Things I like about some companies’ approach to software installation on employee’s machines:

• No mandatory and restrictive centralized software distribution system where all employees have to hope and pray that certain tools are available and up-to-date.
• No URL blocking or similar measures of distrust that would prevent employees from downloading and installing software.

This leaves room for a focus on education, knowledge sharing and trust that employees act responsibly.

Based on my experience, these are some useful policies / objectives for Open Source use at the workplace (especially for IT companies):

• All employees who work with a computer learn the basics about Open Source licenses (OSI definition, copyleft vs permissive, see link below).
• All employees who work with a computer learn about the differences of Open Source vs Freeware vs Shareware.
• The company establishes simple and employee-friendly policies for the use of Open Source at work:
  • Declare the major permissive (non-copyleft) licenses (Apache, MIT, BSD, LGPL, EPL, …) as pre-approved for all software library and tool use.
  • Declare all OSI approved licenses as pre-approved for stand-alone tools, i.e. where copyleft cannot affect any derived or bundled code developed at the workplace.
  • Software that satisfies the pre-approval criteria above should not require any further request or approval process.
• Additionally, the company could maintain a “blacklist” of software (versions) that are known to have security flaws or other aspects that make them unsuitable for use at the workplace.
• Recommendations can be given to watch out for and uncheck unwanted add-ons during software installations.
• Software development companies, should train their team leads in basic legal aspects like software copyright and license terms.