quest-software-audits-unauthorized-or-pirated-license-keys

Quest Software Audits

Unauthorized or Pirated License Keys

Quest Software Audits: Unauthorized or Pirated License Keys

Since the relaunch of Quest Software, a large amount of software audits have been performed and are still taking place. We started a series of articles to explain the most common compliance issues seen for Quest Software programs. In a previous article, we covered the most important parts of the standard Compliance Verification clause as part of the old Dell Software Transaction Agreement and the current Quest Software Transaction Agreement. This article will focus on the ins and outs related to Unauthorized or Pirated License Keys for Quest Software programs.

How to Identify Them?

Since there are software programs with license keys, there have also been people creating their own (pirated) license keys. A pirated license key is created and distributed by someone other than the software publisher itself. The pirated license key makes sure the software can be used, but the right to make use of the software program has not been granted/authorized by the software publisher itself. A pirated or “cracked” license key is typically made available on the internet, so as many individuals can make use of the software as possible, without paying a license and/or support fee for such use towards the software publisher that developed and owns the software. Due to the distribution via the internet, it is typically difficult to find out who (initially) created the pirated license key. Typically, this may include ex-employees of the software publisher, in this case Quest or Dell software (with the objective to get back towards their former employee), individuals that just like to avoid paying license and/or support fees for the use of proprietary owned software or individuals that would just like to test the software functionality without obtaining a (trial or freeware) license from Quest software.

Many organizations have troubles in determining the difference between a pirated license key or an official license key provisioned by Dell or Quest. During the course of an audit, Quest software looks at the gathered license keys by using its own internal “License Key Analysis” tool. However, you do not have access to such tool. End users should therefore have a complete and accurate license entitlement administration in which the license key(s) as provided by Dell, Quest or any of its resellers are administered correctly. It may not sound very appealing, but this is the only way you can keep track of the license keys provided and the license keys installed, to reconcile your specific situation.

You should keep the following situations in mind to identify a pirated license key:

Site Message:

Quest Software Audits: Unauthorized or Pirated License Keys
Toad for Oracle Licensing 'Site Message', source: SoftwareONE

The “Toad for Oracle Product Licensing Console” or easier said “License File” shows in the “site message” field the name of the end-user organization that obtained the license key. If and when the site message reflects a name that is not referring to your end user organization (and typically includes a strange site message) then that license key is most likely a pirated license key.

The following site messages are real examples of pirated license keys we identified at customers we worked with “Legends Never Die”, “Oracle”, “Shit”, “Quest” and ”Danceboy”.

Quest Software Audits: Unauthorized or Pirated License Keys
Toad for Oracle Licensing message on 'Quantity', source: SoftwareONE

The “Toad for Oracle Product Licensing Console” shows in the “quantity” field the number of licenses (users) that can be used through the license key itself. If you, for example, bought a license for 5 Seat User licenses for Toad for Oracle Base Edition, then this field will reflect “5”.

If this field reflects a large (or strange) quantity, then this is most likely a pirated license key. A typical quantity as being used for pirated license keys includes “65.535”.

As a rule of thumb, if and when the quantity exceeds more than a relative low number (let’s say 10 or a number that you do not recognize within your license entitlement administration), then you should start looking into the license key itself to determine if it is indeed a pirated license key.

Financial Consequences

If and when an unauthorized or pirated license key is identified (during the course of an audit), Quest software treats this very seriously.

Quest will:

  1. Claim three times the value of the individual license for an individual installed (pirated) license key, and
  2. Claim such “tripled” license, support and back support fee for each individual (Toad) module you could have used as a result of the pirated license key. 

Let’s look at an example:

  • You have installed one installation of Toad for Oracle software in 2016
  • You have installed one single pirated license key for Toad for Oracle software in 2017
  • You have the software only installed on one single laptop
  • You have only granted one single individual access to the Toad for Oracle software
  • You have only made use of the Toad for Oracle Base Edition 

In this scenario, Quest will require you to pay the price for:

  • 3 Seat User licenses + (back) support maintenance – Toad for Oracle Xpert Edition w/ DB Admin Module
  • 3 Seat User licenses + (back) support maintenance – Toad for Oracle Base Edition
  • 3 Seat User licenses + (back) support maintenance – Toad for Oracle Professional Edition

 The (back) support maintenance fees are typically calculated back from the date on which the license key was installed on the server (“KeySaveDate”); in this example 2017. Nevertheless, there are known cases in which Quest claimed (back) support maintenance fees from the date on which the software was installed as well. This since the license metric definition for a Seat User states:

Seat is a User, except for Desktop Authority, for which a Seat is a Device. For Software licensed by this License Type, a license is required for (a) each User who uses the Software on a shared device or in a virtualized or cloud environment and (b) for every single-user device on which the Software is installed.

Dell software did not perform a lot of software audits related to the use of its programs. Many end users did as such not prioritize the management of its Quest software licenses. Quest is performing (either themselves or through KPMG or Deloitte) many software compliance audits in EMEA and NAMER. You are highly recommended to perform an internal Quest audit on a short term, to identify your compliance position first before Quest starts an audit. The question is not if you are going to be audited, but when this will happen.

Need In-Depth Knowledge?

If you need in-depth knowledge and expertise when executing such an audit, don’t hesitate to reach out to us.

Contact us

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

Blog Editorial Team

Trend Scouts

IT Trends and industry-relevant novelties

Related Articles

migrating-to-the-cloud-and-spending-more-than-you-thought

Migrating to the Cloud and Spending More Than You Thought?

Is the sticker shock of a migration putting a damper on the excitement of your cloud initiative? Don’t worry – it can be fixed. Learn more.

Budget Take a Hit? 5 Ways to Optimize Your Spend

Budget Take a Hit? 5 Ways to Optimize Your Spend

2021 is here. And like many IT professionals, you’re challenged with ramping up digital transformation efforts – but with a leaner budget. Read on for tips to optimize spend.

Remote IBM Software License Evaluation

Remote IBM Software License Evaluation

RISE stands for Remote IBM Software Evaluation. As the term suggests these reviews are done completely remote which enables IBM to continue auditing during the COVID-19 crisis.