Ray Hsu, C.P.M. Assistant Director, Procurement Services University of Washington Software License AgreementNegotiation 101
Why are we here? – GOALS AND OBJECTIVES • What questions should you be asking to prepare yourself? • Discussion on the different types of Software Licenses and their significance • Typical issues around software licensing negotiation • Other consideration for Software as a Service
Basic Questions – DO YOU KNOW YOUR INSTITUTIONS it Roadmap?How do customers in your institutions purchase their software license? DO YOU KNOW YOUR INSTITUTIONS it Roadmap?How do customers in your institutions purchase their software license?
Do you know how much your institution spend on software purchase each year?What types of licenses do you purchase?Who are your strategic software reseller?
Single User Licenses • Charge per seat • May be perpetual or based on a term • Named or unnamed user ( which is better for you?) • May allow you to install a backup copy on another device • Subscription vs. traditional
Multi-user licenses • Volume Licenses • Concurrent users • Social licenses • Beware of the different tiered of users • your ability to replace users, easy or hard?
Enterprise licenses • Based on fte or student count or other agreed upon methods to determine the size of the institution ( beware of how to manage changes to this number) • Can be based on the number of servers the application will be installed on (how about virtual machines?) • Beware of how many “environments” you will need and what is included in your purchase; development, training and testing, production, etc. • Can be based on the total number of processors in a server • Can be application specific if used with another front end product(ASFU licenses)
Software as a service • Subscription based on a agreed upon term • Typically includes all support and upgrades to your application • What is the service level commitment from the solution provider? • how do the solution provider support user questions or handle trouble tickets • Hybrid model – a mixture of traditional and the cloud
My checklist of software license planning and review.. Things to think about before you buy, and to watch out for when reviewing the license agreement..
What are your requirements ?– critical vs. desirable • Market research • Request for information • Fit-gap studies • System demo • Trial licenses • Proof of concepts based on a limited engagement • Does the software solution require hardware upgrade? - beware of minimum system requirements
Warranty, warranty and warranty What is vendor’s commitment in terms of providing functionalities and meeting your particular set of business and technical requirements?
How many people in your institution needs to have access to this application? • Multi-users vs. enterprise licenses • Managing Growing or shrinking pains • What are the different level of users (power users vs. regular users vs. interested party) • How often would you have to change user’s access to the application? • How to you manage vendor’s ability to audit your license and user count?
Upgrades and enhancement • How is that deliver? • How much does it cost? • Minor (right of the digit) vs. major (left of the digit) upgrades • Security patches and other product enhancements
Maintenance and support • Is it included (don’t assume it is, even in a subscription model) • What is a reasonable percentage to pay? • What exactly is included? • Is the vendor transparent about how they provide support? • Back to the warranty question – what is it based on, “documentation”, “users guide” or others? • How about training? Do you need implementation services?
Indemnification – what items is the solution provider willing to protect you against? • Third party claim against intellectual property infringement • Who controls the legal defense? • What is the vendor willing to provide when there is a IP claim against their product? (replacement solution, refund, etc) • Data security risks – who notifies when there is a data breach?
Data security • Will the vendor have access to your institutions confidential data either directly, or indirectly? • What do you do to hold the vendor responsible? • If the vendor is hosting your data, where are the data center located? • What is your state’s requirements in terms of breach notification, credit monitoring and other responsibilities? • HIPAA, FERPA, EAR, GLB and other federal regulation requirements
How would the vendor use your institutions information? • Customer feedback • Joint research and development • Any interfaces and integration developed for your application • Use of your institution’s name and logo • Promotions, endorsements, and advertisement of your relationship
Limitation of liabilities • How does it impact warranty? • How does it impact indemnification? • What should be excluded from LOL?
Thank you for your time and attention.. Ray Hsu – firstname.lastname@example.org