Slashdot Mirror
Software Piracy At the Workplace?
An anonymous reader writes "What does one do when a good portion of the application software at your workplace is pirated? Bringing this up did not endear me at all to the president of the company. I was given a flat 'We don't pirate software,' and 'We must have paid for it at some point.' Given that I was only able to find one burnt copy of Office Pro with a Google-able CD-Key, and that version of Office is on at least 20 computers, I'm not convinced. Some of the legit software in the company has been installed on more than one computer, such as Adobe Acrobat. Nevertheless I have been called on to install dubious software on multiple occasions. As for shareware, what strategies do you use to convince management to allow the purchase of commonly used utilities? If an installation of WinZip reports thousands of uses, I think the software developer deserves a bit o' coin for it. When I told management that WinZip has a timeout counter that counts off one second per file previously opened, they tried to implement a policy of wait for it, do something else, and come back later, rather than spend the money. Also, some software is free for home and educational use only, like AVG Free. What do you when management ignores this?"
Unfortunately ignorance of the law is no defense. The same is true for not saying anything when you witness a crime being committed. It's called obstruction. So, CYA: leave the company as soon as you can. Assume you WILL be held accountable in the future.
Security essentials is free for business, so replace AVG with that:
http://www.microsoft.com/Security_Essentials/
7Zip is free and OSS. Replace Winzip with that. Heck, XP has its own zip handler installed. A lot of techies assumed that XP needs a zip program because 2000 didnt have one. Get rid of it.
http://www.7-zip.org/
PDFCreator is free and OSS. It can make PDFs. Most people just need to make them, not 'edit' them.
http://sourceforge.net/projects/pdfcreator/
Yep, do it. Take the money as a little reward for dong the right thing..
What will happen to the company is: Microsoft will send a letter to the CEO informing him that they will be performing an audit, that they are entitled to do as he is running some form of Microsoft software (I doubt they need to check that's true). Then they will tell him that he needs to run audit software in the company and send the results to MS, and that they know of a few companies who will perform this audit for a reasonable fee, and no, running it all yourself of not acceptable.
Once he's done that, they will check how many licences they think the company needs to become 'compliant' and demand proof they have that many purchased. At this point, they also offer to bill for unlicenced software that accidentally or mistakenly was installed.
End result: the company pays to audit itself, and pays MS for a load of licences. Usually they end up paying extra for things people have installed but never use any more.
They're quite nice about it, if that help any.
A friend of mine was uncomfortable with using the pirated s/w at her company and so switched her computer and work products
from (pirated) Office to OpenOffice, (pirated) MatLab to Octave, and VBA to python. She also brought the overall issue up with the CEO, suggesting
that the company should pay for its payware, or switch to FOSS.
Needless to say, not long afterwards, she was terminated with some lame excuse but it's clear it was for not being a "team player".
The 95% of the technology startups in our town are laughingly underfunded
(e.g. reverse mortgage on CEO's house and small contribution from Aunt Tilly's bakery), so they have no
money for legit licenses. Unfortunately, the management at many are too stupid to understand that there are perfectly good FOSS
alternatives for all of it.
Where are we going and why are we in a handbasket?
1. Take a software inventory. Figure out what is installed where, and which license codes/CD keys are being used.
2. Pull records. We get a lot of our PCs pre-loaded with MS apps and Acrobat. Those OEM installs stay with the machines, though many places try to move them forward from machine to machine (thus creating the impression that "we must have bought it sometime").
3. Check online sites, like Microsoft's eOpen site, or contact specific vendors (e.g., call Autodesk or your VAR) and ask them to send you a summary of your current licenses.
4. Document your level of usage against your level of compliance. Include all costs for becoming compliant. Be sure to include one time costs (e.g., buying additional seats) and any recurring costs (e.g., maintenance, back maintenance, reinstatement fees).
5. Educate management that software is licensed, not purchased.
6. Include information regarding the legal liability related to pirated software. Include references to any cases you can find, including actual fines, as well as potential fines (caps). Note the reputational risk to the company as well.
7. Prepare a plan for bringing the company into compliance. Include possible stop-gap measures and alternatives (e.g., limiting the number of users with a specific pieces of software, buying one additional license per year, using OpenOffice).
8. Compile everything into a well-documented report/memo (depending on your company's preferred style), and be sure to present it personally (don't just email it off). Offer to meet at another time, if necessary, but you must make it clear how important this is. Offer to meet with the entire management team. Communicate, communicate, communicate.
9. Let management know you don't plan on blowing the whistle (they'll surely say "nobody knows, so we're fine"), but make them aware that any disgruntled employee could make a call in to the piracy hotline. If you have the intestinal fortitude to do so, you could even make it clear (if it reflects your beliefs) that you value your integrity and that you cannot, in good conscience, help the company steal software/violate contract terms. Of course, that means you need to be ready to put up or shut up.
All that being well and good, you can take some practical steps to start getting things into compliance going forward:
I use irony whenever I can, but my shirts are still wrinkled...
It sounds clear they're not going to change business practices. There's always reporting them to the BSE or some other software piracy watchdog then going through a very painful (from what I hear) audit. You've already made known pirated software bothers you and if all of a sudden a watchdog group shows at your door with a warrant or whatever they use... You're screwed as far as continuing with this company. Likely you'll be fired for some unrelated subjective cause.
You can shut-up and look the other way or you can leave and report them. You cannot force them to change, you cannot report them and stay. Do your own math...
-[d]-
Someone physically taking something from you and someone making a digital copy of something is not the exact same thing. If someone steals from you, yes, that is a criminal offense. When someone makes an unauthorized copy of something, that is a civil, and not criminal, offense.
"But this one goes to 11!"
Mod parent up. Early in my IT career, I worked at a small web dev shop with 15-20 people. Someone got laid off, and called the BSA on us, even though we were licensed on all our software. Someone from the Chicago BSA office showed up and said they had a right to audit us and would be coming in to do so. My manager at the time told them to GTFO and come back with law enforcement if they wanted to do an audit. We never heard from them again.
That right. I would suggest that you line up another job before you notify BSA. Otherwise I would suggest pushing things like OpenOffice as an alternate to getting legit licensing.