Business Software Alliance

Guide to Software Management

WHO NEEDS THIS GUIDE?

EXECUTIVES

Are you responsible for leading an organization-or for supervising your organization's use of computers and software? If so, it's likely that:

• You want your organization to use computers and software in ways that give it a creative edge.
• You want to avoid the serious legal and business problems you could face as a result of unauthorized copying and use of software.

USERS

Are you an individual who uses computers and software at work? If so, it's likely that:

• You want the freedom to use the original software you need, not illegal software copies, to do your job.
• You want the high quality documentation and support only available from the legitimate acquisition of original software.

This guide to software management:

• Provides definitions and facts to help you identify the problems of unauthorized copying and use of software.
• Details the benefits of using original software.
• Offers suggested policies and procedures to assist your organization in the productive use of original software.

FACTS ABOUT SOFTWARE: THE LAW

Your acquisition and use of software is governed by copyright law and the license agreement accompanying the software. Therefore, you should be aware that it is a breach of the license agreement and it may be illegal:

• to copy or distribute software or its accompanying documentation, including programs, applications, data, codes, and manuals, without permission or a license from the copyright owner;
• to run a copyrighted software program on two or more computers simultaneously unless this is specifically at allowed by the license agreement;
• for organizations to consciously or unconsciously encourage, allow, compel, or pressure employees to make or distribute unauthorized software copies;
• to infringe the laws against unauthorized software copying because someone requests or compels it;
• to lend software so that a copy can be made or to copy software while it is lent to you;
• to make, import, possess, or deal with articles intended to facilitate the removal of any technical means applied to protect the software program.

FACTS ABOUT SOFTWARE: UNDERSTAND THE LANGUAGE

Software language is not just about programming, but also about the management and use of original software under copyright law. Here are some definitions of commonly-used terms.

Intellectual property. An original computer program is regarded by law as the intellectual property of the person or company that created it. Computer programs are protected under copyright law, which states that any unauthorized copying of such programs is illegal.

Software license agreement. A software license agreement states the terms of usage, as permitted by the copyright owner, for the specific software product to which it applies. The license agreement accompanying software is stated explicitly in the software documentation or on the computer screen when the program is started. The price of software covers the legal acquisition of the software license and binds the purchaser to use the software only according to the terms and agreements stated in the license.

Unauthorized copying. Unless otherwise stated, the purchase of a software license allows the purchaser to make only one "back-up" copy, to be used in case the original software disk malfunctions or is destroyed. Any other copy of the original software is considered to be an unauthorized copy, and is an infringement of the license agreement and the copyright law which protects software and governs its use.

Software piracy. Software piracy is the term used to describe the unauthorized copying or use of a computer program in any manner other than what is permitted by copyright law or by the author as stated in the software licensing agreement. Any person who engages in software piracy commits an illegal act under general copyright law.

FACTS ABOUT SOFTWARE: VIRUSES

One of the greatest dangers of using unauthorized software is its ability to destroy valuable data. Pirated software swiftly carries the threat of viruses directly to:

• your personal computers;
• your network systems;
• your entire business operation.

Unauthorized software copies lack the quality controls built into original software, making the copies far more prone to computer viruses. Using unauthorized software copies not only puts your computers at risk, but your data resources, financial systems, and all other vital business functions become vulnerable, with high risk of:

• lost time;
• lost money;
• lost credibility;
• lost business.

Indeed, the only guarantee that comes with unauthorized software copies is the guarantee of no service, no documentation, no technical support, and no quality assurance. The bottom line is that unauthorized software copies do not provide the reliability your organization needs to function efficiently. They are counter-productive to every investment your organization makes in trying to succeed in today's competitive world.

FACTS ABOUT SOFTWARE: THE BENEFITS

Users of original software are assured of:

• full upgrades at discounted prices;
• complete training;
• reliable applications and systems with full technical support;
• full and accurate documentation;
• efficient business functions due to fully operational and productive employees and computer systems;
• quality assurance and reliability;
• protection against viruses;
• more localized versions of your favorite applications.

FACTS ABOUT SOFTWARE: THE RISKS

On the other hand, users of illegal software copies incur the costs of:

• software that is not fully operational due to a lack of employee training;
• inaccurate and incomplete documentation;
• higher prices for upgrades;
• no technical support;
• the spread of viruses throughout computer systems and the risk of destroying business operations;
• absolutely no assurance of quality or reliability;
• decline in R&D and a reduced range of products;
• the legal consequences of breaking the law.

ORGANIZATIONS DEPEND ON THE BENEFITS OF ORIGINAL SOFTWARE

Smart managers know that the performance of hardware (buildings, machines) depends on software (people, ideas). What an organization does with computers depends on the quality of the computer programs it uses and how well its people work with those programs.

Organizations which use original software quickly recognize its true value when they compare its benefits with the costs incurred through the use of unauthorized software copies.

People should be able to concentrate on using original software for creative purposes without having to rely on illegal copies. The only way to ensure this is with effective software management. Software management involves two simple steps:

1. Provide original software.

Make sure people in your organization get the authorized, original software they need to do their jobs as effectively as possible.

2. Prevent unauthorized software copying and use.

Follow-up to ensure that people use these original programs and not illegal copies.

Productive software use makes everyone look good. Illegal software copying anywhere in the organization can cause serious problems for individuals and the entire organization.

STEP ONE: PROVIDE ORIGINAL SOFTWARE

1. Assess your organization's software needs.

Conduct an internal software resources review to record your current software inventory and measure your present and future software needs. Conduct periodic surveys of individual users in your organization and, on a regular basis, find out what software they need to make the most effective use of their personal computers. Included in this Guide are suggested steps for an internal software review and a sample survey form.

2. Identify the appropriate software profile for each computer.

Based on the internal software review and additional user input, ascertain the appropriate software profile for each computer in the organization. A typical software profile includes operating system software and application programs for word processing, spreadsheets, and database management. Often, it also includes computer-aided design and desktop publishing, as well as utilities, communications, and programming languages.

3. Commit the organization to supplying original software to meet the software profile

of all computers in the organization.

Ensure that the organization acquires a full range of original software-programs in a form fully authorized by license or purchase terms-for the number of computers in use. This software should meet the software profile on each computer so that legitimate needs are fully met.

4. Set realistic budgets for software.

One of the major pitfalls is a mistaken belief that software is something on which an organization can take financial shortcuts-yet, no one expects to avoid paying for computers. An investment in computers demands a comparable investment in programs.

5 . Deliver software to users when they need it.

If original software is available in principle, but acquisition is bureaucratic, slow, or unduly restrictive, users are deprived of the software they need when they need it. The result is often unauthorized copying and its inherent dangers and costs.

6. Anticipate reasonable user needs and plan ahead to meet them.

As organizations, users, and software capabilities all change, software needs to change. Keep the organization's software profiles up to date. This may highlight the need to acquire new releases of existing software or new programs. It may also permit the organization to redeploy software no longer needed, to the extent permitted by license agreements.

STEP TWO: PREVENT UNAUTHORIZED SOFTWARE COPYING AND USE

1. Make sure Step 1 is taken - eliminate illegal software copying by removing its

causes.

Meeting legitimate needs with legitimately-acquired software is the most effective, single means of preventing illegal copying.

2. Communicate your commitment to original software.

Every organization should make it clear that it is fully committed to using original software. The organization should also stress that unauthorized software duplication is a serious offense it is against the law and organizational policy. Sign and publicize, to people inside and outside your organization, the Software Code of Ethics or a similar policy statement. Distribute a memorandum to employees and post a notice on each computer which states your organization's policy on software use and the consequences of violation. Ask individual users to sign a statement acknowledging the organization's policy. Included in this Guide are: The Software Code of Ethics; a sample memorandum to employees; an employee acknowledgment statement; and a computer notice.

3. Designate an individual to be responsible for ensuring proper software use in the

organization.

Often the responsible individual will be the manager of electronic data processing or management information services, but it could be a lawyer, financial officer, or accounting professional inside or outside the organization.

4. Track software acquisitions in a software register.

A software register, like the sample in this guide, can be a focal point not only for planning, but also for monitoring software use to ensure that only originals are used. The software register identifies each personal computer or workstation with information such as location and authorized user. It then gives each machine's software profile, which lists the software legitimately installed on the computer's hard disk or legitimately used with the machine on floppy disks. In conjunction with the software register, maintain readily available files with the actual software license agreements, as well as invoices and other documents showing its legitimate acquisition. Returning user registration cards to software companies also aids in this process and provides additional service benefits.

5. Inspect the software in use to ensure that all programs are legitimately-acquired originals, duly accounted for in the software register.

Various computer programs, ranging from batch files that run in disk operating systems to full-featured utilities, can be used to identify the programs on the hard disk of a computer or on floppy disks. One particular program is SPAudit, published by the Software Publishers Association. Information about SPAudit is available from the Business Software Alliance. The SPAudit kit includes detailed instructions for use.

Inspections are often most effective when conducted without prior notice. In legal actions by software companies, courts have granted secret orders permitting surprise inspections of organizations suspected of software copying. Be ready for any surprise inspection by conducting your own inspection before outside audits occur. Be accountable for all the software you use.

6. If unauthorized copying is found, take appropriate steps, consistent with law and

organizational policy, to ensure that the problem is corrected.

STEPS FOR AN INTERNAL SOFTWARE REVIEW

1. Collect and review all software acquisition records.

2. Collect and review all software license agreements.

3. Select a date for the internal software review. Evenings and weekends are the least

disruptive.

4. Decide whether employees will be notified in advance.

• If employees are to be notified in advance, send an explanatory memorandum.
• If employees are not notified in advance, be respectful of employee property. It is always possible that you may find a program that does not belong to the company, but is an employee's legitimate property. Do not erase any software without first consulting the employee on whose PC the program is found.

5. Determine who should be involved in the review.

Suggestions: MIS Director, Senior Management/Staff Legal Counsel, Department Heads, Outside Legal Counsel/Auditor.

6. Conduct the review.

disk at a later time.

7. Compare software found on hard disks with acquisition records. Alternatively locate authorized disks and/or documentation for each software program listed on a

hard disk.

8. Review organizational policies on the use of software on home computers.

9. Consult employees who are using software programs where there are no records or

disks.

An employee may be using his or her own purchased software on the office computer. If so, the employee should be required to demonstrate that the software is legitimate and not pirated.

10. Destroy any unauthorized copies of software and record work. List personnel who

need to be supplied with legitimate software.

SOFTWARE CODE OF ETHICS

Unauthorized duplication of copyrighted computer software violates the law and is contrary to [name of organization] 's standards of conduct. We disapprove of such copying and recognize the following principles to prevent its occurrence:

• We will neither commit nor tolerate the making or using of unauthorized software copies under any circumstances.
• We will provide legally-acquired software as and when needed for all our computers.
• We will comply with all license or purchase terms regulating the use of any software we acquire or use.
• We will enforce strong internal controls to prevent the making or using of unauthorized software copies, including effective measures to verify compliance with these standards and appropriate disciplinary actions for violation of these standards.
  [Organization]
  [Name and Title]
  [Date]
  [Signature]

SUGGESTED MEMORANDUM TO EMPLOYEES

TO: [Specify distribution]

FROM: [Senior management official or CEO]

SUBJECT: PC software and the law

DATE: [Insert]

The purpose of this memorandum is to remind you of [name of organization]'s policy concerning software duplication. Any duplication of licensed software, except for backup or archival purposes, is a violation of [appropriate national law to be inserted]. Each software program that we license is to be used on only one microcomputer at a time. If the microcomputer has a program loaded on its hard disk, then that particular program, which is serially numbered, should not be loaded on any other hard disk. This means that if a department has 10 microcomputers with that program installed on each, then that department should also have 10 sets of original documentation and system disks.

All microcomputers purchased by us are being supplied with newly licensed copies of [insert name of software programs] installed on them. [Insert name of employee] is responsible for ensuring that each program is properly registered with the software publisher.

The company will not tolerate any employee making unauthorized copies of software. Any employee found copying software other than for backup purposes is subject to dismissal. An employee giving software to any outside third party, including clients or customers, is also subject to dismissal. [If you want to use software licensed by the company at home, you must consult (insert name of manager) before removing the system disks from the premises]. This policy may seem harsh, but unless we enforce a strict policy on software use, we will be exposed to serious legal liability.

[Insert name of manager] will be visiting the departments over the next week to inventory hard disks and to ascertain that original documentation and system disks exist for each copy of a software product installed on a hard disk. If documentation and/or disks are not present, then they will be ordered and charged to that office. Please organize your documentation and system disks for [insert name of manager]'s review.

If you have any questions, please do not hesitate to contact me.

SAMPLE CORPORATE EMPLOYEE AGREEMENT

[Organization] policy regarding the use of personal computer software:

1. [Organization] licenses the use of computer software from a variety of outside companies. [Organization] does not own this software or its related documentation and, unless authorized by the software developer, does not have the right to reproduce it
2. With regard to local area networks or multiple machines, [Organization] employees must use the software only in accordance with the license agreement.
3. [Organization]; employees learning of any misuse of software or related documentation within the company should notify the department manager or [Organization]'s legal counsel.
4. According to the [appropriate national law to be inserted], persons involved in the illegal reproduction of software can be subject to civil damages of as much as [insert appropriate amount]; and criminal penalties, including fines and imprisonment [Organization] does not condone the illegal duplication of software. [Organization]; employees who make, acquire, or use unauthorized copies of computer software will be disciplined as appropriate under the circumstances. This may include dismissal.

I am fully aware of the software use policies of [Organization]; and agree to uphold those policies.

[Employee Signature and Date]

SOFTWARE PROFILE SURVEY

User name ..............................

Date ..............................

User job title...........................

Uses of computer Programs needed Date

1. Operating system .................................................... ...............................

2. Word processing .................................................... ...............................

3. Spreadsheets .................................................... ...............................

4. Database management .................................................... ...............................

6. Desktop publishing .................................................... ...............................

7. Utilities .................................................... ...............................

8. Communications .................................................... ...............................

9. Programming languages .................................................... ...............................

10. Other .................................................... ...............................

Brief rationale for each program

............................................................................................................................................................

............................................................................................................................................................

............................................................................................................................................................

............................................................................................................................................................

SOFTWARE REGISTER

PERSONAL COMPUTER OR WORKSTATION

Descriptio Serial Location Purchase date Price Name of authorized user Job title
n number
........................
............... ..................... ........ ..............
.......... .............
.........

.........

Software profile

Category of use

Name & Price Serial Acquisition date Location of source License and back-up copy release of number program 1. Operating ............ ....... ............ ................ .............. ................... system ........... 2. Word ............ ....... ............ ................ .............. ................... processing ........... 3. Spreadsheets ............ ....... ........... ................ .............. ................... ........... 4. Database ............ ....... ............ ................ .............. ................... management ........... 5. Computer aide ............ ....... ............ ................ .............. ................... design ........... 6. Desktop publishing ............ ....... ............ .............. .............. ................... ........... 7. Utilities ............ ....... ............ .............. .............. ................... ........... 8. Communications ............ ....... ............ .............. .............. ................... ........... 9. Programming ............ ....... ............ .............. .............. ................... languages ........... 10. Other ............ ....... ............ .............. .............. ................... ...........

The Business Software Alliance

Asia Pacific region

BSA Hong Kong

11/Fl., Cityplaza 4

12 Taikoo Wan Road

Taikoo Shing

Hong Kong

Worldwide headquarters

European Headquarters:

Euronet Ant-Piracy Hotline: 44-71-491-1974

You can also contact any of the 31 regional BSA anti-piracy hotlines listed below.

Australia

008.021.143

Belgium

32.2.267.1400

Brazil

11.813.9511

Canada

800.263.9700

Chile

2.242.8684

Colombia

Inside Bogota

215.5677

Outside Bogota

9800-15677

Czech Republic

42.2.683.6964

Denmark

45.33.14.33.33

France

33.1.43.33.9595

Germany

49.89.317.2473

Hong Kong

852.865.3318

India

011.611.4971

Italy

39.2.5501.0413

Japan

813.3400.7050

Fax: 813.3400.8558

Korea

0800.022.3975

Malaysia

800.3875 toll free, 603.298.5144

Mexico

52.5.237.1101

Netherlands

31.20.691.5529

New Zealand

800.101.800 toll free, 649.373.2180

Norway

47.22.556.010

Philippines

632.817.3016.20

Portugal

351.1.356.0011

Singapore

65.226.0196

South Africa

27.11.726.5161

Spain

900.211.048

Sweden

46.8.677.5475

Switzerland

41.1.261.8465

Taiwan

02.757.6638

United Kingdom

44.628.660.377

Euro-Net

44.71.491.1974

United States

800.688.BSA1

Venezuela

582.91.70.93

FOR MORE INFORMATION

For additional facts or assistance in carrying out the steps outlined in this guide, please call your local BSA representation or contact the BSA at any of the above offices for further information.

Guide to Software Management

We authorize and encourage you to copy this guide in its entirety and to copy and use sample forms in it so long as you make any copies available free of charge to all recipients.

Return to Anti-Piracy Home Page