The Information Age, enabled by skyrocketing smartphone penetration rates in Africa, eventually shows signs of becoming a reality for the continent. And, when it does, the impact on its economies is expected to spark a boom in IT and internet-driven businesses.
Connectivity been the major impediments to this growth for so long, but, as access to the Internet starts to reach a critical mass, these barriers are tumbling; so much so that e-commerce is tipped as the next big thing in Africa.
Businessmen who have identified this opportunity and have decided to enter the market will need to protect their investment in their new businesses.
If the model includes warehousing and distribution, this protection could include fleet, warehousing and distribution insurance. If it doesn’t because they outsource these services, they’ll save. But if both (and other) models think they only need to look after their physical assets, they’re sorely mistaken.
This is the opinion of ITC veteran and software escrow trailblazer, Andrew Stekhoven, a director of Escrow Europe (South Africa).
“Given that IT will form the backbone of these fledgling business, one of the biggest risks they’ll face is business continuity should the e-commerce platform be off-line for any length of time,” he said.
“Most businessmen will be aware of their obligations as far as the physical risks and good governance goes. But even the most diligent might be overlooking a critical aspect of his or her company’s software environment, and as a result inadvertently exposing the business to a high level of operational risk.
“This often-disregarded risk factor hinges on the fact that many companies’ core, mission-critical systems are dependent on software which is licensed from the supplier rather than owned in-house, and therefore subject to conditions or events beyond the licensees’ control.
“Reliance on supplier software may not immediately appear to present a problem but an unforeseen development, such as a change of ownership or strategic priority on the part of the software licensor can have extremely serious, possibly catastrophic, effects on the health of the e-commerce site.
“Business continuity considerations associated with this risk should therefore be a major concern for e-commerce businessmen today. However, software escrow has been put forward by many – including Gartner2 – as is a sound, commonsense approach based on the principle that an ounce of verification is better than a pound of conjecture, to providing cost effective relief and security for a business.”
Software escrow involves the signature of a legally binding escrow agreement between the technology end-user, supplier and an escrow service provider that addresses the following escrow procedures:
* Supplier deposits their intellectual property (IP) with the escrow agent (a neutral and independent trusted third party), for the future, conditional benefit of the end-user in the event of an emergency as defined in the escrow agreement;
* The escrow agent verifies and holds the deposited material in escrow;
* Under specific conditions as set out in the escrow agreement, the escrow agent is authorised to release the material to the end-user, specifically for the purposes of end-user business continuity.
The following is a step-by-step process that should assist businessmen understand escrow and how to ensure their businesses are protected by it:
Determine if your e-commerce application is licensed, and therefore contains technology or intellectual property beyond your control.
If your organisation only runs ‘off the shelf’ software applications, you can safely assume that you don’t need escrow.
On the other hand, if software created by a potentially financially unstable developer impacts your revenue and productivity as well as public safety, etc, you need to consider software escrow.
If you do have software escrow agreements in place, make certain that these will ensure business continuity in the event of a release event or condition.
This is a vital step because research shows that as many as nine out of every ten traditional source code deposits held in escrow are useless. The reason for this potentially ruinous failure is that conventional (or passive) escrow deposits are not verified by technical specialists. The software is assumed to be complete and deployable, but usually there is no check on whether or not this is the case.
An infinitely superior option to conventional passive escrow is the more rigorous active escrow. Here the escrow agent subjects the material on deposit to consistent standards of technical verification, at least once a year, and provides a report which warrants that the deposit contains what the supplier has committed to lodge, thereby providing proper reassurance that it is complete, up-to-date and is most likely to be usable.
If you do not have escrow agreements in place, ask your developer or software provider if they have escrow.
If the answer is ‘yes’, scrutinise the terms and conditions of the escrow agreement and ensure it specifies exactly what you will need to continue to support the application in the event the vendor ceases to exist, and make sure these specifications are adhered to.
If the answer is ‘no’, insist that the vendor and your company enter into an agreement.
Take control of the negotiations.
Make sure you have read and understood all provisions written into the escrow agreement. Ensure that the agreement enables you to access the deposit materials when you need them. Scrutinise release conditions and the release process to make sure that there are no loopholes preventing the escrow agent from completing his task. As mentioned above, active escrow is by far the least risky option to select. Verification testing is a common service provided by most good escrow agents.