What is software escrow?
The essence
In essence, software escrow is an agreement between three parties: the supplier of the software, the user of that software, and a Trusted Third Party as neutral custodian, the escrow agent Softcrow. Softcrow keeps the source code (and any data) of the software in SecureStorage. Not for daily use, but as a safeguard.
That safeguard becomes relevant if the supplier falls away, through bankruptcy or because it ceases the agreed service for another reason. In that case the user, as beneficiary under the escrow agreement, can request the deposit. This allows them to keep using and maintaining the software, solely for their own use.
Why is it needed?
If you use software, you depend on its supplier. With on-premise software the application runs on its own servers, but the source code stays with the supplier. As long as the supplier is around, there is nothing to worry about. But what if that changes? The software may still run, but maintenance, changes and further development are no longer possible.
Without escrow you have no access to the source code, nor the right to use it. For organisations that rely heavily on their software, that can hit hard. And if the supplier goes bankrupt, you stand at the back of the queue as an ordinary creditor: in practice you are left with nothing.
Escrow solves this. You not only gain access to the source code, but also the right to maintain and develop the software yourself or have it done. Escrow belongs in your IT risk management: you arrange it in advance, well before you need it.
What does Softcrow take into escrow?
That depends on the service. With Software Escrow we take the source code of the software into escrow. With SaaS Escrow we also take the customer data and a description of the SaaS infrastructure. With CloudSecure® it goes further: there we safeguard the continuity of the entire cloud service, through a legal structure that is set up specifically as part of the agreement.
All deposits at Softcrow are end-to-end encrypted (E2EE): the supplier encrypts before delivery, Softcrow stores only encrypted files, and the beneficiary decrypts on release with the key received from the supplier. Softcrow does not hold the key. That is not a side note: it is the core of our neutrality as a Trusted Third Party.
What makes Softcrow different?
Softcrow is a zero-knowledge escrow provider: the supplier encrypts client-side, we never receive the encryption key and therefore have no access to the contents.
- End-to-end encrypted (E2EE) and zero-knowledge: Softcrow never has independent access to the contents of a deposit
- No judgement on the contents: we are custodian, not auditor
- Legally watertight: the deposit does not form part of the bankruptcy estate
- Available as a tripartite agreement or as a collective agreement
- Insight for all parties involved via the Softcrow Dashboard
Want to know which form of escrow fits your situation?