recommended reading

VA junks key Microsoft software license agreement

The Veterans Affairs Department has canned a key enterprise software license agreement for Microsoft products, Nextgov has learned, a move that could save VA nearly 30 percent in annual licensing fees, analysts said.

The department has discontinued its Microsoft Software Assurance for Volume Licensing agreement, which typically requires customers to pay an annual fee of 29 percent for desktop software and server software to lock in discounts on upgrades, Chief Information Officer Roger Baker said in a memo to VA's information technology staff on March 30, and confirmed by a spokeswoman today. Approximately 300,000 employees use Microsoft operating system and desktop application software.

VA did not respond to a query about how much it spends on Microsoft licenses, but based on past contracts, it easily represents a revenue stream measured in millions of dollars a year. In 2002, the department signed a $225 million agreement with Hewlett-Packard for Microsoft software licenses under an internal VA contract that ran through 2006.

Tim Hegedus, an analyst with Miro Consulting in Woodbridge, N.J., said the licensing agreement is not "one of the best bets" an enterprise can make, particularly if its upgrade path does not dovetail with Microsoft's upgrade roadmap. Hegedus said, "Microsoft is making an incredible amount of money," off its software assurance licenses, which he described as an annuity for the company.

Because Microsoft requires buyers to purchase the package for three years, at the end of that period VA would have forked over 87 percent of the license value, Hegedus said.

The software assurance package also includes support, but Paul DeGroot, an analyst with Pica Communications LLC in Camano Island, Wash., said large enterprises such as VA probably also buy premier support contract, which pushes Microsoft license maintenance costs up to 30 percent a year compared to 22 percent charged by Oracle and 20 percent by IBM.

VA has started to shift its computing environment from the standard Microsoft server/desktop environment to smartphones and tablet computers favored by hospital clinicians. It also is eyeing cloud computing services. In that case, DeGroot said, it makes even less sense for VA to continue with its Microsoft software assurance licensing program.

Baker said in his memo that "discontinuing software assurance will allow us to move away from automatically paying for all new releases and updates, giving us the opportunity to foster competition between vendors and assess the value of the software before purchase."

He added, "The market for desktop and server software is changing, with substantial impact from both cloud service providers and personal mobile devices. In the future, we are looking to increase our flexibility and the amount of competition for our business to ensure that we provide the best value and emergent technologies to our customers."

Baker said the decision to drop the licensing agreement will have "no near-term impact to VA operations from this decision. VA currently has a license for the latest released version of each product we use. In many cases, such as Windows 7, we do not yet widely utilize the latest version of the product. We will continue to use the software we have installed, and we will be able to upgrade to these newer versions of the software in the coming years."

He cautioned that the decision not to renew the software assurance license means "we will need to make smart decisions about whether a product needs to be installed on a particular desktop or server. We will begin to closely monitor where we have these products installed, to ensure that we do not exceed the number of licenses we have paid for."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.