The majority of organisations are heavily reliant on 3rd party software owners to develop and maintain their business critical applications and business process tools.
To protect these applications, many organisations turn to Software Escrow protection as it provides the mechanism for these end users to legally access a copy of their source code in the event that their 3rd party software owner is no longer available to continue with development and support of their application.
To ensure that the source code held under the Escrow agreement is accessible and virus free, SES provide Basic Validation Testing on all Escrow deposits as standard. However, this entry level testing does not enable SES to provide tangible assurances as to the complete or accurate nature of the source code contained within the Escrow deposit, or the integrity of any build documentation that the software owner may choose to deposit.
In order to provide independent build documentation and evidence your source code and other supporting material held under each Escrow agreement compromises a complete and usable deposit, SES has developed a series of Source Code Validation Testing options.
The first of these – Remote Code Validation Testing – Involves the licensor rebuilding the application is their own environment. The SES testing consultant witnesses a full rebuild of the application via a secure remote connection and documents the entire process. (If required – this process can also be conducted on-site at the licensors premises.)
The independent report compiled by the SES testing consultant, coupled with the audio and visual recording of the build enables you or an Alternative Supplier Provider (ASP) of your choice to accurately redeploy your software application in the event of a release.
However, if you don’t possess the correct environment or the in-house technical expertise to redeploy your application, what can you do?
Like Remote Code Validation, Complete Code Validation involves an SES testing consultant witnessing the licensor complete a full rebuild of the application and compiling an independent report to document the entire process. However, an additional benefit of the Complete Code Validation is the mock release event conducted on the licensees environment which demonstrates that the build documentation is sufficient to rapidly redeploy your software application in the event of a release.
For more information on the substantial benefits provided by SES’s further validation options and the assurances they can provide, please get in touch and one of our specialists will get back to you within one business day.
© SES Secure Limited and ses-escrow.co.uk , 2019. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk , with appropriate and specific direction to the original content.