Adobe Lisence Audit - Small business
Posted by Fluid_Programmer_759@reddit | sysadmin | View on Reddit | 48 comments
I run a small agency and today I randomly noticed an email from Adobe about a license review/audit.
We’ve honestly been a bit inactive on checking some emails for a while due to internal issues, so this kind of caught me off guard. Not sure how serious this is or if it’s something routine.
We do use Adobe products across the team, but like most small agencies, usage hasn’t always been perfectly structured (licenses vs users etc.), so I’m a bit concerned now.
I wanted to understand:
* How serious are these Adobe audits actually?
* Has anyone here gone through this recently?
* What happens if there’s a mismatch in licenses vs usage?
* Should I respond immediately or take time to fix things first?
* Any tips on how to handle this without getting into trouble?
Would really appreciate honest insights from anyone who has dealt with this. I am reallly scared and panicking, please help me out
Thanks in advance 🙏
Affectionate_You1590@reddit
What is the status?
Fluid_Programmer_759@reddit (OP)
What happens when they find cracked versions?
shemp33@reddit
Would they?
Fluid_Programmer_759@reddit (OP)
Yes
NoTimeForItAll@reddit
As others said, contact legal. Anything you do to hide evidence can put you at risk. Do what your legal team and management tell you to do. If it was your decision to use cracked software, you may want to talk to a lawyer privately.
thortgot@reddit
You are boned then. Even if you delete all the software today and go switch to OSS you will loose in court.
Centimane@reddit
Sounds like you're cooked. Adobe gonna make the company bleed.
Probably best to:
adminadam@reddit
Maximum fines for illegal software (software piracy) in the United States are severe, with criminal penalties reaching up to $250,000 for individuals and $500,000 to $1,000,000 for corporations or repeat offenders.
Tymanthius@reddit
Then you're an idiot. There's cheaper software out there. And often better. Especially if it's just for PDF's.
Sovey_@reddit
Well you're in luck! Because (if you use the regular consumer installer) they automatically install a super-handy-dandy tool called Adobe Genuine Service to make sure you don't accidentally install an illegal version of their software! It's so thoughtful of them to scan my computer to make sure I don't accidentally install a cracked version of their software.
Fluid_Programmer_759@reddit (OP)
I meant if they find cracked versions in the company pc
otacon967@reddit
Then your company gets cracked for compliance ($$) and probably a penalty ($$$$$) if it’s flagrant. Look up what happened to forever 21 after Adobe got a hold of them.
Get legal involved and do a self audit immediately. Do NOT agree to anything voluntarily. Legal needs to be taking these calls and answering these emails. Best case they get them to bugger off. Worst case they will at least slow this down and limit the scope. This is a risk to the company’s reputation and finances and they should take it seriously.
jfernandezr76@reddit
They just want you to contract the mismatched subscriptions.
Elensea@reddit
Are you running illegal copies of Adobe?
Upbeat_Whole_6477@reddit
We ignore them. As others have said. If it’s serious they can mail or call.
St0nywall@reddit
When Adobe is incentivized to audit you, they will send a legal letter informing you of said action against you and your company.
Until that happens, see this as a good reminder to true up your licenses so there's nothing for them to catch you on.
Fluid_Programmer_759@reddit (OP)
We got a letter through mail and recently they appointed the audit firm (ey ) to loop in on this case. They have also sent a warning saying that we cannon uninstall softwares from our end, cannot Reinstall the os and be compliant. They have also asked to connect Should I decline the request and not respond anything else. We have one crack in our company pc, is there a way to remove traces?? Also If I deny the ownership of the system can They identify the system from thier server or through another way and date it back to me. Ive changed the wifi connection and we work in a clunnes space so many people use the same wifi
What should i do. Will they go to the court? Even though we are a small company why are they appointing a third party (big4) on us
If crack found what is the penalty
St0nywall@reddit
Yes they will fine you and likely it will go to court if your company doesn't pay.
The crack is more dangerous due to the possibility of malware being part of the crack... but if it's an Adobe product they could sue you for software piracy.
Best thing you can do is to remove the hard drive and replace it and re-image the computer. Destroy the old hard drive. This is the only way to remove all traces of the software if that's a concern for you. Files can still be recovered from a wiped hard drive and used as proof of software use.
Illustrious_Sell_325@reddit
Some untimely large electrical surges might be in order. Dunno what happened to the box boss
DesignatedControvert@reddit
Oh boy. Let's keep it simple.
Option 1 if you need Adobe's products and their licenses:
Clean up the illegal stuff, buy all the licenses that you need through official channels and allow EY to audit your business.
Option 2 if you can switch to another vendor:
Refuse the audit. They'll probably cancel all your licenses and disable your products.
Fluid_Programmer_759@reddit (OP)
Even if I install the new one, theywill know it and can cause an issue
thortgot@reddit
Yep. They can phone home functions baked in.
BCIT_Richard@reddit
OS reinstall should be enough, most traces people miss are residual files in Registry or %appdata%
shemp33@reddit
Uninstalling would be a case of being non compliant. But decommissioning that device or OS. Replacing it with something else… best case, they ask for proof of some kind of device fingerprint, and it’s sorry, we don’t have that device per decom/refresh. Also, it could have been an employee byod situation and that person is no longer with the company.
If it were me in your position, I would be bucking up my powershell scripts to deep scan for anything that might be noncompliant. Figure out what it is, figure out if you need the functionality (if so, go get the right licensing, asap), or if it’s just hanging around, decom it. You don’t want them to locate things you don’t know about.
anonymousITCoward@reddit
Decline it, you really have to piss off one of the big companies for them to force an audit upon you...
St0nywall@reddit
This is Adobe India, so a bribe may make it all go away if they show up with the police.
shemp33@reddit
I love how this works in other parts of the world. 😆
anonymousITCoward@reddit
it works like that in the US too, you just have to be more discreet ... in most cases\
St0nywall@reddit
I snorted my coffee reading this. LOL
Jamroller@reddit
So long as you haven't been floating licenses between users to underlicense, you should be alright i reckon.
I went through the adobe license auditing 2 months ago, was a very quick and simple process (at least for our size) and could even talk out of meeting them for 'optimizing' our usage of adobe products.
Fluid_Programmer_759@reddit (OP)
Will DM you
Jamroller@reddit
Nah don't.
Read that you're using cracked software, that's on you. contact lawyer.
shimoheihei2@reddit
It's always seemed incredible to me that a private company can just decide to go to your home and "audit" you because you bought software from them. I would tell them to go away, but not this nicely.
noudcline@reddit
Like others are saying, you probably need to do nothing. These are third parties who are really good at sounding official but are just trying to make money off of scaring you. Basically a scam.
Tymanthius@reddit
Emails have no force. Ignore it.
No-Ant-9159@reddit
Two possibilities. One: salesperson trying to make a few bucks by upselling. Two: Recovery department wants to charge you for copies that are unlicensed.
In either case, the answer is the same. Ignore them. Many of these companies work by having "free for personal use", but not free for commercial use. If they see a download from business IP they will assume it is in use for business and try to invoice. Above all do not let them scan your network. Went through it with Oracle. They had records of our "downloads". Most of the downloads in question were the firewall team setting up and testing the block rules to ensure staff couldn't download it.
Be aware though, if you ignore them they may just start reaching out to anyone they can find at your company to force you to engage them. That is what happened to me. Told the "Rep" we don't use it and to pound sand. They stopped after a while but they were persistent.
Here is part of their email:
Oracle’s servers have captured 64 unlicensed software copies at **** between July 2017 to September 2024 with the software upgraded to the latest versions of the product.
Per policies, the licensing exposure for **** for Oracle VirtualBox is as follows:
1. License Fee: $78,080 USD
2. Back dated pay and penalties: $147,840 USD
3. Total License Exposure: $225,920 USD (and growing)
Fluid_Programmer_759@reddit (OP)
These mails directly came from head of antivirals smb adobe with a tick mark, do not think this is a sales tactics, they have also ccd ey to audit us and they have been trying to reach out to us
RagnarStonefist@reddit
I got one of these a few months before our renewal. I filled it out.
We buy our licenses through our VAR, and suddenly we had salespeople from Adobe trying to schedule meetings with us just before our renewal. I responded with 'we have a VAR' and they were still trying to insist to meet with us. After our renewal finished, they stopped reaching out. Funny, that.
VG30ET@reddit
If it's anything like the Oracle requests we got, and you really are a pretty small agency, just ignore it. We did that with Oracle, and while they did send at least 10 more emails asking to help "optimize" our licensing (we don't use Oracle products) - they eventually just went away.
sslitches@reddit
Oracle did this for a bit with us, but now oracle is blocked from our email domain. They just talked themselves out of ever being a vendor for us.
OneSeaworthiness7768@reddit
Oracle was annoying as hell to deal with. My company has had contracts with them for EBS for like 20 years and the way they tried to rake us over the coals over some minuscule number of Java installs a couple years ago was wild. The people we were dealing with couldn’t even tell us what they wanted to see from us. It was just pure incompetence and greed all around.
Wolfram_And_Hart@reddit
Decline it.
When I did one for a CPA firm they had a problem with one of the users being named “intern”. They said “we don’t know who’s using the license” I said “the intern computer and they usually get a new person every 90 days or so.”
regular_guy_77@reddit
The 3rd email I received from them was "strongly" worded so I responded. I used a response I saw here in January. "We have an annual plan licensed directly through you. You can see valid activation from your end and we are not using any other Adobe licensing in our environment." I never heard back.
armor64@reddit
we had one that requested like 3x over a month, then got a warning that non-compliance could result in license termination or some other BS. replied back with the list of like 10 licenses and the users were accurate, and that was all that was needed. my take was it was supposed to be a sales call but we arent big enough to make a difference lol.
chris-itg@reddit
Ignore it, and do not respond. Any truly necessary audit can and will come via the postal service.
SageAudits@reddit
Do you have the older versions of adobe? There is a bit of a security risk if you are using old versions of Adobe acrobat, for example. Obviously the newer versions have the security updates and fix a lot of issues around PDFs, but they are a per user licensing for most business sizes and it gets expensive pretty fast. They do have a professional and a standard tier of licenses for Acrobat for example. If your business is small and you’re able to train users, there are of course alternative providers.
DesignatedControvert@reddit
I think i faintly remember a post about Adobe threatening an audit before here and they sent them a long list of requirements, like that Adobe has to send an auditor to their site, sign some confidentiality agreements and stuff, just a bunch of legal documents so in the end they never heard of them again
Maybe you can find the post again, should be somewhere in this sub
Witty-Culture-5978@reddit
Decline it if it is just a request