Software compliance and usage policy

Contents
1. Purpose ....................................................................................................................................... 2
2. Ownership ................................................................................................................................... 2
3. Permitted use of University software ......................................................................................... 2
4. Impermissible use of University software .................................................................................. 2
5. Software piracy ........................................................................................................................... 3
6. Software Responsibility............................................................................................................... 3
7. Software requests ....................................................................................................................... 3
8. Software budget ......................................................................................................................... 4
9. Software acquisition ................................................................................................................... 4
10. Central pool of licenses ........................................................................................................... 5
11. Software metering .................................................................................................................. 5
12. Software renewals .................................................................................................................. 5
13. Software monitoring ............................................................................................................... 5
14. Software compliance .............................................................................................................. 5
15. Duplication of Licenses ........................................................................................................... 6
16. Retirement or Transfer of License .......................................................................................... 6
17. Installation of Software........................................................................................................... 6
18. Storage of Software documentation ...................................................................................... 7
19. Record Keeping ....................................................................................................................... 7
20. Software Audits....................................................................................................................... 7
21. Surveys .................................................................................................................................... 7
22. Software management ........................................................................................................... 7
23. Software removal .................................................................................................................... 8
24. Staff and Student Leavers ....................................................................................................... 8
25. Contractors ............................................................................................................................. 8
26. Authorized software ............................................................................................................... 8
27. Software licence storage......................................................................................................... 9
28. Breach of Policy....................................................................................................................... 9
29. Conclusion ............................................................................................................................... 9
 Software compliance and usage policy

1. Purpose

The purpose of this policy is to ensure that the University meets its legal and contractual obligations, obtains
value for money and operates effectively and securely in its licensing, procurement and management of
software.

This policy applies to any staff or students involved in the specification, acquisition, installation, use and
maintenance of software and all software used whether purchased outright, leased, renewed, hosted via a third
party (Software as a Service), shareware or freeware.

Infringements of this policy may lead to disciplinary action against individuals under the University’s disciplinary
procedures and may result in legal action and criminal proceedings against the University and/or individuals.

2. Ownership

Software is not the property of the University or the User. All software is owned by a third party provider
(“Licensor”) and licensed to the University subject to terms and conditions. The Software, in whole and in part,
all copies thereof, and all modifications, enhancements, and derivatives thereto, are and will remain the sole
and exclusive property of the Licensor. All proprietary rights in and to the Software, including patents, copyrights
or any other intellectual property rights shall remain with the Licensor, or respective owner.

3. Permitted use of University software

All University software is only for academic or research use, or for the purposes of the University’s business and
administration, and not for consultancy work or commercial course delivery. In ambiguity, for consultancy or
other external work, users must contact CATS to check whether such use is permitted. Similarly University
software must not be used by placement students for the benefit of their employers.

4. Impermissible use of University software

 Use of illegal software, using software for illegal activities or using software outside of licensing terms
is not permitted.

 Use of software, which tests or attempts to break University systems or network security, is not
permitted unless CATS has been notified and given authorization

 Use of software, which causes operational problems that inconvenience others, or which makes
demands on resources that are excessive or cannot be justified, is not permitted.

 Software found on the University systems, which incorporates malware of any type, is not permitted.

 Unless explicitly included in software terms, it should be assumed that use for commercial research,
commercial training or consultancy are not permitted using academic licenses.

 Violating or breaching any third party agreement related to use of the Software;
 Software compliance and usage policy

 Selling, giving, lending, renting, sublicensing or otherwise transferring the Software, or any portions of
the Software, to any third party without the prior written permission of the Licensor;

 Decompiling, disassembling, modifying, translating or otherwise reverse engineering the Software to

discover any source code or underlying algorithms of the Software;

5. Software piracy

Software piracy is the act of stealing software that is legally protected. This stealing includes copying,
distributing, modifying or selling the software. It is illegal to copy a software program and install that single
program for simultaneous use on multiple machines. University employees and students are prohibited from
assisting in making or using illegal copies of software. Unauthorized copies of software programs may not be
used on the University equipment. This applies even though you yourself may not have made the illegal copy.
Purchase of the appropriate number of copies of a software program is necessary for maintaining legal status,
especially if you are using machines connected to a network.

6. Software Responsibility

Heads of institutions are responsible for ensuring that all software used within the institution and installed on
computers for which the institution is responsible has been properly obtained and is being used within the terms
of the software licence. The Head of the institution should delegate a member of staff to be formally responsible
to the Head of the institution for software licence management and compliance.

Respecting the anti-piracy laws of the country, GITAM does not allow any pirated/unauthorized software
installation on the university owned computers and the computers connected to the university campus network.

In case of any such instances, GITAM will hold the head of the department / individual personally responsible
for any pirated software installed on the computers located in their department/individuals’ rooms.

For any compliance claims by any software vendor, the person responsible for violation of compliance will take
full responsibility of the violation and its consequences.

7. Software requests

Below are the guidelines for requesting lab software. Exceptions to the guidelines may be made for discipline
specific labs.

 All software requests (academic labs, research labs, personal use) are placed using G-Indent portal and
filling all the required fields as requested in the G-indent portal.

 Software requests for academic lab purposes must indicate the number of labs and computers in which
the software will be installed.
 Software compliance and usage policy

 Software must be compatible with lab computers and existing software.

 The software must have manufacturer’s support. No software will be installed unless there is adequate
documentation and/or OEM support.

 Technicians from CATS can assist you in determining whether the software is compatible with our lab
environment.

 The software purchase must include enough licenses for all computers in the particular labs in which
the software should be installed.

 No DOS based software will be installed.

 Only one version of a software package will be encouraged to be installed. Older and newer versions
installed together may cause a problem on the computers.

 Please check to see if we already own a software package that meets your needs. By purchasing
multiple software packages that essentially do the same thing, we use up valuable hard drive space and
spend money needlessly.

 Only authorized personnel from CATS and support staff are granted rights and privilege to install
software on the University servers and endpoints.

 Software that needs to be installed in computer labs and/or smart classrooms must be received by CATS
four weeks before the upcoming semester. CATS needs to test the software, create an image, and then
place that image on the necessary lab computers before lab begins.

 Any software presented after semester begins cannot be installed in the labs.

 If you plan to purchase software after semester begins (for budgetary / student enrolment reasons),
please advise CATS so we test an evaluation copy and image can be created for labs.

Your assistance will ensure that computer labs are operational for all faculty and students before classes begin
each semester.

8. Software budget

The cost of the software, its renewal, support and maintenance is to be budgeted and borne by the institute.
The acquisition and installation shall be facilitated through CATS.

9. Software acquisition

Software should be purchased in accordance with university purchasing procedures ensuring that the correct
type and number of licenses are being purchased.
 Software compliance and usage policy

CATS should be consulted to discuss any existing availability of the software on campus, identifying and ensuring
existence of suitable hardware to run the software, requirements for licensing and deployment / installation of
the software as well as regular security patching.

When acquiring software and training or when renewing software licenses, the departments/institutes must
budget to meet the full costs at the time of acquisition or renewal.

Software will be purchased only from reputable authorized sellers. This policy applies to acquisitions of hardware
that includes bundled or pre-loaded software.

Software acquisition channels are restricted to ensure that GITAM has a complete record of all software that
has been purchased. This includes software that may be downloaded and/or purchased from the Internet.

10. Central pool of licenses

In order to save money by reducing duplication, CATS will look to adopt pooling of licences for software
packages in use in multiple schools or support services. Each software package will be considered on a case by
case basis based on costs, usage and possible overlap with other similar packages.

11. Software metering

The use of all software installed on the University’s networks shall be controlled and monitored to ensure
compliance with licensing agreements and to inform decisions on re-licensing and value for money. IT Services
reserves the right to remove and redeploy unused software in order to elicit best value for money from existing
licences.

12. Software renewals

Due diligence shall be exercised at the time of software renewals, where applicable with software usage data to
make informed decisions on renewal of the software. Accordingly, a decision shall be taken by management to
increase the software availability, reduce or remove the software availability.

13. Software monitoring

Due to requirements placed on the institution to monitor and report on software installations and use, all
university owned computers may be required to have software or agent installed to report on software usage.
This is irrespective of the machine being on a managed service or not. Over time it is anticipated that monitoring
software usage will allow us to reduce software costs by only renewing licenses that are required.

14. Software compliance

Compliance is an ongoing process and involves information collection and coordination with software
vendors. The information collection will allow us to adequately analyze our current and future needs as a
campus in terms of software replacement and new acquisitions. CATS will proactively work with software
vendors to determine the most cost effective licensing arrangement based on our use of the software.
 Software compliance and usage policy

In order to be fully compliant with our software agreements, ITS will maintain proof of purchase of the license,
the license agreement, the software certificate (if applicable), and an accurate record of individual licenses given
out to various faculty and staff members, if the agreement is not a site license. ITS will maintain these records
in a database to ensure we do not fall out of compliance.

CATS will review existing software agreements periodically. If it appears we are getting close to using all
individual licenses for any particular agreement that is not a site license, CATS will research the possibility of
negotiating with the software vendor and purchasing more licenses, if deemed necessary.

If it is discovered that we are out of compliance with an existing software agreement, CATS will take measures
to ensure we become compliant immediately. This could include discovering that software has been installed
on more machines than anticipated. If this is the case, CATS will either (a) remove the software from any extra
machines, or (b) negotiate with the software vendor for more licenses. If the latter, the department(s) using the
extra licenses could be asked to contribute to the expense of purchasing more licenses.

15. Duplication of Licenses

Software shall not be duplicated, reproduced, or installed on more than one machine without prior written
authorization from the CTO.

16. Retirement or Transfer of License

The following rules apply when a license or licenses are replaced by newer versions or are being transferred
from one user to another:

 Licenses shall not be uninstalled from one user’s machine and re-installed on another user’s machine
without written request from the head of the institute.

 All software and documentation for releases or versions that have been replaced by newer versions are
to be returned promptly to CATS.

 All software and documentation for those products no longer required should be returned promptly to
the CATS and the software must be uninstalled from the computer system.

17. Installation of Software

All approved software shall be installed by an approved staff from the CATS on the computer systems of the
University. Only those persons explicitly authorized by the University shall be eligible to install software on the
servers and computers. Such persons shall not do so until CATS has first obtained an appropriate license for that
software. A software upgrade shall not be installed on a computer that does not already have a copy of the
original version of the software.
 Software compliance and usage policy

18. Storage of Software documentation

Once installed, the original media will be kept and maintained by CATS

19. Record Keeping

CATS shall keep and maintain a register of all software (media–installation disk/files) of the University. The
register must contain: (a) the title and publisher of the software; (b) the date and source of software acquisition;
(c) the inventory of installation done; (d) the existence and location

20. Software Audits

University reserves the right to inspect user’s computer system for violations of this policy. CATS will conduct a
regular audit of all computers systems (including portables) and servers of the University, to ensure compliance
with all software licenses. Periodical audits shall also be conducted at random on users as appropriate.

Audits will be conducted manually or by using an effective auditing software product in a manner that is the
least intrusive and disruptive to users. The full cooperation of all users is required during audits. Users must not
remove or delete software. Removal or deletion of software must be done only by authorized CATS staff.

CATS will operate software asset discovery tools in order to audit software installations on the University’s
networked computers and servers on a regular basis, to compare them against licences owned by the University.
Employees with University laptops or computers which are normally located off-campus must produce them for
software audit at the request of CATS.

21. Surveys

To ensure adherence to the software usage policy and related national laws and statutes, the University reserves
the right to monitor software installations and usage on all its computer systems, as well as any privately-owned
computers when used to conduct University related job.

CATS shall conduct periodic software use surveys to determine existing and future software needs. Users will
complete the surveys promptly and to the best of their abilities.

Any staff member who becomes aware of the installation, copying, use, distribution, or transmission of software
within this organization that is illegal or in conflict with software management and usage policy of the University
should promptly notify the CATS.

22. Software management

Deans or heads of support services are responsible for ensuring that all software used within the department,
and stored on computers for which the department is responsible for, has been properly obtained and is being
used within the terms of the software license. For each item of software managed by a department, they should
ensure that adequate records are kept about the software, such as:

 The name, platform, and version number of the software

 Software compliance and usage policy

 The number of copies purchased

 The date purchased and purchase order reference

 The location of the software licenses (if a paper license was issued)

 The location of the installation media, installation codes and documentation

 Any restrictions on the licensed use of the software

 Date of renewal

These details should also be passed to CATS who will maintain a central record.

23. Software removal

 Software found that is not license compliant must be brought into compliance promptly or shall be
uninstalled.

 Software that is known to be causing a serious security problem, which cannot be adequately mitigated,
shall be removed from service

 Operating systems and application software must not be abandoned or otherwise left unmaintained
for extended periods. Systems and application software that are no longer required shall be
decommissioned.

 When decommissioning a computer system for disposal or re-use, appropriate measures must be taken
in relation to any software and data stored on it. Software shall be removed where not doing so could
lead to breaking the terms of it license.

24. Staff and Student Leavers

Staff and students who leave the University and who have had University software and/or data installed on
computers owned by them must remove all such software and data immediately. Any University software
entitlements for software installed on computers they own cease.

Department of Student affairs and Department of Human resources are responsible to ensure this policy is
enforced while signing no-due certificates for students and staff respectively.

25. Contractors

Contractors, suppliers and temporary staff at the University are covered by the terms of this policy and must not
introduce unlicensed or inappropriate software to the University’s computers or networks.

26. Authorized software

 Software compliance and usage policy

Only software authorized by the University shall be purchased, installed, or used on the University computer
systems. Personal software, or software that a student or employee has acquired, shall not be installed on
University computer systems.

27. Software licence storage

As far as is practical, software licences will be stored at CATS.

28. Breach of Policy

Staff or students who breach this policy will find themselves subject to the University's disciplinary procedures.
Individuals may also be subject to criminal proceedings. The University reserves its right to take legal action
against individuals who cause it to be involved in legal proceedings as a result of their violation of licensing
agreements and / or other contraventions of this policy.
29. Conclusion

In conclusion, the institution cannot afford to ignore the significant role the end users play in the ability to ensure
that the University operates within the boundaries of its license agreements. The right technology and effective
processes, while absolutely vital to the success of our policies, rarely go far enough toward addressing a dynamic
environment in which software/ applications residing on computer systems fluctuate on a daily basis. By
developing, communicating, and enforcing an intelligent software management and usage policy, the institution
will add much needed balance to the IT policies and ensure that they remain on firm ground.