Operational guarantee: a sales booster and a symbol of trust

According to a Gartner study published in August 2015, business applications are moving inexorably towards the Cloud and SaaS. Global growth in the applications market in 2015 is estimated at 7.5%, and is expected to reach $149.9 billion. The majority of spending is going towards modernising, expanding or replacing desktop or business applications with cloud software or SaaS services.

This transformation heralds new modes of consumption based on usage, often driven by young companies, the main vectors of innovation. The business model of these players is based on multi-year contracts. This mode of consumption is not without risks for customers, and it is important to identify their precise fears in order to position ourselves better. To complement this understanding of the context, and to break down the barriers to sales, exaegis, the Digital Rating Agency, has developed a solution enabling publishers to establish a climate of trust with their prospects. This solution, known as the "operational guarantee", ensures continuity of service until the end of the contract in the event of failure on the part of the publisher. Backed by the operational guarantee, the robustness of the publisher's offering is reinforced by a system combining legal, technical and financial skills. This ensures the confidence needed to close deals and speeds up the sales cycle.

See all software Audit & Statutory Audit

The reluctance of major accounts to adopt SaaS

The main obstacles to SaaS adoption felt by large companies are manifold. The first relates to the supplier's intrinsic capabilities in a number of areas that are crucial to business continuity. Security comes to mind first. From the inside, a CIO participates in the deployment of a security process, and knows exactly what efforts and skills need to be deployed to properly secure an IS. They are therefore naturally reluctant to delegate responsibility for all or part of their IS to a third-party supplier. In today's security environment, there is an abundance of different types of attack, and data security is a constant concern for IT Departments. Consequently, the context is not conducive to such delegation. When it comes to business continuity and recovery, IT Departments are also aware of the effort required and the cost of BCP and DRP operations. Your prospect will not want to sacrifice these efforts on the altar of SaaS.

The second obstacle is the long-term viability of the SaaS provider, especially if the structure is not very long-established. Adopting SaaS sometimes requires a cultural change on the part of IT Departments, the main barrier to which is trusting a supplier, not just on the basis of product information, but on the basis of information about its long-term 'service capabilities'. From purchasing a licence and a product installed on their infrastructure, with which they are autonomous, they are moving towards complete outsourcing: data, applications and administration services. The failure of a SaaS provider can therefore be synonymous with the loss of sensitive data, operating losses due to service interruptions or failure to recover from a disaster.

Added to this are the takeovers of rival publishers with the aim of killing off the competitor's solution. This kind of situation leaves the customer with no means of controlling the deadline for migrating to the new solution. CIOs are aware of this difficulty because of the history of software publishers, but the impact of this situation in the case of SaaS is quite different, and can lead to legal deadlock, leaving the customer completely powerless.

Reversibility is also a concern for publishers. The cloud gives the illusion that you can move from one cloud to another or from one CRM to another. This illusion is on the way to becoming reality, but in the meantime, customers are sensitive to the format of the data if they want to change provider. The adoption of SaaS is therefore accompanied by new policies for internal control of data protection practices and data backup and recovery.

How to ward off objections and give your prospects confidence

When selecting a SaaS service, the criteria reviewed by key account buyers and CIOs, apart from price, will be those mentioned above.

As far as security is concerned, your prospects may be demanding about the processes deployed by the publisher, and at the extreme will impose a SOC II or ISO27001 security standard. These very demanding standards are costly to obtain, and address very broad issues that are sometimes outside the scope of your prospects' concerns. The Truxt label, developed by exaegis and designed to address Cloud and SaaS issues, enables software publishers to demonstrate that they meet the minimum requirements expected of a SaaS publisher. The Truxt label alleviates any apprehensions about security, among other things, and does not oblige the customer to commission a supplier quality audit with an audit firm (external auditor) or with an internal auditor. During the pre-sales phase of the solution, Exaegis makes itself available to certified customers to explain the control points deployed (financial audit, accounting audit, internal audit, external audit) and the results.

With regard to reversibility or continuity of service, the operational guarantee operates on behalf of the publisher's customers to demutualise the Saas environment in a secure environment, to segregate data, and to legally ensure the reversibility of the application source code in the event of the publisher's failure. The environment is reproduced on a secure environment on which exaegis carries out validation tests to ensure that it is working properly throughout the contract and when updates are made. In this way, the customer, without owning the intellectual property of the software, acquires the rights necessary to use the solution on its own behalf, and only for the duration of the contract.

With regard to financial sustainability, the monitoring mechanisms deployed by exaegis will keep the publisher's customers informed of the publisher's level of financial risk based on market indicators, indicators from the publisher's regular accounting and financial audits, financial information and e-reputation. Exaegis acts as a trusted third party between the publisher and its customers. It exchanges monitoring data with the publisher and absorbs the effects of 'raw' communications from financial institutions and statutory auditors (unpaid debts, payment behaviour, publication and certification of accounts, privileges with social bodies). Public accounting information is put back into the publisher's operational context, and exchanged with the manager, so that clients can be given an objective account of it. Depending on the indicators resulting from this monitoring, the effort required to recover data from the secure exaegis environment will be greater or lesser in order to manage the risk of failure by taking a proactive approach to reducing the impact of failure for the customer.

The penultimate link in the continuity chain, transition in the event of failure, consists of deploying the isolated solution with a "Backup Service" provider selected by exaegis from among the population of certified providers to operate, administer and carry out corrective maintenance, within the framework of the initial contract and its duration. This transition is handled by exaegis and includes a migration / commissioning / go-live! plan.

Finally, the operational guarantee is supplemented by a financial guarantee mechanism, in the event that exaegis is unable to ensure continuity of service. This financial guarantee currently amounts to €15m.

See all software Audit & Statutory Audit

Default: how does a taboo subject discussed openly become a differentiator?

It's never easy to talk about failure when you're at the helm of a start-up or SME and you're aiming to achieve great things. Yet key accounts are vigilant about the disappearance of, or dependence on, a supplier, especially when they are dealing with a start-up. Key accounts are under pressure to outsource innovation, and innovation is becoming a criterion of governance for major groups. In this context, adopting an operational guarantee means showing that you have thought of every scenario, including your own demise; backing up your offer with an operational guarantee is proof of good management.

What's more, the operational guarantee is designed specifically to address the barriers to SaaS adoption. The guarantee protects both the service provider in terms of intellectual property, and the effects of negative 'raw' information that every company may face; and protects the customer by putting in place a system for isolating the solution on behalf of the customer, which can be reused at any time to deal with difficult failure situations.

The publisher benefits from exaegis' experience in structuring and operating a Saas solution, since exaegis' challenges in these areas are legitimately those of a publisher. As a result, the publisher has an operational and financial guarantor who is committed to working alongside it to ensure the successful conclusion of multi-year contracts.