Software companies think escrow is useless

Tweet

 

Post by: Emily Simmons, Account Executive

So I have been selling software escrow services for almost five years now and commonly I get a call from a developer that tells me he doesn’t want to spend the money on a service that his client won’t be able to use, yet they are contractually obligated to set up a source code escrow agreement. I also get frantic calls from software companies that “hoped” their client forgot about the escrow obligation in the contract and now the software company needs to get them enrolled ASAP because they never fulfilled the obligation in the first place and the end user requests a copy of the escrow agreement that was never set up.

I completely understand. Why would anyone want to purchase a service or product that they feel is useless?

That is where I come in! I educate my clients and try to engage them enough where they are listening to me over the phone rather than checking their email and waiting for me to ring off a number they write down so they know how much escrow costs.

Escrow is not useless, but many companies have never experienced a release process in the first place or had a properly drafted escrow agreement that allows for a release process to be successful.

Below is a quick bullet list that I created to show that escrow is not useless to the software companies we love!

• First and foremost it is a great sales tool!
  Escrow Agreements show your client you are committed, take the “what happens if you go out of business?” elephant out of the room and help you close deals. In addition it helps you keep a pulse on if and when clients are going to renew with you or go with your competition. If they don’t renew their escrow contract a red flag should go up for your organization internally.

• With the proper deposit escrow is not useless.
  If you put a list of the key personnel involved in the creation of the source code, a list or even a copy of third party software necessary in order to compile the code, as well as thorough build documentation, a release can be successful. Either an end-user has the engineering staff to compile the source code and recreate it internally or they will hire on the engineers from the defunct software company to utilize what is in escrow.

• Testing and verification add value to the escrow service and can actually help software companies get organized. If the escrow agent properly simulates the release scenario by performing full verification on the escrow deposit we document all of our findings and give this information back to you. You can utilize our findings to help create better build documentation for internal use and show the results of the test to all other potential or current clients to increase your client retention rate and sales. Professional escrow providers have an expert engineer available that has experience compiling source code and will engage with your key developers to make the test successful.

• Escrow services allow you to lower your risk by offering redundant storage of your source code, and believe me we get calls every now and then that the software company needs a copy of what is in escrow for your own benefit – not even for the client’s benefit.

Escrow can actually be a better investment for the software companies that are reluctant to the idea. It provides additional back-up, often additional build documentation that can help improve your internal processes for creating the code, and allows you to bring in more business and keep your precious clients happy. In addition your risk is minimized by the restrictions of use clause in the escrow contract. Even if a release occurs typically your customer can only utilize the source code for internal purposes as the License Agreement allows.

Cloud computing: Expert legal advice from Milton Petersen

Tweet

 

Beware of the Legal Risks of Cloud Computing 

Article by featured guest Milton L. Petersen
of HunterMaclean

As companies struggle to deal with this sluggish economy, "cloud computing" is often perceived as an easy, efficient way to quickly reduce information technology costs.  However, before heading off into the cloud, companies should be aware of the serious potential legal risks and implications of cloud computing.

"Cloud computing" can be defined in countless different ways, but it generally refers to the use of remote computer networks or resources operated by third parties to process, store, and manage data.  There are also countless different cloud service providers, but some of the largest include Amazon.com, Google Inc., and Microsoft.  While particular service offerings also vary, these large service providers basically provide computing services on almost a commoditized basis - much like a utility company provides electricity, gas, or water.

Potential cost savings is one of the most attractive perceived benefits of cloud computing.  However, at least from the point of view of legal protections, one can't help but be reminded of the old adage that "you get what you pay for."

The form contracts or terms that cloud service providers typically offer (especially in online, "click-through" agreements) are generally quite one-sided and contain few, if any, terms to protect their customers from potential legal risks and liabilities.  Only large companies will likely have the leverage to negotiate material changes to those terms.  Small companies will often be faced with a "take it or leave it" situation.

Some of the most significant legal risks regarding cloud computing relate to what data will be entrusted to the cloud service provider.  Companies should be especially wary if they will be storing personal or individually-identifiable information (such as customer's names, addresses, credit card numbers, etc.) on the cloud service provider's computing resources, the location of which may be unknown or subject to change.

Data privacy and security continue to become increasingly important societal concerns, and nearly every state in the U.S. now has a law that requires notification of affected individuals in the event of a security breach involving unencrypted personal information.  Companies in certain industries, such as healthcare, finance, and telecommunications, are subject to additional regulations regarding the use and disclosure of personal information.  Further, if information on individuals from outside of the United States is involved, stiff privacy laws of other countries (such as the member states of the European Union) may apply.

A cloud computing customer loses physical control over its data by storing it in "the cloud," but it remains legally responsible for what happens to the data.  The potential liability that a company could face in the event of a security breach by a cloud service provider (not to mention reputational damages) could be quite high.  And the limitations of liability in the form contracts typically offered by cloud service providers not only broadly exclude recovery of the types of damages most likely to be suffered as a result of a security breach (i.e., incidental and consequential damages) but also cap the total damages that can be recovered to a relatively small amount.  Thus, the legal recourse that a company may have against its cloud service provider in such a situation could be severely limited.

Companies should carefully weigh the advantages of entrusting sensitive or personal information to cloud service providers.  At the very least, before entering into a cloud computing arrangement, a company should conduct "due diligence" with respect to the prospective cloud service provider and its operations, investigating, for example, where the provider's data centers are located, the types of security measures employed by the provider, whether the provider will commit to third-party security assessments, compliance with third-party security standards, or the conducting of security audits, whether data will be returned at no charge in some industry standard form, etc.  Companies should also carefully review the standard contract terms offered by prospective cloud service providers and determine whether negotiation of those terms is possible

As the information technology age continues to mature, the prevalence of cloud computing is likely to increase.  But before joining this trend, make sure that you are aware of the potential risks.  Don't get lured in simply by the promise of a silver lining.

____________ 

Milton L. Petersen is a partner with HunterMaclean’s Information Technology Practice Group. He can be reached at 912-238-2629 or mpetersen@huntermaclean.com.

To learn more about Mr. Petersen click here to view his bio.

Software escrow is dead

Tweet

 

Attorneys, developers and end-users constantly dispute whether or not software escrow is a necessary service. Being in the industry, I am slightly biased; however, I can say that I do understand and appreciate their arguments. Is escrow something you can live without? Absolutely! And many businesses do.

Regardless of your role in the software cycle and the types of escrow (source code, software, hardware, technology, SaaS, formula, etc.), there's something to be said about the existence of escrow. What is the purpose of escrow, really? For developers it protects their intellectual property and establishes/confirms their reputation. Escrow for end-users is like insurance or peace of mind that if the software stopped working business could continue as usual. Attorneys are usually referring clients to escrow providers or offering escrow services through their practice. Everyone has a vested role in the cycle.

The real question is, "why do I need it?"

I could give you 25 reasons why as a developer or end-user, you DO need escrow but I think the optimal approach is to conceptualize not having escrow.

So you've been running your business for years and never needed escrow. Perfect! That is fantastic news for you and your clients.

Even better, you've created software business solutions for numerous verticals and you're just starting to build your client base. A new client trickles in every few months but WOM (word of mouth) isn't taking off like you expected and overhead is hurting your wallet, you've already relied on your angels. You need more business. Now what? How can you distinguish yourself from the thousands of other vendors? What makes you different? What risk management do you have in place?

As a customer, wouldn't you be impressed if when you were making a large investment for CRM solutions for your organization the developer also had escrow in place to guarantee their credibility? A guarantee that if something unforseen were to happen to the provider your investment would be protected. I think so!

This is one small example of how software escrow is more of a risk management solution. Again, you certainly do not need escrow and I ask you to ask yourself how many times have you said to yourself, "if only I had . . . " Escrow is merely a solution to the "if only" moments.

So,is it really dead? I would argue to say no. I think with the growth of the SaaS model, many people feel there isn't a need for escrow. What they fail to realize is -- they do not own their information. For end-users, my question is -- what would you do if tomorrow the CRM, HR, Accounting, software you're using (in the cloud) fails to keep running? Or even mission critical software not in the cloud?

I think this is a very exciting debate. To escrow -- why or why not? Personally, I feel as though it's not that escrow is dead but that there is a lack of awareness. I think this will require another follow-up blog in the near future.

What are your thoughts? I'd like to hear from you (the person not working for an escrow vendor). Is software escrow dead?

SaaS risks: Worst case scenario. What would you do?

Tweet

 

Post by: Ellen Oblen, Account Executive 

Sounds like such a wonderful idea to buy software over the internet, doesn’t it!  Just make sure that you have thought through all of the potential risks (and these are just a  few) associated to this cost savings.  You may end up having to work really hard to earn your savings.

Top questions to think about?

• Do you have access to your data? If you didn’t have access to your data, what business implications would there be in the time that would be lost retrieving the most up to date data?  If you had it securely stored and knew exactly where to go to retrieve it, wouldn’t that be a great plan B for your business continuity?

• Is your data stored with the SaaS provider?  We have heard and seen horror stories of the time it took to get data back from your provider to the data being returned in a format that is so difficult to port over to another provider.  Would that time be lost revenue to your business?

• Is your data co-located on servers with many other clients?  If you are a health care provider and your data is co-mingled with other’s data, does this breech every HIPPA law imaginable?  Has your SaaS provider written a script to extract just your data to provide you at any time?  JUST ASKIN’.  Will they charge you more to do this service?

• How long would it take you to do a conversion of your data and application to another provider?  How much data would you lose because of the costs involved?  Data conversions are huge projects that are not simple and very costly!

Your escrow provider can help!  Escrow vendors are being pulled into the SaaS market more and more everyday because of these same questions.  We have developed solutions to specifically address the additional risks associated with the cloud that many may not be thinking about.

What SaaS escrow questions do you have? Have you experienced any similar issues mentioned above?

The high price of poor client services

Tweet

 

Nearly 20% of all our new clients transfer to Escrow Associates from another software escrow provider for one reason; they have paid the high price of poor client services with another software escrow provider. 

The common complaints that we hear are:

1.  The escrow agent cannot accurately handle my account details. Typically this complaint is centered around accurate record keeping:

• Beneficiaries have not been enrolled in a timely or accurate fashion.
• Deposit materials have been misplaced.
• Their Client Services representative changed every time they needed assistance.

2.  The cost of the escrow service became excessive.

• Escrow costs - Some providers employ a service model that requires the software depositor to open a new agreement for virtually every conceivable activity (i.e. adding a new product to the escrow agreement or changing a few escrow terms for a new beneficiary).
• Internal (“soft”) costs – More escrow agreements mean more legal, engineering, contracts and purchasing time is required.  In the typical scenario the depositor’s soft costs more than double the actual escrow fees on an annual basis. 

Software Escrow Top 10 List (Letterman Style)

Tweet

 

Top 10 signs you chose the wrong escrow vendor

#10  The vendor has an office - in their house. Size does matter! Too small and they could be running an escrow business out of their home. Too large and you could end up being just another number because they dont' specialize in escrow.

# 9  They're not a neutral third party. The transaction needs to be in the best interest of all parties involved and the vendor should be unbiased and merely there as a provider of escrow services.

#8  Your source code is being stored in any of the following: a basement, a bank vault, a closet . . . do you know where you're IP is being held? Do you have access to your money maker?

#7  Al a carte costs. Software escrow isn't like ordering off the drive-thru menu! You want a vendor that will have fair pricing and a great combo meal. Chances are you don't want to be hit with hidden costs.

#6  Every time you call customer service, you hear a new voice. Sam, Carla, Norm, Cliff . . . Who doesn't want the Cheers experience? Where everyone knows your name.

#5  They're new or up and coming. Too much room for error is what I hear. Do they have references or for that matter, clients? How long have they been in the industry? What is their background? You want an escrow vendor with a stable history and most importantly positive client feedback. Always check out the testimonials. If you can't find them or they can't provide any, keep it movin.

#4  Creating an agreement is like running a three-legged race BACKWARDS. Your vendor should allow you to customize your agreement based on your specific needs. There is no such thing as a cookie cutter agreement and if they tell you there is - run (FORWARDS)!

#3  Their limitation of liability is capped. Remember that saying, "too bad, so sad," well it's sort of the same. During the research stage many people forget to question the vendor's LOL. This leaves you asking, what is my IP worth to me? Or in this case, the person responsible for protecting it.

#2  They are the cheapest vendor you could find. Listen, since the beginning of time we've been clipping coupons and today we may be clipping Groupons and there's no shame to our game. Smart shoppers are savvy shoppers, but savvy doesn't mean cheap. As I've mentioned before, "you get what you pay for." Shop around and research for sure, but just remember the right questions to ask and that this person will be holding one of your most prized possessions - your intellectual property.

And the #1 sign you chose the wrong software escrow vendor . . .

"It's who everyone uses!"  Ok, flashback time . . . I'm sure at one time in your life a teacher or parent said to you "if all your friends were to jump off a bridge, would you jump too?" Word of mouth is great but don't jump without doing your research first. It could lead to a bumpy road.

What made you choose your current vendor? What questions do you have about shopping for an escrow vendor? Share your thoughts!

Why not transfer your software escrow agreements?

Tweet

 

The first question you might ask is, "why would I want to transfer my agreement(s)?" Well, just like with any other services you have in place, sometimes it is in your best interest to transfer to another provider. Sometimes it's because the quality of customer service no longer meets your expectations or maybe the prices have risen beyond what you have budgeted. For example, when is the last time you've shopped around for car insurance quotes? I'm sure many of us haven't and only because we've been with the same provider for so long it's one of those "out of sight, out of mind" type things. Your software escrow account is most likely on that list of services that gets overlooked.

With the new year here and finances a bit tighter it can't hurt to start shopping around again. Think about your experiences holistically - customer service experiences with your current vendor, the billing/accounting processes, the flexibility of your vendor and the cost - are they competitive and willing to negotiate?

Transferring your software escrow agreement or agreements should be a rather smooth process and could potentially save you a great deal of money.

Some questions to consider when reviewing the possibility of transferring:

• What will my organization gain from transferring?
• How much money will I save if I transfer?
  
• If I have multiple agreements, can I consolidate them once I transfer?
• What does this new software escrow vendor offer that the current one does not?

As with transferring anything in life, whether it's a bank account, auto title, or software escrow agreement, the whole process can seem a bit daunting. Discuss with the potential software escrow vendor your concerns and ask them how they plan to make this transition as seamless as possible.Also be sure to review their testimonials to see what other clients have to say about their experiences.

What are some of your concerns? Do you fully understand the benfits of transferring? We welcome your questions and look forward to assisting you. Post your questions and we will be here to answer!

Don't hyperventilate, it's just source code escrow

Tweet

 

Blog by: Angelia Miller, Account Executive

The phone rings and it’s a software developer in a full blown panic stricken voice. His client has just asked him to enter into a source code agreement. Visions of sending this poor soul a brown paper lunch bag to breathe deeply into immediately run through my head. I start my conversions off by saying “hey, it’s going to be just fine and let me tell you the reasons why. . . ”

If your client is asking you to store your source code, it’s a buying signal that they want to purchase your software. This is a good thing!

They simply don’t want to be left begging for their job back, if you fail to facilitate your product(s) or worst case scenario: go out of business. This is a way for you to show you believe in your company and will be around to service the product(s) you just asked them to purchase. You say "oh, yes it is" and I say "no, it’s not and here’s why." You plan to offer them best class of service and have no desire to go out of business any time soon. So breathe deeply and have bigger fish to fry.

Since this request is new to you, your main concern now should be who to engage to store your source code. Are you kicking tires looking for the cheapest prices? If so, you better grab that brown paper bag and start that breathing treatment immediately.

Cheapest will not get you there in the world of escrow source code providers. You are not shopping for a gallon of whole milk where there may be a slight difference in taste or process of manufacturing. You’re looking for reputable IP technology escrow company to store your greatest company asset.

Source code escrow is a non-regulated industry. Just because someone slaps a magnetic sign on their car door that touts they are the best-biggest-greatest doesn’t always make it so. Ever heard the saying “you can put lipstick on a pig; however, at the end of the day you still have a pig?” Do your research and question your providers till they scream "Uncle!" You want to trust the company you hire to offer you services that are reliable and will respond to your needs.

The tier one provider is in business to offer you the level of service you EXPECT. The tier one provider understands all your concerns and will welcome your questions. What are the questions you ask yourself? Here are just a few that will lead you in the path of making an education decision.

• Where is their office located?
• Ask for very specific details of their media vault storage. How is their media vault constructed?
• Should you need to gain access to your source code what is their protocol? Some escrow companies operate from their homes with an employee count as small as 3. If they don’t have an office or trained staff chances are your source code is getting stored in their file cabinet with a P-touch label on a Ziplock bag. You’ll want to continue your search.
• Do they offer industry specific Professional Liability insurance for client protection? 
• Can you download your source code deposit by using a secured FTP credential system that has been set up by your provider to insure safe and secure transfer? Or do you have to head out to the local shipper and pay to package and ship your source code?
• Does your escrow agent have agreements that allow for modifications? Some clients have very specific requirements that may need to be added into an agent’s standard agreement. You and your attorney may need to customize the agreement to suit your specific situation. Can your agent allow for this type of request?
• Do they have quick turnaround for contract reviews and executions?
• Do they have experienced escrow representatives to assist with contracts?

If you have answered "no" to any of the few questions above you will need to continue your search of providers. Do some CSI work on these providers and go with a well-known tier one provider as in: technology industry known (not website stated "tier one provider"). And, if you’re still uncertain ask a leading IP attorney. They’ll certainly be able to refer you.

See, the client asking you to store your source code wasn’t that bad - it was a buying signal. Smile and say, “sure I’ll be happy to start the process of finding us a reputable tier one provider”. In the end, just remember the old sayings “you get what you pay for” and a educated consumer is the best kind of consumer.”

In appreciation of Dr. Hawkins and technology

Tweet

 

Not to toot our horn, but for just a moment I'd like to brag about our clients. We have an impressive list of clients who provide services with some respect to technology and they are awe-inspiring!

Many clients specialize in niche areas that I honestly had never heard of until starting with EA. They utilize or create technology that is so advanced and so specific that often times it's only one piece of the puzzle. In other words their intellectual property is sometimes a part of a part of a part that makes up a huge machine that provides some fantastic end-result. That being said, February is Black History Month and I wanted to acknowledge a piece of the technology puzzle created for the telecommunications industry by Dr. W. Lincoln Hawkins (March 21, 1911 - August 20, 1992).

According to Massachusetts Institute of Technology, "Hawkins made universal telephone service possible by co-inventing a chemical additive that prevents the plastic coating on telecommunications cables from deteriorating."  At the time, there was only a lead based coating that was used to cover the lines, which was too expensive as well as heavy. Dr. Hawkins invention allowed for less expensive insulation that was also tolerant of weather conditions, unlike the lead. In recogonition of his contributions, Dr. Hawkins was awarded the National Medal of Technology in 1992.

Inventors like Dr. Hawkins and clients like ours who supply these fascinating pieces of technology and software push boundaries that allow us to be the advanced society we are today. Thank you to Dr. Hawkins and all African-American inventors for your contributions to society.

(http://web.mit.edu/invent/iow/AAweek4.html)

Technology Escrow: I Get It!

Tweet

 

Blog by: Susan Johnston, Account Specialist

I was a technology neophyte. In the beginning I knew how to turn on my computer; how to withdraw money from an ATM; how to set the timer for my microwave. I knew “someone” wrote a “program” to enable me to do these things. I eventually learned a more modern term for “program” was software. Additionally, I learned most things modern are considered technology, meaning not by hand. Next, I realized technology was run by software and software was available because of technology. It was pretty overwhelming. As I progressed through my timeline of technology discovery I learned of professionals like Chief Information Officer, Vice President of IT, IP attorneys, Software Engineers – they developed, used, managed all of these modern tools of everyday life. It all started to make sense and became part of my everyday vernacular.

My most recent discovery in the overwhelming realm of technology was the existence of technology escrow. I was amazed such a service existed, and yet, it made perfect sense. As a former banker I was well acquainted with the term escrow; i.e., per a formal agreement called the loan agreement, a neutral party, the mortgage servicer, holds cash for a future purpose to protect the interest of two other interested parties, the loan holder and the property owner. The concept is very simple and straightforward – as long as payments are made the mortgage holder knows its investment, the property, is protected – it’s informal insurance against cancelled policies or delinquent taxes.

Technology escrow is no different. The concept is equally simple and straightforward. It just sounds complicated because of the word technology (or maybe that’s just me). The developer deposits its technology, usually in the form of source code, with a neutral third party to protect the interest of another party, the end-user. The escrow arrangement is the result of a formal agreement like a licensing contract. The escrow deposit materials are stored in a secure media vault as informal insurance for two reasons: (1) the developer’s intellectual property (software) is not compromised; and (2) the end user has the assurance their software can be supported and /or replicated from the source code for business continuity. Technology escrow agreements simply give each party peace-of-mind during the entire software licensing process - Simple.

While my journey is nowhere close to being over, my progress through the technology timeline has picked up speed and now has a life of its own; I am no longer a neophyte. Working with the myriad of technology escrow arrangements has given me a deep respect for all the parties we protect, service and counsel. I am well-schooled in the vocabulary of my “new” world – FTP, 2 or 3 party agreement, gigabytes, executables, build documentation, etc. I can help you encrypt, decrypt or zip your files. As a banker, I worked diligently for my customers to gain their confidence and protect their assets. Ironically, I’m still doing the job I love – except, my tools are .com, .dat, or .net – no more dollar signs. I’ve come a long way, baby.