Chances are your business already has one (or several) active contracts for software that’s not installed on any of your local or cloud-based servers. That software isn’t installed on individual laptops or mobile devices either. In fact, you don’t own a license to the software at all. You pay for it on a subscription basis, and you’re not buying the software itself; rather, you’re buying access to the vendor’s service via the SaaS, or software as a service, model.
SaaS contracts are ubiquitous these days. Many modern services are only available on a SaaS basis, such as these:
If you want to use these services, you’ll have to do so through a SaaS contract. Before you sign on the dotted line and entrust your data to a SaaS vendor, you should know the answers to a few critical questions. Will you maintain ownership of your data? Will you be able to access it when you need it? Will the vendor adequately protect the security and privacy of your — and your customers’ — data?
Let's check out six specific concerns that you should evaluate as you decide how to contract with SaaS providers. First, though, let’s consider some of the advantages — and a few of the disadvantages — for businesses using SaaS platforms.
Businesses enjoy many advantages with SaaS providers, including these:
Smaller businesses may also find that SaaS vendors are better equipped to provide top-tier security measures and redundancies like an emergency backup or a disaster-readiness plan than the business itself would be.
Of course, businesses also face a few downsides with SaaS contracts. For one thing, because the business never owns a copy of the technology it’s using, it has to keep paying for it to use it. That also raises substantial concerns about how the business’s data is managed once it’s entered into a SaaS platform. And some SaaS contracts are one-size-fits-all, leaving the vendor in complete control of the terms of the agreement.
Let’s take a closer look at six specific considerations to be aware of when entering a SaaS contract.
If you’re considering implementing a SaaS technology, ensure any contract you sign protects your data and gives you control over it.
But wait: didn’t we just say you may be at the vendor’s mercy regarding the terms of a SaaS contract? Yes, but you don’t have to sign the contract or use the software if it doesn’t protect your business and your data.
Here are six areas of concern you should pay particular attention to.
As with any contract for services, you need to fully understand the scope of the service the vendor is agreeing to provide. What exactly are they promising to handle? In addition to a clear statement of the features and functions you’ll be able to use at your plan’s price, you should also know these things:
The access question is a particularly thorny one. How will your employees be able to access your business’s data once it’s in the platform? Will you be limited to one or two authorized users, or can you have any number of employees accessing your data?
Looking from the other side, will the vendor’s employees be able to access or read your data? What controls will limit their access to it? Will your data be encrypted both at rest and in storage? Will the vendor be allowed to share your data with third parties? Will your data be used to train an artificial intelligence system?
Closely related to the issue of data access is the question of data ownership. Make sure that you maintain full ownership of your business’s data and any intellectual property it contains.
You should also understand what will happen to your data at the end of your contract with the vendor. Be on guard for contracts that do not allow you access to your data unless you continue paying for the service. We’ll discuss contract termination and service transition in more detail below.
When you use a SaaS platform, you’re relying on the vendor to safeguard your data. Don’t entrust your business’s data — or your customers’ data — to a vendor unless you are certain that the security and privacy of that data will be stringently protected.
Evaluate the software provider’s security measures by asking about physical barriers such as locked doors, security badges, and trained guards who have passed background checks as well as technical barriers like data encryption, firewalls, and regular virus scanning. Verify that access limitations like user authentication protocols are in place. Find out how often the vendor audits its systems and tests its security. How has it performed in recent tests?
If a security breach were to occur despite these precautions, confirm that the vendor will promptly notify you.
Finally, don’t overlook data privacy protections. Be mindful of where your data will be stored. Ask whether the storage jurisdiction implicates any additional privacy laws or regulations that you will have to navigate, such as the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA). Will you have additional compliance burdens due to the need to transfer data across borders?
Storing massive amounts of client data can get expensive fast. How long will the software provider retain your data? Find out whether you will be able to institute a legal hold to preserve data for litigation or a regulatory inquiry and what you will need to do to implement that hold.
Additionally, find out what happens when data ages out of the vendor’s retention period. How will the vendor destroy it? Will you have an opportunity to extract your data prior to its destruction?
Service level agreements (SLAs) establish the performance standards the vendor agrees to meet. These should include the following:
Don’t stop with the vendor’s SLA promises, though. Find out what remedies you’ll be entitled to if the vendor doesn’t meet these obligations.
Pricing can be a double-edged sword with SaaS contracts. While these pay-as-you-go services often promise a lower, fixed price, they also offer scalability — and overage charges can add up fast. Make sure you understand how often you’ll be billed, how much you’ll pay for additional services, and how many authorized users — at what level or levels of access — you’re paying for.
SaaS contracts offer considerable advantages for businesses. Just make sure you know how to contract with these vendors by using our checklist of key considerations before you dive headfirst into the contracting process.
Ready to see how easy contract management in the cloud can be? Sign up for a free demo today to find out how the LinkSquares Cloud revolutionizes contract management.