Oracle’s Java sales team is making inquiries geared toward
ensuring security of a customer’s IT environment. This approach can be
troublesome and challenging to handle, as the inquiry is typically sent to a
CISO or head of IT security, who may not be accustomed to software negotiations
and sales calls.
Oracle discusses the importance of security and that running
older versions of Java leaves your IT environment exposed to threats. They will
then position that upgrading to a Java cloud subscription model will ensure
your environment is always running the latest, most secure version of Java.
They offer you a free quote, and since most people do not see the harm in
getting a price quote, they agree.
“This is where things get tricky. For Oracle to prepare a Java quote, they will
request a copy of your system architecture and a list of the different
applications you are using that run Java,” said Jeff Lazarto, Commercial
Advisory Practice Leader at UpperEdge.
“Based on this non-threatening set-up that starts with a
discussion on security and evolves to soliciting a free price quote, some
organizations make the mistake of sharing this information, which not only
leads to a Java price quote, but also ignites an aggressive sales cycle,”
Lazarto added.
Three important considerations are:
- Sharing Your System Architecture Can Potentially Lead to a Technology Audit. If your system architecture uses virtualization technology that does not meet Oracle’s definition of hard partitioning, such as VMware, then per Oracle’s policy, ALL processors within the entire virtualized server farm must be licensed, not just the processors where Java or your Oracle database and related Oracle technology products are installed.
- Sharing Your Java Applications Can Potentially Require the Purchase of a Java Subscription. There are two scenarios at play here. First, if you are running third-party applications that come with Java, it is important to know whether they come with a Java license from the third-party application provider or whether you are required to obtain your own Java license. The second scenario is similar but applies if you are downloading no-charge Java versions to run homegrown applications in production. If it turns out that you are using these no-charge Java licenses, then you will be required to purchase them.
- Do Not Run Oracle Scripts. Scripts will disclose everything Oracle needs to not only provide you with a Java price quote, but also to identify any Java utilization that requires a Java subscription, as well as potential database technology compliance issues. Even if you are under a formal audit, Oracle’s agreements do not require you to run scripts, they only require you to reasonably cooperate with providing information relative to the audit – there’s a big difference.
Customers should exercise caution in sharing information
with Oracle so as not to unnecessarily trigger an overly aggressive sales
approach.
Upcoming Webinar
UpperEdge will offer insights into how Java is licensed,
Oracle’s strategy and approach, and recommendations to minimize compliance
exposure in a webinar, “Java Compliance Risks: What You Need to Know,” on
January 25th at 11:00 EST. Register at
https://bit.ly/3m18Azf and you will be sent the recording even if you cannot attend.
0 comments:
Post a Comment