The Letter Of The Law

GRAND RAPIDS — Northstar Public Relations recently received two letters regarding software piracy and compliance.

Partner Rachel Neva almost pitched them.

That could have been a costly mistake.

“We received our first letter from Microsoft. It is probably a letter that everyone else in the area got, just kind of saying now is the time to find out if you are legal, and it mentioned the BSA program in Grand Rapids and tells you how to check your licenses,” said Neva, referring to the Business Software Alliance, which polices illegal use of unlicensed software. “Had we not been working with Remex, I probably would have tossed it.  But we had just had a conversation with them prior to getting this letter and he mentioned what a big issue this really is.”

Mike Noordyke, president of computer consulting firm Remex Corp., said for many years the general public hasn’t taken this issue seriously, either because piracy just wasn’t happening that much, or there wasn’t much recourse if it did.

“Over time, pirated software proliferated from the average software user to the school system, to the commercial business user — not to mention the foreign countries that were producing it as well. So they established the BSA,” Noordyke added.

In Northstar’s case, the initial queries were only form letters; the company had not been specifically accused of any sort of software piracy. But Noordyke said he has seen companies continue to ignore letters until the BSA shows up at their door — with U.S. Marshals in tow — to audit software licenses.

Northstar is only a three-person company, so a brief check was a fairly simple procedure. But Noordyke has seen companies in the area with 300 employees go through the same set of letters. A check of licenses and compliant software is not as simple as a walk through the office.

“When we perform an audit, the first thing we need to do is an inventory of all the users and what software they are authorized to use,” he said. “Then we are able to tell them who is using what. Then, we want to review past purchases (and) licenses of what they have, and if they are short, take away that software or make sure they purchase additional licenses. We often find that there are companies that are not using all of their software, and if that is the case, then it is not necessary to buy a license — just give it back.”

For larger companies with more PCs, Noordyke does recommend that a software management program be put in place. This is when he sees the programs becoming truly cost justified.

One area where firms experience problems, Noordyke said, is with OEM licenses. An OEM license is an agreement for the bundling of products to be sold on a machine.

“The OEM license is shipped from the manufacturer, with the computer, and allows the software to be loaded onto one machine without splitting it up. The license must live and die with that computer; it does not have transfer rights,” he said. “If you dispose of that machine you cannot take that software and put it on a different machine. I think that is where many companies could have some exposure, because they may upgrade from some of those smaller versions of (Microsoft) Office, and then when they buy a new machine they want to take all of their upgrades with them.”

Noordyke said he has seen cases where a company has upgraded but was not able to prove that it owned a lesser version of the software and its license. These are the areas the BSA will key in on, he said, and also the areas many companies may not be aware of.

He added that most of Northstar’s licenses are OEM licenses and the company is all set.

The first letter Northstar received was from Microsoft and the second was from the BSA, reiterating the importance of becoming software compliant and also giving notice of the grace period throughout May (see story at grbj.com or May 6 Business Journal).

When Northstar spoke with Noordyke about what steps to take next, he advised the company not to enroll in the grace period because it wasn’t necessary. But Noordyke said he recognizes the importance of the grace period and recommends it to larger companies or even smaller ones that have a fear of non-compliancy.

“Once you have cracked that seal on that software license you have agreed to those terms, which is agreeing that they can come in and take a look around. They play hardball,” said Noordyke. “I would suggest that other companies take advantage of this month because they will be knocking on doors. And in the BSA’s case, they will have you buy a license and then slap you with a large fine.”

In Northstar’s case, Remex will come and visit the public relations firm on a quarterly basis and do an 11-point check process. “They are on a program where we come in and look at the servers, make sure the backups are taking the software and no one has come in and loaded any software without them knowing it,” Noordyke explained. “We also make sure the virus updates are taking, so that any viruses that come in e-mail will be able to be detected.”

Noordyke strongly advises that companies of all sizes take stock now of what software is running at the business and then cover all the bases during the grace period.

“It is important to know this is out there, and the fact that the BSA has contacted someone as small as Northstar makes it known that they aren’t skipping anyone. No one is immune from this,” said Noordyke. “I suggest a company work with the services that will get them compliant. The BSA will look favorably on a company that maybe was not compliant a month ago, but then took advantage of the grace period and at the end of May is then compliant. And that company will also avoid the harsh fines otherwise imposed.”