How to prevent people taking software home? [closed]

Most companies I have worked at have had either a collection of disks or a network share with the installs of the commonly used software in them. This is to allow the IT dept and skilled users to install the software they need on their work machines very easily.

However some users would see this as an opportunity to get "free" software for their home machines.

I've seen the draconian approach of locking the machine down completely, but that does not work well (in my view - if you disagree feel free to comment on it) because

1. You add so much extra work to IT
2. Users get that big brother feeling

So how do you find a way to prevent users from taking home software but still allowing them to install what they need?

You can make the assumption that most of the users in the organisations I work in are smart enough to install software, I'm not worried about the tea lady here.

Solution 1:

You can't really fix this with technology. Fix it with standards and policies instead.

Make it clear what your users are allowed to do and not allowed to do with software, and what the consequences are for not complying.

Then trust them. You'll have to anyway (for instance, there are programs to retrieve keys from existing installations so even controlling key distribution isn't going to do it)

Solution 2:

Why are you letting them install software themselves? Usually there is a system is place to do this, either with servicedesk (level 1 type support) or software like Altiris which installs apps with admin rights even if the user doesn't. Also, your users would need admin rights on the local PC which is also a bad idea.

We have an app share that is locked down by security group of which only a few IT staff are members. Users are not admins and get an error if they try to install anything. Otherwise they would install all sorts of crapware. Even the "skilled" ones. Actually they are usually the worst.

In addition if you let users install whatever they want how do you enforce licensing?

Solution 3:

Lots of good answers about technological fixes here (altiris, centralized installation).

But actually this is about covering your own ass. Make it the employees problem if he gets caught. Because it's probably good for your company that people take software home. What could be better than having the employees learn the software for free? The better they get at using the software you use, the more valuable they are for your company.

Solution 4:

You can make the msi files available through active directory policy so users can install them if they need them.

They then can't take them home because they don't have physical access to the installation files.

Solution 5:

As far as Microsoft software and licensing is concerned, according to the enterprise license agreement your users are allowed one copy of the OS and Office to run at home, so in essence this is already covered.

We have a similiar locked down installation drive that only a select few have access to. I will however admit there is a level of trust among the staff that software will not be taken home, however normal end users are locked down completely from installing any software.

However when dealing with a group of developers, locking them down in this way can be disasterous. Apart from locking it down and only letting the network teams install software, you can't do much about stopping it from happen. You will however find in general there is a very small percentage of individuals that will go as far as taking software home.

The trick is also with who enters the license keys and who keeps them. If you license keys are open to everyone installing software you have already created the situation and there is very little you can do to stop it, apart from requesting new licenses and ensuring their is a process for having them handed out. With us the only way to get the keys is with approval from the IT Manager, and if it is part of your job, an MSDN subscription is purchased in your name.