Risk Factors You Ought To See for Proprietary Software
I’ll start off with the traditional “I am not a lawyer” disclaimer.
I just read Computerworld’s article about McAfee’s statement that open source licenses are a “risk factor” for their business. Jeez. Who would have thought that a company that makes their livelihood off of fighting viruses (mostly in proprietary closed source software) would be such a whiner. OK, I know that those “risk factors” probably include everything that could possibly go wrong so that the company or executives won’t get sued by shareholders. And I know that some associate at a law firm got paid $300 an hour to read about the GPL lawsuits in the newspaper and then add a new risk factor as a way to up their billable hours. But, come on, you can’t really be serious.
If we’re going to get that paranoid, companies might as well start including risk factors for the proprietary software they use. Companies could include risks like:
- Proprietary software we use could be really buggy and break down, making it impossible for anyone in the company to get any work done.
- Proprietary software companies that supply our software may be bought by Oracle and then “integrated” or “end of lifed”, forcing us to spend a boatload of money and time on upgrades.
- We could get sued for violating proprietary software licenses because we haven’t paid attention to them since we bought the stuff.
- We almost certainly are using proprietary software on a heck of a lot more machines than we paid for, and if the vendor finds out we could owe a big fat bill.
- Our proprietary software suppliers could decide to raise our maintenance by 3x and then we’re really screwed because we don’t have any alternatives.
I think all of my suggested risk factors are a lot closer to reality. Yes, companies do need to pay attention to open source licenses. Yes, companies do need to comply with open source licenses. Yes, an open source software license could have ambiguities. Yes, there is a possibility you could get sued if you don’t comply with an open source software license. Yes, open source needs to be part of your governance or compliance program.
But all of those statements are equally true for proprietary software.
If you pay attention to open source license compliance, you won’t need to worry about updating your “risk factors”.
This work is licensed under a Creative Commons Attribution 3.0 Unported License