Top Findings in a Quest Audit: Re-Cap
Updated: Jul 9, 2020
When dealing with a Quest software audit, there are several compliance challenges for customers:
Quest’s licensing rules and language is vague and inconsistent across time
Quest auditors uses crude data collection tools and analysis methodologies
New technology adds to the complexity of the audit
It’s difficult to track Quest usage on decentralized devices and servers acting autonomously
Quest audit teams are highly incentivized to find and collect as much as possible
Here are four areas where auditors consistently find Quest compliance issues:
Pirated software
Data Collection
Data analysis
Contract Interpretation
1. Pirated software common findings
- Pirated license keys exist in most environments
- Pirated keys are easy to generate and/or obtain
- Note: Quest charges about 3X for these missing licenses, and will aggressively pursue these findings, create a feeling of guilt, and threaten legal action
2. Data collection common findings
Quest auditors employ crude data collection methodologies
They write their own scripts or SAM tools, which aren’t very accurate
They lack native license tracking
They rely on trace installation evidence
3. Data analysis common findings
You can count on a lack of due diligence by Quest auditor; They rely on customer to understand and vet audit report
Widespread errors are common
Charge twice for the same product
Charge for disabled accounts
Charge for license downgrades – i.e., you’re over-licensed for a higher edition of the product but you’re using a lower version
They are unwilling to discuss/resolve data issues - Quest will drive towards the settlement
4. Contract interpretation common findings
Access vs usage definition. Toad product may be installed on a server or other shared device; Quest auditors will count every user that could potentially use that machine and require a license for each
They may have quantity limitations (Freeware) per product
ELA terms and conditions must be understood
And finally,
Quest tends to extrapolate audit findings. It’s not unusual for them to examine one-third of an environment and extrapolate the other two-thirds. This is very aggressive – and not accurate. It is important to remember that most findings in an audit can be challenged, and are NEGOTIABLE.
We advise clients to communicate with Quest early and often regarding compliance, and contact your ClearEdge representative for further assistance.