Software Escrow

Maintaining Business Continuity With Mission-critical SaaS Applications

SaaS applications are universal features of the modern business world. Unfortunately, they don’t always come with the guarantees that they should.

No matter what kinds of software your clients license or use, they run the risk of massive failures if they don’t offset their dependency on vendors with viable backup plans. From data center disasters to software providers going under, your clients’ reliance on third-party tools endangers their day-to-day operations and ongoing profitability.

 

The Risk Defined: What Happens When Software Disappears?

Continuity is vital to doing business. Your clients’ customers won’t simply give them a pass because their software wasn’t working on a particular day or because they got hacked. Although most companies are diligent about securing their own internal systems, they expose themselves to the mercy of fate when it comes to their software vendors.

The dangers of ineffective continuity planning are all too real. Some sources estimate the amount of revenue lost annually to IT downtime to be in the $26 billion range.

The history of IT continuity planning is also riddled with examples of huge companies dropping the ball. For instance, Hurricane Sandy shut down the New York Stock Exchange in 2012, and as recently as 2008,  Google Apps suffered major outages. The IT world has certainly come a long way since those dark days, but such events still underscore the need for corporate continuity planning that ensures companies can keep functioning after they lose vital services and SaaS components.

There are several basic forms of software escrow agreement depending on what you and your business needs:

    1. The most basic and fundamental software escrow agreement is the standard three party agreement.  This type of agreement is entered into by a software escrow agent (EscrowTech), a software vendor and a licensee.  A standard three party agreement is perfect for a situation where a single licensee is requesting a software escrow however the software vendor does not want to set up an escrow for their other customers.
    2. The next type of escrow is a multiple party agreement.  This allows for a software vendor to set up an escrow and register one more licensees to their escrow.  This allows for a software vendor to keep a single escrow account for all of their licensees.  This greatly reduces the amount of time it takes to manage an escrow and significantly reduces the escrow’s cost.
    3. The next type of escrow is for multiple licensees spread across multiple software products.  Instead of managing multiple escrows this type of escrow allows you to have one central agreement to manage everything.  Like before this greatly lowers the amount of time spent managing an escrow and their associated costs.
    4. Some licensees need something more flexible.  In this situation a licensee creates an escrow account that allows for multiple software vendors to register.  Each software vendor is given a separate space in an escrow vault and can submit escrow materials for the licensee.  This is a great way for a licensee to organize all of its escrow accounts.
    5. The next type of escrow is a minimum service escrow.  This type of escrow allows for a software vendor to create a multiple party escrow without paying a licensee fee for each licensee.  The trade off is that the licensee does not receive notification from EscrowTech and can be removed or added to the escrow by the software vendor without notification.  Depending on your situation and the level of protection your licensees need, this type of escrow might meet your needs.

iStock_000030895028_SmallCloud computing has popularized the approach to software solutions known as “Software as a Service” (SaaS). It enables many businesses to use software located in a vendor’s cloud instead of their own infrastructure.  Because of this many businesses find themselves relying on cloud computing and data storage for their day-to-day operations. Yet cloud computing is still a fairly new industry with many rules yet to be written. As an industry, it moves rapidly, with acquisitions, changes in support structure, and interruptions in service still being fairly regular occurrences. How does a SaaS escrow play a part in protecting your Software as a Service rights?

iStock_000073365803_SmallThere are several steps to keep in mind when agreeing upon a software escrow:

  1. The most important thing to decide for your company is which software applications should be escrowed in the first place. If software is mission-critical or difficult to replace, it should be escrowed.
  1. Ensure that the release terms in your escrow agreement are clear. Make sure both broad situations and detailed possibilities are both covered.
  1. Make sure your own company’s escrow policies are being followed. Often, companies set rules for themselves that apply to specific situations like escrow. However life happens and things get forgotten.

smallSourceCodeAll around the globe, companies license custom software that is critical to their business. Developing your own proprietary software can cost millions. For most industries, licensing pre-existing software for daily operations is both less expensive and less of a hassle to maintain. Yet how do you ensure that the company you’re licensing from doesn’t go out of business or otherwise breach a licensing contract? You can’t, and that’s why companies like EscrowTech exist.

Software and its source code can be stored, verified, and updated with us. This protects the vendor as they only have to distribute their source code to one trusted company instead of multiple customers who are demanding a source code license.

Just as important it protects the licensee. In the event a software vendor goes out of business, breaches a contract, or can’t maintain client-side operations, a release event is triggered. This releases the source code to the licensee so that they can continue the daily operations of their business unabated.

Searching for answers. Top view of man holding note pad with question mark on it while standing on the wooden floorEscrowTech maintains its primary offices at the Technology Law Center south of Salt Lake City, Utah. This is also where your deposited materials are stored – inside a dedicated, secure vault. The multiple levels of security that keep this site safe include video monitoring networks, card-key systems, constant surveillance, and a fire suppression system. This maintains security and safety for your escrowed materials, but the purpose of escrow isn’t only to plan for what you expect. It’s also to protect you and your company from the unexpected.

That’s why we maintain off site storage in a second location. We call this our Perpetual Storage Vault, and it’s located in Little Cottonwood Canyon. Literally located inside the Rocky Mountains, the location uses both the natural protection of tons of granite and the technological protection of advanced security to keep additional copies of your materials safe and accessible. It’s built to withstand even the worst natural and man-made disasters.

woman with tablet pc and chart papersDeveloping a software contract is a standard procedure most businesses are intimately familiar with – or so they think.  Even if you are a pro at dealing with Software as a Service contracts, software development or other software implications, you may be stunned to discover some of the basics of software contracts that you were unaware of before now!

A recent data survey of close to 100 critical corporate legal contracts (as it relates to software) revealed many security trends and “pain point” issues that plague the rest of the contract industry.   There were many insights, but some of them were so simple they were shocking.  For example, did you know that a full 75% of contracts were put together through cut-and-paste methods from earlier contract drafting?  Yet only 22% of those businesses realized they were in danger of high risk of error.

Escrow agreements are designed to meet a variety of stakeholders’ needs.  Everyone from the creative mind designing the software to the person who invests in a software company has good need for an escrow agreement.  Here are some considerations for the end users of licensed technology when deciding on an escrow agreement.

First, end users should realize that it is definitely in their best interests to get a software escrow agreement.  There are inherent risks associated with depending on software that is basically “mission critical” and not supplied in-house, but rather by an outside, third party.  Could you survive a service interruption due to a vendor bankruptcy or acquisition?  If not, you need to start your search for the right escrow agreement by considering the kinds of services you actually require.

Is your license locally installed, enterprise software?  If so, then a standard software escrow agreement should suit your needs just fine.  An escrow agreement will verify the source code, procure an important copy of the code and put a plan in place to monitor regular maintenance and other agreements.

What about cloud –based applications?  That should be handled more appropriately with a Software as a Service agreement, which creates a different level of continuation procedures, should the worst happen.  People who use cloud-based apps are particularly vulnerable to a shift in operating procedures should a vendor go bankrupt or quit for another, better opportunity.

Do you have a critical application?  You should consider having a technical inspection and possible penetration test to determine where the weaknesses of this critical program might be (particularly now as it relates to Big Data capabilities).

Have an expert walk you through the details of what escrow plan is right for the needs of your business.

dv2171024Some believe they are saving money by not taking on a software escrow.  But the reasons why many financial partners give for not taking on a software escrow agreement are actually myths that have long needed busting.  So here are a few of the most popular reasons people claim to not need a software escrow agreement – and the realities of the situation.

You can’t be expected to trust an escrow agreement company.  The truth is, a reputable escrow agreement is a third party, neutral vendor who has no bias toward either the licensee or the vendor.   The goal of a professional escrow firm is an agreement that protects and clearly defines the issues for both parties.

My source code is in jeopardy!  Nothing could be further from the truth.  In fact, an escrow agreement protects your interest in the source code because it specifies when and how source code can be released.  Just because the customer is “entitled to” the source code in some way doesn’t mean that the customer gets the source code whenever and however they want it.  There are rules governing intellectual property, and they protect the creator just as much as they protect your customers.

An escrow agreement will prevent your sale of the company.  On the contrary, any good investor who has any real knowledge of the volatility of software firms will insist on an escrow agreement before purchase or investment in a Software as a Service company or software firm.  An escrow agreement is protection for everyone.  It ensures a customer or investor that the maintenance is going to be in place and technical support is always available.

Knowing the whys and hows of your technology and how it works isn’t enough.  You need more communication about how escrow agreements really work.  Instead of relying on myths or rumors, why not find out yourself just how a software agreement can benefit your company?

ThinkstockPhotos-492151733It might seem like putting together an intellectual property or software escrow is about guarding against wrongdoing, but in reality, it is a great representation of trust for both sides.  It is just an extension of the trust that has already been going on for some time, and it enables everyone to breathe a little easier knowing the that the unexpected is accounted for.

Getting into business in the first place is an exercise in trust, if you think about it.  Customers have to trust your brand, you have to trust that the choices you are making in terms of product line, website design, software package and others are the right choices to make.  If you have ever had customized software, then you should know that what you are getting is the “object code” – the front piece that makes the software run.  The heart of the software is the “source code,” its guts, its essence, so to speak.  This code is a developer’s intellectual property, the bread and butter, as it were, of a developer’s profits.  They don’t want to share it, and understandably, they want to protect their investment.

-->