Securing Your Escrow Deposit In Four Simple Steps

In light of the considerable rise in security breaches we have witnessed over the last 12 months, security has become a major concern amongst businesses. This is especially evident when it comes to suppliers as organisations rigorously evaluate new suppliers and review their current suppliers in order to meet increasingly strict standards to trade more effectively and securely.

At SES we have always been committed to investing heavily in information security measures. We demonstrate this by holding ISO: 27001 certification for Information Security Management Systems to demonstrate that we have identified the risks, assessed the implications and put in place systemised controls to limit any damage to the organisation. In addition, we only work with partners who hold this level of security. This means that no matter where you are in your journey with SES, or the service you’re using, your data is always protected with the highest levels of security. 

With that and our commitment to transparency in mind, here are the four simple steps we take to securing your Escrow deposits. 

Step 1 – Your developer deposits source code and data to SES through a secure SSL connection. 

Traditionally, depositing source code to your Escrow agent was performed using physical media. Although SES do still accept physical media deposits, we do not recommend this method of depositing, not only due to the cost but also as they are insecure and can easily be lost in transit. 

To offer a more secure solution to our clients, SES has developed an efficient online source code depositing facility which uses 256 Bit SSL Encryption. This has enabled us to offer a high frequency depositing strategy to our clients, significantly increasing the protection their Escrow agreement delivers. The depositing facility is not only highly secure during its transfer, but far quicker than physical media deposits and transfers can be scheduled from anywhere in the world.

Step 2 – SES conduct validation testing on the deposit. 

As standard, SES perform Basic Validation testing on all Software Escrow deposits. This fundamental level testing not only ensures the deposit is virus free, but also that in the event of a release, the source code material is accessible.

For applications that are business critical, bespoke, highly customised and/or revenue generating, SES strongly recommend Remote Code Validation as the minimum level of protection, ensuring that the source code and data can be deployed and rebuilt into a working application upon release.

Step 3 – Transfer to List X compliant storage facilities. 

Our customers Escrow deposits are then transferred to one of Iron Mountain’s List X compliant storage facilities. To prepare for transit, deposits are locked in secure transit cases which are then placed inside a lockable safe within the transit vehicle. 

Iron Mountain use a fleet of unmarked vehicles which are deadlocked, satellite tracked and double skinned to maximise security in transit. 

Step 4 – Secure storage at one of Iron Mountains off-site storage facilities. 

Iron Mountain’s secure storage facilities are purposely designed with security in mind. They offer: 

• Off-site cold storage – Deposits are stored offline in cold storage, inaccessible and unhackable.
• Security – Inclusive of construction, perimeter security, entry security, interior security and security planning.
• Fire Safety – Preventative measures with proven fire-safe construction and dependable water supplies.
• Environmental Controls – Comprehensive environmental conditions that safeguard your records from the elements.

If you are interested in finding out more about how Software Escrow agreements can benefit your business and the levels of security SES offer as standard with all our protections, please click here to enquire and one of our specialists will be in touch shortly.

© SES Secure Limited and ses-escrow.co.uk, 2020. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk, with appropriate and specific direction to the original content.