Back in September, Microsoft announced the acquisition of Movere, an 11-year-old cloud migration startup. It was a move many in the industry saw coming. Movere, formally known as Unified Logic, was founded in 2008 in Bellevue, Washington (where Microsoft also has a significant corporate and senior management presence). Microsoft has used Movere’s tools to assist with cloud migration planning and software asset management engagements for a while now. Microsoft has even gone as far as including a requirement for clients to specifically work with Movere on True Up Assist and SAM engagements – which are essentially veiled software license audits.
Microsoft has billed this acquisition as a move that will help clients better understand their internal environment and cloud requirements, and enable Microsoft to better size and scope Azure requirements as customers move to the cloud. All of that is certainly true, but it’s also worth noting that the Movere acquisition has added a powerful new tool to Microsoft’s audit toolbox – one that can be used to collect license/usage data that can potentially be used against clients in compliance verification. All under the auspices of cloud migration planning.
Before You Give Microsoft Access to Your Deployment Environment
Microsoft has aggressively pursued software license audits for a long time now, but this acquisition telegraphs just how serious Microsoft has gotten about this revenue driver. Historically, Microsoft has had difficulty managing the audit process mainly because it had to engage external partners. Movere provides Microsoft the tool and the team to better manage and control the process end to end.
Our friendly advice is to never allow Microsoft (or any software publisher for that matter) direct access to your deployment environment, and never provide tool scan reports that have not been carefully scrutinized to be sure they are limited to only the information necessary for the task at hand. Unfettered access and reporting enables vendors to gather information that is not relevant to the job at hand, but highly relevant to auditors. Enlisting the help of a non-partisan partner like NPI to size/scope cloud migrations (and identify areas of noncompliance so they can be remediated) should be the standard process before allowing Microsoft access or providing reports.
RELATED CONTENT