General15.07.2009

Criminal charges for SA cyber shoplifters

Ineffective software management hurts company’s reputations

Two men, who stole software from their employers and sold it on, have been fired from their jobs and are facing possible criminal charges.

The two men, who cannot be named until they have appeared in court, were both dismissed when their respective employers learned of their activities.

Because the software was still in use and required for licensing purposes, its unauthorised sale and use would not have resulted in licensed installations of the software and could have exposed the legitimate owners to possible compliance and reputational risks.

Charl Everton, the Anti-Piracy manager at Microsoft South Africa, said the incidents were “a high-tech version of shoplifting,”

“While both men are likely to face criminal consequences, it is their companies who stand to lose the most, as the thefts exposed shortcomings in their corporate governance and compliance frameworks,” said Ms Everton.

Lynne Tromp, an associate director at KPMG, said that the two cases highlighted the clear need for companies to maintain effective control of their software, or face exposure in terms of corporate governance regulations like Sarbanes-Oxley (SOX).

“Besides the risks associated with running or on-selling unlicensed software by the company or its employees – like business interruption, ineffective spend, susceptibility to malicious parties and liability for penalties – organisations are further exposed to reputational risk,” said Tromp. “The onus is very much on the organisation to maintain clear records of its software assets, and to demonstrate how it protects those assets.”

Sign up to the MyBroadband newsletter