Just a few short months ago, COVID-19 forced businesses across the country to shut their office doors with little warning or preparation. Offices shifted overnight from the “normal” in-person workday, to the “new normal” – working from home and connecting through a multitude of technologies. Time was of the essence. Companies scrambled to purchase new software products and cloud-based subscriptions, increase their current licenses, and purchase new equipment, but in the rush to virtually connect their employees and continue servicing their customers, businesses may have overlooked critical risks.

What technology products were being licensed at the same time by the company’s different business units, affiliates, and IT teams? Which employees have the rights to use which software products? What are the company’s rights under these new agreements? What are the security risks? What do the contracts actually say?

As companies consider how to implement the next phases of the “new normal” with both in-person and virtual work environments, this is a good time to assess current and future needs, and contract terms and conditions. Actions taken now can protect a company for years to come.

Internal Technology Assessments

• What software products were licensed during the past six months in response to COVID-19?
• Prepare a comprehensive list of all software (server and cloud) products licensed across the entire enterprise over the past year.
• What licenses have been purchased but not deployed? Are there additional licenses available?
• Can recently licensed cloud products replace older software products?
• Which employees are using which products? Are there internal authorizations in place?
• Is there overlap among products that have been licensed during the pandemic?
• Are all currently licensed products necessary for the “new normal” when some employees will return onsite?
• Assess security measures implemented to address working from home. Are they adequate?
• Assess firewall.
• Has new equipment been purchased or leased? Is there overlap? Have current leases expired?

It is advisable for technology legal counsel to work with the company’s IT group during the technology assessment to review current software licenses, SaaS agreements, and technology purchases and leases to assess agreement terms against the company’s IT findings. Key issues for contract review include:

Technology Contract Assessments

• Has the company increased its volume and license usage? Is there opportunity to renegotiate volume pricing and offset against additional or new purchases?
• Are there multiple agreements in place with the same vendor? Can agreements be subsumed? Is there an opportunity to negotiate a more favorable master agreement?
• If different offices or business units licensed the same products without consultation, are there inconsistent agreements? Do certain agreements contain more favorable terms?
• If there are overlapping agreements, or the company has entered into multiple vendor agreements for competing products, what are its termination rights?
• If the company has entered into agreements with competing vendors, which products are preferable? Is there leverage to require competition for better agreement terms upon expiration?
• How are support and maintenance delivered? How have the products performed during the crisis? If there have been issues, has the vendor been responsive?
• For cloud products and services, what are the vendor’s uptime policies? If the online software is unavailable, does the company receive any remedies? What are its risks?
• What are the vendor’s security policies? Have there been issues? Have other companies reported breaches? Has the vendor been responsive? What are the company’s rights and obligations in the event of a security breach?
• Do the agreements contain vendor audit rights? If so, are they enterprise-wide? How frequently may the vendor conduct audits, and what are the company’s potential liabilities?
• Does the company have the right to conduct its own audits of the vendor?
• What warranties and indemnities does the vendor offer? Is liability capped? Is it mutual?

Assess Now; Protect the Future

Companies that conduct IT and legal contract assessments during the “new normal” phase and over the following months have the advantage of discovering potential IT and contract issues before they cause harm. In addition, vendors may be more amenable to amending their contracts and pricing while they are also readjusting their business models and seeking revenue. While it may seem that the best course of action during the crisis is reaction, now is the time to be proactive. Assessing current technology and corresponding contracts will allow companies to efficiently use and pay for the technology they have already licensed, to better plan for their future needs, and to adjust the most problematic contract terms to protect the company against future damages and liabilities.