Indirect Usage and Subsidiary Risks in Autodesk Licensing
Introduction – Why Indirect and Subsidiary Use Are High-Risk
You can be non-compliant with Autodesk software without even realizing that anyone has broken a rule.
In large organizations, some of the most serious Autodesk license violations come not from intentional abuse, but from the subtle ways people share or access Autodesk tools in day-to-day work.
Autodesk’s licensing is user-based and often tied to a specific legal entity, yet modern workflows in design, construction, and manufacturing encourage collaboration across teams and companies.
This means it’s easy to unknowingly cross the lines of your license agreement. Read our complete guide to Autodesk License Compliance Management: Staying Audit-Ready.
Autodesk’s audit teams know this. They actively look for “hidden” usage during compliance reviews – the kind of usage that falls outside your core IT team’s immediate sight.
Suspicious patterns in usage data or cross-entity access are common triggers for an audit. The result? You might get caught in a non-compliance situation even though no one deliberately installed unlicensed software.
As one saying goes, “You might think you’re just sharing a file — Autodesk might call it unlicensed use.”
This article is a risk awareness guide to help you recognize these indirect and subsidiary usage risks early, understand how Autodesk interprets such scenarios, and implement preventive governance before an audit turns them into costly problems.
Understanding Indirect Usage in Autodesk Licensing
What is “indirect usage”? In the Autodesk context, indirect usage occurs when Autodesk software is accessed, triggered, or used without a direct license assignment to the actual user or device. In other words, it’s when someone (or some system) is one step removed from the typical licensed user launching the application. Autodesk’s compliance teams take a broad view here.
They consider that even if a person isn’t literally logged into AutoCAD or Revit, they might still be using Autodesk technology or file formats in a way that requires a license.
This is very similar to SAP’s well-known “indirect access” issue, where even viewing or interacting with SAP data via a third-party system needed a license. Autodesk applies a similar logic: any unlicensed touchpoint with its software can be deemed a violation under the license terms.
Common indirect usage scenarios that can put you at risk include:
- Viewing or editing Autodesk files through third-party tools: For example, using a project management platform or a free viewer that lets unlicensed users open or mark up a
.DWGAutoCAD drawing or a Revit model. To you, it may just be sharing a design file, but Autodesk might see an unlicensed user benefiting from their software’s output. - Automated scripts and integrations: Perhaps you have a custom script or plugin that invokes an Autodesk program’s engine or API in the background. For instance, a batch process that uses the AutoCAD engine to render files or extract data without a human launching AutoCAD each time. Even though no person is at the keyboard, Autodesk considers that script as using the software – and therefore needing a license for each instance or user initiating it.
- Shared logins or credentials: This is a classic case – multiple team members sharing one Autodesk ID or installation across different shifts or projects. Maybe a generic login like “designer01” is used by several people. This “one license, many hands” approach is not allowed. It effectively allows unlicensed individuals access under a single paid license, which Autodesk will count as a compliance gap.
- External contractors using company software: You might hire contractors or third-party designers and give them access to your Autodesk applications (by lending a laptop, sharing an Autodesk account login, or having them remote into your system). If those contractors are not individually licensed (or their usage not covered under your agreement), that’s considered unlicensed use. Autodesk expects each person or entity using the software to be properly licensed, even if they’re doing work for you.
Action Tip: If a person, bot, or system touches Autodesk software — make sure it’s licensed. Every individual or process that benefits from Autodesk technology should have an entitlement. Autodesk auditors treat these indirect uses as seriously as any direct installation.
In an audit, each of the above scenarios could be flagged as an instance of unlicensed usage, often with demands to purchase backdated subscriptions or pay steep penalties. The takeaway: treat indirect usage with the same diligence as direct usage, because Autodesk certainly will.
Subsidiary and Affiliate Use Risks
“You bought the licenses for your company – doesn’t that cover all our divisions and sister companies?” Not necessarily. In Autodesk’s eyes, every legal entity is a separate customer unless your contract explicitly says otherwise. Autodesk license agreements typically define the “Licensee” as one specific legal entity (your company as named in the contract).
This means if a subsidiary or affiliate company uses software seats that the parent company purchased, that usage is unlicensed by default.
It’s a common blind spot: a parent firm assumes its Autodesk subscriptions cover the whole corporate family, but Autodesk does not automatically extend rights to affiliates.
During audits, Autodesk will actively look for cross-entity usage. They might trace where each license is assigned and which email domains or company names are associated with the Autodesk accounts using the software.
If they find users or installations in a subsidiary that isn’t listed in the agreement, they’ll flag it. For example, imagine your U.S. headquarters purchased 50 Autodesk licenses and assigned them to users across the company.
If a European branch office (a separate legal entity) is using five of those licenses, Autodesk considers those five users unlicensed. The parent company can’t just reply, “Oh, we had spare licenses.” From Autodesk’s perspective, those licenses weren’t contracted for that European entity.
Read how to manage the compliance across multiple entities, Managing Autodesk Licenses Across Departments & Entities (Effective License Position).
Consider a few scenarios and how Autodesk views them:
| Scenario | Autodesk’s Stance & Audit Risk |
|---|---|
| Subsidiary uses licenses bought by the parent company | Not permitted unless your contract explicitly allows affiliate use. The subsidiary’s usage is treated as unlicensed. Auditors will likely demand that the subsidiary purchase its own subscriptions (often backdated to when use began), or impose penalties for those users. |
| Global offices share a single named-user login across entities | Violation of the one-user-per-license rule and misuse across entities. Autodesk will count each actual individual using that login as needing their own license. In an audit, you could be charged for those additional unlicensed users (with retroactive fees for the period they were active). |
In short, what seemed like efficient internal sharing can turn into an expensive compliance issue. Multi-national companies are especially at risk: one regional office might deploy Autodesk software, thinking it’s covered under HQ, but it isn’t unless the contract was drafted to allow that.
Autodesk auditors often request breakdowns of software installations by legal entity or location. They will not accept “we have extra licenses in another group” as a defense if those licenses are not contractually allocated to the entity using them.
Action Tip: Cross-entity collaboration is normal — but Autodesk doesn’t assume it’s legal. Get it written in your agreement.
If you know multiple companies in your corporate group need to share Autodesk resources, negotiate an affiliate-use clause or a group licensing arrangement in writing. Otherwise, keep each entity’s usage separated and licensed on its own.
How Autodesk Detects Indirect or Cross-Entity Use
How does Autodesk actually catch these indirect and subsidiary usage issues?
The answer: through data and diligence. Autodesk’s compliance team uses a combination of analytics and audit tools to uncover suspicious patterns.
Here are some typical red flags that can trigger an inquiry or audit:
- Mixed domain or company names in usage data: Autodesk’s cloud licensing requires each user to log in. If they notice that some users logging into your Autodesk account have email domains or company identifiers that differ from the main licensee (e.g., contractors or affiliate companies), that’s a red flag.
- License activations in unexpected locations: Autodesk tracks where licenses are activated. If your licenses are supposed to be for Company A in North America, but Autodesk sees many activations coming from other countries or a subsidiary’s offices, they take note.
- Concurrent usage beyond entitlement: With named-user licenses, each user shouldn’t share credentials. If the same account is logged in from two places at once, or if usage logs show more active users than you have subscriptions for, Autodesk’s systems will flag it. For example, 50 licenses assigned but 60 unique users appearing in logs is a glaring sign of trouble.
- Shared account or unusual login patterns: Accounts that exhibit unrealistic behavior – like logging in from different locations/devices in quick succession – suggest multiple people using one login. Also, “generic” usernames (e.g., DesignTeam01) or logins of former employees that still show activity can tip off auditors that unauthorized use is happening behind the scenes.
- Audit tool findings: During a formal audit, Autodesk may ask you to run the Autodesk Inventory Tool (AIT) on your network. This tool scans for all Autodesk software installs and usage. Suppose it finds installations on machines outside of the main licensee (say, a contractor’s PC or a sister company’s device), or versions that aren’t accounted for. In that case, those will be flagged as non-compliant instances.
Autodesk’s approach is data-driven: they compare what should be happening (according to your licenses) with what is actually happening in your environment. Anything that doesn’t line up – extra users, different entities, overused logins – can set off alarms.
In some cases, Autodesk might even reach out proactively if its telemetry suggests non-compliance. For instance, they’ve been known to email companies when serial numbers or usage patterns indicate possible misuse or pirated installations.
The key point is that these indirect and cross-entity issues are often visible in the data exhaust generated by your usage. That’s why you can’t rely on staying “under the radar” – it’s better to address the risks directly through good management (before Autodesk does it for you).
Consider creating a license compliance policy, Creating an Autodesk License Compliance Policy (Training Guide).
Mitigating Indirect Usage Risks
Given the hidden nature of indirect usage, what can you do to avoid falling into a compliance trap?
Here are some practical strategies to detect and prevent indirect-use violations before Autodesk’s auditors ever come knocking:
- Set a clear internal usage policy: Establish and communicate a firm policy on who is allowed to use Autodesk software, and how. Make it explicit that sharing logins is prohibited, that only authorized users may access the software or files, and that any automated use of Autodesk tools must be approved. When everyone knows the boundaries, there’s less chance someone accidentally crosses the line.
- Track and review automation or integrations: Do an audit of any scripts, plugins, or third-party applications in your environment that interface with Autodesk products. If an engineering team set up a script to batch-process CAD files overnight, find out how it runs. Ensure that any process invoking Autodesk software is running under a licensed account or consider obtaining specialized automation licenses if available. Likewise, review workflows where Autodesk files are used in other systems – make sure those workflows don’t quietly extend Autodesk access to unlicensed users.
- Eliminate shared accounts: If you uncover any shared Autodesk IDs or generic accounts, convert them to individual named users immediately. Autodesk’s current licensing model is all about named users, one per subscription. Not only is sharing a login a direct violation, it also robs you of visibility into who is actually using the software. Transition everyone to single-user credentials tied to their real identity. This move not only keeps you compliant but can reveal if you have more people needing access than you thought (allowing you to budget properly or revoke unused seats).
- Monitor usage with SAM tools: Leverage Software Asset Management (SAM) tools or Autodesk’s own usage reports to keep an eye on how licenses are being used. Tools like OpenLM, Flexera, or even Autodesk’s online dashboards can show concurrent usage patterns, login history, and active versus idle users. Set up alerts or periodic checks for anomalies – e.g., one user ID consuming an abnormally high amount of hours (could be a sign of multiple individuals using it) or usage appearing from new locations. By catching these early, you can take corrective action (like purchasing an extra license or stopping an improper use) on your own terms.
- Educate your team and contractors: Often, indirect use isn’t malicious – people just do what’s convenient to get the job done, not realizing it’s against the license terms. Conduct brief training for your staff and any external contractors about what counts as “using” Autodesk software. Make sure they understand, for example, that they shouldn’t open a colleague’s AutoCAD file in an unofficial viewer unless they themselves are licensed, or that they can’t loan their login to a friend in another department. When everyone knows the rules, there’s far less risk of well-intentioned collaboration turning into a compliance headache.
Remember, your best defense is visibility and control. The goal is to know who is using Autodesk software, how they’re using it, and where they are using it from. When you have that insight, indirect usage shouldn’t catch you by surprise. It’s far easier (and cheaper) to fix an issue proactively—like adding a needed license or adjusting a workflow—than to explain it under the pressure of an audit.
Preventing Subsidiary Use Violations
Preventing cross-entity licensing problems requires both technical controls and contractual foresight. Here are measures to ensure your subsidiaries or affiliates don’t accidentally drift out of compliance:
- Keep separate accounts per legal entity: Autodesk allows linking multiple subs to an enterprise agreement only if negotiated. If you don’t have such an arrangement, it’s wise to manage each company’s licenses in its own Autodesk Account (with its own admin). This prevents, say, a well-meaning IT admin from one business unit from assigning licenses to a user in a different subsidiary under the same portal. By separating accounts, you create a natural barrier to cross-entity confusion.
- Review and update contract terms: Check your Autodesk license agreements for any mention of affiliate or subsidiary usage rights. If it’s not explicitly allowed, assume it’s not allowed. During your next renewal or negotiation with Autodesk, raise the issue: can the definition of “Licensee” be expanded to include specific affiliates? Large customers sometimes negotiate a “group license” or master agreement that covers multiple named entities, but you must get this in writing. If Autodesk is reluctant, you may need to ensure each entity signs its own agreement or purchase, which should be planned for accordingly.
- Plan for corporate changes: Mergers, acquisitions, or spin-offs can instantly change who is legally allowed to use your licenses. If your company acquires another firm, don’t overlook software licenses in the integration plan. Decide whether the new subsidiary will get its own Autodesk subscriptions or whether you’ll negotiate an umbrella agreement to cover them. The same goes for joint ventures or long-term contractors – if you’re creating a shared team across legal entities, address the licensing at the outset rather than assuming you can share existing licenses.
- Internal audits of deployment vs. entitlement: Periodically, conduct an internal review to map where Autodesk software is installed and used versus who is actually licensed for it and under which entity’s contract. For each installation, ask, “Was this installed under the correct company’s license? Does the user’s employer match the license holder?” This exercise often uncovers situations like a laptop in a subsidiary office running a copy of AutoCAD obtained under the parent company’s subscription. By identifying those, you can correct course (e.g., transfer that seat to the subsidiary’s own contract or purchase a new one for them) before Autodesk does.
- Document and formalize any exceptions: In certain controlled cases, you might permit some cross-entity use (for instance, a specialist from your HQ temporarily using a license while working at a subsidiary site). If such usage is necessary, document the justification and duration. It’s not a free pass – if it violates the contrac,t it’s technically non-compliant – but having a record shows you’re not willfully ignoring the rules. This documentation can be useful when negotiating with Autodesk; it demonstrates that you’re aware of the issue, managing it, and planning to address it properly (through contract changes or additional licenses). It won’t get you off the hook in an audit, but it shows good faith and organization, which can sometimes lead to a more constructive dialogue with the vendor.
Ultimately, avoiding subsidiary-related compliance issues comes down to clarity and communication. Make sure all parts of your organization understand that software licenses don’t automatically cover sister companies or overseas branches.
The more you treat each entity’s usage as a separate line item to manage, the less likely you’ll be caught by surprise. And if cross-entity collaboration is important to your business, invest the time in structuring agreements that reflect that reality, rather than bypassing the rules.
Conversational Tip: Indirect use issues don’t start in IT — they start in collaboration. Fix it at the process level. In other words, the root cause is often people simply trying to work together across departments or companies.
Address those collaboration habits (through training, policy, and proper agreements) and you’ll prevent most indirect and affiliate-related compliance problems at the source.
5 Steps to Prevent Indirect and Subsidiary Licensing Risks
Finally, let’s boil it down to a quick action plan.
Here are five concrete steps your organization can take to stay ahead of indirect usage and multi-entity license risks:
- Map all Autodesk users and entities: Create a detailed inventory of everyone using Autodesk software and identify which company they are under. Know your “who” and “where.” This map will highlight if a subsidiary or contractor is accessing tools without proper coverage.
- Review your Autodesk contracts for affiliate clauses: Pull out your agreements and check if affiliate or multi-entity use is addressed. If it isn’t, mark this as a point to negotiate in the next renewal. Don’t assume coverage — verify it or get it added.
- Audit your environment for third-party integrations: Identify any non-Autodesk systems, API scripts, or automation tools interfacing with Autodesk products. Ensure each of those uses is licensed. For example, if a custom app is batch-processing CAD files overnight, confirm that it’s doing so under an authorized license (or adjust the process).
- Eliminate shared logins in favor of named users: Immediately replace any shared or generic Autodesk accounts with individual named-user assignments. Also, enforce a policy that credentials must not be shared. Each person who needs access should have their own license – this is both an Autodesk requirement and a best practice for tracking usage.
- Train staff and contractors on compliance boundaries: Educate everyone from in-house designers to external consultants on what counts as “use” of Autodesk software. Simple awareness can prevent most inadvertent violations. When people know that, for instance, using an Autodesk viewer or plugin without a license is not okay, they’re less likely to do it. Include these guidelines as part of onboarding for new employees and in contractor agreements.
By following these steps, you’ll build a proactive defense against indirect and subsidiary licensing risks. You’ll have visibility into all usage, clear permissions outlined, and a team that understands the dos and don’ts.
In the end, this level of governance not only protects you from surprise audit bills, but it also fosters a culture of compliant and responsible software use – all without hindering the collaboration and innovation that Autodesk tools are meant to enable.
Read about Autodesk Audit Defense Service.
