SaaS On A EULA? Get Some New Pants!

SaaS on a EULA? Get Some New Pants!

A good contract is like a good pair of pants. When the pants fit right and look good, you wear them all the time and hardly notice them. But if they’re too tight, you won’t buy them and if they’re too loose they fall down and leave you exposed. And if they’re just wrong – like trying to pair hockey pants with a suit coat – nobody knows what to do with you.

As more and more software companies deliver SaaS instead of software CDs, why do I still see so many EULAs? They aren’t quite as bad as hockey pants with a suit, but I’d say they approach wearing hockey pants for skiing. Yes, they’re warm and in the winter sports category but they leave a lot of bare leg and have way too much unnecessary padding.

First let’s talk about the fundamental differences between licensed software and SaaS. One is a right to take a copy of some technology to your home or office, install it on your computer and use it all by yourself (or with the other users in your company). Your data stays with you. The other is a service provided by a vendor which allows you to input and review data that is processed somewhere else. No software is delivered. No copies of technology are made for the users. But your data is processed and stored outside of your computer.

So, one is a license – a right to get a copy and use IP – and the other is a service – that processes and stores information. They really are different pants even if software is involved in both.

The legal community has done a good job of drilling the importance of protecting IP into software developers. Yes, intellectual property rights are what make that wonderful technology valuable. Tie them up tight in your license agreement, use license keys and other mechanisms to control users and audit them to make sure they aren’t proliferating without paying.

But do you know the best way to protect IP? Don’t share it. Don’t let anyone see it or get a copy. In other words, use it to deliver a service: SaaS. No license is required when IP isn’t shared (There go the huge pads on the hockey pants). And granting a license for IP that isn’t delivered could result in the unintended requirement to deliver it (Those pants fall right down around the ankles).

The legal community hasn’t done a good job of advising SaaS users of the risks of losing control of their data and the means to process it themselves. SaaS customers under a EULA don’t get any assurances about how the vendor will protect their data (Those hockey pants are too short for the slopes). They don’t know what kind of backup procedures the provider has or how to get their data back in a meaningful format. Because the contract won’t address data issues at all, it doesn’t even say that the client owns its data (Get me some ski pants!).

In summary, my last pants analogy: if you’re selling SaaS with a EULA, get some new pants.

By Cindy Wolf

Cindy Wolf is a Colorado lawyer with more than 25 years experience representing large and small domestic and multinational companies. Her expertise is in helping companies enter the cloud safely, either as providers or users. She also practices in the areas of corporate law and commercial contracting, with an emphasis on international issues. She can be reached at cindy@cindywolf.com.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

The Future Of Cloud Storage And Sharing…

The Future Of Cloud Storage And Sharing…

Box.net, Amazon Cloud Drive The online (or cloud) storage business has always been a really interesting industry. When we started Box in 2005, it was a somewhat untouchable category of technology, perceived to be a commodity service with low margins and little consumer willingness to pay. All three of these factors remain today, but with…

3 Keys To Keeping Your Online Data Accessible

3 Keys To Keeping Your Online Data Accessible

Online Data Data storage is often a real headache for businesses. Additionally, the shift to the cloud in response to storage challenges has caused security teams to struggle to reorient, leaving 49 percent of organizations doubting their experts’ ability to adapt. Even so, decision makers should not put off moving from old legacy systems to…

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing infrastructure. The many perks of cloud services, such as the ability to quickly scale resources without the upfront cost of buying physical servers, have helped build a multibillion-dollar cloud industry that continues to grow each…

Disaster Recovery – A Thing Of The Past!

Disaster Recovery – A Thing Of The Past!

Disaster Recovery  Ok, ok – I understand most of you are saying disaster recovery (DR) is still a critical aspect of running any type of operations. After all – we need to secure our future operations in case of disaster. Sure – that is still the case but things are changing – fast. There are…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Once upon a time, only a select few companies like Google and Salesforce possessed the knowledge and expertise to operate efficient cloud infrastructure and applications. Organizations patronizing those companies benefitted with apps that offered new benefits in flexibility, scalability and cost effectiveness. These days, the sharp division between cloud and on-premises infrastructure…

The Security Gap: What Is Your Core Strength?

The Security Gap: What Is Your Core Strength?

The Security Gap You’re out of your mind if you think blocking access to file sharing services is filling a security gap. You’re out of your mind if you think making people jump through hoops like Citrix and VPNs to get at content is secure. You’re out of your mind if you think putting your…

Adopting A Cohesive GRC Mindset For Cloud Security

Adopting A Cohesive GRC Mindset For Cloud Security

Cloud Security Mindset Businesses are becoming wise to the compelling benefits of cloud computing. When adopting cloud, they need a high level of confidence in how it will be risk-managed and controlled, to preserve the security of their information and integrity of their operations. Cloud implementation is sometimes built up over time in a business,…