What methods should an organization implement to prevent software piracy?
Software publishers have several options to protect their intellectual property from thieves. Unfortunately, none of them are foolproof and all risk negatively affecting the user experience.
The most widely used method is the license key; code that is built into an application to require a valid key to unlock the software. This key can be distributed via packaging or some other online mechanism. There are a variety of tool kits available to allow corporations to easily build this capability into their products. Just search the Web for "software licensing toolkits" and you'll be busy for a few days wading through options.
Some shopping cart providers, such as Digital River Inc., include these kinds of licensing capabilities, offering an end-to-end method for everything from hosting a store, to distributing software, to managing licensing keys (so you don't have to). But be ready to part with a percentage of your sales for that privilege.
If organizations are worried about someone stealing their source code, then they need to look into a code-theft and antipiracy package. This is a nascent market, with players like V.I. Laboratories Inc., Arxan Technologies Inc. and Aladdin Knowledge Systems Inc., which actually encrypts the source code within an application so it can't be reverse engineered or stolen in any other way. These products tend to be pretty pricey (since it's an early market) and they aren't mainstream.
When dealing with Web applications, corporations should think about running PHP code using a tool like Zend Technologies Inc.'s Zend Guard, which provides a run-time environment to compile Web applications and thus shield the source code from the browsers.
- Security management expert Mike Rothman breaks down the topic of Web security, highlighting certain important areas.
- Michael Cobb examines if Web application security vendor mergers present better opportunities for buyers.
Dig Deeper on Web application and API security best practices
Related Q&A from Mike Rothman
In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about ...continue reading
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine ...continue reading
When developing software securely, what role does gap analysis play? In this security management expert response, learn how to implement gap analysis...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.