Sweeping and locking keeps you legal and improves productivity

By | March 1, 2006

With increased internet usage it is now easier to monitor the use of unlicensed software, and there is evidence that software companies are becoming more aggressive in enforcing compliance. Although many of the recent high profile cases are of counterfeiters peddling pirated copies, many responsible companies may also be unwittingly flouting the law.

It is vital that all companies have a strategy in place to prepare them for increased scrutiny of their systems. ServiceTec provides IT support to companies of all sizes and although it has seen the larger companies imposing strict change control procedures there is still a concern that smaller organizations do not recognize either the dangers of the unlicensed software or the spin-off benefits from a managed desktop environment.

A managed approach to IT support which begins with locking down the desktop to stop users introducing their own applications and using monitoring software to sweep the entire system is by far the best way to ensure compliance, reduce support calls, and increase productivity.

One of the common problems that we see is that businesses have no method of tracking software licences, but often believe that if they had to they could find the licences. This often arises when the company has purchased 50 licences for a roll-out, uploaded it on to the server and then unknowingly installed it on more that 50 machines. One company was found to have over Ј60k of unlicensed software through simple errors such as this.

One solution is to group the users into access groups, then when additional users want to join a group either a licence needs to be relinquished or additional cover purchased.

Sophisticated tools are available for sweeping the entire organization for illegal software and companies are strongly advised to perform regular audits.

It is not always recognized that even after it is deleted software can leave a trace on the hard disk. The tools to detect this are improving all the time but are costly to purchase for sporadic usage. A suggestion would be to get your service provider to do this type of sweep on your behalf and repeat it at regular intervals.

Regular sweeping should be complemented by ´locking down´ the desktop to ensure that all computers have the same suite of applications and a common desktop image. Not only does this prevent unauthorized software being installed by the user but also makes it easier to support the user remotely.

Increased internet usage creates additional issues

Firewalls provide security against malicious viruses, but even organizations with stringent security policies will allow attachments to get through which users can download. Rogue software can slow down the PC and corrupt the network, and this is often the first indication that there is something amiss.

The problem can be reduced by preventing staff downloading their own applications and removing all the local CD drives but in practice this is difficult to police. An alternative is to restrict the administrator privileges. This means that a message comes up advising the user that they are not authorized to download an application and have to seek approval, we would suggest that a change control group is established.

The change control group should meet at regular intervals to review purchases of new software, hardware and maintain records of warranty and licences. This ensures the integrity of the IT infrastructure and that the implications of new software or removing existing applications can be monitored.

It is not unusual for staff to purchase their own software on a credit card and want to upload it. These types of requests should also be referred to the change control group and evaluated on a case by case basis – does it have a business justification, does it fit within the standard desktop? For some organizations this group provides a useful buffer for the IT manager.

Whistle blowers reveal illegal usage

Microsoft is increasingly turning to the courts to combat the unlicensed software problem. In April 2005 the company filed suits against eight software distributors, accusing them of selling counterfeit and unlicensed software. It has filed about 30 such suits during the past year in a renewed effort to crack down on counterfeits, much of which has been bought by unsuspecting end-users. When purchasing software it is essential to request full documentation to ensure that it is authentic.

Microsoft said the latest suits stemmed from tips from consumers who called its complaint line, and through its own internal policing efforts. Other industry groups also report getting hundreds of leads each month from whistle blowers, which suggests that risk of exposure may also come from within.

Geoff Webster, the CEO of FAST (Federation Against Software Theft) Corporate Services, believes that many small business directors are not aware of what they are risking by using unlicensed software. FAST represents software publishers in the hunt for pirated software, and Webster estimates that in excess of Ј5.5 million has been recovered as a direct result of the group´s activities.

´A staggering 27 per cent of software within UK businesses is illegal or pirated,´ says Webster. ´A cost to technology firms of over Ј1 billion a year. Illegal copying of software is often seen as nothing more than a minor transgression, but the threat of being caught is becoming a reality.´

The penalty could be 10 years imprisonment and unlimited fines.

There are also strong arguments for sweeping and locking from productivity and security point of views. We regularly see organizations brought to a standstill because of a glitch caused by a virus or rogue software. The problems caused by viruses corrupting data are often overplayed – the real business issue is the huge amount of work, downtime and associated expense required to track down the problem, isolate it, and disinfect or remove it.

Viruses are likely to spread faster and do more damage on computers that aren´t locked down, because they can change system settings and move into system areas normally unavailable. It´s no wonder that statistically, organizations with a standard desktop image they keep locked down are less likely to need support. When all systems are the same, issues can normally be resolved over the phone, reducing support expense and downtime.

With almost all organizations now providing internet access, Greynet applications are becoming a serious issue for network administrators. Greynets are networked computer applications that are installed on end user systems without the system administrator´s knowledge, something “locking” can prevent.

Many Greynet applications can be harmless (productivity costs aside), like MSN Messenger, AOL Instant Messenger, and Yahoo! Messenger, and some may even be beneficial in large offices. Others, including file-sharing programmes, music players and adware ´utilities´ however present a grave threat to system security. In the best case, they slow down PCs and increase network traffic. In the worst, some are known to leave ports open, allowing outside access to a network or contain keylogging software.

If you allow employees to use sanctioned Greynet applications such as Instant Messenging clients, it is vital that they are pre-installed and virus scan protected- the number of viruses that are aimed squarely at IM applications is growing 400 per cent year on year.

´Sweeping and locking´ as part of a managed service, with an agreed protocol to deal with unlicensed software, provides benefits, not only for compliance but also on a number of other levels. The service can be used to create an inventory of the system to support warranty/licence management and regular sweeps can be used as part of comprehensive security policy.

So sweep your system and lock down your desktop. It will do more for your organization than keep the lawyers away!

Leave a Reply