Organizations must be aware of the security dangers and other risks posed by cloud computing. Here’s one they may not have considered: users violating software licenses by sharing passwords.
Many cloud users share their log-in credentials with other people, according to a new report from the Business Software Alliance (BSA), an organization that advocates for software vendors in piracy issues. And that may run afoul of cloud computing services’ software licenses, the BSA said.
Among the computer users surveyed who use paid cloud computing services in their business, nearly half (42%) admitted that they share usernames and passwords with other people inside the organization.
The BSA noted that, in many cases, that isn’t a problem in terms of software licenses. Some cloud computing service agreements allow organizations to share accounts among multiple people, and many cloud services are paid for based on the resources that are consumed — for example, how much storage space is used — rather than the number of user accounts.
However, in other cases, sharing accounts may not be allowed by service agreements and doing so could be considered a form of software piracy.
In those situations, users may not know they can’t share login information and could inadvaertantly get their employers in trouble for violating cloud software licenses. To protect themselves, companies should examine the terms of their cloud computing service agreements and create a policy forbidding users from sharing credentials, if necessary.
That could also help prevent security problems, as sharing passwords increases the risk that they’ll fall into the hands of malicious insiders or other threats.
Cloud computing presents several new risks for companies — especially because it’s a new area for IT and users, and therefore it’s easy for someone to make a mistake without realizing it.
Read our earlier post for some of the hazards companies must consider when developing a cloud computing strategy.