Relationships can go bad—even the relationship with a cloud-solution provider. The agreement you sign with a cloud provider should provide exit procedures your company should follow should the provider fail to meet agreed service levels or should breach any other aspect of the agreement.
That said, an IT manager must be able to control his or her company’s data. In a worst-case scenario, the manager should be able to export all the data, ideally to a form that another provider can import. Managers may want to test that capability before a problem arises.
Vendor lock-in occurs when a provider does not support data export and when the provider may provide a service unavailable through others. The customer is “locked in” to the relationship with the vendor. When this occurs, a company may have to put up with breaches of its SLA because the company has no other place to move its data. Managers should consider the risk of vendor lock-in before they enter into an agreement with a provider.
As shown in FIGURE 12-5, to reduce your risk of vendor lock-in, your SLA should clearly state data ownership and well as your ability to export your data in form suitable for integration into another on-premise or cloud-based solution.
Companies fail. Managers, therefore, should perform due diligence on a cloud-solution provider before they enter into an agreement. If the cloud provider is a small or at-risk company, the manager may want to arrange a source code–escrow agreement, which, as shown in FIGURE 12-6, places a copy of the provider’s programming-language source code with a third-party escrow company. Should the solution provider fail in the future, the company can acquire and deploy the source code on its own systems to implement the provider’s solution.