Security Experts:

Connect with us

Hi, what are you looking for?


Endpoint Security

The Accidental Pirate: What Software Vendors and Enterprise Companies Should Know

Executives need to be mindful that software non-compliance within their organization can result in serious financial risks for the company.

Executives need to be mindful that software non-compliance within their organization can result in serious financial risks for the company.

As I’ve mentioned in earlier columns, it has been our customers’ experience that 50 percent of all software piracy violations found at corporations happen from businesses that are already clients of the software they are accused of stealing. How is this possible? While some of this activity can be blamed on deliberate action, more often than not, the reason companies unwittingly become software pirates is due to a misunderstanding of their software licenses.

Identifying Enterprise Software Licenses With that in mind, maintaining strong business relationships between software makers and their customers should be a top priority. So, what steps should both the software vendor and their customers take to ensure the relationship avoids speed bumps such as software piracy?

For software vendors: While software audits are always an option, they are disruptive to customers and can cause friction. To avoid this scenario, there is technology available to mitigate the risk of software piracy. Software vendors are now employing business software intelligence technology that can detect software piracy and identify the companies using illegal software. This information is reported back to the software vendor and with the hard data in hand, they reach out to those infringing companies to make them paying customers. This is also good news for companies whose competitors have been using pirated software, as the playing field is leveled as these competitors finally have to bear the same software costs.

For enterprise companies: Taking an inventory of software licenses is a good place to start. While it may turn up software non-compliance, it may also turn up more software licenses than a company may need, thus curbing wasteful IT spending. Companies should also take a software management approach that includes requiring software vendors build compliance-aware applications into its software.

Some companies may resist the notion that the software on their networks has self-aware capabilities that can detect and report if it has been pirated or is out of compliance because data is being reported out of the organization and concerns with privacy. In fact, the benefit to the enterprise user is actually quite valuable. It limits the company’s overall liability because it allows companies to identify misuse early and mitigate the risk of illegal software propagating in their IT environment. It also helps pinpoint the illegal software use activity, which can help companies avoid wide-scale software audits that are time consuming and can be costly to business operations. It also uncovers the root cause of the software misuse (broken procurement process, training issue, rogue employee overtly downloading illegal software) and provides companies with the information they need to address those concerns.

When done with the company’s knowledge and agreement upfront – and it is made clear what data is communicated – this approach can eliminate hefty fines and costly lawsuits when non-compliance is detected and provide a clear way for the enterprise company to become software compliant. The company should also let the software vendor know who its point of contact for reviewing data and identifying infringing computers will be to ensure effective communications and resolutions.

For software vendors: Take an amnesty approach when accidental piracy or software non-compliance is discovered. By offering a clear plan that forgives past software non-compliance with a new contract that brings the company into full compliance, vendors can ensure that the licensing problem at that company is eliminated and they become a fully paying customer. This approach shows vendors are willing to be partners with their clients in achieving their business goals rather than an adversary fighting over money.

For enterprise companies: Amnesty-aware technology can also be a benefit to the enterprise user as well. Once the enterprise user downloads and begins using a non-compliant software program equipped with amnesty-aware technology, they will be notified that they are using a pirated version of the software. It will also provide them with the proper steps they should take to become compliant. This proactive approach allows enterprises to address the problem as soon as it is detected and can help deflect fines and other negative results that can hurt the company’s bottom line.

Software piracy and software non-compliance are issues that concern the senior management of enterprise companies and software vendors. The negative impact of software piracy and the costs involved makes this a top priority for the enterprise user. Top executives working to drive revenue growth and extend market share need to be mindful that software non-compliance within their organization can result in serious financial risks for the company. Software vendors need to find a more effective way to generate new software revenues without alienating their client base. With both sides taking a proactive approach to software license compliance they can keep the problem manageable, root out the source of the non-compliance and protect their mutual business relationships.

Related Reading: Software Piracy – How to Identify if you Have a Problem

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.