Software Licensing and Compliance Customer: Attic Film School Consultant: Lucky Star Publishing...
-
Upload
hortense-bradford -
Category
Documents
-
view
212 -
download
0
Transcript of Software Licensing and Compliance Customer: Attic Film School Consultant: Lucky Star Publishing...
Software Licensing and Compliance
Software Licensing and Compliance
Customer: Attic Film School
Consultant: Lucky Star PublishingMichael Carter,CEO
Aaron Anderson, CIO
Customer: Attic Film School
Consultant: Lucky Star PublishingMichael Carter,CEO
Aaron Anderson, CIO
Problem Statement SummaryProblem Statement Summary
Attic Film School provides classes and training in various aspects of film making. In their classrooms, they use a variety of software applications such as Adobe Suite, Maya, etc. One of their key assets is a set of internally created animation training software. The protection, maintenance, and further development of this software is essential to their school’s success. They foresee a problem in this area and desire help specifically in performing routine "software compliance audits.”
Attic Film School provides classes and training in various aspects of film making. In their classrooms, they use a variety of software applications such as Adobe Suite, Maya, etc. One of their key assets is a set of internally created animation training software. The protection, maintenance, and further development of this software is essential to their school’s success. They foresee a problem in this area and desire help specifically in performing routine "software compliance audits.”
Licenses Recommendations
AuditsAudits
Software
Licensing and Compliance
Software
Licensing and Compliance
Internal External
Tips Developing Software
Using Software
Proprietary
Compliance
Open Source
LicensesLicenses
An agreement between a publisher and an end-user customer
VERY common in every-day life, both in business and non-business settings
Example: MS Windows Companies will have a licenses for specific
use and distribution that is easily violated
An agreement between a publisher and an end-user customer
VERY common in every-day life, both in business and non-business settings
Example: MS Windows Companies will have a licenses for specific
use and distribution that is easily violated
Proprietary versus Open Source Licenses
Proprietary versus Open Source Licenses
Proprietary Licenses Used when source code is guarded Generally cannot be manipulated and edited
Open Source Source code isn’t guarded Just because code is open source doesn’t mean
all rights are released!
Proprietary Licenses Used when source code is guarded Generally cannot be manipulated and edited
Open Source Source code isn’t guarded Just because code is open source doesn’t mean
all rights are released!
ComplianceCompliance
Simply making sure your usage aligns with your licenses
Non-compliance is generally synonymous with piracy (YouTube Video)
Often violated unintentionally Non-compliance fines are up to $150,000
per violation
Simply making sure your usage aligns with your licenses
Non-compliance is generally synonymous with piracy (YouTube Video)
Often violated unintentionally Non-compliance fines are up to $150,000
per violation
AuditsAudits
5 basic parts (as mentioned by customer) 1.) Identifying all software assets 2.) Determining all licenses, usages, and rights 3.) Finding gaps between rights and usages 4.) Closing gaps 5.) Recording all activity with a centralized
location
5 basic parts (as mentioned by customer) 1.) Identifying all software assets 2.) Determining all licenses, usages, and rights 3.) Finding gaps between rights and usages 4.) Closing gaps 5.) Recording all activity with a centralized
location
Audits (cont.)Audits (cont.)
Helpful overall, not harmful Part of risk management Falling out of compliance is easy and
punishments are sever so audits protect companies
Two types Internal External
Helpful overall, not harmful Part of risk management Falling out of compliance is easy and
punishments are sever so audits protect companies
Two types Internal External
Internal AuditsInternal Audits
Done my members of the same company Auditors know the workings of the
company. Finding gaps is easier because their eye is better trained in company operations
Disadvantages: May view non-compliance as routine May be biased
Done my members of the same company Auditors know the workings of the
company. Finding gaps is easier because their eye is better trained in company operations
Disadvantages: May view non-compliance as routine May be biased
External AuditsExternal Audits
Outside firm hired to assess compliance Auditors aren’t familiar with corporate
culture so they’ll tend to have less bias Because they don’t know the company
workings, investigation takes longer and costs more
Outside firm hired to assess compliance Auditors aren’t familiar with corporate
culture so they’ll tend to have less bias Because they don’t know the company
workings, investigation takes longer and costs more
Open Source Software LicensesOpen Source Software Licenses
A difference between proprietary and open source licenses is: in open source license, the ownership of the copy transfers to the copy owner instead of just the right to use it.
Granted similar rights as the copyright (left) owner.
A difference between proprietary and open source licenses is: in open source license, the ownership of the copy transfers to the copy owner instead of just the right to use it.
Granted similar rights as the copyright (left) owner.
Open Source Software License (cont)
Open Source Software License (cont)
Note: “copy owner” is not the same as “copyright owner”, only the ownership of copy changes hands.
Grants many of the same rights usually reserved for publisher.
Open Source License is optional. If agreement is not accepted, the following rights are not permitted: Redistribution of software. Right to modify software. Right to reverse engineer software.
Note: “copy owner” is not the same as “copyright owner”, only the ownership of copy changes hands.
Grants many of the same rights usually reserved for publisher.
Open Source License is optional. If agreement is not accepted, the following rights are not permitted: Redistribution of software. Right to modify software. Right to reverse engineer software.
Compliancy TipsCompliancy Tips
Know your policies thoroughly. Regularly perform internal audits. Establish and strictly enforce software
installation and usage policies. Centralize all software purchasing. Negotiate licensing agreements for your
organization.
Know your policies thoroughly. Regularly perform internal audits. Establish and strictly enforce software
installation and usage policies. Centralize all software purchasing. Negotiate licensing agreements for your
organization.
Our Recommendations: Purchased Software
Our Recommendations: Purchased Software
We recommend purchasing a compliance program that routinely checks software and licenses for violations.
AppStream, from Symactec; Centennial License Management, from Centennial Software.
Elite Discovery and Elite Reports, from Elite Compliance (Beta).
We recommend purchasing a compliance program that routinely checks software and licenses for violations.
AppStream, from Symactec; Centennial License Management, from Centennial Software.
Elite Discovery and Elite Reports, from Elite Compliance (Beta).
Our Recommendations: Developed Software
Our Recommendations: Developed Software
Create an Open Source version of the developed software utilizing basic functions of the program.
Establish a well written AUP for the Proprietary version of the program that has been developed.
Create an Open Source version of the developed software utilizing basic functions of the program.
Establish a well written AUP for the Proprietary version of the program that has been developed.
ReferencesReferences
http://en.wikipedia.org/wiki/Software_licencing http://en.wikipedia.org/wiki/Software_license_agreement http://www.bsadefense.com/resources/article_software_licensing.asp http://www.processor.com/editorial/article.asp?article=articles%2Fp28
04%2F30p04%2F30p04.asp http://www.scmagazineus.com/Simple-steps-for-ensuring-software-lic
ense-compliance/article/34587/ http://www.oreilly.com/catalog/osfreesoft/book/ch01.pdf http://www.elitecompliance.com/faces/articles/
Article20080301000000.jsp;jsessionid=318d80d1ed9cc420af76a43d5192
http://www.appstream.com/products-license-management.html http://www.centennial-software.com/products/license_manager/
http://youtube.com/watch?v=0Pnjyrzkepo&feature=related
http://en.wikipedia.org/wiki/Software_licencing http://en.wikipedia.org/wiki/Software_license_agreement http://www.bsadefense.com/resources/article_software_licensing.asp http://www.processor.com/editorial/article.asp?article=articles%2Fp28
04%2F30p04%2F30p04.asp http://www.scmagazineus.com/Simple-steps-for-ensuring-software-lic
ense-compliance/article/34587/ http://www.oreilly.com/catalog/osfreesoft/book/ch01.pdf http://www.elitecompliance.com/faces/articles/
Article20080301000000.jsp;jsessionid=318d80d1ed9cc420af76a43d5192
http://www.appstream.com/products-license-management.html http://www.centennial-software.com/products/license_manager/
http://youtube.com/watch?v=0Pnjyrzkepo&feature=related