Winter 2011: Password security standards and trendsDisgruntled employees in the U.K. have a financial incentive to tell on their employer if they suspect the software they've been using is improperly licensed.
The Business Software Alliance (BSA), a global software industry group that collects data on software piracy and presses for greater control of software licensing, is offering employees up to $32,000 for reporting software piracy violations. The program, which has been in place for several years, was increased from about $16,000 by the organization for the month of December.
The organization is combating software piracy by tapping into the rising threat from insiders -- disgruntled employees -- dealing with layoffs and budget cutbacks as a result of the unsettled global economy. It announced the incentive program last week along with a survey it sponsored finding that 40% of workers based in London were willing to turn in their boss for a financial reward if they were laid off.
Software piracy has grown to be an international concern. Cybercriminals have been known to pirate software and sell it using legitimate looking websites. Some social networks, peer-to-peer file sharing sites and certain Web forums also fuel the trend, according to the organization. The BSA estimates that globally 41% of all software installed on computers is obtained illegally. It concludes that as a result of piracy, the software industry is losing $53 billion annually.
Requires Free Membership to View
SearchSecurity.co.UK members gain immediate and unlimited access to breaking UK industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.co.UK today!
Michael S. Mimoso, Editorial Director
A German consumer technology website reported last week that pirated copies of Microsoft Windows 7 on USB disk drives surfaced in China. The USB sticks display the signature of Microsoft CEO Steve Ballmer and look authentic.
But experts say there are much better ways to track and crack down on illegal software piracy in the workplace. Antipiracy technologies are available and cost as little as a few pennies per client, said Avivah Litan, a vice president at Gartner Inc.
"I would rather see the alliance promoting sound technology practices rather than incenting employees to rat on each other; it seems like an arcane measure," Litan said. "Software makers have the option to use effective technology out there that can solve most of their problems."
News of the increase to the BSA financial incentive program was announced in several UK publications. A number of software giants make up the organization, including Apple, Adobe Systems Inc., Hewlett Packard, IBM, Microsoft, SAP and Siemens.
Peter Beruk, senior director of compliance marketing said a reward of up to $1 million is offered to employees based in the United States. In the U.S. the program has paid out about $260,000 over last two years. To be eligible for a reward, the employee must leave valid contact information. Most investigations take about a year to process and the average payment is about $5,000, Beruk said.
"We realize that it is difficult for people to make the call and we want to reward them for doing the right thing," Beruk said.
Experts say many companies aren't trying to swindle their enterprise application provider. Some businesses can fall into the trap of sloppy bookkeeping with enterprise software deployments, wrangling software license agreements, Litan said. In many organizations, office technology inventory systems can become of date, causing some firms to violate their agreements. To better handle license management, some organizations are considering integrating inventory management with identity access management systems.
Application hardening technologies have entered the market over the last several years, targeting many consumer and some business applications. Arxan Technologies Inc., Cloakware Inc., PreEmptive Solutions LLC and V.i. Laboratories sell products that make applications difficult for hackers to crack and duplicate.
Device reputation technology can also ensure that licenses are being used properly, Litan said. Portland, Or.-based Iovation Inc. and Scottsdale, Ariz.-based 41st Parameter Inc. each sell fraud management tools. Software makers and enterprises wanting to track licenses have to weigh the benefit to determine if there is a cost savings. More robust technologies can be costly, she said.