- Best Practice (18)
- deposited material (9)
- Developer Escrow Agreement (5)
- G-Cloud (5)
- green technology (1)
- ISO 9001 (11)
- MirrorWeb (1)
- Saas (13)
- Software (16)
- Software Escrow (30)
- Software Escrow Agreement (20)
- Software Escrow Cost (6)
- source code (9)
- Source Code Escrow (14)
- Technology (3)
- TES – Directors (1)
- total escrow solutions (3)
- Uncategorized (5)
- Website Security (1)
What is Software Escrow: The Basics
June 13, 2014
All right, you are getting someone to write software for you. This scenario could have two outcomes: either you get a fantastic custom solution to your problem, or turn into a nightmare, should things go wrong. In order to avoid Scenario nr.2, software escrow comes in and protects you in certain project types, in case something goes unexpected.
Truth is when you contract out for software to be written for you; there is much involved in the process and many decisions to make. Among the most overlooked ones is whether you get a copy of the source code or not, upon the completion of the project. What is a source code? When the programmer creates a program, he/she writes instructions. The collection of these instructions is the source code. Then, the source code is transformed into what you actually run, the executable (.exe), if we can use that word, which is common for many types of programs. Source codes could be either publicly accessible, or closed. The second approach is more often used when companies want to retain their trade secrets and intellectual property.
So, the question is, Do you get a copy of the source code, or does it belong exclusively to the programmer? If you get a copy, you are free to assign someone else to make any future changes or updates, in case your developer runs out of business for any reason (usually bankruptcy) or your source code simply disappears into thin air. If not, you probably have no disaster recovery backup plan, and your business continuity is severely jeopardised.
This is when software escrow comes into play. In software escrow agreements you (the beneficiary) and the developer (Owner) agree to give a copy of the source code to an escrow agent, meaning a neutral third party. Escrow agreements also specify which conditions of the source code could trigger its released, by the selected escrow agent (e.g. developer’s going out of business). With software escrow, you have a win-win situation, where both you and the developer are protected. Verification testing is also an option you can ask for, be it for technical or standard inspections. Every time the developer submits materials (see source code), the escrow agent conducts a physical audit, and checks the materials for obvious discrepancies or other problems. Additionally, the escrow agent, the Beneficiary, and the Owner could agree on the type and scope of technical verification services to be conducted by the escrow agent. These services could include the verification that the new materials placed into escrow meet the technical requirements, as illustrated in the license agreement between the Beneficiary and the Owner, or other agreed upon conditions or standards. At this point, there are numerous levels of technical verification services available, depending on the escrow agent’s provided services, which meet the Beneficiary’s needs. Of course, they are scoped and priced per case.
Now, for those that are either Software-as-a-Service providers or subscribers, adopting cloud applications pose several risks. As a provider, you are the manager of processes and data essential to a subscriber’s business. Therefore, the risks of this relationship often surpass the benefits of cloud applications over software on premises, which compromises the growth of both organisations. Escrow agents can help you out, by creating a standby recovery site that ensures application continuity, among others.
Being prepared for the unexpected, is definitely a wise move. With escrow software, you can be ready to take control and retain business continuity, at any given time, and forge ahead!