Navigating the complicated field of software licensing is tricky, even for the most seasoned of IT pros. Making just one misstep can put organizations at risk of security problems, inefficiencies and steep financial penalties.
IT managers can stay on the right side of the law by educating themselves about four of the most persistent software piracy myths.
“People hear the word ‘piracy,’ and they think about a malicious person doing something illegal on purpose,” says Amy Konary, an IDC research vice president focused on software licensing. “But it’s easy with the complexity of software licensing to misuse or overdeploy software.”
Adam Coates, associate general counsel and managing director for compliance and enforcement for BSA | The Software Alliance, says organizations often engage in neglectful practices that they might not think of as piracy, but which still lead to noncompliance with software licensing agreements. These practices include overdeploying software, purchasing programs from unproven dealers at too-good-to-be-true prices and failing to prevent employees from installing unlicensed applications.
“People say, ‘I’m not a thief, I didn’t intend to do this,’” Coates says. “The answer is, the law doesn’t care. If you have an unlicensed copy on your system, you have a problem.”
Additionally, some people think of piracy as an issue confined to markets across the globe that are less mature and well-regulated than the North American marketplace. “It absolutely is a problem in emerging geographies,” Konary says. “But in particular, unintentional piracy can happen anywhere. It’s not just an emerging markets issue.”
“The biggest myth or misconception is when an enterprise thinks the only thing they need to worry about is an audit by BSA or one of the individual software publishers,” says Coates. “There are so many more issues they have to worry about.”
In particular, companies running unlicensed software will miss out on patches and updates, which can impede both functionality and security. This can lead to inefficiencies that affect an organization’s bottom line, malware that gums up IT operations and data breaches that could expose the company to legal liabilities.
“If you’re not managing your software assets properly, you’re not just losing money, you’re also exposing your data to significant security risks,” Coates says.
“In the past, because audits were quite time consuming and expensive, vendors would target the biggest bang for their buck — the biggest companies and the broadest deployments,” Konary says.
But audits have recently become more efficient, allowing vendors to focus more of their attention on small and medium-sized businesses. “We are seeing more smaller companies being audited in the last three to four years than we would have in the past,” she says.
It’s important to have good software asset management tools, but it’s just as critical to have good policies and procedures in place.
“The tool is only as effective as the person wielding it,” says Coates. “You need someone who knows how to use it and how to interpret the data that the tool delivers. And then you need the right systems and processes in place to act on the data.” He emphasizes the need for employee education, solid procurement policies and leaders’ attention to these issues.
Konary also underscores the importance of education and well-considered policies.
“Communicate that you don’t tolerate underlicensed or pirated software,” she advises. “Simply having a policy and communicating that internally can make people more vigilant when it comes to software.”