Migrated your business-critical software to the cloud?

Understanding the risks of cloud-hosted software.

---

If you have moved your software to the cloud, it does not de-risk your dependence on third-party software vendors. Rather, with cloud-hosted software, the risks and dependencies are increased, and a little more complex.

We need to understand what these risks are in order to mitigate them appropriately.

When your business-critical software is hosted on-premises (ie, on your own servers somewhere in your own building), the risk is: your supplier disappearing, leaving you with unmaintainable orphan-ware. Meaning that, when it goes wrong, without access to the source code, you are not able to fix it, and the lights go out on the business processes reliant on that software.

In these circumstances, an escrow arrangement would provide a release of the professionally verified source code, which would enable the update and maintenance of the software until an alternative arrangement can be made.

In the past five years, we have witnessed an ever-increasing tsunami flow of software into ‘the cloud’.

This means that the workforce accesses the same application but the application is no longer hosted on internal servers; now, it is hosted on a server in a location remote from your office building. It could be next door, or eastern Europe or wherever. Often the location is unknown.

In this environment when the software supplier runs into trouble, our experience shows that one of the bills that goes unpaid is the invoice for hosting the application in the cloud – ie, they stop paying the rent to the cloud service provider (eg, AWS, Azure, Google Cloud). Unpaid, that service provider shuts down the service.

Once again, the lights go out, but with cloud hosted software, you don’t limp along until the software breaks, you lose access to the application instantly.

Additionally, your access to the data generated by the business activity on that software is locked up.

Even the downsides are multiplied with cloud-hosted software.

Imagine your online banking app stops working:

• Clients are unable to pay creditors.
• Clients cannot pay staff salaries.
• Customers cannot buy their favourite cuppa on the way to work!

1. Revenue loss
2. Reputational damage
3. Lost market share
4. Irate customers
5. Regulator fines

An escrow arrangement for cloud-hosted applications must address the operational requirements for ensuring that your interests and investments in your business-critical cloud-hosted application are properly protected.

ESCROWSURE continuity arrangements for cloud hosted applications are implemented on the basis of ‘keep-the-lights-on’ by providing for continuation of application hosting and takeover of administrator functions in the event of an emergency.

The four benefits of SaaS escrow

This ESCROWSURE SaaS escrow service includes four unique benefits in that it provides the end-user with the following

Continuity of hosting services: Secure payment to the hosting service to ensure uninterrupted service.

Access to environment: This is secured for all interfaces in order to keep the lights on. This usually includes login credentials and administrator access to the hosting environment.

Maintenance

Software updates: maintenance involves keeping all software components in the hosting environment up to date, including: operating system, web server, databases and third-party dependencies.

Configuration management ensures the proper configuration of servers and services to ensure optimal and secure performance.

Source code: A copy of the source code is deposited and verified as a backup.

Reduce the risk of SaaS with SaaS Escrow today

The risks associated with cloud-hosted software are significantly more severe than those presented by on-premises software. Effective risk mitigation in both instances requires a carefully consultative approach in order to craft a bespoke solution that addresses the specific challenges represented by each individual software environment.