Fines to UK SMEs exceeded £900,000 in 2016 for using unlicensed software
It is certainly no secret that software has become an integral part of the success of modern businesses in recent years. Business management software has assisted with running operations more efficiently, cost reduction and replacement of paper processes. Cloud computing software has also opened the door to unprecedented levels of connectivity, productivity, and efficiency.
However, with the ubiquity of devices and ease of online downloads available, together with the increasing complexity of software licence agreements, it is not difficult to imagine how businesses, including retailers, might end up with unlicensed software being used by their employees, without their knowledge.
In 2013, the British Software Alliance (BSA) discovered that one in three SMEs in the UK knowingly used unlicensed software. Alarmingly, data recently published by the BSA revealed that matters are not improving, as total fines to UK SMEs for using unlicensed software rose by 19% from £770,192 in 2015 to £914,587 in 2016.
The research found that the worst offenders over the last three years were, sector-wise: sales and distribution businesses, followed by engineering, manufacturing and architectural and design companies.
The threat of substantial financial penalties might be the least of the unlicensed software user’s problems. As reported in studies carried out by research firm IDC and the BSA, there is an extremely strong correlation between the use of unlicensed software and exposure to both cyberattacks and security breaches, as many unlicensed software products have malware embedded. It has been estimated that, globally, costs of cyberattacks exceeded $400 billion in 2015 and, in addition to the financial consequences, cyberattacks have left many businesses suffering from irremediable reputational damage and loss of consumer confidence and goodwill.
“We encourage all businesses to ensure they have stringent software asset management (SAM) practices in place. Implementing even baseline SAM tools and processes, such as regular inventories and having a software use policy for employees, can have a huge benefit.”
Sarah Coombes, managing director of BSA EMEA
Ensuring the legitimacy of software is vital in mitigating cyber risks, and the BSA has developed a four-step action plan to help businesses:
Companies cannot argue lack of knowledge of improper use by employees as a defence. It is therefore crucial for employees to be educated and for proper safeguards to be implemented as, of course, prevention is always better than cure.
Eddie Powell, Partner, Fladgate LLP (firstname.lastname@example.org)
Michelle Waknine, Trainee Solicitor, Fladgate LLP (email@example.com)