With the Markets being somewhat sluggish, Licence Revenues heading Southwards and Software companies having a perplexing situation for generating proceeds, Licence Compliance Management Exercises have gathered critical mass as an “Engine of Revenue Generation”.

With the IT Act 2000 (amended in 2008) providing a meagre clarity on this, most of us do it as just another "necessary evil" to get our job done. However diminutive it may seem to a lay man, these actions of ours are of utmost importance because it points to a valid and enforceable contract and terms, that we hardly even bother to read, but are enforceable against us. 

( Read more:  CISO Guide for Denial-of-Service (DoS) Security )

Our Project aims at understanding the delta created over a period of time in our processing capacities, assessing the impact of the same on the Software License compliance scenario, and analysing the said agreements in the true letter and spirit of it.

We have tried analysing the clauses such as “Right to Audit”, “Supersession”  and various pointers to the Vendor’s website which try to overrule the initial agreements signed by the customer (historically so).

It has been observed that customers are forced to run certain scripts to find out the BAGs (Basic Arithmetic Gaps), while the agreements never talk about any such “Audit Methodology”.

This entails opening many critical ports, which usually are highly guarded, and exposing some critical business information which actually may not be necessary to be shared with the vendors for the said audit exercise. While the vendors are willing to sign a NDA for protection against the dissemination of such information to the external world, it is not a fool proof mechanism and MAY NOT INSULATE your critical business data from being transmitted to the “Cult of the Colossal”.

( Read more: Security Technology Implementation Report- Annual CISO Survey )

We believe beyond reasonable doubt, that there are many other ways of data declaration to respect the Software Vendor’s IPR, and achieve Software Compliance, within the purview of the Laws of the Land, without any involuntary submission under duress.

While you may be threatened to be dragged to the courts, there are various lacunae in these agreements with umpteenth number of possibilities of these agreement to be rendered as “not tenable in the Court of Law”.

Niranjan Bal                                                   

What are your ideas on "Engine of Revenue Generation"? Share your views with us in the comments below.

 

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Comments

  • Hi Niranjan,

    Very well said, this is a evergreen toll every adding vehicle to pay, without thinking of the Bridge Cost.

This reply was deleted.