Having worked for a variety of vendors, I've been on the opposite side of this issue, and I have to agree 100% with the customers. Yes, there's theoretical risk of folks stealing software; de facto, however, in over 30 years, I've seen exactly ONE such case. And it wasn't deliberate: it was a case of having stood up a second system and forgotten to notify us about use of our product (which didn't use keys, obviously). That resulted in a red-faced customer and a full-price, retroactive bluebird sale, so nobody was unhappy, except maybe the sales rep who would have had the account back when the system was first stood up (in this case, the rep hadn't even changed).
The downsides for the vendor include unhappy customers AND a requirement for 24x7 pager/phone support with access to keys. That's expensive and a hassle; for small teams, it's onerous, as it means very frequent positions in the rotation. If you have to do keys, Sterling VMD had what I still consider to be the best solution. Features included: - warnings before expiration (obAnecdote: friend once walked into data center, saw "VM:Backup will expire in 7 days!" on console, pointed to it and said something polite to the operator along the lines of "WTF...?"; operator glances at it, says "Oh, VM:Backup always says that." Um, no, just for the last 23 days...) - "emergency" mode, with frequent whining on the system console, but full operation - multiple key support, so customers could use ONE file with all their keys in it, rather than having to keep track (so if they had a DR key, it could live alongside the production key-no swapping of files) - plaintext format, no binary crap - support for short-term generic keys (which is what the beeper folks carried, so they didn't have to go generate one at 3AM) So the pain was at least minimized. No idea if this continues with CA. Dave Cole's self-service approach seems like a good modern alternative to having to phone, at least! -- ...phsiii ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
