License Compliance Risk Assessment Service
This service allows customers to quantify and visualize their current license compliance risks with the actual number of violations and the amount of violations fee.
The background of cracking down on license compliance violation
- Based on the US Federal Trade Commission Act which prohibits unfair business practices, about 40 states enacted Unfair Competition Act (UCA) state law under which each state is able to deal with specific types of unfair competition violation (as of 2012).
- It is unfair that companies with the use of unlicensed or illegal copies of software, have an unfair cost advantage over other companies that purchase legitimate software. → It is against the Unfair Competition Act.
- Unfair business practices by emerging nations that are exporters to the U.S. became an issue around 2012(the use of illegal software).
The U.S. is requesting foreign government agencies to promote measures to protect intellectual property by assigning *IP attaches to the U.S. Embassy and consulate across the world.
a case of a violation in Singapore
The Singapore Police Force conducted a successful raid on a China-headquartered building and construction company for suspected use of illegal software, and seized 48 computers and two servers along with suspected infringing software valued at approximately S$125,000.
Case example：The Republic of Indonesia
a case of a violation in Indonesia
Indonesian police raided two Singapore companies and one Indonesian company in Batam Island for suspected use of illegal software, and seized 35 computers and suspected infringing software worth S$85,000.
Case example：The Kingdom of Thailand
a case of a violation in Thailand
The Royal Thai Police raided seven companies in Chang Mai. Those companies were caught using 7.8 million baht worth of illegal software in their business operations.
The Ministry of Domestic Trade, Co-operatives & Consumerism(MDTCC）and BSA have been working closely to raise awareness for not using pirated software. In the past ten years, MDTCC has conducted 353 raids against corporate end-user pirates, resulting in software and hardware seizures valued at over US$55 million.
MDTCC sent mails to over 25,000 companies and businesses nationwide in April and May of 2013, and requested that recipients of the mailers conduct an audit of their company’s computer software and report back to the Ops Semak Tulen
The flow of service
① Initial consultation with the customer.
Visit the target office of risk assessment and meet with their IT manager or staff in charge of IT before the start of service. Ask and specify the target PC, its quantity, its location, and its user’s name, and also if the customer has purchased licenses in bulk or not, and how they manage their PCs (whether the software is managed by only one administrator or by individual users, etc.).
② Collect program information from each PC.
By using an information collection USB tool, collect information about installed application list displayed in “Programs and Features” of ”Control Panel” from each PC.
Process the collected information files in order to import them into an analysis system.
③ Collect program information from each PC.
Change the file format of collected information from PCs and import them into the analysis system, aggregate them, and classify their importance level according to the price and quantity of installations; differentiate paid software from free software,
and match them with our software dictionary; then determine the rest of the following process.
④ Providing license dictionary with information.
Provide a license dictionary with additional information needed for risk assessment such as unmatched minor software which is not in our license dictionary, not commonly used software and its vendor, license type, price, etc.
⑤ Examine the existence of the proof of license.
After aggregating the collected information and matching it with the license dictionary, examine and confirm the existence of the proof of license for software classified as “paid software”. Then enter the confirmed information into the analysis system.
⑥ Final license information aggregation.
Aggregate license ownership status(mainly for “paid software” without proof of license) and process data format for the customer in order to be able to respond to software vendor audit and survey.
⑦ Make a risk assessment report.
From the aggregation results, create an assessment report which contains information about the quantity of violations, risk level of each software vendor based on our knowledge, problems in management practice, how to rectify violating software, and then submit the report to the customer.
This service is suited to meet the following needs of customers.
- This service allows customers to quantify and visualize their current license compliance risks with the actual number of violations and the amount of violations fee. Our certified SAM consultant advises how to rectify the violation status in an assessment report.
- Gain a proper scale and initial guideline to start practicing Software Asset Management.
- It also allows to respond quickly to a survey request from software publisher with the actual number of licenses.
- Even though making a decision to implement a costly new system is difficult, but at least want to understand the status quo of software assets.
- When an organization is considering a new system introduction or a new budget, but doesn’t know the number of licenses needed or whether they have enough licenses or not.
- Every time the head office conducts regular internal audits, it takes a long time to answer them because of the lack of understanding of the current software status.
- Since an organization hasn’t been able to have the understanding of current software asset, and is concerned about unauthorized installation by local staff.