Vendor lock-in refers to a situation where the cost of switching to a different vendor (or an in-house solution) is so high that the customer is essentially stuck with the original vendor (Source).

The problem of vendor lock-in increases if:

• Integration with a service requires several touchpoints (deep integration), and there is no industry-wide standardized API for those touchpoints.
• The service owns critical app data.

This is a problem not only for customers but also for companies offering software (especially startups): For customers, they run the risk of being stuck with a vendor even if their service quality declines, they change their product focus, they increase their pricing, or worst case, they run out of business. As a result, startups have the problem of gaining potential customers' trust, and therefore, have to design their software to minimize these risks. This results in lots of additional engineering costs, and sometimes, lost revenue.

Control of Data

This issue can be solved by providing a self-hosted version of your product which will store all the data in your customer's database. Most apps use a SQL database, so supporting MySQL and PostgreSQL would be enough (until your product becomes fairly popular).

There are issues with this approach though:

• Your product's architecture cannot contain several microservices. Ideally, just one docker image that connects to your user's database, or one framework library working with a popular ORM library of that framework.
• If you also want to provide a managed service version of your product, then maintaining that and a self-hosted version is an added engineering cost.
• There can be issues with monetizing a self-hosted version. Even if it requires a license key to use, it can always be "hacked" to not require one.
• Running an additional service is added work for your customers, and several potential users may not even have the infrastructure skills required to set up a new microservice.

To mitigate some of these issues, here are two ideas:

• Allow users to get started quickly by using your managed service version, and give them an option to migrate the data from your databases into their database. This gives users the peace of mind that they can be in control if needed. The best part about this approach is that once they start to use the managed service version, they may never actually bother with migrating to a self-hosted one anyway.
• Allow users to use your managed service version which can connect to their database. This removes the hassle of them doing additional infrastructure work and also gives them the control they want. This can also be an option exclusive to your most expensive pricing tier.

Control of Code [1]

This section caters to two aspects:

• Customizability of code and features as per business requirements.
• Runnability of the product independently to the vendor.

One way to solve these issues is to make your product open source. However, this has major implications for your product's business model. If that is not possible, you could consider a "source available"[2] model which converts to being open source in case your business shuts down. You could even charge users extra to provide them with a license that allows them to modify the source code. Finally, depending on how your managed service offering runs, you could allow users to modify the source code of your product, and the modified version can be hosted by you.

Other than direct source code modifications, you should design your product to have enough hooks and switches so as to meet any sort of business customization requirements. You should also aim to provide an API-only interface to all your features/dashboards. That way, even if you do not provide a feature that a user wants, it may be possible for them to build that out "on top" of your product.

Focus on Migration

Most companies focus on making it easy to migrate into their product. To minimize vendor lock-in, you should also focus on making it easy to migrate away from your product.

At first, this may seem counterintuitive from a business perspective, the chances that a production customer will actually migrate out of your product is very low (assuming that your product and service meet their expectations). You are better off optimizing for this as it gives an impression of customer prioritization and focus, which in turn will increase the probability of getting newer customers.

Conclusion

To summarize, the problem of vendor lock-in can be minimized by:

• Allowing users to use their own database via a self-hosted version of your product.
• Allowing them to carry out complex customizations with and without modifying the code you provide.
• Allowing users to move from using your managed service version to a self-hosted version of your product.
• Allowing your managed service version to connect to a user's database.
• Making migration into and away from your product as easy as possible.

If you liked this blog, you may also like other blogs from us:

• All You Need to Know About User Session Security
• The Best Way to Securely Manage User Sessions

Written by the folks at SuperTokens — hope you enjoyed!

Footnote:

[1]: I am not a lawyer. Please consult one before implementing/seriously considering the ideas pointed out in this section.

[2]: The source code is viewable, but under a proprietary license — limiting the distribution and modification of the code, and usually requiring a license key to run.