

What do you think?

Mar 23

The Top Five Barriers to Software Monetization Success

We recently ran an article on our software monetization channel that discussed the common barriers that prevent ISVs from building an effective monetization strategy.    Are you looking to improve or even define your software monetization plan? Here are five barriers that you should prepare for:

  1. Control
    Control is twofold. Preventing the unauthorized use and distribution of your application protects revenue by ensuring all use of your application is paid for. Equally important is your ability to protect the source code of your application from being exposed to accidental or malicious parties alike in order to prevent code manipulation and reverse engineering. Keeping the product usable and efficient, while providing maximum protection of your valuable IP, can become a big problem for ISV’s if not considered early in the development and software licensing process.
Mar 21

How to Architect Your SaaS Application

Architecting applications for the cloud has changed traditional software development considerations.  Many software companies simply are not sure how to do it.  At SafeNet, we’ve had some experience with architecting and developing our own cloud application, SentinelCloud, a service offering which supports software licensing for cloud and SaaS applications.

Michael “MiZu” Zunke, the CTO of our SRM division, provided some insight into our process and experience building our cloud application after finding this post about designing and architecting cloud apps, and explains what we learned by it.  His comments highlight the journey we took over 2 ½ years in developing SentinelCloud explains some of the key challenges we faced and how we overcame them.

Feel free to share your lessons learned with our LicensingLive community.  What were your top challenges in architecting your cloud solution?

Mar 19

When someone steals your hardware, you know that it’s missing. When someone is stealing your intellectual property, you may never know.

For high-tech equipment manufacturers, times are changing.  It is clear that the inevitable process has begun, hardware is being commoditized and, moving forward, business will be based more and more on software.  Are you ready?

Iritech is a global manufacturer in the biometric authentication equipment and software industry.  As one of only two manufacturers of both the biometric equipment and the identity matching software, Iritech knew right away that preventing reverse-engineering of its identity matching software would be an integral part of its business plan to maintain its unique position in the biometrics market.

Mar 14

Virtualization and a (New) Conflict of Interests

The ongoing debate around virtualization shows no signs of getting old. Virtualization has always created a ‘conflict of interests’ between those who worry about the technology (the software vendors) and those who enjoy the benefits it offers (the end customers of the aforementioned vendors).

There was a temporary sigh of relief in the world of automated license enforcement when new methods and techniques became available to bind software licenses in a more secure and reliable manner to a virtual machine . Almost overnight, all the concerns and fears of license duplication and misuse (albeit accidental or intentional) went away. The ultimate goal of eliminating the requirements for ISV’s to make a ‘VM/no VM’ decision at the time of deploying or activating their software was finally achieved. End customers could deploy applications where they liked, the vendors no longer had to care, and the world was a happy place.

Or so it seemed….

Mar 8

Ask The Experts: White Box Cryptography

The notion of keeping valuable information, such as licensing and trade secrets, hidden while operating in a fully transparent environment poses various challenges.  How do I encrypt or decrypt content without directly revealing any portion of the key or the data? How do I perform strong encryption knowing that hackers can observe and/or alter the code during execution?

White box cryptography is an alternative approach to traditional security models. As opposed to implementations where the attacker only had access to a Black box, i.e. access to inputs and outputs and possibly knowledge of the cryptographic algorithm under attack and assumed zero visibility into internal workings, white box allows full visibility of the attacker but still keeps security intact.

Mar 5

Change is Hard, Even for Software Companies

Frequently I hear software companies talk about how they really want to be enable an “as a Service” offering, but they don’t believe they can change the buying culture of their customers to accept such an offering.  Certainly, in some cases, this is true.  But before just accepting that axiom, most companies would be well served to ask a few questions about the context.  Below is a list of a few of those questions, and why they are relevant in this scenario:

Mar 1

5 Ways that an Entitlement Management System Can Help Your Company Work Smarter, Not Harder

As your company continues to grow, you may find that you have acquired a varied collection of licensing systems.  Each product line has its own registration process, and its own set of problems. This may be manageable for awhile, but eventually multiple product lines affect almost every department within your company, and the repercussions are reaching your customers. A disparate licensing system can hinder internal communication and wipe out resources.  Your staff is no longer focusing on your core competencies, but rather spending all of their time on your licensing system.

With an entitlement management system, streamline your back office and create one cohesive licensing system to maintain. Here are the 5 ways that an entitlement management system can help you empower your employees to work smarter, not harder.