How Do You Deal With Pirated Programs At Work?
LoneAdminOK writes "I started working for a small company in the middle of January as their IT Manager. I am the first actual 'IT Guy' that they have had; before me it was someone that performed another job within the company and just handled the IT on the side. The problem that I am running into is that most of the software I am finding on the network and on people's computers isn't owned by the company. The person before me would just get it from 'somewhere' and install it on the computers as needed. This is putting me in a bad position when I have to reinstall the program or find it to install on someone else's computer. Often, I am telling people that we don't have it or we have to buy another license, and they get mad at me because the other guy said that we had it. I can't even tell where the versions of Windows Server that they are running came from. The only one I know is legit is the one that is installed on an HP server with the OEM sticker on it. How have any of you handled a situation like this? I don't install 'borrowed programs' in a production environment because I know that if the BSA got wind of this, it would all fall on me when they stormed in."
I'd just keep me head down and swab the deck, me hearty!
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
ZOMG, replace it all with OSS.
Everyone is doing it. What are you afraid of?
Don't be a baby! Go on, do it!
Nuke the site from orbit. It is the only way to be sure.
For what company do you work?
I'm sure we can figure something out.
Your friend,
BSA
Collect the reward.
If brevity is the soul of wit, then how does one explain Twitter?
Easy! Keygens.
I know that if the BSA got wind of this, it would all fall on me when they stormed in.
And those Boy Scouts are rotten little bastards.
Whale
tks. Thought it meant Caramel Yak Association and I was getting all confuzed.
So, do you know where I can "borrow" this automatic auditing software of which you speak???
Caramel Yak Association
Splitters!
Linux, you magnificent bastard, I read the fucking manual!
There are several solutions, and which one is adopted depends a lot more on corporate culture than technical merit.
In large businesses (10,000+ employees), I see two common approaches. The first is lock-down.
Lock down.
* Centralize everything and lock down the workstations. All software comes from one department, is distributed by SMS or Altiris, and (sometimes) workstations are monitored for compliance. Businesses like this often go with Dell for their hardware provider and have only about 5 or so workstation configurations in active use. Patches and install requests can take months to fulfill, and if the software isn't on their list, chances are good that you'll never see it. These businesses have security weaknesses in their network due to this centralization -- typically using flat topology models with very little or no firewalling between various business units. USB ports are typically fiddled with so flash drives cannot be used. For some reason, DVD/CD drives always do though. Go figure. Everything is vanilla-flavored, stock, and the same. If you find a weakness on one workstation, chances are good they all have it. Standardization is great! The servers are backed up. The workstations, where all the real data is, is ignored.
Multiple IT departments
* You'll see this with businesses that absorb other businesses -- financial companies in particular. Each business unit has its own IT, distribution schema, and enforcement of IT policies vary wildly. You won't be able to change your desktop wallpaper, but regedit still works with full admin rights. Firewalling between various business units is more common, but the policies are often out-of-date, and multiple routes exist. VPNs are commonly stacked over them, and if you know where to look, you can usually find a way through. The upshot is that the hardware is much more diverse, users are sometimes "left to their own devices" (literally and figuratively), and homebrew software solutions are more common. Nobody really knows what Server X does, but it has a sticker on it saying "Do not touch, Very Important." Often, hardware inventory and diagnostics in such environments consists of unplugging it and waiting to see who complains. If nobody complains, pack it up and ship it to Corporate. Nobody really knows what the company owns, but by god, we've got a lot of it. The good news is, if you can find your IT guys, they'll usually have your software loaded in a few hours. They won't care as much about software licensing either (I just gotta make my 8 hours, man)... Contractors typically run the show, and they have no idea what they're doing (because nobody wants to tell them anything). Servers are backed up, sometimes workstations are too. Sometimes. Maybe.
Mid-size businesses (less than 100,000 employees)
Sometimes you'll see centralization, but more often it's the scenario above, but with only one IT department. The network topology is generally laid out better though, hardware is more consistent, and the helpdesk is actually (le gasp) helpful, typically being a stone's throw away from the admins who maintain the servers. This is a good deal for you users -- they're too busy to be making many software policies and auditing, but not too monolithic that they're inaccessible. Your USB flash drive will work, even though you're told not to. Hello iTunes! Don't download pr0n though... For some reason, medium-sized corporate IT departments know everything you do on the internet, even though they don't know where the database server is. There is one rack of equipment... somewhere... and if it dies the entire business will collapse. But nobody knows. The servers are sometimes backed up, and so are the workstations. We're not sure... What's a "backup policy"? Can I use MMC to set one up?
Small business (less than 10,000 employees)
There is one guy or a small team and they are zyzzy GOD on the network. They don't care what you are running on your workstation... There's a pile of install CDs at his desk. Help yourself. Talk to the pimply-face
#fuckbeta #iamslashdot #dicemustdie
This reminds me of an occurance on a mailing list. Someone asked if they should report their employer for pirating a certain fairly expensive program, posting from their work E-mail.
Reply from someone who worked at the company, "You just did."
I download all my software from BitTorrent. Why pay for something you can get for free? It doesn't hurt anyone...it's not like the programmers are making the bulk of the money off the software sales...Microsoft is a billion dollar company but do you think they pay their programmers even millions of dollars a year? Pssht.
The day programmers start making even 50% of the profit from their labors is the day I start buying software.
Software? Oh, I meant music. :-)
Disclaimer: Outside of the Slashdot Virtual Reaility, I do purchase CDs, AACs, MP3s. I use licensed MS software at work and home and even buy video games now and then. I do NOT, however, pay for bottled water at the movie theater. Preposterous!
Apparently, the economic poo we are wading through has a lot of businesses (esp smaller ones) considering FOSS.
Open Source! It's the Pointy Stick that will remove the Economic Poo from your Software Licensing Shoes!
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
CYA = cover your ass
in case some of our international readers missed it ;)
The international readers would like to point out that we will not miss your bare arses.
Had you been french or italian ladies, things would have been different.
Kind regards,
The International Readers
I was the other guy, and we *did* have licenses. I just took them all with me when I left.
-1, Evil.
Space game using normal deck of cards: http://BattleCards.org
+1, Evil.
whole hog *AND* vegan
I'd like to sign up for _your_ newsletter!
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
$1,500/mo slips in to the noise; $50K makes itself seen.
Here we have Mr. RollingThunder from The Burrows. He is proposing a $50,000 price tag to bring every single system in to compliance. Mr. RollingThunder, would you stand up, please?
<bang>
This demonstrates the value of not being seen
Practice Kind Randomness and Beautiful Acts of Nonsense.