Oracle's fiscal results for the third quarter are in and licensing charges are on the up..

For many organizations, Cloud applications offer the chance to budget and plan for subscription costs via an up front and transparent pricing structure. At least that is the way it should be!

However, there it is easye to which new features can be simply switched on in these applications.

In Oracle Cloud applications the ability to increase license costs goes beyond the usual factors such as employee/user count, and it's these factors that are helping increase revenues and catching customers out.

Cloud Services and Licensing support up 12% to $10B.

Source

We're never ones to criticize any organization that is growing, but when growth comes from problems with customers effectively managing environments (that in turn lead to increased costs) we're interested in how to help keep these costs in line with expectations. The revenue increases above are not entirely attributed to license audits of applications, but will make a large percentage of this number.

Where do these license costs come from?

A combination of users enabling functionality that draws new licenses (and costs), and over-provisioning access within the application. If you have followed any of our previous posts, you will know this is not new news. Time and time again, customers are using over-provisioned configurations which allow users too much access. With this access opens up new functionality that is used without accountability to those responsible for managing license costs and the expected usage of the application. Often, the organization wants to use new functionality that is provided, but just as often it is found that functionality is being used that was not justified or planned for the license cost implications.

Licensing in your applications

In past times, on-premises software and new modules had to be installed, migrated through environments as part of the SDLC process. Today, the ability to turn these services on or off, can be as simple as flicking a 'pixel' switch, and that functionality is now available to the organization.

We have often looked at access to this functionality as a risk, where users could activate functionality without that process going through change control and authorization. After all, enabling functionality can have a profound impact on your organization's operations. In addition, security Privileges can be assigned that expand your license headcount. In ERP/HCM Cloud these Privileges have licensed services attached to them, sometimes multiple. By using these Privileges a license can be consumed, without a solid understanding of what security roles have which Privileges, licensing can be difficult to quantify.

Understanding your license footprint

In order to get an overview of the license usage within your applications, reporting over active users, their roles (and their embedded roles), then the Privileges and their licenses are required.

This type of report provides a hierarchy to establish exactly what users can access and in turn what licenses they are using.

At this point any licenses that are displayed that are outside of what you believe your organization is licensed for can be evaluated.
Are these Privileges actually being used? A look at transactions against these Privileges will help establish whether your users have actually used this functionality.
If yes, then its time to evaluate why, and to account for this new requirement both from a licensing perspective and how this new functionality impacts your organization.

If the answer is no, this will help in any audit prove that while access may have been (accidentally) granted, there is proof that the functionality was not used.

The Seecuring Solution


Who knew good security could also cut license costs?

As part of our solutions, we provide the means to identify not only security issues such as segregation of duties, but how security is creating license overuse, or where you may be not using the licenses you have.

Seecuring provides all this both within Oracle applications, but also across all of your Enterprise applications. Our solutions include:

  • * Segregation of Duties.

  • * Sensitive Access.

  • * User Access Reviews.

  • * Patch Impact Analysis & Configuration Changes.

If you need help with your security and licensing, get in touch to discuss your needs: