What to Do When You Get a Microsoft Audit Request (Except Panic)

By: Joshua Beitler

You’re a little skeptical, right? You’ve received a call or email from someone claiming to be from Microsoft and they want to peek into all your software licensing.

Being the safety conscious individual you are (way to go!) you immediately identified this as a potential scam. After doing some research and checking with your IT provider, it’s confirmed that Microsoft is actually auditing you. Queue the feeling of dread…

Anyone who has experienced an audit already knows how exhausting of a process it can be, until now. Microsoft is looking for you to provide proof that you have genuine Microsoft software across your organization. Sometimes this proof can be a little hard to gather on your own.

With these seven easy steps, you’ll conquer your next Microsoft audit and be the office hero.

Step 1: Gather Your Materials

If you have a trusted IT provider already, this process just got a whole lot easier. Your provider should have a good record of all your license keys and understand the audit process. (If they don’t, you should probably look into a new IT provider after your audit is complete.)

If you do not have an IT provider, or your provider left you stranded, then it’s time to gather your materials. This includes the products keys, Certificates of Authenticity (COA), invoices for computers or software, volume license agreements and your flashy new smartphone.

Step 2: Get Into the Microsoft Portal

Microsoft uses an online portal to have you upload your information. The licensing specialist will give you your portal link and password for your login.

The first thing you will see is the home page. This is where you will need to fill out all the information about your company (name, address, any parent or child companies, etc.). Once that is done you will start to move onto the licensing part, sometimes called the deployment summary.

Microsoft has a tool called Software Asset Management (SAM). It’s software for larger organizations that scans an entire network and reports on what it has found. This SAM software changes frequently. Be on the lookout for future changes to this program.

If you have decided that you want to go the manual route, grab your clipboard and smartphone to get started.

Step 3: Get Product Keys and COAs From Windows Computers

You need to report any computers you have that are actively being used. Older units will have a COA sticker on it that look similar to this:

Microsoft-Audit-Img1.png

This sticker is usually located on the top, back, side or bottom of your desktop. It can also be found on the bottom of a laptop or under the battery. You will need to take a picture of this COA with your smartphone or digital camera to provide proof of ownership.

If your computer is newer, it will not have a printed sticker. Instead, you’ll need to pull the product key from your BIOS. A tool like RW-Everything will help you read the key from your BIOS. Keep in mind that this tool only gives you the key. You still need to pull a receipt or invoice for that computer to provide proof of purchase.

Step 4: Verify Office 365 Units

If you are using Office 365 for email only, you will need to provide an invoice of your last 365 billing cycle.

If you are using Office 365 for your Office software in addition to your email, then provide that in the invoice as well and you are done!

If you do not use Office 365 for your Office suite, then you will need to pull the COA for each copy of Office. It will look like this:

Microsoft-Audit-Img2.png

If you purchased Office digitally, log into your Windows Live account and get the proof of ownership from there. Usually, a screen shot will suffice for proof of purchase. For the physical cards, you will need to take a picture or scan the COA to provide proof of ownership.

Other Microsoft software: Be on the lookout for other software installed such as Publisher, Project or other “one off” software that may have been installed separately from the main Office suite.

Step 5: Send Out Your Server Licensing Details

Microsoft will ask you questions about your server licensing. Microsoft Server License uses these two factors when licensing:

  • How many processors you have in the server.
  • The number of users who have access to the server.

The number of users even includes people who use servers indirectly. You will need to have Client Access Licenses (CAL) for each user who accesses the server indirectly or directly. A CAL will look similar to this:

Microsoft-Audit-Img3.png

Be sure to check the volume license center for any server CALs you may own. Do not forget to provide the COA for your Windows Server edition.

Step 6: Collect Data From All Other Microsoft Devices

Your organization might use nontraditional devices, such as hand-held scanners, that run Windows. These have a COA sheet, which documents the embedded Windows operating system. Find that COA sheet from purchase and provide it to Microsoft.

Microsoft will also ask you about tablets (iPads or Windows tablets), Apple computers, mobile phones, multi-function printers/scanners, point of sale (POS) devices, time cards/clocks, thin clients, and more. They are looking for any device that may be running a Microsoft Office app (Word, Excel, etc.) and checking to see if it is included in your CAL count.

Step 7: Double Check and Submit

Once you have your documents collected and digital proof, add it to the Microsoft portal. Double check that you didn’t miss any information and that all the information you provided is correct. If you find deficiencies in your software licensing, don’t panic. You'll just need to work with Microsoft to give a little extra information.

Once you’ve double checked all of this information and sent it to your IT provider to review (if applicable), then you’re done!

Need Help?

Gross Mendelsohn’s Technology Solutions Group has been helping clients with their Microsoft audits for years. If you have any questions about the process or need help, contact us here or give us a call at 410.685.5512.

Published December 6, 2017

Webinar Recording

Cyber Security Wake-Up Call: What’s Putting Your Organization At Risk?

Cyber Security Wake-Up Call Screen Play (1)

Reduce IT Costs Without Compromising Quality

In today’s competitive business environment, managing IT expenses while maintaining high standards of service and...

Ransomcloud: The Next Frontier In Cyber Security Threats

In the rapidly evolving landscape of cyber security, a new kind of threat has emerged that targets cloud services and...