Top UK companies risk downtime through lack of software escrow, warns NCC Group


Top UK companies risk downtime through lack of software escrow, warns NCC Group

Warwick Ashford

Almost half of FTSE350 companies have no software escrow agreements in place, a study has shown.

That is despite the fact that the lack software availability presents a high risk for these companies, which include some of the largest and most highly regulated in the UK.

Escrow agreements ensure companies will have access to vital source code if software suppliers go out of business, get acquired or face legal disputes, but 46% of FTSE350 companies are unprotected, according to research by NCC Group.

Software validation and escrow ensure organisations can continue to maintain and support essential software applications in the long term by storing application source code with an independent third party.

This form of protection allows the user to legally redeploy software in the event that the original supplier is no longer able to provide it.

Although 54% of FTSE350 companies have escrow agreements, most protect only a small percentage of their business-critical software, the study found.

In contrast, most FTSE100 companies recognise the importance of escrow from an audit, compliance and business continuity aspect, with 82% having at least one escrow agreement in place.

Mark Ormerod, group managing director, escrow at NCC Group, said the lack of protection among the wider FTSE350 is extremely concerning, particularly in light of the challenging economic environment and the ever present cyber security threats.

"The issue also appears to be too low on the auditing agenda. Software supplier and availability risks should be established steps in the overall due diligence process, not merely tick boxes that get lost in an auditor's report," he said.

NCC Group saw a 150% increase in source code requests from clients in 2009, compared with 2008, due to recessionary pressures, and merger and acquisition activity within the software supplier community.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy