So, does the BSA believe that business cloud services should limit accounts to one simultaneous login? "It's an interesting question," BSA’s Reid said. "I think it's based on each individual business model and how each company wants to deliver its product and charge for it.
Cloud Sherpas' Hoff said whatever a software vendor decides, the cloud ultimately gives it more control over the product. "There is a lot more capability for organizations to control their own destiny," he said. "Any company that's starting out today is going with SaaS. You rarely see new desktop software coming out with just the old model."
That said, Hoff believes cloud apps and SaaS models are completely foolproof when it comes to abuse. "I do agree there are new sets of challenges with cloud," he said.
Along with sharing login credentials, the BSA highlighted the possibility of "dark clouds" that provide unfettered access to unlicensed software. Unlike digital lockers and file hosting services like Megaupload, where users can simply upload/download pirated content, public or private dark clouds can be used to deliver pirated software-as-a-service. Similarly, the BSA says "gray clouds" can be used by enterprises to take legally purchased software and offer it to more users than the licenses allow.
While the BSA's survey did not include any data on dark clouds or gray clouds, the organization is touting such activity as a major concern. "What we're seeing mostly today is credential sharing, but we're watching dark clouds very closely because it's the ripest area for enterprise [license] abuse," Reid said.
But, Bi101’s Lalor said coordinating credential sharing is hard enough for some businesses, and he doesn't see more companies being able to successfully build private dark or gray clouds. In addition, corporate clouds are still in their infancy; CRN sister publication InformationWeek recently reported that just 21 percent of businesses have private clouds in place now, according to InformationWeek's 2012 Private Cloud Survey.
But, the BSA believes as more companies embrace the cloud and more software vendors build out their applications for cloud and SaaS models, the risk of abuse will increase. "All of these software companies, our members included, are moving to the cloud," Reid said. "And, what we've heard from our members is that they are concerned."
PUBLISHED AUG. 23, 2012