Piracy and Consumerization/BYOD

: @orinthomas

It shouldn't be a surprise to anyone to learn that the personal computers of a lot of people have what might be delicately termed "software sourced through alternative methods of distribution". With corporate managed desktops, everything is locked down so it's unlikely that a user would be able to download and install an application that they "sourced from bittorrent".


A recent survey of corporate network internet traffic for large organizations (http://www.paloaltonetworks.com/researchcenter/2012/01/browser-based-filesharing-usage-work-or-entertainment/) found that a substantial percentage of traffic on corporate networks was people downloading not only movies and TV shows, but also applications. Photoshop being the most popular.


It is interesting to speculate what happens when organizations encourage users to "bring their own devices (BYOD)" to use for work. It is not unreasonable to assume that if people are already using the company internet connection to download software like Photoshop to their locked-down desktops, they won't suddenly decide to stop doing that now that they are using their own laptops.


Spend any time around debates on piracy and you'll hear that "pirating X is justifiable because X was too hard/complicated to acquire legally". I'm sure that organizations that have BYOD policies also have some sort of bureaucracy to ensure that these users are provisioned with software that allows them to do their job. I'm also sure that, as with any system, a certain number of users are going to do an end-run around the red tape and download the software that they feel they need to do their job from sites like MegaUpload's many clones.


In the past people might download Photoshop from Megaupload, but they couldn't install it on their work computer because that computer was locked down. Now that they are using their own computers, there are no such restrictions.
There are two big risks when it comes to piracy. The first is the legal risk. What happens in terms of auditing people's personal systems during a licensing compliance audit? If it's a corporate machine and it's found to have unlicensed software during an audit, someone within the organization is responsible for that oversight and, depending on what remedies are proposed, might lose their job over the issue.


What happens when a software audit occurs and a proportion of the workforce is BYOD? Do the auditors get to check those machines for unlicensed software? If they do - what happens if they find it? Who gets to pay the fine?


The second is that pirated software/warez is generally riddled with malware. If the base software isn't infected, the key gen application is probably an all-access pass to the world's most popular botnets. I've talked earlier about the problems in ensuring that personal computers are up-to-date with malware protection, with Microsoft finding that by the time a computer is a year old, it has a 25% chance of its protection being out of date. Any computer that has a warez copy of Photoshop probably also has some other nasties as well.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish