Autodesk Software Compliance Updates 2017 – SAM Review!
Did you receive a letter or email from Autodesk discussing a request that your company “participate in a software review.” Sounds pretty friendly right? But is it? Are these letters legitimate or some type of scam? Well we had a business owner present the letter to us (having handled a large volume of Autodesk audits with the law firm of Donahue Fitzgerald, LLP (the prestigious intellectual property firm that handles most of the audits – the Business Software Alliance may also handle Autodesk Audits), when I first saw the email, something didn't seem right. I was not sure it was legit so i did some research. I first looked at the domain name that was provided in the email [https://software-review.autodesk.com]. Normally, large established software companies don't use “dashes” or hyphens in their domain names. So I went and looked it up on the domain name WHOIS:
Registrant Name: Domain Hostmaster Registrant Organization: AutoDesk, Inc. Registrant Street: 111 McInnis Pkwy Registrant City: San Rafael Registrant State/Province: CA Registrant Postal Code: 94903 Registrant Country: US Registrant Phone: +1.4155075000 Registrant Phone Ext: Registrant Fax: +1.4155078148 Registrant Fax Ext: Registrant Email:
Autodesk SAM audits
If you google the number above, you can see that the phone number looks like it ties back to Autodesk. Which is interesting because I called the number that was given in the email – (720) 449-5475, which threw up a red flag for me doing most of my business with Donahue which is located up in the bay area. At any rate, when I called the phone just rang with no answer. I then took a closer look at the website, and checked it out on the Internet Wayback Machine and could not pull up a history of the website. However, I did notice that some of the pages seemed to link back to the main website for Autodesk, so it appears, at least at first blush, that this is a new website and perhaps a new program that is being used to try to stop software piracy, and to help companies manage their licensing responsibly. So while I cannot say 100% as of the date of this blog that this is a legit program (I will follow up with one of the licensing compliance lawyers after President's day), it does appear that Autodesk is now doing what Microsoft has been doing, which is offering companies (in this case architects, engineers, and design firms), engage in a voluntary audit designed to help with licensing compliance, which naturally will have the effect of increasing sales for Autodesk.
That being said, I do so some differences with this “software review” as compared to Microsoft SAM audits. The main one being, for Microsoft SAM Audits the Microsoft website says there are “no penalties” for copyright infringement (meaning if you are short on your Windows, Office, SQL servers, visio, or CAL licenses for example, you can simply “true up” by buying valid licenses from authorized resellers. For some companies this might not be such a bad deal, and can be a lot less expensive that fighting costly software infringement lawsuits in the federal courts.
Listen to Attorney Steve explain Microsoft SAM audits
VIDEO: Click on the picture above to watch our video on this topic. We have helped many businesses around the United States in dealing with SAM software licensing audits. Call us below for more details. We can also help with SPLA audits.
Should you submit to an online audit?
There are a couple questions you should look into before agreeing to submit to an online Autodesk license review. Here were a few questions I had after reviewing their compliance portal which they tout as:
“A self service website to assist you in the review process.“
- What happens if I admit to being short on products such as AutoCad, LT, Revit, Inventor, Maya, or other products? Will I be hit with a copyright infringement lawsuit?
- Will officers and directors of the company be held liable?
- What if using their website causes problems with our computers?
- What exactly are they looking for?
- Will the results of the review really help us “get the most from our investment” as is touted in the email
These were some of the initial questions that came to my mind. I have to say my curiosity was aroused because the email was sent by a NO REPLY address and the end of the email stated: “please do not reply to this email…..replies will not be responded to or read.” Seems not to be very inviting or friendly.
What happens if you report a shortage of licensing?
Again, my biggest concern with these types of investigations (I call it an investigation, but it could just be a random email sent to companies that are believed to be using Autodesk software (typically engineer and architect companies). Again, it would be nice to explain to a business owner how they “got on the radar” so to speak, to provide a bit more transparency. But what you wish for and what you receive are often two different things when it comes to software licensing. The best I could find on their page was this explanation:
“As a customer of Autodesk, your company has been selected to undergo a Software Review. Every licensee of Autodesk Software may be selected by Autodesk for a Software Review, in accordance with applicable Autodesk license agreements.”
Taking this for what it says, apparently this may be limited to current licenses, but that will remain to be seen as we watch how this rolls out (we deal with a lot of companies that DO NOT HAVE and have NEVER had Autodesk software), so we will see over time if this holds up.
At any rate, if you considering complying in order to “confirm installation and usage of Autodesk products and services are in alignment with Autodesk Licensing Agreements” ask yourself what happens if you report a shortage (i.e. you are running more product than your organization is legally licensed to use. What happens then? Well, I looked on their FAQ page and here is what it said on their FAQ page in response to the question:
“what if compliance issues are identified during the review process” (compliance issues meaning you have unlicensed software being used)
The answer was short, and to me, not sufficient to protect companies from potential copyright infringement claims. The short response was:
“An Autodesk Software Management Representative will be in touch to discuss the matter and work together on a resolution.“
Now, what is a management representative? Is this the legal team? Is this the “Software Asset Management Team” discussed in the email? According to their FAQ page, if you have questions during the process this goes to their SAM team. But a team can consist of a lot of different people, and I see no guarantees that IP attorneys will not be part of the team. Again, this may need to be clarified in advance, which we can help you do if you decide to have a law firm represent you.
What is the Autodesk Inventory Advisor (“AIA”)?
The other part of this program that I don't really like, and would have to know more about is how Autodesk captures the audit information. In a Microsoft SAM audit, Microsoft offers a tool, but it does not have to be used. In this case, it appears Autodesk has created a tool that scans your computers, laptops, and servers. They call it the “Inventory Advisor.” According to their website:
“The Autodesk Inventory Advisor (AIA) is a standalone scan tool that is designed to be installed on a single computer running a workstation-class operating system and scan the systems on the network to collect Autodesk licensing data. It is an agent-less scan and no footprint is left on the endpoints. AIA uses Windows Management Instrumentation (WMI) to scan the Windows Registry and Autodesk Product Information Table on each system. You can target machines using IP address range(s), an import of computer names from Active Directory, or via a logon script using a command-line version of the tool. The scan is low impact and is designed to have little to no impact on your systems or network. AIA does not communicate with Autodesk servers and you are in control of the data until it is sent to Autodesk or its representative.”
What happens if you run their program (which purportedly takes 45 minutes), and this causes computer damage? Will Autodesk pick up the bill or say “so sorry that happened.” To me, I would like to understand how the technology works and make sure it is foolproof before running it on an IT environment. Can you get these assurances before engaging in this review process? This remains to be seen.
In lieu of installing their exe file you can request to perform an audit by hand. If they insist on installing their software I would request an indemnification agreement be signed stating they will be liable for any damages their tool may cause. It is highly doubtful they would ever sign such an agreement, which to me is why I would never let them do it if it were my company.
Will your results be held confidential?
We offer a free consultation to discuss these types of issues with you.
Listen to Attorney Steve, the software compliance lawyer, explain how to survive an Autodesk audit
Here is a video we did to explain the auditing process we deal with (in non-SAM audit cases), which may give you an idea of what you could find yourself up against.
VIDEO: make sure to SUBSCRIBE by clicking on the Red “V” for Victory. Join over 2,800 subscribers who love our legal channel.
Contact our firm
If you received an email from Autodesk asking you to engage in the SAM process, or you received a letter from a law firm discussing software licensing, call us for a free confidential discussion of your case. We have helped all types of companies deal with Autodesk audits, and we have a strong track record of success in this area of law. When you consider that willful copyright infringement can cost a company up to $150,000 per infringed title, and officer and director liability is a real possibility, it is important to discuss your position with legal counsel BEFORE deciding to engage in this process. Call us at (877) 276-5084. We offer low flat rate fees and experienced representation.