Why should Software Developers embrace Source Code Escrow?

What is a Source Code Escrow?

Also known as Software escrow, source code escrow is a three-party agreement between a software developer (the depositor), the end user (beneficiary) and the source code escrow vendor. The objective of a source code escrow agreement is to provide comfort to the end user that if the software developer is unable or unwilling to support the software, the code can be released to them. For software developers, the source code escrow agreement would be set up to ensure the ongoing maintenance and continuity of the software while protecting the intellectual property (IP) of the software developer.

Under a traditional on-premise software agreement, the client, usually a larger company requests for the application’s source code and documentation to be deposited with a trusted third-party source code escrow vendor. Source code escrow is often seen by software developers as a necessary evil to secure a large account and to provide their clients with comfort that if they end up in bankruptcy or a serious failure in service, an independent party has a copy of the source code, database or operating environment.

However, from our experience in speaking with thousands of software developers, we have identified what has frustrated them with their past experience with other source code escrow vendors to learn how to improve their overall experience and to turn source code escrow into a painless process.

• Unlimited automated deposit process – in a world of automated deployment, software developers find the manual deposit requirements of some source code escrow vendors antiquated and inefficient. To overcome this potential headache, they should choose a source code escrow vendor who can provide unlimited automated deposits from unlimited Git repos integrating the source code deposit into the software development lifecycle.
• Streamlined Sales cycle –Source code alone will not usually suffice for most applications being placed into escrow. A common frustration amongst software developers is being sold an escrow product by sales representatives that don’t fully understand the technologies they are tasked with selling. Software escrow vendors need to acknowledge this frustration and ensure that all sales representatives have extensive knowledge and understanding of the leading cloud hosting vendors and third-party integrations. They should aim to keep their initial call to a maximum of 20-30 minutes with a proposal following the same business day.
• No delays in the legal review process – a source code escrow agreement usually needs to be reviewed and agreed upon by three parties. Developers and their clients often amend the agreement to meet their specific requirements which then needs to be approved by the source code escrow vendor. Delays in the review process and the inflexibility of the source code escrow vendor often causes frustration with the developer and their beneficiary client. This was identified as a major pain point and by having an internal legal department, red-lined agreements are usually turned around by the next business day.  In addition to this, the source code escrow vendor should provide as much flexibility as possible as long as certain parameters are met. In this way, they can facilitate agreements rather than becoming another hurdle to overcome. Escrow London provides a variety of free template agreements which can offer a great starting position when negotiating the perfect source code escrow agreement.

• Remote and timely verification process– verification is an independent test to provide assurance to the beneficiary that the deposited code or SaaS environments can be rebuilt and deployed in the event of a trigger. During a verification exercise, the developer will need to demonstrate the build process to the source code escrow vendor. Escrow London aims to minimise the time required from the developer for verifications. From our experience, verifications should be performed remotely by using video conferencing and the verification consultants should be empowered to keep the time required from the developers to an absolute minimum. For repeat verifications, the same consultants (wherever possible) should perform the test to ensure that no new knowledge transfer is required.

In conclusion…

There are many advantages why software developers should embrace a source code escrow agreement and in summary here’s why:

• Highest level of information security and data protection – Source code escrow vendors understand that a software developers source code is their “crown jewels” and it should be protected accordingly. Investing in a source code escrow agreement will ensure the highest level of information security and data protection for your software.
• Provide assurance – investing in a source code escrow agreement will ensure piece of mind to your customers that if you ever go out of business or can not support the software anymore they are protected. Providing this level of assurance by offering a source code escrow agreement will enable you to gain more customers.
• Evolution of software – Using the services of a source code escrow vendor can help give the software developer the ability to continue with the development of their software while reducing the chance of any damage or disruption to their company.

##

This article was written by Evan Lever, Co-Founder & CEO, Escrow London

Escrow London explains the use cases and benefits of source code escrow for software developers and how to choose the right source code escrow vendor.