Didn’t Mean to Turn You On: A Brief Study in Accidentally Enabled Features

Monday, 22 June, 2020

Lena J. Weiner

Have you ever thought that everything is running smoothly with your organization’s Oracle product, only to discover later that a feature—or even multiple features—had been accidentally enabled without your knowledge? Unfortunately, this scenario is all too common for many organizations utilizing Oracle products.

In most cases, administrators have no signs or alerts to indicate that an unrequested feature has been enabled. While experienced DBAs dealing with licensing issues may set up notifications to detect activated features, the uninitiated rarely consider this possibility.

The first realization often comes when Oracle presents a substantial bill for the unused feature, catching organizations off guard.

You might assume that contacting your account representative would resolve the issue, but that’s rarely the case. When Oracle detects an enabled feature, they charge fees that include the cost of the feature plus an additional 30% annually for accrued Oracle support fees. This holds true regardless of your tenure as a customer, the size of your contract, or any favors you’ve done for your sales representative.

Do You Have $200,000 to Spare?

Let’s consider the example of our client, an Enterprise Service Solutions Provider (ESSP), had been an Oracle customer for over a decade. During an audit by Oracle, it was revealed that ESSP had unintentionally enabled the Oracle Diagnostics and Tuning pack without the knowledge of its administrators.

ESSP had not utilized any features from the Diagnostics and Tuning pack, yet suddenly found themselves owing Oracle $200,000 in unpaid fees. In an attempt to prevent future compliance problems, ESSP invested in an Oracle Database Appliance (ODA), a preconfigured engineered system comprising hardware, networking, storage, and software. ESSP believed this would safeguard them against future license agreement violations.

Unfortunately, that assumption proved incorrect.

Proceed with Caution

The consequences of enabling unnecessary Oracle products can be severe and extraordinarily expensive. In ESSP’s case, their managed services provider (MSP) inadvertently violated their licensing agreement by enabling features. ESSP is not alone; a staggering 56% of organizations outsource their Oracle management. If any employee or third party, including an MSP, accidentally breaches the Oracle agreement, you bear the consequences.

Similar violations can occur if Oracle support instructs an administrator to execute a script that utilizes a feature beyond the organization’s licensing agreement. Additionally, during infrastructure changes, organizations face the risk of unintentional missteps that lead to licensing violations. Oracle’s products are typically set to “on” by default upon installation, unless manually disabled. One solution is to create custom templates, as ESSP eventually did, to specify which features are permitted.

Other methods to avoid Oracle licensing issues include disabling features or uninstalling components. However, nothing compares to having an expert ally who can anticipate what Oracle will uncover before they do.

Stay Ahead of Oracle

Two years after ESSP replaced some hardware, they engaged LicenseFortress to ensure ongoing compliance. On the first day of the audits, LicenseFortress detected another licensing violation by ESSP. Had Oracle discovered these violations instead of LicenseFortress, ESSP would have faced penalties exceeding $3 million.

The moral of the story is clear: Anyone can unintentionally breach compliance regulations, and detecting such violations can be challenging without proper knowledge. The best approach to avoid this predicament is to partner with a compliance monitor who possesses the experience, expertise, and unwavering support to keep you protected. And guess what? I happen to know a reliable one.