You’re investigating third-party software support and may have doubts. That’s natural, especially when it involves your vital Oracle ecosystem. Based on thousands of conversations with sceptics, this guide answers the most frequently asked questions using facts, examples, testimonials, and recommendations.
We all know sceptics. Whether family, friends or fellow employees, these doubters question certain topics or are suspicious of just about everything. They may not trust the facts, the source of information, or the people involved. They may fear change.
It’s natural in business to question new ideas and processes, especially when you’re uncomfortable with the unfamiliar. In the best of all worlds, sceptics share their reservations but are also open to explanations that run counter to their positions. If an employee won’t consider another point of view, he is an obstructionist and not a sceptic, which presents a whole different set of issues for your organization!
Alternative software support is not a new fad or innovation. The market has existed for over 15 years, and the top providers deliver award-winning support through experienced teams and established processes. Gartner has recognized the importance of the market and publishes an annual Market Guide for independent third-party support.
Here at Spinnaker Support, we often speak with sceptics of third-party support. After all, it’s very different from Oracle’s traditional support model. Our most productive conversations with prospective customers often begin with a healthy dose of scepticism. Questioning the fundamentals usually drives a more open discussion and eventually leads to more informed and satisfied customers.
We know that sceptics want straightforward, honest, and fact-based answers. With all that in mind, we created this Sceptic’s Guide, which addresses 15 of the most frequently asked questions – ones that you may have as well. Throughout this guide, we offer more resources and recommendations to help you determine if third-party Oracle support is a good fit for your organisation.
If you are a third-party sceptic, this guide is for you. If you’re not a sceptic yourself but have one or more on your team, please share this guide with them. You will find additional advice at the end to help win them over.
If you mention third-party support to Oracle, they will gladly mention that Oracle has been embroiled in multiple lawsuits with another third-party support provider (the details of this are easy to research online). Oracle actively litigates for competitive advantage, and your contacts are likely to insinuate that alternative support may not be legal.
In fact, court documents from these suits and a research paper published by Gartner affirm that there is no legal reason why a third party cannot provide vendor replacement support for Oracle customers. Executives from Oracle have publicly acknowledged that third-party support is legally viable, as long as the intellectual property (IP) rights of the software publisher are respected and observed.
So, when it comes to legal risk, you’re right to have some skepticism because not every third-party vendor follows the same policies. Since its inception in 2008, Spinnaker Support has delivered Oracle support the right way to over 1,200 customers. We understand precisely what practices and processes have been deemed unlawful and have always taken great precautions to deliver support that observes and respects Oracle’s IP rights.
When assessing vendors, set aside time to discuss how the firm’s processes and practices conform to Oracle’s IP and copyright requirements. For example, every process at Spinnaker Support is ISO-2001:2015 certified, highlighting our strong commitment to transparency and quality management principles. We have proven that third-party support is a safe alternative to Oracle-provided support.
Archiving is the download and storage of relevant software and data that a customer is legally entitled to while paying Oracle for support. Once created, your archive exists as a searchable library on your network that includes licensed, uninstalled upgrades, patches, and related materials. Going forward, you are permitted to retain, access, implement, and use the archived material.
Through recent litigation, Oracle has banned a larger third-party support vendor from creating archives because that vendor has repeatedly used processes that violated Oracle’s terms of use. Spinnaker Support recognizes the restrictions set by Oracle and other software publishers, respects the publishers’ rights, and has created hundreds of successful and safe archives using our ISO 9001:2015-certified archiving approach. We save our customers hundreds of hours in processing time and the cost of hiring additional resources to create an archive. (You should never have to deal with a primary vendor that sub-contracts such a valuable service).
To be clear, the archive created by the Spinnaker Support team only contains the specific information you were legally permitted to download as a support customer. In this way, we provide a high-value service that protects your organization while also fully adhering to the software publisher’s – Oracle’s – intellectual property (IP) rights.
You’re investigating third-party software support and may have doubts. That’s natural, especially when it involves your vital Oracle ecosystem. Based on thousands of conversations with sceptics, this guide answers the most frequently asked questions using facts, examples, testimonials, and recommendations. Read on to answer your questions about updates and security. Then, unlock the other sceptic topics to get answers to many more questions!
Oracle is proud of its 40+ years of delivering software support. But that service is not what it was even a decade ago. Longtime Oracle customers have seen Oracle support devolve from what was live, responsive service with Oracle engineers to a reliance on self-guided research on the My Oracle Support (MOS) web portal.
As Oracle charges you more for support every year, they have shifted the heavy lifting of problem resolution to your staff. So in a way, your productivity is already suffering – from poor publisher support. When you do not renew products with Oracle’s support program, you can no longer access MOS for information on those products. This may cause fear of loss for DBAs, analysts, and other users because Oracle has trained them to see MOS as the primary source for assistance.
But what are they really losing? MOS is designed to help self-diagnose and resolve issues, but the automated, one-size-fits-all approach often leads to frustration and extended delays. For example, MOS offers little-to-no assistance for interoperability and custom code issues, and there are often no updates available for older releases. Requesting on-demand assistance from a live engineer is difficult to impossible.
Third-party support improves productivity and the quality of support because it replaces MOS with on-call, personalized, “concierge” service from an assigned team of senior engineers, not an account manager. This team knows you and your technology stack and takes immediate responsibility for researching and resolving an issue or request. When your Oracle users and IT team no longer have to sort through the clutter of MOS, they can stay focused on their daily and strategic priorities.
During onboarding with Spinnaker Support, we further eliminate the need for MOS by:
Oracle’s priority for innovation is very much focused on its new cloud and digital transformation solutions. Thus any upgrade is not an upgrade in the historical sense, is generally not included as part of your annual maintenance and support fees, and will typically involve a complete relicensing and reimplementation event – usually at great expense to you.
Upgrades for perpetual licenses are limited, with often poor value propositions. The Continuous Innovation model only covers a subset of products, offering a slow drip of incremental improvements over a long period of time. Many companies that switch to third-party support have made the conscious decision to remain on their stable version and avoid spending budget and resources on upgrades that would deliver minimal advantage.
It is true that you will lose your access to the publisher’s support site. However, as we mentioned in the previous section, Spinnaker Support provides customers with an archive of the legally entitled Oracle patches and upgrades that were available up to the end date of your publisher support. Going forward, you can retain, access, implement, and use these upgrades as needed.
Spinnaker Support has performed this service for hundreds of customers, using an ISO 9001:2015-certified archiving approach and ISO 27001:2013 processes for data security. Other vendors who have not respected Oracle’s IP and copyrights are legally banned from creating archives for customers.
Additionally, Spinnaker Support offers managed services and project-based consulting. If there’s new functionality you need, our team can help.
Perhaps the most common concern of skeptics is security because Oracle will not provide security patches to customers who cancel support. We are asked whether we have the ability to provide adequate software and application security. Oracle says we cannot because only it can access the source code and find and address existing bugs or vulnerabilities within its own software. While this argument is true concerning the code, it is misleading at best concerning overall protection.
In fact, proper security is multi-layered and complex, and not a reactive, one-size fits all patching model. Spinnaker Support deploys a Seven-Point Security Solution (described below) that allows us to personalize our approach to address each specific issue in its unique environment. Here is why this is better than patching.
First, patches are far from perfect.
Oracle delivers security patches quarterly to address critical vulnerability exposures (CVEs). These Critical Patch Updates (CPUs) have issues themselves: they are reactive, expensive to implement, block only known threats, come well after a vulnerability has been actively exploited or discovered, and may not be successful.
For the twelve months of patches between 2Q19 to 1Q20, 22 of the 67 Database patches (33%) were repeats of previous patches going back to 2016 that did not originally fix the issue. Let’s repeat that: the vulnerabilities were not fixed, so the original Oracle patches needed patches.
Second, patching is not always deployed well.
While it’s best practice to deploy patches in a timely manner, many businesses fall behind or make the decision not to do it. Patching using Oracle’s CVE approach can be costly, involve time consuming testing, and often result in unintended consequences, like issues with customizations.
You should know where your IT and security teams stand on this practice. Have they installed the latest CPUs? We often discover that the users who are most adamant about remaining on Oracle-provided support are not actively applying patches – they simply like the idea that patches are available if needed. This defeats the entire purpose of patching!
That is why full-stack security (Defense in Depth) is more effective.
Vulnerabilities and exposures now come from a variety of external and internal sources, so effective security must address the full technical stack. True security is a process, not a patch.
Spinnaker Support’s global security team adheres to a Seven-Point Security Solution that covers the core security concepts of Discover, Harden, and Protect and comes standard with support at no extra cost. This approach combines timely fixes, configuration changes, or other operational workarounds to remediate any security issues you encounter (we call these “compensating controls”). The security solution can include products for virtual patching, intrusion detection, and prevention services like proactive monitoring.
Does this approach work? When we recently surveyed our customers on this topic, over 98% of respondents indicated that our security and vulnerability protection is at least as good or better than that delivered by the publisher.vi
Important Note: Oracle does not provide patches for versions on its Sustaining Support. Security concerns don’t lessen when Oracle decides to strip you of patches, so moving from Sustaining Support to our third-party support is a clear win for your security efforts.
Not true. Unlike Oracle, third-party vendors provide Global Tax and Regulatory Compliance (GTRC) data tailored to the customer’s specific needs, delivering updates on a regular schedule to be less intrusive and easier to apply. At Spinnaker Support, we include GTRC updates as standard for the products that require them, no matter how old the software release.
Oracle typically supports its Premier and Extended Support customers – but not Sustaining Support – through massive GTRC updates that lack personalization for individual customers. These patches and updates are a one-size-fits-all approach to GTRC that requires additional work on behalf of the customer.
In comparison, Spinnaker Support keeps you compliant by delivering monthly and year-end updates tailored to your unique geographic reach and software environment requirements. Our GTRC team alleviates the challenge of changing tax, legal, and regulatory requirements by continually researching, monitoring, and gathering specific requirements from governing authorities in dozens of countries and all 50 U.S. states. We’ve designed our back-end systems and ISO 9001:2015-certified process to scale as we add new customers and jurisdictions.
You get timely and comprehensive updates, all designed to cover the breadth of tax and regulatory environment compliance issues and keep you compliant while minimizing the impacts of these changes to your systems. As a trusted partner, we work directly with customers to schedule and implement all required changes.
Even hint at leaving Oracle support, and your account manager will tell you it will damage or end your overarching relationship with Oracle. They may say you can’t purchase new licenses or must pay reinstatement fees and penalties to re-engage. They certainly won’t be happy about the lost revenues.
But ask yourself this: is your current relationship with Oracle all that wonderful? In all likelihood, they are slow to escalate support issues, aggressively pressing you to upgrade or move to the cloud, and refuse to alter their price structure to accommodate you on shelfware and unused licenses.
None of what Oracle says is true. Many Oracle customers that have switched to third-party support have successfully returned to Oracle when they were ready to upgrade to a new version or migrate to a cloud product. To date, we know of no Spinnaker Support customers who paid reinstatement fees. Everything is negotiable, especially when Oracle knows you’re planning to invest even more in its products.
In fact, when returning to Oracle after several years, you’re treated as a new customer. This puts you in a better future negotiating position than if you had stayed current on Oracle support. We recommend negotiating with the license sales rep and not the support sales rep to get the best possible deal.
On average, Oracle customers can expect to be audited every 3 to 5 years, so it’s best to always be prepared in the event your organization gets selected at random. Trigger events can include mergers and acquisitions, failure to renew a Universal Licensing Agreement (ULA), lack of recent purchases, resistance to moving to the Oracle cloud, and a letter of intent to cancel Oracle support.
So yes, switching to third-party support is a known audit trigger, but contrary to what your Oracle account manager might say, it’s pretty low down on the list. In the 2019 annual Spinnaker Support survey, 89% of responding customers reported that they were audited less or the same after switching to Spinnaker Support. Only 2% saw an audit increase, and the remaining 9% told us that it was too soon to tell if auditing frequency had changed.
That said, it is very important to review your Oracle contracts (original, renewed, and amended) to understand specific terms and clauses. If you have virtual environments, you must understand how they are configured and how, or if, they utilize Oracle programs. You also need to determine if there are any unlicensed Oracle products or features that were inadvertently activated. Spinnaker Support has experience and partners to help with license review and compliance.
Okay, so not a question, but we do hear this, usually from leadership, not hands-on users. Why? Because very few customers love Oracle support, even those whose careers are tied to Oracle products. They are already unhappy with slow responses, lack of escalation, and time wasted on self-researching issues. You will always have employees who dislike any change, who prefer “the devil I know,” and don’t care how much it costs the organization each year.
But how do Spinnaker Support’s customers feel about our Oracle services? In their words:
“Spinnaker is an amazing third-party support provider service that helps in providing accurate and responsive solutions to customers.”
“My points of contact are always very helpful, knowledgeable and very efficient. We have developed an awesome working relationship.”
“They have a deep understanding of the tools and they are very much able to deliver unrivaled technical support.”
These are direct quotes from independent, verified reviews posted on the Gartner Peer Insights review site. In dozens of published reviews, you can read why actual customers prefer our services. It is highly likely that, just like you, many of these individuals started out as third-party support skeptics. Remember that while third-party support is a direct replacement of Oracle support, it is an entirely different model – support-driven versus software-driven.
You’re investigating third-party software support and may have doubts. That’s natural, especially when it involves your vital Oracle ecosystem. Based on thousands of conversations with sceptics, this guide answers the most frequently asked questions using facts, examples, testimonials, and recommendations. Read on for the next steps you can take and recommendations for how to win over other sceptics. Unlock the other sceptic topics to get answers to more questions, and/or download the entire guide and pass it on!
So maybe we’ve won you over with our responses or you weren’t a sceptic from the start. If you’re a third-party support champion, then you still may have to sell this to your Oracle user and IT team.
Here are some suggestions that have worked for other organizations:
Start early to identify the sceptics. Each department or individual may have a separate set of concerns. The sooner you can identify these, the more time you’ll have to address them. Companies that do not convert sceptics soon enough may miss contract deadlines and even see their support initiative stumble or fail.
Understand how much – or little – your team has been actually using Oracle support. Gather a two- to a three-year history of tickets issued to Oracle (types, priority level, etc.). This data can support your cost/benefit analysis, substantiate claims of poor support, and be used for the third-party support discovery phase.
Be familiar with your Oracle software licensing. As your procurement or sourcing department will tell you, Oracle contracts are nothing if not complex. Gather specifics of your software application landscape: product lines that are in scope, language requirements, countries requiring tax and regulatory updates, used versus unused licenses, etc. Know your rights, end-of-maintenance dates, and how to cancel precisely as contractually required by Oracle. This information will help eliminate surprises and build your case for leaving Oracle.
Build consensus on what is most important to your organization. Organizations that choose to move to third-party support fall into one or more categories: they want to sustain their existing products, they eventually plan to migrate to a new system, or they are in financial distress. Be clear on what the drivers are, and make sure that it’s first and foremost in your discussions. This focus can counter minor concerns that sceptics can use to try to derail your decision.
If it helps, just lead with price. If you’re struggling to win over sceptics, then focus on the hard cost savings and show them that it doesn’t pay to be a sceptic! In fact, the IT department and organization can use these savings for what they most want, whether that’s digital transformation, additional staffing, managed services, new IT initiatives, or simply applying the savings to improve the bottom line.
Share this guide with everyone who needs it. Whether they are in IT, legal, procurement, or senior management, you can win over the sceptics.
Remember: It’s okay to be a third-party support sceptic. If we haven’t covered your particular area of uncertainty – or haven’t answered one of these questions to your satisfaction – feel free to search through our blog site. We add new topics and examples to that forum on a weekly basis.