View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
April 8, 2015

How to stay safe and compliant when using business software

Sarah Coombes, managing director, compliance & enforcement, EMEA, BSA | The Software Alliance, outlines her top tips for business software.

By Cbr Rolling Blog

2014 saw a number of high profile cyber security breaches across the world. From eBay to allegations against JP Morgan, it seemed like no company was safe. Businesses should do all that they can to ensure that their data (and that of their customers) remains safe. Any data breach can cause catastrophic damage to a company’s reputation, as Home Depot in the US discovered.

While up-to-date security measures, such as anti-virus software and firewalls, can help avoid data breaches, many companies overlook the importance of software management as a preventative tool. Research by IDC shows that consumers and enterprises have a one in three (33%) chance of encountering malware when they obtain and install a counterfeit software package, or buy a PC with incorrectly licensed software on it.

The BSA annual Global Software Survey, which looks at the rate of unlicensed software around the world, found that computer users cite the risk of security threats from malware as the top reason not to use unlicensed software. While legal software alone won’t protect you from all cybersecurity risks, together with strong IT governance, it provides a critical first line of defence.

Cyber security risks aside, businesses can also face large fines for using software without the correct licences. While not all copyright infringement is deliberate, businesses can be duped in to buying illegitimate or incorrectly licensed software. Of course, as with anything purchased from an unofficial source, this software could contain malicious files which could harm your computer and potentially give hackers access to your systems.

In order to stay safe and compliant, businesses should consider these simple steps to protect themselves:

Manage staff downloads:

IDC research estimates that 20% of unlicensed software in enterprises globally is put there by employees. Even if an employee downloads illegal software on to their computer without the knowledge of the IT department, the employer is still responsible, as it owns the machine. For example, in a recent case in the UK, a freelancer who downloaded an unlicensed copy of Autodesk software cost the business they were working for £33,000 in damages and license fees. Managing who has administrator rights on your work laptops will prevent unauthorised installations.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Be wary when making changes:

Going through a significant change, such as a merger or acquisition, can throw up a number of complications. This is an important juncture at which to carry out a comprehensive software audit. Fail to do so and you could suffer a similar experience to First Choice Facilities, a safety specialist company. It paid out almost £100,000 in damages and license fees after acquiring another company and allegedly inheriting a substantial amount of unlicensed software.

Take stock while growing:

Well over a third (39%) of businesses BSA surveyed in 2013 claim they often allocate additional PCs and software to employees before paying for additional licences. This means that companies are often unlicensed for a period of time. And yet you never know when you might be called upon to account for all your software. Don’t let software licensing drop to the end of the to-do list.

Keep on top of your license numbers:

This will make it much easier to run a software audit. For some software publishers you still need to keep the boxes as proof of license, so ensure that you have these locked away in a safe place. However, as many programs move to cloud and subscription-based models, it will become much easier to keep track of your licenses. A simple Software Asset Management (SAM) tool will help you keep track of how many licenses you have versus how many you need. Controlling your software assets and keeping your license catalogue up to date will help to save money and stay compliant.

Keep control:

Every department in your organisation is likely to have different software needs. For example, HR departments will need a tailored HR IT solution, whilst the sales team will need access to software such as Salesforce. In fact, Gartner predicts that this year, 35% of IT spend will happen outside of the IT department, rising to 44% in three years. However, software procurement should still remain the responsibility of the IT department, as should SAM. By all means educate department heads on your corporate policy on software use, but ensure the procurement, installation and management is handled by the IT department. This guarantees a holistic view of the state of software in the business and will offer insights in to ways that money can be saved.

Software licensing often falls to the bottom of the priority list. However, if it isn’t managed properly, it can lead to serious security, reputational and financial consequences, affecting the whole business. By implementing the sound SAM practices outlined above, you can minimise such risks and avoid copyright infringements.



Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.