You have invested heavily in IT infrastructure, software, and cloud services; and you've found the right provider to help grow your business. That provider has become an integral part of your business model: so what happens if the provider goes out of business? The software, together with the hosting and maintenance services you were relying on are no longer available to you.
There are steps that you can take to avoid much of the fallout if your provider goes out of business.
What can you do to protect yourself?
Due Diligience - identify key software, services, providers: the first step is identifying the software, services and providers that are of critical importance to your business. This may be the provider of your cloud storage service, your CRM system, your payroll system or your email provider. Once identified, you should monitor these providers, in particular, any financial irregularities, significant changes of personnel internally etc., to ensure you are best placed to anticipate an insolvency type event.
Build in Contractual Protections: By way of example, agreements with cloud providers should contain provisions to protect:
- Ownership of data in the cloud: agreements should stipulate you retain absolute ownership of any data held in the cloud to avoid it becoming compromised by an insolvency procedure.
- Back-up data: agreements should provide for regular backing up of data by the provider offline and for you to be permitted access to a copy of the back-up data in the event of a provider going out of business. This can help you rapidly port your data to another capable provider.
- Consequences of Termination/Rights of Step-In: the agreement should provide for what happens in the event of the software provider’s insolvency. For instance, whether there should be rights of step-in, together making clear that the licence survives the software provider’s insolvency (backed-up with escrow provisions as noted below). On this front, there needs to be a careful consideration as to whether and how this impacts on the liquidators role. This is particularly so given that there may well be a question mark over enforceability if such a provision is seen to be depriving the liquidator of assets due under the liquidation.
- Escrow Arrangements: ensure there is a right of access to the source code of important software, together with robust “trigger events” on which source code will be released. Generally, this involves appointing a third party escrow agent and entering into an escrow agreement which ring-fences the source code materials that are to be released on the agreed “trigger events” (which typically would include the software provider undergoing an insolvency type event)
If your IT provider goes out of business, the repercussions can be serious and costly if appropriate steps have not been taken to mitigate this. Businesses should examine their current IT and software arrangements and consider the steps they can take now to try to best manage such risks.