Analysis: How the Cloud Can Solve Security Problems
In a handful of cases, customers will ask Tenzing to include a clause stating that it will conduct annual SAS 70 and ISO 27001 audits for the duration of the contract. Fougere says the company conducts such audits as a matter of course.
Due Diligence with a SaaS Contract Worth the Effort
Customers finding limited room to negotiate can take their deliberations upstream-that is, investigate SaaS contracts upfront and determine which one best fits the organization's needs.
The whole premise of SaaS is to take advantage of a...standardized set of services and, as a result, [vendors] aren't going to be that flexible to individual contract demands," Kaplan says. As a consequence, Kaplan suggests that prospective SaaS buyers shop around, examining standard contract terms across multiple vendors within a given SaaS category.
Analysis: What You May Miss If You Don't Read a SaaS Contract
Smaller SaaS providers require additional due diligence, since a large company could acquire such a vendor and change its product direction, D'sa says. "Unless they are a commodity service that can be replaced very easily, it becomes a warning flag to review in much more detail."
In addition, customers should also consider how tightly to link such providers with in-house systems. SaaS offerings that are not closely integrated with a customer's code or business process may be more readily replaced if the service doesn't work out or the customer finds another vendor with a more compelling feature set, D'sa explains.
Tools for data export/import and migration become a key issue during vendor-switching decisions, he adds, and need to be taken into consideration upfront if there is a possibility of such events.
Alex Bewley, CTO of uptime software, finds that most people tend to click right through the approval part of the company's terms and conditions. Larger enterprises, on the other hand, may fire over their master agreements.
The enterprise stipulations, however, may result in some odd scenarios, Bewley notes. To wit: the company's uptimeCloud SaaS offering monitors a customer's Amazon Web Service usage and costs. The terms of the customer's master agreement may go well beyond the terms they accepted from Amazon. Pointing out that discrepancy causes customers to take pause, he says.
Sign up for CIO Asia eNewsletters.