The SAP® Indirect Usage Time Bomb
Are you using software that can query or write to an SAP database? For example, does your CRM access data in your ERP solution? Are you aware that you could be liable for something called “Indirect Usage” and that in all likelihood you will be under-licensed for SAP? Customers are increasingly being targeted by SAP (and other vendors) in pursuit of Indirect Usage fees – for thousands, possibly millions. It’s a situation that will only get worse, rather than going away, so feigning ignorance is not an option.
So what can you do to avoid large unbudgeted costs when audited? Read on…
So just what is Indirect Usage?
A simple example of Indirect Usage (sometimes also referred to as Indirect Access) might be where the SAP system is accessed or queried by a third-party application. This might be automated or could be the result of a user accessing functionality or reporting in the said third-party application.
In SAP’s world, the fact that their application is being used to provide data means that they are owed money for that ‘use’ (even though the user in this case is not accessing the SAP application directly). Many license contracts contain a direct (some may have an indirect) reference to SAP’s third-party usage requirements.
Typically if a non-SAP system accesses SAP data, the user of that external data needs to be covered by an appropriate SAP license. If you don’t have a clause in your contract, you’d be wise to agree with SAP what constitutes Indirect Usage to avoid any nasty surprises. Don’t forget that the contract shouldn’t be the only place to check, as the SAP price list refers to Indirect Usage – and your contract will be subject to its terms, all 120 pages.
Here are a few common scenarios where you may find yourself liable for indirect access and thus more licenses:
- Customers are using eCommerce platforms to place sales orders
- Partners and suppliers are accessing inventory and running reports
- Field officers are using mobile applications and devices to get new notifications
- Sales representatives are accessing and inputting customer-related data and running CRM reports remotely from a non-SAP interface – this could easily be via a mobile device
- Remote engineers are accessing inventory and placing orders via a self-service application
- Third-party logistics suppliers/ contract manufacturers are consuming data from SAP
- Applications that use and share SAP’s data for product life-cycle management purposes.
The task to identify Indirect Usage becomes all the more difficult if you have multiple servers and applications spanning different geographies and covering several business operations and services.
When SAP creates Indirect Usage instances itself
It is often the case that it may have been SAP itself that recommended and even performed integrations with third-party solutions, but at the time might not have revealed that the organization would be liable for significant Indirect Usage fees (we’re seeing an increasing number of these instances!).
Of course, services consultants are not expected to have the highest licensing expertise, however it will be an unexpected blow to many SAP customers now facing much larger licensing fees.
Knowledge is power
Unfortunately the LAW report that Basis Administrators have to submit annually does not help manage the challenge of Indirect Usage. Accurately classifying users (direct or indirect users) and allocating the right licence type to them is crucial for organizations to ensure an optimized licence state, however this should be done prior to executing the measurement system through the LAW report.
Taking control of the situation
So where do you start to identify and handle Indirect Access in the organization? There are anomalous and abnormal behavioural patterns that are the tell-tale signs of the SAP system being accessed by third-party applications, and solutions like Snow Optimizer for SAP® Software are able to detect these indicators through activity checks for:
- Cross component usage – Accessing multiple systems at the same time is atypical behaviour for a “real” user.
- Extended work time – Even the most conscientious of users will not work continuously for 24 hours without a break
- Extraordinary volume of work – Any user whose workload (i.e number of transactions performed, CPU usage per day) is significantly above the average may indicate activity from a system.
By monitoring these unusual behavioral patterns, the Snow Optimizer for SAP Software can highlight potentially unlicensed and non-compliant users that are accessing SAP systems. This enables organizations to take proactive remediation steps and avoid potentially significant (and unbudgeted) costs.
Through this data, users can maintain up-to-date details on which licenses are assigned and where. This enables SAM managers and SAP administrators to rebalance license allocations on-the-fly, and to right-size licensing across the SAP landscape. Snow Optimizer for SAP® Software constantly monitors system measurements across the hundreds of SAP systems in an enterprise, aggregates that data and highlights key compliance concerns for the SAP administrators.
Essentially, the technology becomes your own in-house SAP license optimization expert. In my upcoming blogs on Indirect Usage, we will focus on identifying your financial exposure and then look at how to negotiate the best outcome with SAP.
For help understanding your organization’s likely exposure to unbudgeted SAP Indirect Usage costs, why not speak with a SAP licensing expert from Snow today.