What if employer is deploying without proper MS licensing?

GoldmemberGoldmember Member Posts: 277
I'm worried about our IT department deploying workstations without licensing.

What if your company is deploying machines without proper Microsoft licensing?
What do you do?

The IT "boss" told me not to worry about licensing, but I see how badly our organization is run by him and I think he might be skimping Microsoft.


Should I gather information on licensing, which he will undoubtedly try not to give me?


The reason I believe this is happening is because we are deploying old Windows 2000 Machines by ghosting Windows XP onto them. I don't remember us having an XP license for each machine.
Its possible we have a volume license for goverment, but I'm not sure thats the case.

The "boss" told me not to worry about licensing, but he seemed defensive when asked.

What do you think?
How can you prove?
Is there someway to check with Microsoft?

Thanks

Goldmember
CCNA, A+. MCP(70-270. 70-290), Dell SoftSkills

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    Goldmember wrote:
    Its possible we have a volume license for goverment, but I'm not sure thats the case.

    Yes this is the case for most government implementations.
    An expert is a man who has made all the mistakes which can be made.
  • phantasmphantasm Member Posts: 995
    Why not ask your boss if you have a volume license? Above all else, ethics ethics ethics. Those three words mean different things to everyone, but my management professor couldn't give a lecture without digging into ethics.
    "No man ever steps in the same river twice, for it's not the same river and he's not the same man." -Heraclitus
  • iowatechiowatech Member Posts: 120
    Honestly it's not worth starting the trouble over it. Would just be best to make a mental note of it and try to keep track of what license needs purchased in case anything ever happens. But going to MS could cause a lot more hardship than one might think. And then everyone at that company is out of a job not just the IT staff.
  • ally_ukally_uk Member Posts: 1,145 ■■■■□□□□□□
    Time for the auditors to pay him a visit
    Microsoft's strategy to conquer the I.T industry

    " Embrace, evolve, extinguish "
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    If XP is deploying fine without having to be activated, you have a volume license. Otherwise each install would have to be "activated" or else time out in 30 days.

    If you are using sysprep on your images, open the sysprep.inf file and look for the line:
    [UserData]
    ProductKey=
    

    That will be the product key being used and is probably a volume license. If you are not using sysprep, then just use the Magical Jelly Bean Keyfinder on a computer to see what product key is being used.
    All things are possible, only believe.
  • empc4000xlempc4000xl Member Posts: 322
    This sounds like something shady maybe going on. Depending on your job at the company IE if your a senior tech I would look into, and have a face to face with the boss or junior tech, I would not worry about it and not get invloved but have a understanding of what you see. I know this may sound like the wrong thing to do, but curiosity killed the cat. Don't end up on a black list just because you thought you were doing the right thing.
  • Tyrant1919Tyrant1919 Senior Member Member Posts: 519 ■■■□□□□□□□
    Layback, do your thing. If it's not properly licensed, they'll get caught someday.
    A+/N+/S+/L+/Svr+
    MCSA:03/08/12/16 MCSE:03s/EA08/Core Infra
    CCNA
  • GoldmemberGoldmember Member Posts: 277
    Anyone you know ever been audited by Microsoft?
    I'm curious what happens.
    CCNA, A+. MCP(70-270. 70-290), Dell SoftSkills
  • ladiesman217ladiesman217 Member Posts: 416
    Goldmember wrote:
    Anyone you know ever been audited by Microsoft?
    I'm curious what happens.

    im also curious...are techs liable for using pirated OS's or just the company?
    No Sacrifice, No Victory.
  • SmallguySmallguy Member Posts: 597
    Goldmember wrote:
    Anyone you know ever been audited by Microsoft?
    I'm curious what happens.

    I've only heard of one Case and it was when a disgruntled admin was fired and reported them to Microsoft

    Basically Microsoft came in audited using customer software determined they were using the same product key for everything ( windows 98 and office 97).

    The company got lucky because they were buying PC's form a local Tech shop and everything was pre-installed so MS turned their sights on the shop

    The Place still had to get properly Licensed but I think they did get a bit of a break on it since they were "innocent"

    I do believe that Technically MS can strip your certs though
  • cisco_troopercisco_trooper Too many Member Posts: 1,442 ■■■■□□□□□□
    Hey,

    I can't stand Microsoft as much as the next guy, but don't forget about the huge paycheck Microsoft offers for busting the lid open on unlicensed software....that's as much as I'm going to say about that.
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    They say that Microsoft is extremely easy going if you come to them and ask them to audit you. They have been known to give away tons and free licenses to get the company up to date.

    I haven't heard of a intrusive auditing story.


    The easiest thing you can do is send your boss an email asking him about the licenses. That gets a paper trail started to CYA. If your company did get audited then the only thing they can really do is strip your certifications. But I'm sure they will allow you to defend it if you have a paper trail.
    My blog http://www.calegp.com

    You may learn something!
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 12,211 Admin
    sprkymrk wrote:
    If you are not using sysprep, then just use the Magical Jelly Bean Keyfinder on a computer to see what product key is being used.
    The MJBK 2.0 beta is available at MajorGeeks.
  • famosbrownfamosbrown Member Posts: 637
    Mishra wrote:
    They say that Microsoft is extremely easy going if you come to them and ask them to audit you. They have been known to give away tons and free licenses to get the company up to date.

    I haven't heard of a intrusive auditing story.


    The easiest thing you can do is send your boss an email asking him about the licenses. That gets a paper trail started to CYA. If your company did get audited then the only thing they can really do is strip your certifications. But I'm sure they will allow you to defend it if you have a paper trail.


    Any documentation or references to MS stripping I.T. Professionals of their certifications due to the individual's employer not having correct licensing?

    Seems kind of strange to me. I do see the company having it's Partnership Certification stripped, but I don't see Microsoft going after individual certs.

    If you have a Volume License Key, you should have an agreement somewhere that you can lookup on eOpen for Open/Select Licensing, and another site managed directly by MS for Enterprise Agreements. There you will be able to see if Software Assurance has expired, how many CAL's, datae purchased, etc. Usually MS will just bill you for what you are using and haven't paid for yet. The EA Agreement works that way. YOu pretty much install what you want, then sometime during the year (won't put actually time, since it may vary for other organizations), MS will scan that particular product and let you know that you are now using so many licensed version of it and it's time to pay up. Very flexible and easy to manage.
    B.S.B.A. (Management Information Systems)
    M.B.A. (Technology Management)
  • phreakphreak Member Posts: 170 ■■□□□□□□□□
    I'd be as honest as you can be about things but don't jeopardize your job.




    As said, MS will usually come in and work with the company to help them become compliant. Repeat offenders are fined usually from what I have seen.
  • seuss_ssuesseuss_ssues Member Posts: 629
    If im not mistaken BSA called us about doing an audit in the upcoming months. If i get to take part in it then i will let everyone know how it goes (we are 100% in the clear on the software we have installed) but i guess an employee somewhere might have installed something themselves.
  • mgeorgemgeorge Member Posts: 774 ■■■□□□□□□□
    If you are a tech and the company you work for is deploying software illegally and you are aware of it, if the company is audited and the company is found guilty, you will go down with it.

    Does that answer your question?

    I beleive it all falls under the lines of "obstructing justice & conspiricy to commit fraud"
    There is no place like 127.0.0.1
  • silentc1015silentc1015 Member Posts: 128
    mgeorge27 wrote:
    If you are a tech and the company you work for is deploying software illegally and you are aware of it, if the company is audited and the company is found guilty, you will go down with it.

    Does that answer your question?

    I beleive it all falls under the lines of "obstructing justice & conspiricy to commit fraud"

    Doesn't sound like he's aware of it. Sounds like his manager is being evasive and saying "just don't worry about it and install the software".
  • PashPash Member Posts: 1,600 ■■■■■□□□□□
    Here is what I would do:

    Email your manager with concerns regarding licensing in your environment. Explain where you think the discrepancy is and let him know you are willing to help investigate and organize the licensing. Ask for documentation electronic/hard copy.

    This let's your manager know that you have concerns about something, meaning he has to act AND you can show you are willing to help.

    Licensing is a very hard part of IT in my eyes, sometimes I have to double check everything before I place an order with our suppliers and even then registering and documenting everything takes time.

    Please do not listen to some of the idiots above who claim you are part of this huge act of fraud and should go down with the company BUT act soon and offer your assistance to ensure your IT environment is doing well in operations.

    Cheers,
    DevOps Engineer and Security Champion. https://blog.pash.by - I am trying to find my writing style, so please bear with me.
Sign In or Register to comment.