In the first article in this series, we looked at security concerns related to clickwrap and shrinkwrap agreements, used by vendors for mass-market licenses and service agreements. In these cases, no negotiations are involved. If you want what the vendor is . . .
In the first article in this series, we looked at security concerns related to clickwrap and shrinkwrap agreements, used by vendors for mass-market licenses and service agreements. In these cases, no negotiations are involved. If you want what the vendor is selling, you are required to agree to "a one size fits all" agreement, including whatever provisions it contains, if any, that pertain to information security. This type of agreement is typical of the licensing agreements that individual users and small organizations enter into.

This article looks at a situation that is more typical for commercial users, one in which negotiations between vendors and service providers and their users concerning licensing and services agreements are commonplace and expected, and discusses why it is helpful, and usually essential, to have information security professionals participate in those negotiations.

Information technology transactions involve two principal areas: the functionality one party is providing (i.e., the software or services) and what the other party must do or pay to obtain access to that functionality. The basic information technology, whether it is a license or an agreement for services brings together a party that needs to have data transformed with the party that will make that transformation possible for a price or other consideration.

The link for this article located at SecurityFocus is no longer available.