01/16/2018

What is Supervised Compilation

The traditional test compilation of the source code (part of Harbinger’s Level 2 Deposit Analysis) can be a time-consuming exercise. Supervised Compilation occurs when the escrow agent attends the vendor’s workplace, confirms the build environment documentation, observes the compilation of the source code into object code, observes the working object code and then supervises the lodgement of the materials into escrow. Often it is necessary to repeat the compilation process several times if there is discrepancy in the vendor’s build instructions.

Continue Reading

What is the difference between traditional and modern approaches to software escrow?

The practice of escrow can be identified as being either ‘traditional’ or ‘modern’. ‘Traditional’ escrow involves simply placing the software’s source code on physical media and depositing with the escrow agent. The escrow agent does not verify the source code to see that what was deposited was in fact the complete set of source code, associated technical documentation etc. Until recently, most escrow arrangements were traditional in their approach. Custodians such as banks, notaries and legal firms physically ‘held’ a copy of the software source code as a deposit but did not technically verify that the deposit was complete, correct …

Continue Reading

Gartner’s comments about software source code escrow

“It is an insurance policy to make sure you have access to that source code should that vendor no longer maintain that software for your organisation, so this gives you an alternative,” “Inherent to every technology license agreement is a level of risk. Companies that supply and demand technology must adjust to a fast-changing marketplace, and with such uncertainty, precautions are needed. It is very important when setting up an escrow agreement to make sure the contract actually gives the customer the rights it needs in order to maintain that source code.” Securing your strategic ICT Investments – When licensing …

Continue Reading

How do I know if my company needs software escrow?

 You need the protection of modern software escrow if: Your business uses third party software through licence agreements. The software is critical to your daily operations and/or communications. The software application is embedded in other mission critical systems or applications. The software is customised for your business. You use third parties to update and maintain the software. Time to replace the software and implement a similar solution will be longer than the business can operate without it. You would not be able to operate, support and update the software should the owner or licensor fail to support and maintain it.

Continue Reading

What is Level 0 Verification?

Level 0 Verification is also known as a Deposit Validity Review. This is a process that Harbinger undertakes when it receives a deposit from a software vendor. We undertake a series of checks that include: Deposits have been lodged in a timely fashion Materials are up to date (in alignment with the escrow agreement) Media (if applicable) is checked for damage and wear Deposits can be de-compressed (un archived) Encrypted files can be decrypted and the method of encryption is known Deposits are accessible using the appropriate encryption key or password Deposits are free from viruses Sample files are tested …

Continue Reading

What does Harbinger do with the material in escrow after the escrow agreement is terminated?

Termination, destruction and/or return processes differ from agreement to agreement.  The exact details of the process that we will follow when your escrow agreement is terminated is detailed in your agreement. For instance: In the case of Harbinger’s standard agreement: Harbinger will issue a Notice of Termination to all parties (the Vendor and the End-User). The parties must confirm that they all agree with the termination Harbinger waits for the required Notice Period (usually 30 or 60 days) All electronic and physical lodgements are destroyed in compliance with Harbinger’s Data Destruction policy. A digital archive is retained for 5 years …

Continue Reading

What is a “verification reset”

A verification reset occurs when the instructions or components provided by the software supplier are insufficient for the verification programme to continue. At that point, the project manager will refer to the software supplier who will remediate the escrowed material. Verification then commences from the start.

Continue Reading

How is judgment made in relation to ceasation of support/maintenance?

This release event relates specifically to the Vendor ceasing to maintain the Deposit Materials – that being, that the Vendor fails to upload Deposit Materials periodically (in accordance with the escrow agreement) to the Escrow Agent. It does not relate to whether or not the vendor is maintaining the source code (as may be required by a service level agreement).

Continue Reading

Development Plans can change in time. How is this evaluation made? And by whom?

Maintaining a development plan is a Release Alert. It is a responsibility of the end-user to highlight this to the Escrow Agent, who in turn contacts the Vendor. If a Release Alert is not resolved satisfactorily, then this may be escalated to a Release Event. Release Alerts raise awareness that a condition may have occurred that could be a precursor to a Release Event.

Continue Reading

What is Harbinger’s backup and archiving policy?

 Backup and Archiving Policy

Continue Reading