Licensing for Hosted Application Services: Why it costs what it costs

Licensing for Hosted Application Services:

Why it costs what it costs

Application hosting services are experiencing resurgence in popularity these days, due to the prevalence of messaging about the benefits of a “cloud” technology model.  While hosted application services aren’t really cloud (according to cloud technology purists, anyway), they can look and feel and be paid for just like cloud solutions, so the name fits OK.  Hosted applications are desktop or network applications you access via the web, where the software is implemented and managed by a 3rd party application service provider (the host) rather than being installed on your local PC or LAN.  Some software products may be rental-licensed by the ASP, and when combined with the hosting service, the entire subscription service is more like SaaS (software-as-a-service) than the old “purchase and install” approach.

An important supporting program for application hosting service providers is the Microsoft Service Provider License Agreement program. Under a formal agreement with Microsoft or via an SPLA reseller, service providers and independent software vendors are able to license the latest Microsoft software to provide software services and hosted applications to customers. With the SPLA, service providers and ISVs can lawfully license Microsoft products on a monthly basis to host software services and provide application access for their customers. The SPLA supports a variety of hosting scenarios to help providers deliver highly-customized and robust solutions to a wide range of subscribing customers, and it’s the only valid means for obtaining subscription-based provider licensing for these products.

Because the software products being hosted are essentially desktop or LAN-based products, the underlying technology to “deliver” those applications is generally of a similar foundation.  In cases where the provider is offering hosting of Windows-based QuickBooks desktop editions or Microsoft Office applications, for example, the platforms and servers used by the service provider are almost certainly Windows-based.  This operating system, as well as the rights to allow remote user connections to it, is licensed to the provider from Microsoft under the SPLA.  These elements are referred to as “user” licensing elements.

An aspect of Microsoft reporting and licensing which is not well recognized (or frequently complied with) is the difference between user and application licensing.

User licensing, which includes the Windows server access license as well as the remote desktop user license, is a named user access license. This means that the provider need only report and settle for the user license if the user actually accesses the system during the reporting period (usually each month).  Not quite like a concurrent user model, where only the high count of users is reported, the named user model requires that the license for each user be paid if that user logged in at any time and remained logged in for any length of time during the reporting period.

Application licensing applies to the application software license acquired through and governed by the use-rights provided for and granted under the Microsoft SPLA. Rental application licensing is assigned to a specific, named user, and is to be reported fully on a monthly basis regardless of whether or not the user accessed the software. This is in direct contrast to the named user access licensing described above. Providers are required to report and settle on a monthly basis the total number of subscribed application licenses available to users, including Microsoft Office applications, Exchange, SQL and others, regardless of whether or not the user actually logged in and used the products.  The license is assigned to the user and is therefore required to be paid.

Being an application hosting service provider is a complicated business, and there is a lot to consider when developing subscription services for broad customer delivery.  Pricing is one of the complaints customers voice relating to these services, but the reality is that it takes quite a bit in terms of system resources and licensing to provide an acceptable hosted application experience.  This is one of the areas where SaaS and true cloud solutions benefit from a scale economy – where the application is designed for the platform, and one instance of the solution and platform can serve a large number of customers more affordably.

When working with a hosting service provider, it is wise to recognize that the platform and software licensing costs are there to support the type of applications being hosted.  If you have an SQL-based application, you will need the SQL licensing to support it, just like you have to pay for licensing of an Exchange mailbox or a hosted copy of Word.  Enabling only a portion of the total business software requirement may make it difficult to cost justify hosting just one solution.  However, if the business utilizes the host to manage all the desktop applications and data, the cost-efficiency of the approach can increase dramatically.  Regardless of whether the business elects to continue to run software on local PCs, or if it decides to outsource IT to a host and run it there, the company will have to pay the price for software licensing.

Make sense?


Following the Rules: Users and Licensing for Hosted QuickBooks

Following the Rules: Users and Licensing for Hosted QuickBooks

I have said many times before that the licensing for QuickBooks desktop editions appears to be a bit complicated, and a lot of that may have to do with the fact that so many people use QuickBooks in so many different ways.  With a solution like QuickBooks (or Microsoft Office or other really popular and widely used software products) there is a tendency for folks to want the flexibility of accessing their software regardless of what computer they are using.  Also, especially in businesses, there is the habit of installing software on a computer and then allowing anyone sitting at the computer to use the software.  In some cases these approaches are okay with the software vendors, but in most cases they’re not.  Yet too often, the small business owner doesn’t find out what the actual rules of using the product are until they try to deploy the software with a hosting service provider (because nobody ever actually reads the EULA, do they?).  If the provider has any credibility at all, they will enforce the licensing rules of the software, but that doesn’t always sit well with the customer.

picture-hostedQBThis situation rears its ugly head quite frequently in the QuickBooks hosting world.  Perhaps it is because there are a lot of possible working models involving QuickBooks users, or maybe it’s simply a matter of people not seeing the value of paying for what they want to accomplish.  Either way, service providers find themselves being challenged every day in trying to explain to a customer why they need to have more than one license for QuickBooks and more than one service account if they want more than one person to access the hosted solution.

Different people at different times: The Concurrent User approach

One of the arguments people make for not having licenses for all of their users is that they don’t actually need everyone in the system at the same time.  The belief is that there should be licenses enough only for the number of concurrent, or simultaneous, users that will access the system, yet each individual human being/user should have a login to the system with the software available (for convenience, of course).  A QuickBooks 3-user license, they believe, should be able to be used by any number of business users as long as no more than 3 of them are in QuickBooks at any given time.

While the customer may be making a reasonable argument, it all falls down when you consider the license agreement for QuickBooks.  Each user of the product is supposed to have a specific license.  A business with a 3-user license (or 3 single-user licenses) for QuickBooks has the rights to allow 3 people (unique human beings) to use the software, not any combination of people as long as they number no more than 3 at a time.   There is to be no sharing of licenses, and there is no “concurrent” licensing model: each person/user/human being is supposed to have their own license for the product no matter how often they access it.

Look but don’t touch: The Read-Only User approach

Another of the arguments people make for not licensing all of their users is that there is somehow a belief that if you don’t actually enter information, then you aren’t really using the software.  This often comes up in situations where an accounting professional works with their client, or when business owners want to occasionally see what’s going on in the company.  The approach centers on the concept of what a “user” is and suggests that users are the people entering or changing the data, and people only viewing that information aren’t really “users” at all.  When the bookkeeper opens QuickBooks and enters an invoice, the bookkeeper is recognized to be a user.  But when the business owner opens QuickBooks to view the financial statement or see the bank account balance, isn’t the business owner also a user?  Yup, they sure are. Any person that actually opens the program on the computer is a user, regardless of what they do when the program is open.  Just looking around at the data still requires that the program be open, and opening the program requires a license.

Two Fer: But the other hosting company lets me…

Just because you can do something doesn’t mean that you should.  So, just because a different hosting provider might let you get away with things that aren’t right (but perhaps are convenient or cost saving in the short-term) doesn’t mean you should expect a different host to allow the same thing.  If your current host says things like “as long as you don’t tell us…”, you should be concerned.  This often comes up in a hosting scenario where there is an outside accounting or outsourced back-office professional working with a hosted client business.  The outsourcer will want to access the client books, so they will want to have a login and access to QuickBooks software on the host system.

The trouble starts when the outsource professional doesn’t want to have to pay for their own service or licensing, yet they want to be able to login to the system and run QB just like the client does.  Falling sometimes under that attempt to leverage a concurrent user approach (see above), these outsourcers just aren’t realizing that the benefits of accessing their client information and working in real-time with that data is often valuable enough to support the cost of a hosted account and license.  Instead, they want their access to be free of charge and not be bound by silly rules of licensing, often because their client won’t want to pay for the accountant service in addition to their own.

This is when the “if you don’t tell us” stuff comes in – where the service provider may suggest to the accountant or outsourcer that they can simply login as the client and nobody would be the wiser.  I’ll fess up and say I have even entertained this idea with clients a few times but always shy away from discussing it in-depth.  While it is basically true that the service provider doesn’t generally know which exact human being is sitting at the other end of that remote desktop connection, that doesn’t mean that it is okay to leverage it into an abuse of services or licensing.

Two or more people sharing a single login just isn’t good ju ju, and it’s usually against a whole bunch of licensing rules and rights of use.  The funny thing is that many customers who initially leverage their service in this manner end up finding it was a really bad idea.  I saw a scenario a few years ago where a business allowed their outside auditors to share the logins of regular employees in the finance department.  When an employee tried to login to their remote desktop, they opened the session the auditor had open – exposing the employee to a lot of data that was not theirs to see but which the auditor user in QB had access to.  The company called it a security breach and it was on their part – and it was allowed to happen because they shared their remote desktops with the auditors rather than giving the auditors their own accounts with their own security profiles.  What seemed like a good, cheap approach on one day rapidly turned into a big issue the next, and the service provider had no power to prevent it from happening.

The moral of this story is simply that following the rules is the right thing to do and most reputable hosting service providers will try, even if they don’t end up doing it really well.  There are always going to be those who figure that the risks don’t measure up to the potential rewards, so they will do what they choose to do.  I’m always left wondering about those guys; if they have no problems breaking these rules, I wonder what other rules (or confidences) they are willing to break.  Hmmm.

Make sense?