When setting up an Escrow agreement to protect hosted applications, ensuring you can retain access to the most current version of your application data should be your number one priority. Some Escrow providers seek to assist you with this by offering a financial monitoring service that monitors the developer to ensure they are keeping up to date with supplier payments and requests an emergency deposit from the developer in the event any payment irregularities occur.
SES however don’t offer this method as we don’t believe this is best practice when used as part of an annual deposit (or low number of deposits) Escrow strategy. In addition, in the unfortunate situation your developer is battling to avoid entering administration. Their priorities are focused on trying to keep their business afloat and it’s unlikely they will spend their time fulfilling requests for emergency deposits.
As the data changes so frequently, SaaS applications can become outdated very quickly. Should the request for an emergency deposit be unsuccessful, this would leave the licensees with an Escrow release which is outdated, irrelevant and would invalidate the intended protections of the Escrow. Even in the unlikely scenario the developer could fulfil your request for an emergency deposit, there are no assurances as to when they will be able to do this, and the data could be redundant by the time you receive it.
Fortunately, SES has devised an effective alternative for protecting SaaS applications which mitigates the need for ambiguous emergency deposits. SES provides all of our SaaS Escrow customers with a frequent and consistent depositing strategy as standard.
This frequent depositing strategy includes unlimited deposits of application data (up to 100gb as standard) and can be scheduled to occur as often as the data changes (daily, weekly, monthly etc). These deposits are automated and can be scheduled to occur at periods of low traffic, ensuring that whatever happens, you always have access to the most accurate version of your application data without having to rely on the uncertain nature of an emergency deposit strategy. Adopting a frequent depositing strategy guarantees that regardless of what happens, you will always have access to the most recent version of your data, whenever you need it.
Ideally, all Escrow deposits should also be proven and tested to ensure that the source code and data held in Escrow can be accurately deployed into a working application. To do this, SES performs Remote Code Validation which involves an independent testing consultant witnessing a full rebuild of the application and documenting the process, creating what we refer to as a ‘build manual’. This build manual, coupled with the audio/visual recording of the build process, the source code deposit and the most recent version of your application data includes everything you or a third party of your choice would require to accurately redeploy the application in the event of a release.
If your organisation relies on applications which are hosted in the cloud and you would like to find out more about how a SaaS Escrow solution from SES can benefit your business, please get in touch to speak to one of our specialists.
© SES Secure Limited and ses-escrow.co.uk, 2020. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk, with appropriate and specific direction to the original content.