Microsoft licensing

The CSP Sales Motion

MS LicensingLeave a comment

Here are a few guidelines to follow if you have an Enterprise Agreement with Microsoft and looking to decide whether or not to renew or work with a CSP partner to help you with your licensing needs.

Enterprise Agreement

The EA is a legacy program by Microsoft and in the current licensing world in which we live, is designed for organizations who are the largest and most complex environments.  In most of these customer situations, there are amendments, exceptions, and additional terms that need to be negotiated.  If this is you, a CSP model is probably not ideal for your situation.

Other hot buttons that will help you make the case to sign an Enterprise Agreement

  • All affiliates to be included in one agreement
  • Multi-tenant solutions
  • Fixed price requirement for 3 years
  • Existing agreement with existing licenses that will qualify them for discounts such as “From SA” or “Add-On” licenses

Cloud Solution Provider Program

The CSP program is designed to help customers move to the cloud.  The case for CSP can be summarized this way  – how dated is it to buy software that you have yet to deploy?  Many organizations make upfront commitments for licenses they will never use to get a better discount.  CSP is a program that supports pay as you go and deploy (or use) with little commitment.  Why pay for something that you haven’t used?

Other hot buttons that will help you make the case for CSP:

  • Less than 500 USL licenses
  • Partner requirement to help deploy and manage
  • Fluctuation in user count
  • Simplified workloads
  • Pay for consumed services (Azure) on a monthly basis

Without question this post is a generalization, but hopefully it will give you an idea of what to look for and questions to ask if you are signing a new agreement.  CSP or EA, it doesn’t matter, Microsoft still gets their fair share.

Thanks for reading,

CSP Man

 

 

Advertisement

Enterprise Mobility and Security (EMS)

MS LicensingLeave a comment

With the big push to the cloud, the Enterprise Mobility and Security offering emphasizes Microsoft’s mobile first, cloud first strategy.  EMS focuses on three areas:

  • Hybrid and Cloud Identity – Enabled through Azure Active Directory Premium
  • Mobile Device Management -Microsoft Intune.
  • Data Protection and Security – Azure Information Protection/ MS Advance Threat Analytics.

In this article, we will review each of these offerings and how it can help your business.

Azure AD Premium

Is a single sign-on or connection that links a user to multiple applications and multiple cloud solutions including social media accounts and other SaaS applications.  Almost all organizations have different applications users access; personal and business from the same device.  Azure AD also includes a full suite of identity management capabilities including multi-factor authentication (identifies the user) , self-service password management (retrieve password) , self-service group management and security monitoring and alerting (identify threats).

Intune

One of the number one questions asked around the BYOD concept is “what happens if my employee leaves”  One of the features of Intune is Selective Wipe, which allows IT staff to wipe corporate data remotely from that device via self-service company portal or admin console, but not touch the individuals personal applications (Facebook as an example).

In addition to mobile device management, it also helps IT administrators with the ability to push company apps automatically and allow users to easily install corporate apps from the self-service company portal.

One other feature of Intune is email.  If a company wants to protect an attachment through Intune security, IT administrators can set protection parameters on that attachment that will prevent the user from copying and pasting into another application.  Let’s say you have a company spreadsheet with private financial information.  In order to prevent  the user of just copying that application into another spreadsheet or word docs, the IT admin can use Intune to prevent unauthorized distribution.

Azure Information Protection (Azure Rights Management)

Using the email example above, Azure Info Protection allows an IT admin to set permissions of who can receive not receive the email.  As an example, let’s say you send an email to a vendor with personal information, using Azure Info Protection, the sender can set a no-forward policy or even an email expiration in which the email will auto delete so no unauthorized users can access that email.

Microsoft Advance Threat Analytics 

MS Advance Threat Analytics is a preventative security measure to protect the user from unauthorized use of personal information.  A credit card is a good example.  Using behavioral analytics, Advance Threat Analytics (ATN) will notice unusual activity on a customer’s account.

How to buy

You can purchase the EMS offering through various channels and programs.  Similar to most program, buying EMS as a package is more cost competitive than buying as individual components.

Volume Licensing:  When customers who purchased Windows Server CAL, Microsoft System Center Configuration Manager, System Center Endpoint Protection and Microsoft Active Directory Rights Management Services CALs via the Microsoft Enterprise Volume Licensing agreements they will have the ability purchase the Enterprise Mobility + Security Add-on.  This is much cheaper than buying the full user license since you already made the investment in certain technologies.

CSP: When working with a CSP partner, you can either resell or consume EMS for your own internal use.  When using CSP, you either provide the support (as a CSP Direct/Tier 1 provider) or work with a distributor (CSP Indirect/Tier 2) to sell to your end customers as a managed service provider.  The cost varies depending on number of users and the support offering.

I hope this provides some insight into EMS.  More articles on this coming soon!

Thanks for reading,

CSP Man

 

 

 

 

 

New Announcements for Microsoft CSP and MPSA Programs

MS LicensingLeave a comment

Recently Microsoft announced that as of April 1, 2017, they will standardize all online services (OLS) durations to one year or less.  In other words, they will remove multi-year agreement programs for online services in the Microsoft Product and Services Agreement (MPSA for those playing at home). This applies to all Office 365, Dynamics 365, Windows, and all other OLS currently sold on MPSA.  What about Azure?  That was removed as of February 1, 2017.

Why the change?  I think it is to align programs.  One of the primary benefits of moving to the cloud is flexibility.  I think this move is good for the consumer and Microsoft.  For the consumer, it provides a way to migrate to the cloud without the long-term commitment.  For Microsoft, once you move to the cloud, you are almost always in the cloud.  There’s a lot of talk about moving to the cloud, very little talk about moving away from the cloud.  The reason?  Very few migrate away.  It’s like the mafia, once you think you are out, they drag you back in.

If customers want to purchase longer durations, they can still purchase it under the Enterprise Agreement (EA) or Open Value.  For all others, CSP, MPSA, direct, etc. its one year.  Existing customers with 2-3 year customers will not be affected according to the Microsoft Licensing Partner Guide.  It also mentions that if customers with multiple year agreements add new users after April 1, those users will have the same services subscription dates.  In other words, nothing will change.  Once they sign a new agreement, it will align to the new one-year model unless they purchase under the aforementioned Open Value or EA.