When you add a new computer or person to your business, do you just copy the software from other employee computers or installation disks? If so, you are putting yourself and your business at risk for an audit of your software licenses. Don’t fall prey to the “we are too small to notice” mentality when it comes to software licenses.
Small businesses generally have a higher percentage of unlicensed software copies than larger businesses, making them fertile ground for auditors. Each violation carries a potential fine of up to $150,000 per software title copied illegally. If auditors determine that you fall into the criminal copyright category, the fines can be up to $250,000 and imprisonment. Frequent targets are very common programs such as Adobe and Microsoft products. It’s important to note that compliance or clean-up after the violation has been identified does not usually help a business avoid penalties.
The Business Software Alliance is the largest IT industry group formed to address international software piracy issues. Another is Federation Against Software Theft & Investors in Software, or FAST IiS.
Now the bad news (for software pirates): BSA offers rewards of up to $1 million for qualified reports of software license violations. Generally it is a disgruntled former employee who reports someone. The BSA receives over 2,500 potential violations through website or toll free number submissions each year.
What you don’t know CAN hurt you
Companies who found themselves in hot water typically did not have a solid program for auditing or enforcing their own rules or the terms of their software licenses. In addition to the fines, a business that is audited will also have the high cost of legal fees and business interruption to add to the tab. Be sure that your business has a system that is consistently followed regarding software installation and usage.
What’s a small business person to do?
Below are some helpful guidelines to protect your business:
- Adopt written policies that prohibit the use of unlicensed software. No matter how many employees you have, your employee handbook should include a very specific software licensing policy that lays out a zero-tolerance stand on using pirated content or unlicensed software. This may not reduce your liability if an incident happens anyway (you’ll want to check with your attorney about this). But such a policy will educate your workforce, show good faith on your part in the event of an audit, and reserve your right to discipline employees who flout the rules. Some businesses allow employees to download pirated games and music to company-owned PCs — activities that could expose their employers to legal liability. Be very careful about what you allow employees to install on your machines. Also, unauthorized or pirated software may expose your office to viruses, data loss and leave your security vulnerable. Assuming that your policy and directives to staff specify that all software used on business computers and for business purposes wherever installed must be properly licensed, you cannot go quietly about your work and safely avoid any risk of anything happening to you or your organization.
- Lock down PC account controls. Every modern desktop operating system supports multiple user accounts. Use them. Reserve administrator status for actual administrators, and assign everyone else to accounts that don’t allow them to install software. If your business uses network storage, consider limiting users to read-only access on their local hard drives.
- Educate your employees on why the organization must insist on full compliance. Be very careful with employee-owned devices. More employees now bring their own smartphones, tablets, and laptops to work. There are advantages to allowing or even encouraging these “BYO” technology policies. But you should also set policies that strictly control how employees access your network using their own devices and set out acceptable-use guidelines.
- Establish an authorization process for all employees — even IT — to follow before installing and using any software, but make sure it is easy to follow.
- Keep an active inventory of every software product in use and ever purchased by your organization.
- Conduct your own audits and promptly delete any software found on your computers that is unlicensed or whose license cannot be verified.
- Consider if cloud versions of software would work for your organization.
Unlicensed software can be tempting. Just remember: A single disgruntled employee could turn what seems like harmless corner-cutting into a financial and legal disaster for your small business. If you are unsure about your company’s license compliance give us a call and we can help you inventory your systems and get you back into compliance.
FAST IiS has several practical resources online if you want more ideas, such as Know Your Responsibilities and Risks, 10 Ways to Avoid Buying Pirated Software, Effective Software License Purchasing and 4 Steps to Effective Software License Compliance and Management. The BSA site also has a good list of free Software Audit Tools.
The only software you don’t need a license for is software you write yourself for your own use. We firmly believe that you will come out better paying the cost and keeping your software up to date and fully licensed.
Sources: Mat Payne, IT Director with Sparkmon & Associates, CPAs; Lewis Kinard, principal with Kinardlaw Consulting; and Cormac Foster, owner/principal of Argos Consulting.