Another consideration is the cost of taking legal action. I have to imagine in a lot of cases those would exceed the rev from the actual customization itself just in retainer. I have and still do consulting and personally I consider trying to put that level of constraint on things to be far more work than it’s worth after taking the legal fees and cost of extra time to “harden” it into consideration. You have to add another layer of management that most folks/companies would not be at all prepared to take on internally.
2 Likes
To simply answer the question: build external DLLs containing all your proprietary logic, then use something like Dotfuscator to prevent decompiling and provide a contract agreement with your client against decompiling to be transparent about your intent to not disclose proprietary code (which is what Epicor does). There are some cases where I see there being a real need to do this like if you use a code library you built independently which was not commissioned directly by the client (or you’re developing a third party addon), though I agree with others that for regular commissioned work providing full source is my policy and is the right thing to do.
2 Likes
Pierre, this needs to be specified by a contract stating who owns the work created by the consultant. Is the customer paying for their time and labor, or is the customer owning their finished work? Some companies think about this and have very specific terms, but some (maybe most) don’t. So… if there is no contract or license in place, all bets are off. The IP is totally free game.
I tend to agree with Joshua that in most cases the cost of legal enforcement is just not worth it, that the thing we may have created just doesn’t have that much value. That’s very situation specific though. If you built out something that took you 16 full weeks of development and saves a company several hundred thousand per year, well that’s probably worth protecting with a license and enforcing with a lawyer. But for most of the simple customizations that we all do here, it just doesn’t make sense to bother.
3 Likes
Something called EFT which literally could be done in a SQL stored procedure to extract data to a text file, Epicor CSG deliberately put in a DLL file.
Do you know what EFT is? I googled it and found a bunch of emotional blah blah and some references to Electronic Funds Transfer…
1 Like
For BAQs it is easy to hard code the company name as a table criteria or better yet a subquery criteria. If the customer sends it off to someone else it comes up blank. 95% of people wouldn’t know why it is coming up with nothing and would toss it.
Another simple trick would be to have a custom field in the customer’s database on the company table containing a value of 1. Within the query/customization something multiplies by that custom field. Someone receiving that customization would have no idea what’s going on related to that custom field after the customization bombs out.
1 Like