Story image

Taking back control: Four steps to reporting unlicensed software usage

04 Sep 18

Most businesses around the world depend on software and other business technologies to make their operations more efficient, boost their bottom lines, and stay competitive in a crowded marketplace.

Despite the enormous benefits that software brings to the table for a business, many still choose to forgo paying for it, opting to instead use unlicensed software. Though freebies may sound appealing, the risks that unlicensed software pose to businesses are real.

By using unlicensed software, a business gets no access to the latest updates, patches and the array of tech support that accompanies licensed software, thereby limiting operational efficiency as well as leaving sensitive data and business systems exposed to malware infestation and cyber attacks. Additionally, malware can cost a company approximately A$3.2 million/NZ$3.6 million (or US$2.4 million) average per attack and can take up to 50 days to resolve.

Reporting unlicensed software usage is thus essential to limiting its harm and protecting the data of those involved. If you wouldn’t want your own data to be kept on unsecure software, why risk exposing the data of others to cyber attacks?

In Australia and New Zealand, 18 to 16 percent of software is unlicensed, which is estimated to cost between approximately A$809.6 million and NZ$92.9 million respectively (or US$540 million and US$62 million) in unpaid products per year – that’s a staggering amount of potential “lost” revenue for software developers.

If a business depends on customers paying for their products, software developers too depend on businesses using licensed software for their hard work.

Unlicensed software usage is, thus, not only an ethical issue but it’s also one that could end up being significantly expensive for all parties involved.

Here are the steps you should follow to report on unlicensed software usage:

Step 1: Report to BSA (The Software Alliance)

If you have a suspicion or proof that your employer is using unlicensed software, report to BSA by using the form on the website where you will be required to identify important details relating to the infringements by your company.

This includes, among other things, the type of unlicensed software used, and the number of PCs operating the infringing software. You are also asked to leave your own contact details in case BSA and/or its appointed lawyer needs to reach you for further information.

Step 2: Investigation begins

After you have submitted the form, a BSA representative may reach out to you for further information. You may be asked to provide evidence (such as screenshots proving the usage of unlicensed software) or written statements which may be used in negotiations or court proceedings with your consent. To know more about the progress of your report, you can email to receive the latest update.

Step 3: Collect evidence of unlicensed software usage or provide written statements

To support the report submitted to BSA, you can start by collecting evidence that demonstrates possession or intent to use unlicensed software. Screenshots are typically the best type of evidence – they could include file directories where the unlicensed software is installed; educational licenses being used for commercial purposes; or frequent error messages when using the software. Other examples of good evidence are instructions issued by the company or IT department on bypassing software registrations or installation verifications.

If you are unable to acquire any evidence, you may provide a written statement detailing exactly what you saw or heard about unlicensed software usage by your employer.                                                           

Once you have collected the evidence, submit it to BSA for ongoing investigation.

Step 4: Taking action against infringers

Your information and cooperation is critical in determining if legal action can be taken against your employer. BSA will decide whether there is a good case against your employer based on your information and evidence. Such action may involve court proceedings or may be settled out of court between parties.

If in the event that BSA pursues an investigation and, as a direct result of the information provided by you, receives a monetary settlement from the reported company, you may be eligible to receive a reward of up to A$20,000 or NZ$21,800.

Ensuring that businesses remain software compliant is key to thwarting cyber attacks, maintaining data security, and driving growth of the digital economy by protecting the interests of software developers. Report unlicensed software usage today to BSA.

Note: Informant confidentiality is of the utmost importance to BSA – your identity will not be disclosed at any point throughout the process, unless you expressly consent to that disclosure.

Article by BSA APAC director - compliance programs, Gary Gan.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Cohesity signs new reseller and cloud service provider in Australia
NEXION Networks has been appointed as an authorised reseller of Cohesity’s range of solutions for secondary data.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.