||Add To My Personal Library
December 10, 2004
Vol.26 Issue 50|
Page(s) 30 in print issue
Software License Compliance
An Ounce Of Prevention Is Worth A Pound Of Cure
Since the late '80s and early '90s, tales of software piracy and its consequences have haunted businesses of all sizes. Businesses rushed to create assessment schemes to assure software license compliance, spurred on by horror stories: disgruntled employees reporting piracy by their former employers to collect rewards, employees being "planted" by software manufacturers to fish out pirates, and enormous fines imposed on certain transgressors.
Today, however, many resources and programs have become available to help businesses and individuals monitor and maintain their software compliance.
The first order of business is to understand the definition of piracy. Visions of software pirates as underworld thugs cranking out copies of software in their basements should be dispelled: Piracy, aside from making illegal copies of software for private use or profit, is also indicated in cases where any part of the licensing scheme of the software is violated.
Software licensing is usually a variation of one or more of these three basic licensing rules: single-node licensing, where each installation node needs a license; site licensing, where each installation node needs a license, but they are bought in volume to drive the individual license price down anywhere from 20% to 50%; or concurrent licensing, where the software may be installed on more than one location but can only have the number of simultaneous users indicated by the license.
So how do companies ascertain they are software-compliant? Needless to say, tracking software usage and installations can get rather complicated. Help is out there, however, in the form of organizations such as the Business Software Alliance (www.bsa.org) and the Software & Information Industry Association (www.siia.net), two organizations that are authorities in defining the rules of software compliance.
The organizations' membership includes some of the biggest names in the IT industry, such as Microsoft, Adobe, Cisco, IBM, and Intel. Along with establishing the guidelines for piracy and the means to stop it, including piracy telephone hotlines, they offer many resources that help organizations manage their software assets and maintain compliance.
These resources include audit tools such as WebCensus from Tally Systems (603/643-1300; www.tallysystems.com) and Discovery from Centennial Software (503/238-7455; www.centennial-software.com). These tools are subscription-based, and the total cost, as with most other software, depends on the number of PCs to be monitored.
These applications, which are only two of many available from other manufacturers, have slightly different feature sets, but all are easily deployable to client workstations from a central location and essentially provide the same core services. These include the ability to inventory software installed across the network (as identified by an updateable list of recognized apps), as well as the ability to continually monitor software usage and software addition and removal on networked PCs. These applications also generate reports on software usage statistics, as well as the number of licenses vs. the number of installed copies.
The applications discussed here are highly useful tools. As with any other radical policy change, however, changes should be implemented from top to bottom in the business process model, not just by the introduction of a group of utilities at one level. Consider the following steps when you formulate policy regarding software compliance maintenance.
Streamline your purchasing. Designate a singular point of purchase through which all software and licenses are analyzed and approved by an employee knowledgeable in licensing.
Communicate. Hold meetings, make announcements, and distribute memos to employees regarding software licensing.
Self-audit. Perform periodic "self-audits," either manually or via audit software, destroy any illegal software, and remove related installations.
Delegate responsibility. Appoint an individual or group to the task of maintaining software assurance.
Seek outside help. Larger companies may wish to solicit the aid of the BSA or SIIA for an extensive introductory audit that can cost up to $15,000, depending on company size.
Going to the BSA or SIIA first, in most cases, ensures that penalties will not apply and that you will be certified as compliant for one year, says Keith Kupferschmid, vice president of intellectual property policy and enforcement at SIIA. Kupferschmid adds that although software piracy is a "serious crime and can carry penalties ranging up to three times the value of the illegal software and even jail time," organizations such as the SIIA have equal, if not greater, focus on helping businesses become compliant.
All large organizations, and smaller ones that suspect they are not compliant, would be well-advised to contact the BSA or SIIA as part of the development of any software compliance policy. Aside from performing audits, the BSA and SIIA welcome questions and always have current information about software piracy guidelines on their Web sites, including trial versions of audit software.
Paying to get compliant now is far better than paying three times as much later and facing criminal charges. When it comes to license compliance, it has never been truer that an ounce of prevention is worth a pound of cure.
by Mick Maqbool