SaaS Contracts

Document Sample
SaaS Contracts Powered By Docstoc
					SaaS Contracts
Best Practices
What is SaaS? (pronounced “sass”)
• SaaS = “Software as a Service”

   – Wikipedia : ―a model of software deployment whereby a
     provider licenses an application to customers for use as a
     service on demand‖
SaaS: Customer/Vendor Relationship
• ICN: “SaaS contracts may […] create highly
  dependent relationships because the Customer is
  relying on the Provider and its expertise.‖

   – NB: This dependency can begin with low dollar value
     contracts – well below the $25k threshold, sometimes below
     the $5k threshold, where departments may acquire as “Best
SaaS: What’s the Big Deal?

Gartner: “Although SaaS solutions often cost less
  initially and may have lower switching costs, they
  often include hidden costs and risks and require
  different kinds of contracting protections from
  traditional licensing arrangements.”
SaaS is not a Mature Model Yet
• ICN: “The SaaS industry is evolving and
  terminology across providers is not
  standardized. Therefore the customer is
  advised to clarify and define all contract
  terminology, rights and obligations, and
  solution/technical specifications in the
  negotiation of any agreement with a
  SaaS provider.”
SaaS: The License
• Time Restricted, “non-perpetual‖
   – Different from traditional software licenses

   – No residual usage rights when the contract expires

       • Traditional perpetual software license: you can continue
         running the version of the software you had when the license
         ended (no support, though)

       • SaaS: When the contract expires you have nothing (and they
         often have you over a barrel)
SaaS: A Rental Agreement
• When you „buy‟ SaaS you aren‟t
  „buying‟ anything
  – ―Renting‖ some other company’s software
    and I.T. services

  – At the end of the contract, you own nothing

     • Maybe not even your own data
        – Watch carefully for this in your contract
SaaS: At the End…
• Typically you will be obligated to return all
  proprietary software, documentation, etc.

• Make sure you get to keep enough so that you can
  read or otherwise deal with the data that is yours and
  that you have a legal right to retain at the end of the
  agreement. (a flat file with no ability to read or
  interpret it does you no good)
Gartner: Key Contract Areas
• Setup costs

• Uptime guarantees and penalties

• Locked in or escalating discounts for incremental

• Storage fees

• Data ownership

• Business continuity protection
Other Caution Spots
• Customization Costs

• Training Fees

• Integration Fees

• Pilot Periods

• Information Security *

• Exit Strategy

* Have your Information Security Officer review
SaaS: Have an Exit Strategy
Whenever you sign a SaaS
contract you should have an
exit strategy BEFORE your
pen ever hits the dotted line.
I.e., what are you going to do when your relationship with
this vendor ends?
SaaS: Use Based Pricing
• Many SaaS vendors purport to offer utility pricing
   – (similar to electric companies: you pay only for what you use)

• Often this is false
   – i.e., when you purchase more subscriptions than you use

   – Don’t over-commit to subscriptions.
       • Start with the least # of subscriptions possible
       • Negotiate ―volume bands‖ that allow you to buy incrementally
         at lower prices when you reach higher volumes

• Avoid―Shelfware as a Service‖
• A Note About SaaS “Subscriptions”

• SaaS vendors often call their licenses


• Except in unusual cases, SaaS “subscriptions” may
  not count as “subscriptions” in the sense of PRO-E-4
“Subscriptions” ?
• You may find that you already have departments that
  have purchased SaaS ―subscriptions‖ without your
   – Perhaps because they already know that ―subscriptions‖
     don’t require a bid or an RFP

• Be wary of eager end users who want to rush through a
  SaaS contract as a ―subscription.‖
   – Vendors know and take advantage of this…
Up-time Guarantees
• Make sure this is in the contract

• Reasonable = 99.5% to 99.9% up-time guarantee

   – 99.5% up-time = 3.5 hrs down-time per month
   – 99.9% up-time = 45 minutes down-time per month

Gartner considers 45 minutes per month (= 9 hours per
  year) to be best-in-class availability.

[Make sure Contract includes Penalties for failure to
Suspension of Service
• Most vendor ―boilerplates‖ say that the vendor can
  suspend service if the payment is more than 30 days

• Make sure you negotiate for continuation of service in
  the event of a dispute.
   – Vendors will be reluctant to do this, but insist
   – Otherwise vendor has too much leverage in the event of a
     dispute over payment
Information Security
• Legally: Whatever laws apply to your data
   – YOU (not the SaaS vendor) are still legally responsible for
     any data confidentiality, privacy, integrity or regulatory
       • HIPAA

       • FERPA

       • PII

       • Your own institution‟s Information Security policies

       • Sarbanes-Oxley

       • GLBA (consumer financial info, including 401k, etc.)
SaaS: The new “dot-com”
• Be WARY—

  – SaaS is an extremely inexpensive business to start

  – SaaS providers can spring up that are (literally) a
    couple of guys (or gals) with a server in their

  – OR … they can outsource that to a 3rd party
     • WHERE is that 3rd party located (Nigeria? China?)

  – They can also disappear at the drop of a hat.

Cyber Handcuffs
Cyber Handcuffs
• SaaS contracts that start out < $25k can rapidly grow

  to be > $25k, which will put you in a bind:
   – Campus may already be heavily invested, far more than the
     dollar value of the SaaS contract.
       • Web interfaces – customization

       • Training

       • Business processes

       • Marketing strategies

       • Print Brochures / Documents

       • Data flow / storage
Cyber Handcuffs
• Deliberate marketing strategy in the SaaS market

   – Provide complex functionality quickly and inexpensively

   – Aggressively market to end users, who know full well that
     buying traditional software to do the same thing would
       • take longer

       • cost more up front

       • require a longer paperwork trail, more meetings, more
         approvals, more bureaucracy, etc.

• Vendors use these selling points deliberately
Case Study
• Hypothetically….

Suppose a campus Admissions office begins using a
SaaS vendor for its Admissions processing.

Perhaps it even initially pays with a P-Card for a
“subscription” that is under $5k

The vendor cheerfully provides many customizations
„free of charge‟ [such a deal...] (before it starts
charging to make them actually work and integrate with
your other applications)
SaaS Handcuffs
When the “subscription” exceeds $5k/year, the
Admissions office contacts the Purchasing Agent and
asks for a P.O.

Perhaps because it is a “subscription” it is approved by a
busy Purchasing Agent

But the price charged by the vendor for the basic $aaS
“subscription” increases rapidly each year until it
exceeds $25k.
SaaS Handcuffs

Admissions tells the Purchasing Agent it would be far
too difficult and costly to switch vendors (and pay for all
those customizations) at this point – and it would.

Or would it?

(Morning mental calisthenics: How many different
  problems can you spot in this Hypothetical Scenario?)
• No two deals are the same,       • Understand the supplier’s
  even for the same piece of         chosen cost metrics and their
  software                           impact on total cost
• Remember you are licensing       • Negotiate all potential costs
  access to functionality not to   • Apply caps to cost increases
  a product                        • Involve your I.T. department
• Understand the business          • Check with I.T. or Legal
  requirements and plans             regarding Information
• Never forget – it’s all about      Security terms that need to be
  the data                           in the contract
• Plan for growth – understand     • Plan an exit strategy, for
  the total potential user base      cause and for convenience
  and transaction volumes
• Match the BCP and SLAs to
  business requirements

Shared By: