Tuesday, June 17, 2008

Best Practices for the Suspension or Termination of a SaaS Customer Account

No one wants to predict the failure of the relationship between a SaaS provider and customer. But much like a pre-nuptial agreement helps to quickly and fairly resolve the end of a marriage, a good up front contract helps ensure that both parties are fairly treated when a SaaS contract terminates. For this to work, the contract must have a well defined and fair set of terms for unwinding the relationship that works for both parties and minimizes business disruption. This blog entry proposes a set of rights for both customer and provider to use when establishing the contract terms.

This blog entry is a result of my analysis of a number of SaaS contracts. I covered the analysis in my previous blog entry. Note that I am not a lawyer, just an amateur contract sleuth so please engage a professional when working on your contracts.

SaaS Customer Bill of Rights

Other authors have created full blown Bill of Rights for SaaS customers. For example:

This blog entry is more focused. I am proposing rights that apply to both customer and provider when an account is on its way to being terminated.

Termination Rights for the Customer

I propose the following rights for customers whose account is being terminated:

  • Right to Business Continuity - customers rely on their SaaS products to conduct their business. Therefore, the provider must not have the ability to just terminate the customer's account without warning. A process must be in place to give ample warning before an account is terminated.
  • Right of Data Ownership - the customer must be able to extract their data upon termination, regardless of cause. The format of the extracted data should be as lossless as possible.
  • Right to Walk Away - the customer has the right to discontinue use of the service at the end of their contract. By exercising this right, they don't relinquish their other rights.

Termination Rights for the SaaS Provider

I propose the following rights for the provider that is terminating the account:

  • Right to be Paid - if you read about the SaaS business model, you will discover that cash flow is a major issue for the provider. Providers must carefully manage incoming cash and outgoing expenses. Anything that disrupts the predictability of the business will create major problems. Therefore, the SaaS provider has the right to expect timely payment, perhaps months in advance. If the customer fails to honor this right, the provider can quickly move the account into a suspended state.
  • Right to Protect the Service - if a customer account engages in malicious behavior or violates terms in the contract, the provider has the right to protect their service. In cases where the account is causing ongoing harm to the service (Denial of Service attacks), the provider must be able to immediately suspend the account. For less urgent issues, the provider should provide an appropriate warning before suspending the account.
  • Right to Fire a Customer -  businesses need to adapt to changing markets, and sometimes this means adapting or discontinuing products that aren't successful. For customers that no longer fit the profile of the business, the providers need to be able to discontinue their relationship with these customers. However, this process must honor the customer's right to business continuity.


Further Discussion

Hopefully each of these rights are obvious in their benefit. A couple demand more discussion.

Data Deletion - Where is the Mechanic's Lien?

Most Terms of Service assert that the customer owns their data. I am no lawyer, but ownership appears to be full legal ownership, like you would own a car or a house. See Netsuite's ToS as an example, but a clause like this is seen in almost every contract:

"Customer Data shall at all times be considered the property of the Customer."

However, some ToS documents allow the provider to destroy that data without providing the customer a copy in cases where the account is terminated for breach of the terms or failure to pay. This does not appear to be fair to the customer (as the SaaS provider is the prosecutor, judge and jury in this decision), and is inconsistent with physical property law in the U.S. (intl folks bear with me, I am focused solely on U.S. law here).

For example, if you don't pay a carpenter that performed work on your house, that carpenter does not have the right to burn your house to the ground. Instead, there is a process called the Mechanics Lien that requires the tradesman to pursue the money through a legal process, and he cannot harm the property in question. You could argue that data does not carry the same legal rights as physical property, but at least in some jurisdictions the law appears to treat data the same:

It seems that if a provider destroys their customer's data they open themselves to some legal liability. On the other hand, perhaps expressly reserving the right to destroy the data in the ToS alleviates the liability for the provider?  Is it worth the risk of finding out?

Regardless, destroying a customer's property is not a good business practice. Providers should treat the data like any of the customer's physical property. It should be returned undamaged because it legally belongs to the customer.

Business Continuity

Some Terms of Service allow for immediate termination of a customer's account with or without cause. In others, short periods of time like 30 days is all the notice necessary before the customer can be turned out. For mission critical applications, this is troublesome.

I feel there are a couple of key principles here to consider.

  • For no-cause terminations, the provider must provide as much advanced notice as it will take a typical customer to migrate to a new service. For services with high switching costs, this will be a period of many months.
  • For cases where the customer is in violation of the contract, the account should move into a suspended state before termination. This allows the customer to remedy the violation before the account is terminated. Suspensions are reversible, terminations are not.

These two principles are not widely implemented, but are critical in order to provide the customer with fair treatment.


Negotiate your Customer Contract

These listed rights are all well and good, but they won't likely appear in your contract by default. The contracts I have seen are largely skewed in the providers' favor because they were written by the providers. As a customer, I feel it is worth your time working towards more favorable terms. As shown in this blog entry, don't forget to negotiate the exit terms in the contract to ensure a viable migration when the time comes to end the project.


Technorati Tags: ,,,

Thursday, June 12, 2008

The Good, Bad, and the Ugly of SaaS Terms of Service, Licenses, and Contracts

Did you read your contract carefully before signing on with your SaaS provider? This blog entry shows you why it is important. Mixed in with some good stuff are some bad terms, and even down right ugly terms of use. Some vendors assert full rights to use and sublicense your private data! That's right, for the privilege of using their SaaS application, you throw in the rights for the use of your private data. Caveat Emptor!

The Analysis

This blog entry is a roll-up of an analysis I did of the Terms of Use for 8 different SaaS products. The products varied widely - some for the enterprise, others for the consumer. What the analysis showed is that there is little consistency across the legal documents governing the use of these services. It also showed some alarming terms that some of the sites demand.

I have picked out just the highlights to present here. The full analysis is available for download at the end of this post, but I warn you, it is quite boring.

Notice: I am an employee of Oracle, but this blog does not represent the views of my employer.

The Good

The following are the bright spots in the collection of ToS:

  • Netsuite: there are reports that this company has onerous licensing practices, but I see no evidence that. Of the 8 contracts I reviewed, Netsuite's is by far the best written and the most consumer friendly. They have the best data retention policies and termination procedures.
  • Boomi, Netsuite, Taleo: offer warranties for the various aspects of their systems, and not just "as-is". (see Boomi item 6.1, Netsuite section 3, Taleo item 11)
  • All but Concur: all of these services affirm that you own the data that you upload. This is key. However, there are a couple of vendors that reserve too many rights to use your data, see below.
  • Boomi, Coghead, Netsuite, Salesforce, Taleo: these companies indemnify the customer in cases where the application is found to infringe on a 3rd party's IP, and the customer is sued. Taleo is the only vendor of the 8 that does not demand to be indemnified in return from someone suing them for your use of the system.

The Bad

The following are terms that you should be wary of when entering into a service contract. Try to negotiate better terms:

  • Box.net, Coghead, Concur, Salesforce, Taleo, Zoho: these companies have contracts that can change at any time without any notice. In a way, this could be the ugliest line item of them all because the company could write in whatever nasty thing they want. But I will leave it at "bad" until one of the companies does something evil with it. (see Box.net item A, Coghead item 6.2, Concur item 8, SFDC item 21, Zoho item Mod ToS)
  • Salesforce, Taleo: have a line item that allows the company to advertise your name as a customer, merely by signing up for a paid account. Customer references should be earned, not mandated. (SFDC item 1, Taleo 7.1)
  • Salesforce: prohibits direct competitors from using the Service. But at the rate SFDC is expanding offerings, will you become a competitor tomorrow? For example, anyone that offers software development tools became a competitor when they launched force.com. (see SFDC item 2)

The Ugly

The following is the list of contract terms that are unacceptable. I would not recommend using the following services unless you negotiate better contract terms. [Update:to be clear, I don't think these companies are out to do evil, I am merely sounding the alarm to their contract terms]

  • Box.net: [Update: Box.net has fixed this issue in their contract, by narrowing dramatically the scope of their rights to your content] by uploading content that you own to this service you are giving Box.net an irrevocable license to use, copy, create derivative works of, sublicense, etc etc of your content. Think about that. The only redeeming argument is that this contract is for personal, not business use. But they put this item in there for a reason - why? Imagine uploading your personal pictures and then seeing one in the next promotional campaign for Taco Bell. This could happen because Box.net has the right to sublicense as they wish. (see section D)
  • Coghead: if Coghead terminates your account, you have just 2 days to send written notice to request your data. Otherwise they can permanently delete all of your data. What's the rush? (item 7.3)
  • Concur: (caveat: this is the Trial license, which can only be assumed to match closely the production license) has the most worrisome contract as it relates to your data. It is the only one that has no explicit line to indicate that you still own your data (filed business expenses, in this case). But it does have a line saying that Concur has an irrevocable right to use that data - this includes your personal data and financial info! Why is this in the contract? This seems quite broad for data that is of utmost sensitivity. (see item 5)

Links to the Terms of Service

The following is a list of links for you to inspect the contracts for yourself:

Box.net http://box.net/static/html/terms.html

Boomi: http://www.boomi.com/application/Boomi+Master+Subscription+Agreement-Online.pdf

Coghead: https://www.coghead.com/user/register?plan=Pro

Concur (Trial license): http://www.concur.com/register/Concur-Expense-Trial.php

Netsuite: http://www.netsuite.com/portal/pdf/tos.pdf

Salesforce: http://www.salesforce.com/company/msa.jsp

Taleo: http://www.taleo.com/solutions/licensing-terms.php

Zoho: http://www.zoho.com/terms.html

Raw Analysis

The following link provides you with the spreadsheet I built while analyzing the licenses. The spreadsheet contains the list of common license clauses with pointers into the documents on where to find those clauses.

What it shows most of all is the lack of commonality across all of the licenses. Each document has a lot of variance.

Download: SaaS "Terms of Service" Analysis Spreadsheet

Account Suspension/Termination and the Deletion of Data

I found that the process by which accounts are suspended (reversible) or terminated (irreversible) wildly inconsistent and mostly incorrect in my opinion. Because termination is also coupled with data deletion, this process needs to be well understood and incredibly fair to the consumer. My next blog entry will focus on this part of the contract, and establishing a reference workflow.

Thursday, June 5, 2008

How Oracle, IBM, SAP, Microsoft, and Intuit are Responding to the SaaS Revolution

In my previous blog entry, I discussed the possibility of a software giant failing to adapt to the SaaS revolution. I used the history of DEC as an example of how a highly successful company could miss a major shift in the market and capsize. This blog entry is a reference guide to what each of the major software vendors are doing in the SaaS space. I won't be sensational and predict the demise of any of these vendors. I think it's far too early to tell how the future will pan out.

I can say subjectively that I am impressed with Larry Ellison's pioneering efforts in the space. I can also say that SAP is currently the media whipping boy in the space, with delays in their Business ByDesign program costing them credibility. But this revolution is far from done, so let's not waste time trying to speculate the distant future.

Note: I am now an employee of Oracle, via the BEA acquisition




Larry Ellison, Oracle's CEO, has be talking about on demand software for a long time (10 years I believe), so it is clearly on his radar. In fact, he was an investor in both Salesforce and Netsuite, showing his belief in the business. Charles Phillips, Oracle President, has also spoken to the topic.

Larry and Charles Phillips have articulated a strategy on how Oracle can deliver SaaS and retain its focus on its core market (large enterprise). Larry does not intend to make a major push into the lower end of the SMB market.

Current SaaS Initiatives:

Oracle supports the following SaaS initiatives:


Critics have primarily focused on the lack of end-to-end multitenancy in the On Demand business. The argument is that Oracle will not be able to provide a cost efficient solution unless the entire stack is multi-tenant.

Further reading:




At an architectural level, Microsoft is promoting an S+S model, instead of a pure SaaS model. S+S stands for Software+Services. The idea with this is that Software as a Service is most useful when pared with local software (like Office). Microsoft obviously has a major incentive to make sure desktop software is not left behind in the SaaS world, so this makes for good strategy. Whether consumers will buy into it is another matter. See the weaknesses section below for more on this topic.

Current SaaS Initiatives

The following is a selection of  the SaaS offerings from MSFT:

  • SaaS On-Ramp Program - aids ISVs in building out SaaS solutions
  • Microsoft Online Services - its businesss applications ondemand offering
    • Hosted versions of Exchange, Sharepoint, and LiveMeeting
    • Dynamics CRM Live - hosted version of the Dynamics CRM offering
  • Windows Live - a family of hosted offerings for the small business/consumer
    • Live Mesh - touted as a SaaS solution, it currently is just a file synchronization service
    • Messenger (IM), Windows Live ID, Virtual Earth, Search, Spaces (blogs), and Gadgets
  • Architect Center - provides architectural guidance for ISVs
    • Lead by Gianpaolo Carraro and Fred Chong
    • Have produced a SaaS reference application, LitwareHR
    • While some of what they write is MSFT centric, most of the articles are generally applicable
    • As an architect myself, I admire the work that they do

There are more services listed here, but not all are really SaaS.


Critics contend that Microsoft will struggle to succeed in the SaaS market while preserving its existing franchises. It already stumbled with its business model when a European partner began offering Office as a service:

Its Office franchise is already being eroded by service based offerings (Google Apps, Zoho, Adobe, etc). Somehow it has to prevent Office revenue from being decimated by pure SaaS players.




Searching for interviews on SaaS with IBM's CEO Sam Palmisano or VP of Software Steve Mills does not bring up much of interest. This is a bit alarming, remembering the lessons from my previous DEC  post. Of the 5 major software giants covered here, IBM appears to have the least amount of executive mindshare for SaaS.

I am not the only one who sees this: Larry Barrett wrote an entire article analyzing IBM's apparent sluggishness when it comes to SaaS. While I don't see a high level business strategy, IBM has embarked on some SaaS initiatives, covered in the next section.

Current SaaS Initiatives:

IBM has these intiatives:


As Larry Barrett noted, IBM doesn't appear to be aggressively pursuing the SaaS model. Sure, it has some initiatives going, but for the size of IBM those initiatives seem undersized.

Also, Jeff Nolan has pointed out that IBM lacks the business apps necessary to execute on an effective SaaS strategy.

Further reading:




SAP CEO Henning Kagermann helped launch the major SAP SaaS initiative: Business ByDesign which is a hosted version of several of SAP's traditional heavy weight business applications. The intent was to target SMB, but due to problems in execution that strategy may be changing. It also plans to be a SaaS hybrid, with some on-premise software in the mix.

The bright spot for SAP and SaaS comes from its acquisition of Business Objects (BOBJ). BOBJ was already offering Crystal Reports at the time of the acquisition, and appears to be a healthy business.

Current SaaS Initiatives

SAP has three major initiatives:


By far the biggest perceived weakness with SAP is its failure to execute on its much publicized SaaS release (BBD). Critics point to the major delays (possibly 24 months) as a sign that SAP's applications are a poor fit for the SaaS model. Worse, SAP validated the concept to its customers but failed to deliver, providing key advantage to competitors like NetSuite.

  • Loraine Lawson: SAP’s SaaS Is Dead. Long Live SAP’s SaaS.
  • Dennis Howlett: SAP Business By Design likely to be delayed

    Further reading:




    CEO Brad Smith isn't the most vocal about SaaS, but his company is doing the talking for him. Intuit is clearly pushing the SaaS model, with major product offerings already available. The strategy appears to be simple: offer online equivalents of their product suite:

    Current SaaS Initiatives

    Intuit offers the following products as SaaS offerings:


    I haven't seen any weaknesses other than stiff competition. The space Intuit plays in will become crowded, with Netsuite and Intacct already delivering SaaS, and Sage likely to become a contender as well.


    Technorati Tags: ,,,,,

    Tuesday, June 3, 2008

    How to Survive the SaaS Revolution: Learning from the Death of DEC

    The story of Digital Equipment Corporation goes something like this: it rose to power in the 60's and 70's by being an industry leader in minicomputers, competing against IBM which was pushing larger mainframes. DEC was a powerhouse of innovation and grew impressively to become the number two hardware vendor. However, the 80's saw DEC struggle because it missed a fundamental shift in the industry - the rise of the personal computer. This struggle eventually led to its demise - in the 90's the company succumbed and was acquired.

    Today, large software vendors are being faced with a revolution of their own - the rise of Software as a Service (SaaS). SaaS has the potential to be as disruptive to the software industry as the PC revolution was to the hardware industry in the 80's. I don't think SaaS will necessarily produce the exact same results with the software industry, but I do believe that it shows what could happen. It demonstrates that even giants can fall.

    This blog entry focuses on a single article from the NYTimes in 1983 which shows an interesting snapshot of DEC in the midst of failing to adapt. This will lead to a larger lesson about what software companies need to do to avoid the same fate.

    Note: the views in this blog are my own opinion, and do not represent the official position of my employer.


    The Demise of DEC - a Failure to Adapt

    I was not even in high school 25 years ago when the following story was published in the New York Times. Older members of the blogosphere have more context into what was going on, but I think the article provides a great glimpse of a computer giant a few years before its downfall. Some of the quotes are shocking in hindsight, as you can see the disaster unfolding in the words of the company president.



    Author: Leslie Wayne

    Published: September 4, 1983

    Note: the bold text is mine, and the text in quotes is from the original article.


    Setup for the downfall, the giant stumbles:

    "Digital, one of the stars in the computer industry, has stumbled into tough times. After nearly two decades of almost 30 percent annual growth of sales and profits, Digital reported a 32 percent earnings drop, to $284 million, for its 1983 fiscal year, which ended July 2, the first such drop in 12 years."

    because the giant is late to invest and deliver on the next industry revolution:

    "Particularly troubling has been Digital's lateness in entering the explosive $5 billion personal computer market. The delay reflects the company's careful and methodical approach to doing business - an approach that some say is inappropriate in an industry where being first with new products is becoming increasingly important. Never before has Digital had to rush a new product to market and, given its size and slow planning cycle, it did not do so with its personal computer. This, critics say, has been a mistake."

    while its former profit centers are eroded by the maturing industry:

    "At the bottom end of the market, Digital is being squeezed by the growth of personal computers that can do much of what the larger minicomputers can do - and for a lot less. Thus, Digital must defend its position in the maturing minicomputer market with an aging product line, while making inroads into personal computers and office automation, markets where others have already established beachheads. It is uncertain whether the revenues to be gained in these new areas will offset declines in the old."

    Decades of prior success may not help the giant:

    "Digital gained a reputation as a sophisticated engineering company making high-quality products for scientific and technical uses and for such office functions as payroll accounting and data processing. (Mainframes, by contrast, are used for large, complex computations and huge information storage.)"

    and may actually hurt because the same strategies don't play in the new market and it is blind to the danger:

    "Mr. Olsen [Digital company president], who presided over the 10-day show, is far more optimistic about Digital's prospects. ''Things have never been better,'' he said in an interview at the crowded Digital show in Boston's Hynes Auditorium. ''I've never been as happy with our products as now, and even though there's been a slight drop in earnings, we've had no layoffs. I see no real problems with our business" ...

    Moreover, he is not concerned about Digital's lateness in getting into personal computers. ''We're sticking with the same old strategy, even though it doesn't look too exciting,'' he said. ''We may be the last kids on the block, but we wait until we have a better product.''

    Product development is not enough, the entire culture must adapt:

    "Digital's difficulties are compounded further by the fact that its essential personality has been that of a company dominated by engineers who sold to engineers and let the technical razzle-dazzle of the machines do much of the selling. Unlike many companies, the Digital sales staff is on salary, not commissions, a practice that Mr. Olsen defends as bringing in higher yields per salesman."


    Lessons to be Learned

    Important take-aways from the article, all of which are pretty obvious but are important to list explicitly:

    • The Chief Executive must take the lead in proactively addressing the shift
      • Revolutionary change must be supported by the top leader
      • Denial is unacceptable: ''Things have never been better...''
    • Leadership must formulate and execute on a good strategy
      • Hopefully something better than: "We're sticking with the same old strategy.."
    • Respond in a timely and effective manner, or risk being shut out of the new market
      • "Digital's lateness in entering the explosive $5 billion personal computer market..."
    • Old revenue streams may decline
      • "Digital is being squeezed by the growth of personal computers that can do much of what the larger minicomputers can do".
    • Internal cultural changes may be necessary
      • "Unlike many companies, the Digital sales staff is on salary, not commissions"

    Counter examples of DEC include these established companies, which all responded to the PC revolution during the same time period with better results:


    How Disruptive is SaaS?

    In hindsight, we know that the PC shift was an enormous change in the way people interacted with computers, and a massive market opportunity for computer suppliers. Will SaaS be as disruptive to the software industry? Many believe so, as do I, but only time will tell. Instead of selling the vision, I will offer a number of links that will help you come to your own conclusion:

    But please understand that disruption does not mean on-premise software will go away. Just like mainframes still crank away in basements everywhere, on-premise software will not go away any time soon, if ever. Disruption in this case means that I believe SaaS will take a significant market share next to on-premise software. I will leave it to the analysts to predict the actual market sizes.


    Looking at the Software Giants of Today

    Remember that DEC was once the second largest computer company on the planet. By the late 90's, after years of struggle, what remained was acquired by Compaq. What does this mean for today's software giants:

    • Oracle
    • IBM
    • Microsoft
    • SAP
    • Intuit

    Is it possible to determine if one of these giants is on the way to destruction? According to Bob Warfield's recent post, Salesforce Headed for Siebel’s Fate?, put all but IBM in the dead pool (IBM gets a free pass because they also have significant hardware and services businesses) . Bob states:

    "All good things come to an end, especially for software companies.  Very few live through a paradigm shift of any consequence."

    Bob does great work, but I think this statement is far too pessimistic. Software vendors have been living through constant revolution - since the mid 90's we have seen major waves of change in the software industry:

    • Java
    • Internet
    • Free Open Source Software
    • SOA
    • Social computing
    • Dynamic languages
    • and now SaaS

    Software companies have learned to adapt. For example, free open source was supposed to kill all software product businesses, but vendors are still seeing growth (e.g. Oracle DB revenue still growing). As for SaaS, each of the giants have initiatives underway. Some are having more success than others, but I think it is too early to draw any long range conclusions.

    As an Oracle employee, I am happy to see that Larry has been heavily involved in the space (including personal investments in Salesforce and Netsuite), and that multiple initiatives are already being delivered with success.  SAP has stumbled recently with delays in the Business By Design program, while IBM, Microsoft and Intuit seem to be making some progress.

    Which of these giants will pull through, and which will fail? Check back here in 25 years for the definitive answer.


    Technorati Tags: ,,