Hotel California Syndrome: How to Avoid Vendor Lock-in
In The Cloud Security Ecosystem: Technical, Legal, Business and Management Issues, authors Ryan Ko and Raymond Choo write, "The concern of vendor lock-in is often described as the ‘Hotel California’ syndrome. You can check in but you can never leave."
Vendor lock-in happens when you’re dependent on a vendor for products and services, and are unable to use another vendor without substantial switching costs. Which begs the question: What happens when you want to leave – or at a minimum, want to evaluate other providers in the market?
There are a few common reasons we hear when approached by businesses using a competitor’s e-signature service. Often, there is a recurring and severe lack of customer service. Or, there are pricing surprises in subsequent years. The problem is usually fairly significant to merit the time, cost and effort of evaluating and switching e-signature providers.
Oddly enough, another frequent complaint we hear from individual users looking to switch their e-signature service is that they are still being billed, even after the subscription has expired. Watch out for vendors who are repeatedly cited in customer reviews as being difficult to disengage from (hint: check out Yelp or the Better Business Bureau). Credit card lock-in is unfortunately something we come across in the industry.
These are not the only possible reasons, though. Our customers frequently look for two key capabilities to ensure they don’t face vendor lock-in:
- Vendor independent audit trails
- Vendor independent document & signature verification
Vendor independent audit trails
Organizations should have access to data without having to depend on the vendor’s system for access. This type of vendor independence gives you peace of mind – ensuring that your valuable business records remain in your control for as long as your retention policies require.
While most e-signature providers use audit trails to track what happened during the signature process, many of them force you to log into their site to access this information or require that you maintain multiple copies (i.e., e-signed document, audit log, etc.) to prove compliance.
e-SignLive embeds the audit trail directly into the document (with the signature, information about the signer’s identity, location, and the date & time stamp). That creates a portable, self-contained electronic record that is vendor independent. This also ensures portability, meaning you can store your e-signed documents in your own records management system. Not in the vendor’s cloud service.
The record can then securely travel through any email, storage or archiving system without being compromised. When it comes to retention, you are not tied to our system. You can manage e-signed records in a manner that meets your long-term records retention policies. In other words, the e-signed document can be indexed, stored and retrieved easily in the system of your choice (i.e., Microsoft SharePoint, Box, IBM FileNet, DropBox, Google Drive, etc.)
Vendor independent document & signature verification
Have you ever wondered how you can use digital signatures to see whether a document has been tampered with? With e-SignLive, you, your customers, auditors, etc., do not have to come back to our site to verify the validity of any e-signed document. Our open approach enables you to verify document and signature authenticity independent of e-SignLive. Other e-signature vendors like DocuSign and Adobe Document Cloud provide you with a verification link back to their service or simply don’t offer verification options altogether. But what happens if the vendor’s site goes down or if they go out of business?
When evaluating digital and electronic signature vendors, look for intuitive, one-click signature and document verification that doesn’t require you to connect to the vendor’s site. When verifying a document that has been e-signed with e-SignLive – online or offline – all you need to do is simply click the signature block. This opens the audit trail within the PDF and automatically verifies both signer authentication and document validity. It’s that simple.
What do you think?
Are these legitimate concerns? I’d love to hear your opinion. If you’re new to e-signatures and looking for a vendor that doesn’t lock you in, I invite you to try our quick demo to send yourself a test document and experience how easy it is to e-sign.
 The Cloud Security Ecosystem: Technical, Legal, Business and Management Issues, Chapter 10, page 214