Software Escrow Predictions for 2022: Cloud and SaaS adoption, PRA SS2/21, Ransomware attacks, and more!

Software Escrow Predictions for 2022: Cloud and SaaS adoption, PRA SS2/21, Ransomware attacks, and more!

As we come to the end of the year, it only feels right to start looking ahead and asking ourselves what does 2022 hold for the software escrow industry? From an increase in cloud and SaaS adoption to Escrow London launching a brand-new self-service escrow model, things are looking exciting! So here are our predictions for 2022 and what we think professionals within this space should be thinking about in the year ahead.

Increase of Cloud Adoption, SaaS Applications and Big Data Solutions

There has been a huge shift in cloud and SaaS adoption globally, notably within government, large enterprise and Financial Institutions. The ever-increasing adoption is due to the affordability and flexibility PaaS & SaaS solutions can provide. Just take a look at the Covid-19 pandemic. This forced companies to quickly change their business operations and working patterns, putting greater demand for remote working and applications that allow staff to work from anywhere on any device.

Microsoft recently reported on Q1 2022 that ‘Azure and other cloud services revenue grew 50%. Microsoft’s overall Intelligent Cloud sector grew 31% with $17 billion in revenue reported.’ Amazon Web Services have also seen an increase in their cloud computing revenue and saw a 39 percent growth in its third-quarter.

Data storage strategies have changed in recent times, typically favouring a cloud first approach. We are also experiencing a growing number of requirements for complex, big data solutions (data storage in excess of 10TB) within the cloud. This shift and explosion in data requirements is going to continue for years to come. Companies across all markets are making use of the speed and agility cloud platforms and solutions can provide. As legacy hardware comes to end of life and with the growing availability of IaaS, PaaS and SaaS services, companies are shifting the responsibility of managing the day to day running of hardware to the main public cloud infrastructure providers – such as Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure. Companies are also shifting more responsibility to their SaaS and service providers who typically build and deploy their software on these hyperscale platforms.

As a result, there will be a further need for SaaS Continuity Escrow solutions in 2022 and beyond. Companies are having to find suitable, cost effective and easy to deploy solutions to  mitigate against the risks associated with modern service delivery methods and the growing responsibility of service providers. The software escrow industry will have a part to play and will need to continue to be mindful, educate and create awareness of SaaS escrow solutions to meet the needs of companies now and in the future.

Our SaaS Continuity Escrow Services provide companies with a variety of solutions including; 90 days of live continuity in the event of a software vendor failure, secure deposit of cloud assets required to independently rebuild the SaaS environment, secure access to the cloud production environment in the event of a software vendor failure and assuring access continuity for SaaS applications hosted within a beneficiary’s own cloud tenant that is managed by the software vendor.

Ransomware Attacks Continue to Rise, as does Innovation

In recent news from the BBC, “A cyber attack hit more than 300 spar convenience stores across the north of England with some forced to close doors. The attack targeted James Hall & Company in Preston, Lancashire, which operates Spar’s tills and IT systems.”

According to Gartner, Inc.’s latest Emerging Risks Monitor Report“The threat of new ransomware models was the top concern facing executives in the third quarter of 2021.”

With this increased threat, there also comes a flurry of innovation by various vendors within the escrow space, including a shift to Backup as a Service (BaaS) as part of the extended SaaS escrow offering.

June 2021 saw the launch of Escrow London’s Ransomware Recovery Escrow solution. Under this solution all components that form the cloud environment, including databases, may be backed up to the Escrow London secure servers within AWS, Azure and GCP. As the backup is outside of the software vendors environment, it will be out of sight and reach of hackers. In the event of an attack, recovery of databases or a full SaaS system can be restored from the Escrow London backups.

With ransomware attacks on the rise, 2022 will see a growing number of companies seeking solutions from software escrow companies to safeguard themselves from what could be a catastrophic consequence for their IT environments if not protected.

PRA’s Outsourcing and Third-Party Risk Management (PRA SS2/21)

In March 2021, the PRA published a Policy Statement on outsourcing and third party risk management (PS7/21) and an accompanying Supervisory Statement (SS2/21) which ‘clarifies, develops, and modernises’ longstanding regulatory requirements and expectations applying to financial institutions in this area. Most companies regulated by the Prudential Regulation Authority (PRA) including banks, financial institutions, credit unions, insurance and reinsurance firms, are adopting SaaS hosted applications for many critical applications within their business.

The PRA SS2/21 and PS7/21 polices are aimed at ensuring these regulated companies have robust continuity measures in place for services designated under outsourcing and third party risk management. The new policies come into effect on the 31st March 2022, and is therefore a big topic for our industry right now and in 2022.

SS2/21 highlights escrow as one of the measures that can be put in place to assist with business continuity plans and stressed exits. The PRA advises that “firms’ exit plans should cover stressed exits and be appropriately documented and tested as far as possible.”

In order to comply with the continuity requirements of the SS2/21 policy, financial institutions are investing in SaaS Continuity Escrow solutions to provide a safety net in the event of a critical SaaS vendor failure. Escrow London have been building bespoke SaaS Continuity Escrow solutions for several large PRA regulated banks and financial institutions in the UK to assist with SS2/21 compliance. These SaaS Continuity Escrow solutions meet the stringent standards required to ensure financial institution resilience in the face of stressed challenges such as a material failure of a SaaS vendor.

As for other regions adopting similar regulations in 2022 and beyond, we can only expect Europe, Australasia, South East Asia and the US to shortly follow suit. The Federal Deposit Insurance Corporation (FDIC) whose objective is to maintain stability and public confidence in the United States’ financial system, released proposed guidance offering a framework of sound risk management principles to assist banking companies in managing third-party relationships in July 2021. It stated, “Regardless of the division of control responsibilities between the cloud service provider and the bank, the bank is ultimately responsible for the effectiveness of the control environment.”

Similarly, the Monetary Authority of Singapore (MAS) published their Technology Risk Management Guidelines 2021 for adapting to digital transformation while ensuring continued resilience. The MAS has recognised that with changing requirements over time and a growing threat landscape, there is a need for better and more frequently reviewed frameworks and policies to standardise the approach to risk and security. This applies to both internal development work as well as third party providers. More information can be read in our recent blog here.

NCC Group acquired the Iron Mountain Software Division

A big topic for the software escrow industry this year was the acquisition of Iron Mountain’s Software Escrow Intellectual property management IPM business by NCC Group. 

In a recent article of ours, we discussed how many believed this acquisition would result in a reduction in competition within the software escrow market. However, we believe this will create better opportunities for software vendors (the developers) and end-users (the beneficiaries) to explore alternative software escrow companies and their specialist solutions. We are already seeing former Iron Mountain clients reviewing their alternative options for SaaS continuity escrow solutions and this will surely continue in 2022 and the years to come.

Self Service – Express Escrow Model Launching soon!

Having spoken about the software escrow industry and what we believe are the top trends for 2022, let’s finish this blog on what we as a company are looking to do in 2022.

We are excited to announce that we will be launching a new and revamped Express Escrow model next year. Our new solution will join our line-up of software escrow offerings as an entry level product for developers seeking a simple automated service. This will enable online agreement setup, signatures, payment and management, with deposits either being via Git deposits or SFTP. Payment for our new product will all be online. More details on this will become available to you soon so watch this space!

As you can see, we believe that 2022 will bring with it a plethora of opportunities for the software escrow market. What do you think 2022 trends will be?

About Escrow London

Escrow London is a global software escrow vendor headquartered in the United Kingdom. Our global coverage is provided across our London office, Escrow London North America Inc in Atlanta, and our Australian office in Sydney.

We have invested considerable resources into innovation to reinvent software escrow for a SaaS world. Escrow London provides a range of SaaS Continuity escrow solutions suitable for AWS, Microsoft Azure and Google Cloud Platform hosted SaaS applications. We support a wide range of clients includes major banks, central banks, insurance firms, technology companies and government.