Locations

Resources

Careers

Contact

Contact us

Uncategorized

Introduction: Why CIOs Are Considering Alternatives to Oracle Support

Introduction: Why CIOs Are Considering Alternatives to Oracle Support

Oracle’s database products are mission-critical for many enterprises, but the cost and constraints of Oracle’s official support have CIOs seeking alternatives. Oracle typically charges about 22% of the license price yearly for support and maintenance, often with annual increases. Many CIOs pay hefty fees for support they rarely use or updates they don’t need, just to stay compliant. One survey found 73% of Oracle customers upgrade primarily due to “end of support,” not because they need new features. This vendor-driven upgrade cycle forces organizations to invest solely in expensive, time-consuming upgrades to remain supported.

Beyond cost, CIOs are frustrated by inflexible contracts and vendor lock-in. Oracle’s policies (like requiring full support on all licenses in a group) limit partial opt-outs​. Suppose a company owns 100 Oracle Database licenses under one agreement. In that case, Oracle may require all 100 licenses to remain on Oracle support (or none), preventing a gradual or partial move to other support without breaching terms​. CIOs also report that Oracle’s support can be one-size-fits-all, with lengthy response times and support engineers often recommending upgrades or workarounds instead of real fixes. For stable, mature Oracle Database environments that don’t need constant updates, paying high fees for minimal support value has become hard to justify.

These factors – high costs, forced upgrades, and rigid policies – are driving CIOs to explore third-party support providers. Third-party support can cut annual support costs by 50% or more, avoid unnecessary upgrades, and tailor support to the organization’s needs. By freeing up budget (Gartner notes many firms save 50–70% by switching​ ), CIOs can redirect funds to innovation and digital transformation projects while keeping their Oracle databases running smoothly. The sections below examine how third-party Oracle Database support works, its legal foundations, leading providers, benefits, risks, and key considerations for CIOs evaluating this path.

Legal Foundation: Is Third-Party Support for Oracle Database Legal?

One of the first questions CIOs ask is whether using a third-party support provider for Oracle Database is legal. The short answer is yes – third-party support is legal for Oracle licensees, provided you adhere to your terms. There’s a common myth that it’s “illegal” to have anyone other than Oracle support Oracle software, largely due to a high-profile court battle between Oracle and Rimini Street (a leading third-party support firm). In reality, the courts have confirmed that Oracle customers can hire third parties to support licensed software, as long as no contracts or copyrights are breached​.

The landmark case Oracle v. Rimini Street has been ongoing for over a decade and provides the legal foundation. Oracle sued Rimini Street, accusing it of copyright infringement by copying Oracle’s software and support materials to service clients. In 2015, a court found some of Rimini’s methods were infringing (e.g., using one customer’s credentials to download patches for another, and hosting Oracle software on Rimini’s systems in ways beyond the license). Rimini Street paid damages and was under an injunction to stop those specific practices. However, the courts also affirmed that third-party support is a legitimate business model. The ruling clarified that outside of the specific infringing acts, customers can use third-party support as a lawful alternative to Oracle’s services​.

Subsequent appeals refined the boundaries. In a 2023 federal court order (the Rimini II case), the court held that nothing in Oracle’s licenses prohibits customers from hiring a third party like Rimini Street to perform software updates or fixes – essentially anything the customer themselves is allowed to do under their license. In other words, if your Oracle license permits you to apply a patch or make certain modifications, you can outsource that task to a third-party provider acting on your behalf. This is a key legal validation of third-party support. Rimini Street is not prohibited from supporting any Oracle products, but it must do so within the confines of Oracle’s license agreements and intellectual property rights.

It’s important to note that legality hinges on how third-party support is delivered. What’s illegal is violating Oracle’s copyrights or license terms – for example, a support provider can’t pirate Oracle’s software, use one customer’s software to service another, and distribute Oracle’s proprietary patches without permission. In the Oracle v. Rimini saga, Rimini had to adjust its processes to comply: they stopped using Oracle’s support site downloads. They stopped maintaining Oracle software environments on their servers beyond what each client was entitled to. In late 2024, the U.S. Ninth Circuit Court of Appeals reviewed the case and vacated some of the lower court’s findings of infringement, criticizing an overly broad view of what constitutes a “derivative work”. The appeals court ruled that because Rimini’s tools interoperated with Oracle software, it didn’t automatically make them illegal derivative works – they must have incorporated Oracle’s protected expression to infringe. The case was sent back for further proceedings, but the big picture remains: third-party support is lawful as long as the provider operates within the limits of the customer’s license.

In summary, Oracle cannot force you to buy their support if you own a valid license to the software. As one ruling put it, Oracle’s customers are free to hire third parties to service their software to the same extent that the customer could do so themselves. Many companies, including governments and banks, have used third-party support for years. Oracle, of course, would prefer to keep customers on its support and often warns against third-party providers, but legally, Oracle cannot penalize you simply for switching support providers. The key is to stay compliant: ensure you and your provider do not use Oracle’s intellectual property in unauthorized ways (more on licensing compliance later). With that legal foundation, let’s examine how third-party support works for Oracle Database customers.

How Third-Party Support for Oracle Database Works

Third-party support for Oracle Database is designed to replicate and often enhance the support experience you’d get from Oracle, at a lower cost. In practice, a third-party support provider replaces Oracle’s role in providing maintenance, troubleshooting, and updates for your database software. Here’s how it works:

  • Comprehensive Support Services: Third-party providers handle support tickets, break-fix issues, and performance tuning just like Oracle Support would – you call them when something goes wrong or you need assistance. Leading providers offer 24/7 support with guaranteed response and resolution times (defined by SLAs), often assigning a dedicated or named engineer to your account for more personalized service. This can contrast with Oracle, where support may go through a tiered help desk. Third-party support teams often include former Oracle engineers and DBAs who deeply understand the technology.
  • Patching and Bug Fixes (Without Oracle’s Patches): One big difference is how patches and updates are delivered. Once you leave Oracle’s official support, you lose access to Oracle’s patch downloads and product updates. Third-party support cannot access Oracle’s proprietary code or patches, so they develop their fixes and workarounds for bugs and security vulnerabilities. Essentially, the third-party firm operates as an extension of your IT team: if a database issue arises, they will analyze it and either provide a custom code fix, a script, or an alternative solution. For security vulnerabilities, third-party providers often use techniques like “virtual patching” – for example, deploying firewall rules, configuration changes, or monitoring tools to mitigate vulnerabilities at the perimeter since they can’t modify Oracle’s source code. Oracle argues that only its official patches can fix a vulnerability in the source code. Still, in practice, many Oracle customers on third-party support have successfully maintained secure systems via these alternative mitigation strategies. No major security breaches have been publicly attributed to companies using third-party support (including in high-security sectors like banking and government) operating without Oracle’s patches​. Of course, CIOs must ensure proper security measures are in place – for instance, some third-party providers offer supplemental security tools to monitor database activity in real time and block threats as an added layer of protection.
  • Updates and New Features: Third-party support focuses on supporting your existing software versions. They will typically support any version of Oracle Database you are running, even older versions that Oracle may have classified as End-of-Life. This is a big advantage: you can continue running a stable older version indefinitely with support, instead of feeling pressured to upgrade when Oracle drops support. However, the trade-off is that you won’t receive new feature upgrades or major version updates from Oracle. For example, suppose you’re on Oracle Database 12c and Oracle releases 21c with new features. In that case, a third-party support provider cannot provide you the 21c software – you’d need to be an Oracle customer in good standing to obtain that. Moving to third-party support usually means “freezing” your Oracle software at its current version (aside from necessary fixes and performance tweaks the third party provides). Many CIOs find this acceptable, even preferable, for mature systems where new features aren’t needed. It turns the roadmap control over to the customer – you upgrade if and when it makes business sense, not because of vendor timelines. If someday you need a newer Oracle version, you might have to return to Oracle support or license that version separately, so factor that into long-term plans.
  • Support Boundaries and Compliance: A crucial aspect of third-party support is that providers must operate strictly within the boundaries of your Oracle license agreement. They generally perform support using your licensed instances of the software. For example, if diagnosing a problem requires replicating your environment, the provider might ask you to clone your Oracle database and provide access, rather than them copying Oracle software into their systems (which could violate license terms if not done carefully). One contentious issue in the Rimini Street case was whether Rimini could create development environments using Oracle software for each client. The courts indicated that third parties can assist customers using the customers’ licensed copies, but providers cannot stockpile Oracle software themselves beyond what each customer is allowed. Reputable third-party providers are very mindful of this – they often require the client to certify that they have valid licenses and may use remote access to work on the client’s systems. They will not distribute Oracle’s patches or source code; instead, they provide their original code for fixes, which is legal. Essentially, the third-party partner can do anything the customer is entitled to do (install updates, configure the system, write custom code, etc.) on the customer’s behalf. They can’t give one customer’s licensed material to another or exceed the license scope.
  • Regulatory and Tax Updates: For Oracle applications (like ERP systems), third-party support providers regularly deliver regulatory updates (e.g., tax tables, legal compliance changes). For the database, regulatory changes are less common, but if new data privacy rules required configuration updates, third-party support would guide those changes. In general, they ensure your Oracle Database remains compliant with any external requirements, even without Oracle’s official updates.

In summary, third-party Oracle support mirrors the services of Oracle’s support – problem resolution, technical guidance, and keeping your systems stable – but does so independently. Providers leverage their expertise to troubleshoot and fix issues without Oracle’s internal resources. Clients log issues via the provider’s support portal or phone, and the third-party team responds just as Oracle would (often faster and more flexibly, according to client testimonials). The best third-party providers also support customizations and integrations more readily than Oracle, since they position themselves as partners in keeping your whole environment running. The next section explores who the leading third-party support vendors are and how their offerings compare.

Leading Providers of Oracle Database Third-Party Support

Several specialized firms offer third-party support for Oracle Database (and other Oracle products). The marketplace is dominated by a few key players:

  • Rimini Street: The largest and best-known third-party support provider for Oracle (and SAP) products. Founded in 2005 and now a global company (Nasdaq: RMNI), Rimini Street has a broad portfolio of services. It’s known for a proactive support approach and extensive global presence, serving clients of all sizes in many industries. Rimini supports Oracle Database, Oracle E-Business Suite, PeopleSoft, JD Edwards, and more. A hallmark of Rimini’s offering is its comprehensive scope – from routine break-fix support to performance tuning and even advisory services on software strategy. They also have dedicated security solutions (like Rimini Protect) to provide real-time database monitoring and virtual patching for clients concerned about security without Oracle patches. Rimini Street employs many former Oracle engineers and database experts and boasts very high client satisfaction ratings. However, CIOs should know that Rimini Street has been embroiled in long-running legal disputes with Oracle. While, as discussed, those cases affirmed the legality of third-party support, Oracle’s litigation created some uncertainty. Rimini’s battles with Oracle have sometimes raised questions about its long-term stability or the need to adjust support processes. Rimini asserts it has adapted its methods to be fully in line with legal requirements and continues to grow its client base. Just be prepared for Oracle to scrutinize any deal with Rimini Street (Oracle’s sales teams are known to aggressively counter-pitch if they learn a customer is considering Rimini). Also, some clients report that Rimini can be less flexible in contract negotiations and more aggressive in pursuing new business – not unusual for a market leader, but something to negotiate firmly.
  • Spinnaker Support: A major competitor to Rimini, Spinnaker Support (founded in 2008) is a global provider that prides itself on specialization in Oracle technologies. They have a strong reputation for technical expertise, often highlighting that they hire former Oracle developers and DBAs to handle support. Spinnaker is known for a high-touch, personalized support model – clients frequently praise their flexibility and willingness to tailor services. For example, Spinnaker may customize the support scope or SLA to meet specific customer needs more readily than a larger provider. They support Oracle Database and many Oracle applications, and like others, also cover SAP. Spinnaker is privately held and smaller than Rimini Street, but consistently ranks high in independent customer satisfaction surveys. They emphasize compliance (to avoid the Oracle legal pitfalls) and will work closely with a client’s team during transition to ensure everything is documented. Regarding offerings, Spinnaker and Rimini are quite similar – both offer core support, security advisories, and support for customizations, and both claim ~50% cost savings versus Oracle. CIOs choosing between them often consider factors like cultural fit, contract terms, and any comfort level differences with their legal history (Spinnaker has not faced the same scale of Oracle litigation as Rimini).
  • Support Revolution: A UK-based third-party support provider, smaller than Rimini and Spinnaker but notable especially in the EMEA region. Support Revolution supports Oracle Database and applications, and differentiates largely on price competitiveness. They leverage a cost-effective delivery model – for instance, a significant portion of their support staff is based in India, which allows them to offer fees sometimes even lower than the 50% off benchmark. Support Revolution’s strategy appeals to budget-conscious organizations; however, because of their lean model, they rely on offshore contractors and may not have the same breadth of in-house Oracle expertise as Rimini or Spinnaker. Some CIOs use Support Revolution as a bargaining chip or for smaller Oracle environments where top-tier support is not as critical. If considering them, ensure you evaluate their SLA commitments and how they handle complex issues, given the smaller scale.
  • Other Providers: Aside from these three, several niche or regional players exist. For example, US Cloud (originally focused on Microsoft support) has extended into Oracle support in some capacity, and some consulting firms offer Oracle support as part of managed services agreements. Additionally, for very large enterprises, some system integrators or advisors might craft a hybrid support model – e.g., they will manage your Oracle databases with their staff, effectively acting as a third-party support provider. When exploring third-party support, CIOs might solicit bids from multiple providers. Rimini Street and Spinnaker Support are the two global leaders and a good starting point for evaluation, with Support Revolution as an alternative for cost-driven cases. Be sure to check references and case studies: for instance, Rimini and Spinnaker both have public success stories (e.g., airports, universities, manufacturers) that switched to them and sustained Oracle Database operations smoothly.

In comparing offerings, most third-party support providers promise the same core value proposition: significant cost savings, support for your existing versions for as long as needed, and responsive service. The differences come in their execution, expertise depth, and extra services. Rimini Street, for example, offers a broad suite (security, cloud advisory, etc.), while Spinnaker might focus more purely on support excellence and flexibility. Support Revolution focuses on delivering the basics at the lowest price point. For a CIO, factors like the provider’s track record, legal assurances, and cultural fit (will they treat your problems with urgency and care?) can be just as important as price.

Benefits and Risks of Switching to Third-Party Support

Switching to third-party support for Oracle Database can unlock major benefits but also involves trade-offs and risks that must be managed. Let’s break down the key benefits first, then the risks.

Key Benefits:

  • Dramatic Cost Savings: This is the number one reason companies switch. Third-party support typically costs 50% (or more) less than Oracle’s annual support fees. Instead of paying 22% of license value each year to Oracle (often with increases), organizations can immediately cut that in half or better, which can translate to millions saved annually for large Oracle estates. These savings aren’t just one-time – they recur yearly and can be reallocated to strategic IT initiatives. Gartner research found that many firms save 50–70% on support costs by making this move​. For example, one company was able to cut its Oracle support bill by 60% and redirect the freed funds to new analytics projects, directly fueling innovation​. Over a multi-year period, the cumulative savings can substantially improve IT’s total cost of ownership for Oracle systems.
  • Extended System Lifespan (No Forced Upgrades): With Oracle, when a database version reaches the end of Premier/Extended Support, customers face either an expensive upgrade or paying extra for Sustaining Support (which provides almost no updates). Third-party support lets you run stable older versions indefinitely with full support. This means you avoid the costly upgrade cycle purely driven by support timelines. If your Oracle Database 11g or 12c works fine, a third-party provider will continue supporting it beyond Oracle’s cut-off date. The CIO can then schedule upgrades on business-driven timelines (or not upgrade at all), rather than scrambling to meet Oracle’s deadlines. Essentially, it liberates you from Oracle’s roadmap and gives you control. Many CIOs value this because upgrades can be disruptive, expensive projects that deliver little new business value if the organization doesn’t need new DB features.
  • Quality and Personalization of Support: Third-party vendors often prioritize superior customer service. Instead of being one of thousands of Oracle Support customers, you may be one of a smaller number of high-touch clients for the third-party firm. Contracts often include named support engineers, more direct access to senior talent, and tailored SLAs. Issues might be resolved faster because the third-party support team proactively familiarizes itself with your environment (some even do on-site knowledge transfer during onboarding). Also, third-party support will typically cover customizations and integrations more willingly. Oracle’s standard policy is that they don’t support your custom code or any third-party add-ons; they ask you to reproduce issues in an uncustomized environment.
    In contrast, a third-party support provider recognizes that your Oracle Database likely has custom stored procedures, specific configurations, etc., and will help troubleshoot those as part of the service. This personalized approach can result in higher satisfaction and fewer finger-pointing scenarios. Many CIOs report that the support experience improves when they switch – issues don’t get bounced between teams, and the provider is “owning” the problem until resolution.
  • Vendor Leverage and Independence: Reducing reliance on Oracle for support can improve your overall negotiating leverage with Oracle. You buy one less service from them, which can pressure Oracle to offer discounts or more favorable terms on other products to win back your business. Strategically, some CIOs use the threat of third-party support as a negotiation tool – even if they don’t ultimately switch, having that credible option can lead Oracle to offer concessions. There’s also a philosophical benefit for those who switch: you diminish “vendor lock-in” by not being tied into Oracle’s support ecosystem. You’re effectively saying that you own your technology roadmap. This independence can be especially useful if you’re considering transitioning off Oracle in the long term (for instance, moving to cloud databases or open source). Third-party support can serve as a bridge that keeps systems running cost-effectively during a modernization journey, without further entrenching you into Oracle’s stack.

Risks and Challenges:

  • Loss of Oracle Patches and IP: The most obvious risk is that you will no longer receive official Oracle patches, updates, and new releases. Suppose a serious bug or security vulnerability is discovered in Oracle Database. In that case, you can’t download Oracle’s fix unless you go back to Oracle support (or they release it publicly, which is rare). You are reliant on your third-party provider to deliver a workaround or mitigation. While top providers are quite adept at doing so, there could be scenarios where a complex issue has no easy fix without Oracle’s internal source code. You might have to live with a workaround or accept a risk in such cases. It’s important to note that security is a frequently cited concern. Oracle warns that third parties can’t patch the software’s source code the way Oracle can, potentially leaving gaps. To mitigate this, companies that rely on third-party support often implement additional security measures: strict network controls, database monitoring tools, intrusion detection, etc., to protect systems instead of constant patching. So far, companies on third-party support (even in sensitive sectors) have not suffered known breaches attributable to missing Oracle patches, but this remains a risk to manage. CIOs should ensure their security team is on board and possibly contract for security services (some third-party support firms offer add-on security monitoring or “virtual patching” solutions to harden the database environment).
  • No New Features or Upgrades: If your business wants a new Oracle Database feature or needs to upgrade to a new version (for compatibility, performance, etc.), being off Oracle support complicates that. You might have to reinstate Oracle support (with back fees) or purchase new licenses for the new version. Oracle typically charges hefty “reinstatement” fees if you want to return, often requiring you to pay all the fees you missed plus a penalty​. This can erase past savings. Therefore, switching to third-party support makes the most sense when you are confident that your current database version will meet your needs for several years. Suppose your strategy unexpectedly changes (say, a software vendor requires a higher DB version). In that case, you’ll need to factor in the cost and hassle of returning to Oracle support or finding another workaround. In short, third-party support is ideal for steady-state environments, but less ideal if you anticipate frequent change or need to stay on the cutting edge of Oracle’s technology.
  • License Compliance and Audit Risks: While third-party support is legal, Oracle licenses remain complex. When you leave Oracle support, it’s common for Oracle to increase its vigilance through software license audits. Oracle’s license agreements give them the right to audit your usage, and some CIOs observe that an audit often follows a support termination. The risk is that if the audit finds you are out of compliance (using more cores than licensed, using features you didn’t pay for, etc.), Oracle could demand large fees or even claim breach of contract. Being on third-party support doesn’t shield you from this – in fact, Oracle might be less lenient since you’re no longer a support customer. Companies must be sure they are in full compliance before switching. This involves thorough internal audits or using third-party license experts to verify deployment counts, feature usage, and that all environments have appropriate licenses.
    Additionally, one must adhere to the “license set” rules (you generally can’t keep some licenses on Oracle support and drop others that are part of the same license pool) – violating that could forfeit your support rights or worse. If done correctly, moving to third-party support does not violate your contract. However, any misuse of Oracle’s intellectual property (like using patches obtained under support after you leave or sharing them inappropriately) could invite legal trouble. In summary, there is a risk if the transition isn’t meticulously managed on the compliance front.
  • Dependence on the Third-Party Provider: By leaving Oracle, you are trusting the third-party vendor’s capability and longevity. If the third-party fails to solve a critical issue, you can’t fall back on Oracle (at least not quickly, since you’d have to reinstate support). Also, if the third-party provider were to go out of business or decline in quality, you might be stuck scrambling. Mitigating this means choosing a proven, stable provider and having contractual protections (maybe the right to leave if SLAs are consistently missed, etc.). It’s worth noting that some organizations hedge their bets by keeping a minimal Oracle support contract on something as an “emergency backstop” – though, due to Oracle’s policies, this might not cover the specific systems in question. Generally, ensuring the provider has a solid track record and understanding of their business continuity is important (for instance, how would they handle a surge of issues? Do they have enough skilled staff?).
  • Internal Resistance and Knowledge Gaps: An often overlooked challenge is internal. Your DBA team or application owners might be skeptical about third-party support. They may have long relationships with Oracle or fear that not having Oracle’s backing could hurt them if something goes wrong. Additionally, Oracle’s documentation and support knowledge base will no longer be at your fingertips (support customers get access to the My Oracle Support portal, knowledge articles, etc.). Third-party providers will supply their knowledge base and expertise, but there could be a change in how issues are troubleshooted. It’s important to manage change internally, educate your team about engaging the new support, and possibly retain read-only access to Oracle’s knowledge base if allowed (some companies maintain a single developer support license or use Oracle user groups for knowledge).

In weighing benefits vs risks, many CIOs conclude that if their Oracle Database environment is stable and costs must be reined, the benefits outweigh the risks. The cost savings and extended lifespan alone can be incredibly attractive. The risks can be managed with due diligence, planning, and leveraging the experience of others who have made the switch. The next section covers the licensing and audit implications in more detail, since that’s often the thorniest aspect, followed by recommendations on evaluating and executing a move to third-party support if you choose to proceed.

Licensing and Audit Implications for Oracle Database

Oracle’s licensing and audit practices are critical when moving to third-party support. While you can use third-party support under Oracle’s licenses (no clause says “you must buy Oracle Support”), there are contractual nuances to navigate to stay compliant.

License Contracts and the “All or Nothing” Support Rule: Oracle often includes a policy (sometimes called Matching Service Levels or the License Set rule) which requires that if you maintain support on any licenses of a given Oracle product, you must pay support on all licenses of that product that you own under the same agreement​. This means you typically cannot partially drop support for a subset of your Oracle Database licenses while keeping support on others, unless they are structured as separate orders or license sets. For example, suppose you purchased 100 processor licenses for Oracle Database Enterprise Edition in one deal. In that case, Oracle’s contract may stipulate you cannot drop support on 50 of them and keep the other 50 with Oracle – it’s either all 100 remain on support or you terminate support on all 100​. CIOs must review their contracts to identify such clauses.
In some cases, companies negotiate carve-outs or separate agreements to have flexibility (for instance, buying new licenses separately so they’re not tied to the old ones in support). Before switching to third-party support, ensure that when you stop support, you do it for the entire license set as required – otherwise, Oracle could consider you non-compliant and refuse to renew support for the remainder or even terminate your licenses (in extreme breach cases). Plan the drop carefully to encompass all necessary licenses. If you have multiple Oracle products (e.g., Oracle Database and Oracle Middleware), you could drop one product line, not another, as long as they are licensed separately.

Audit Readiness: It’s prudent to assume that Oracle will audit your organization after you end support (Oracle denies audits are retaliatory, but many customers observe timing that suggests otherwise). To prepare, perform a comprehensive internal license audit before you notify Oracle of cancellation. Verify the number of database instances, where they are installed, and on what hardware (for processor-based licenses, hardware configuration matters). Check usage of add-on options or features (Oracle Database has many optional packs like Partitioning, Advanced Security, etc.). Ensure you have licenses for any option enabled in the database, or turn off those features if not licensed. Ensure you’re not inadvertently using higher editions’ features (e.g., Enterprise Edition features on a Standard Edition license). If you find any shortfalls, you can address them by reducing usage or purchasing additional licenses before you leave support (perhaps as a one-time true-up). Engaging a licensing specialist firm or consultant can be wise; they can simulate an Oracle audit and find compliance gaps.

As part of this, also archive evidence of entitlement and support materials. While still under Oracle support, download and save all documentation, patches, and updates you are entitled to. Once your support contract lapses, you typically lose access to Oracle’s support portal. A local repository of the latest patches (up to your end date) means your third-party provider or team can use those if needed (since you obtained them legally while under support). Keep records of your license agreements, proof of purchase, and any Oracle correspondence, so if an audit happens, you can demonstrate ownership and the scope of licenses.

Ongoing Compliance Post-Switch: After moving to third-party support, continue tracking your Oracle usage diligently. Just because you aren’t paying Oracle doesn’t mean you can expand usage freely; if anything, you must be extra careful since Oracle might not be in regular contact until an audit, and any unintentional expansion could go unnoticed until penalties accrue. Stick to what you have licensed – e.g., don’t deploy Oracle Database on new servers or cloud platforms beyond what’s covered. If you need to expand capacity, you can buy more licenses (you can buy licenses without support, Oracle typically sells them with at least one year of support bundled – a negotiation point if you intend to drop support immediately after). Some companies keep a small number of Oracle licenses under support as a hedge (if contractually allowed), but remember the license set rule. Another approach is to convert to a term or cloud license for expansion if needed, separate from on-prem licenses, to isolate the support requirement.

During an audit, Oracle might ask how you apply patches or if you’ve downloaded any since leaving support. Neither you nor your third-party provider must use Oracle’s support site or materials beyond your cut-off date – doing so could breach copyright. The courts have emphasized that while third-party support is legal, the provider should only use the customer’s environment and legally obtained materials. If Oracle finds evidence that, say, an Oracle patch released after you left support was applied, they could claim infringement. To avoid any doubt, coordinate with your third-party provider so that they will only develop independent fixes. Most reputable providers have this in their contract, pledging not to use Oracle’s IP beyond what the client already has rights to.

Reinstatement and Future Needs: Understand Oracle’s reinstatement policy in case you ever decide (or need) to go back to Oracle support. Typically, Oracle will require payment of all support fees that would have been due in the interim had you not left, plus possibly a 50% penalty. For example, if you were off support for 3 years and would have paid $300k in that period, Oracle might charge that $300k plus a $150k penalty to reinstate. This is a deterrent against leaving and coming back arbitrarily. Knowing this, CIOs often decide that they will avoid going back once they leave unless absolutely necessary. However, in some scenarios (like a needed version upgrade), budgeting for a one-time re-entry or finding alternative migration paths is necessary. One strategy is to negotiate upfront when leaving: sometimes Oracle, loath to lose you entirely, might offer a contractual concession such as a right to reinstate at a smaller penalty or provide a license for a future version as part of a settlement. These are uncommon, but it’s worth exploring with Oracle account reps if you have significant spend – they might prefer to give a little rather than see you go to a third party. Usually, though, Oracle’s stance is firm on penalties to discourage the practice.

In summary, licensing diligence is paramount. Many who switch to third-party support engage their legal counsel to review all agreements and possibly get an explicit legal opinion that the planned third-party support usage is within bounds. Courts have upheld that “customers have the right to hire a third party to support software they are licensed to use”, so as a customer, you are on solid ground if you remain compliant. But it’s up to you (and your provider) to stay within the lines. With proper preparation – cleaning up compliance issues, understanding contract exit terms, and archiving what you need – companies have successfully navigated Oracle audits post-switch. The key is no surprises: you don’t want to discover an issue during an audit that could have been fixed beforehand.

Given the benefits, risks, and legal considerations we’ve discussed, the final section provides key recommendations for CIOs considering this move to ensure a smooth evaluation and transition.

Key Recommendations for CIOs Evaluating Third-Party Support

If you’re a CIO looking to potentially shift Oracle Database support to a third-party provider, careful planning and due diligence will maximize your chances of success. Below are key recommendations and best practices drawn from industry analysts, case studies, and the experiences of other organizations:

1. Rigorously Vet and Select the Right Provider: Not all third-party support vendors are equal. Assess each provider’s track record – how long have they been supporting Oracle databases, and can they provide references in your industry or for similar systems? Look at client testimonials and independent reviews. Check the provider’s Oracle expertise – do they have certified Oracle professionals, former Oracle support engineers, or database specialists on staff? A provider’s depth of knowledge will directly impact their ability to solve tough issues. Evaluate the scope of support they offer: Some might exclude certain things (for instance, will they assist in a disaster recovery scenario? Will they support performance tuning or just break-fix?). Make sure you understand what’s covered and what’s not. Interview the providers: treat it like hiring a managed service partner – ask them to walk through how they’d handle a P1 database outage at 2 AM, or how they deliver security updates instead of Oracle patches. Also, inquire about their financial stability and growth; you want a partner who will be around for the long haul. Rimini Street and Spinnaker, for example, have been in business for over a decade with hundreds of clients, giving some confidence. For any smaller or newer provider, extra caution is warranted.

2. Scrutinize Contract Terms and SLAs: Contract details matter immensely when transitioning to third-party support. Don’t just be lured by the cost savings; ensure the contract has robust terms that protect your interests. Key items to negotiate or confirm include:

  • Service Level Agreements (SLAs): Define response and resolution timeframes for critical issues. Ensure they meet your business requirements (e.g., a production DB down should have an immediate response).
  • Scope of Support: List the systems and software versions covered. Include support for custom configurations or integrations in writing, if needed.
  • Liability and Indemnification: Does the provider indemnify you if their methods inadvertently breach Oracle’s IP? Top firms often promise they operate within legal bounds, but it’s good to have assurances that if Oracle did pursue a claim, you as the customer would be protected.
  • Reinstatement Clauses or Exit Options: While you plan not to return to Oracle, clarify what happens if you need to leave the third-party provider, maybe to go back to Oracle or switch providers. Some contracts might be multi-year; consider a termination for convenience clause after a certain period, or at least understand penalties.
  • Fees and Escalations: Ensure the contract specifies the exact annual fee and any cap on increases in renewal years (ideally, you lock the discount in for a term of years). There should be no hidden fees for standard support; watch for extra charges for things like tax/regulatory updates or a certain number of tickets.

Engage your legal counsel or a contracts specialist to review the third-party support agreement. Third-party support is still relatively novel, so you want to catch any unfavorable clauses or ambiguities. For example, verify if the provider requires you to keep Oracle licenses active (they should, obviously) and what cooperation they need from you. Clarity up front prevents misunderstandings later.

3. Perform Thorough Due Diligence and Planning: Before canceling Oracle support, do the homework internally: as noted, conduct a full IT asset and license audit. This not only ensures compliance; it also helps you inventory what will fall under third-party support. Identify all the Oracle Database instances (production, test, dev) you expect the third party to support. Document any known issues or special requirements (e.g., “Database X has a memory leak issue that Oracle gave us a patch for last year” – ensure you have that patch downloaded!). Download all relevant patches, updates, and documentation from Oracle’s support portal while you still can. Essentially, build a knowledge repository that your new support provider can leverage. It’s also wise to outline all integrations: if your Oracle DB interacts with Oracle E-Business Suite or other apps, and if those are still on Oracle support or are moving to a third party. Sometimes mixed environments occur – you might move database support to a third party but keep an Oracle application under Oracle support; coordinate how issues will be handled in that case (usually fine, but Oracle might not support an app if they suspect the database isn’t patched – plan for that perception issue).

4. Engage Stakeholders and Communicate: A move like this affects multiple stakeholders – DBAs, application owners, security teams, procurement, and, of course, the finance/legal departments. Involve these stakeholders early to get buy-in. Explain the rationale (cost savings) and the plan to handle risks (security, etc.). Work with your CISO or security team to bolster protective measures as needed, such as implementing a web application firewall, stricter database access controls, or additional monitoring to compensate for the lack of Oracle patches. Ensure your DBA team is comfortable with the new support process – perhaps arrange meet-and-greets or workshops with the third-party support engineers during onboarding. Align with the compliance team to prepare them for any Oracle audit inquiries. Prepare a communication plan for Oracle: Usually, one must give Oracle written notice to terminate support (often 30-90 days before your renewal date). Be professional in that communication, and you can decide how much to disclose (you aren’t obliged to tell Oracle you’re using a third party, but they’ll likely figure it out). Sometimes Oracle will respond with a retention offer – weigh it objectively, but don’t be surprised if they also send the audit notice shortly thereafter.

5. Consider a Phased or Hybrid Approach (if Feasible): In some cases, CIOs take a phased approach – for example, first moving a non-production environment or a less critical system to third-party support as a trial, before shifting mission-critical production. You might start with a small subset of Oracle technology if your contracts allow. Another approach is a hybrid model: you keep Oracle support for certain products or environments and use a third party for others. A common scenario is if a company runs Oracle applications (like EBS or PeopleSoft) on an Oracle Database – they might keep the application under Oracle support but put the underlying database under third-party support (or vice versa). This can be tricky due to the license set rules, but if structured correctly (and perhaps using separate license agreements for the DB), it can save money while retaining Oracle’s help for the app. Hybrid strategies need careful delineation of responsibility, but they can ease the transition and reduce risk. Over time, many organizations fully cut the cord, but a hybrid can be a stepping stone. Also, if you have multiple vendors (Oracle, SAP, etc.), some third-party providers can cover all of them, simplifying your support landscape into one contract – that consolidation can be a benefit.

6. Plan the Transition Thoroughly: Once you select a provider and handle the preliminaries, work with them on a detailed transition plan. This should include knowledge transfer sessions, getting the provider access to systems, setting up support tools, and establishing communication protocols. It’s wise to overlap with Oracle support for a brief period if possible (e.g., if Oracle support expires on Dec 31, maybe have the third-party contract start Dec 1) so there’s a safety net during the handover. Set clear expectations with the provider on how they will interface with your team. Also, ensure you have internally updated any documentation: Oracle’s support contact info gets replaced with the new provider’s info in your runbooks, etc. Small details like removing Oracle’s emergency number from the NOC bulletin board and replacing it with Rimini/Spinnaker’s number can be easily overlooked! Doing a dry run of an incident response with the new provider can be helpful – for instance, simulated a critical issue and went through the process of calling third-party support just to ensure everyone knew how to engage.

7. Monitor and Adjust: After switching, keep a close eye on support quality and any emerging issues. Have regular service review meetings with the provider (monthly or quarterly) to discuss ticket metrics, pain points, and continuous improvement. Maintain an open channel for feedback from your technical teams – are they satisfied with the new support? Any concerns? Early in the relationship, addressing any expectations gaps is important. Also, continue to track Oracle’s product announcements and security alerts (even if you’re off support, you might still pay attention to see if any new vulnerability is announced). Your third-party provider should do this for you and inform you along with remediation steps, but staying informed as a CIO helps you oversee that nothing critical is missed.

8. Stay Compliant and Document Everything: Keep your license documentation up to date with any changes in your environment. If you deploy on new servers or decommission some, update your records. If Oracle does initiate an audit, be cooperative but prepared – you will have your archive of evidence showing you’ve adhered to the licenses. Having a third-party support provider doesn’t typically assist with audits (that’s not their role), so it’s on your organization to manage this ongoing. Some companies engage license management services on an ongoing basis post-transition just to ensure everything stays clean.

By following these recommendations, CIOs can greatly mitigate the risks and reap the benefits of third-party Oracle support. Many organizations have successfully navigated this path, enjoying significant cost savings, getting competent support, and escaping the constant upgrade treadmill while remaining legally compliant and secure. It requires careful contract navigation and proactive management, but the payoff can be compelling for the right environments.

Conclusion

Third-party support for Oracle Database is no longer a fringe idea; it’s a maturing option embraced by many enterprises looking for cost optimization and flexibility. CIOs exploring this route should weigh the legal and operational considerations carefully. However, as we’ve seen, the courts uphold customers’ rights to seek independent support, and a well-chosen provider can deliver robust service at a fraction of the cost. Moving away from Oracle’s umbrella should be done with eyes open, understanding the loss of automatic patch supply and the need for strict license compliance. Still, those challenges can be managed with proper planning. Ultimately, this is about aligning your Oracle support strategy with your business interests: if Oracle’s model no longer serves you, third-party support offers a viable, legal, and often advantageous alternative. CIOs who do their due diligence, involve the right stakeholders, and partner with a reputable provider can unlock substantial value, turning what used to be seen as a fixed maintenance cost into a source of savings and improved service. The decision should be made case by case, but armed with the information above, a CIO can make an informed choice about whether third-party Oracle Database support is the right move for their organization’s future.

Author

  • Fredrik Filipsson

    Fredrik Filipsson brings two decades of Oracle license management experience, including a nine-year tenure at Oracle and 11 years in Oracle license consulting. His expertise extends across leading IT corporations like IBM, enriching his profile with a broad spectrum of software and cloud projects. Filipsson's proficiency encompasses IBM, SAP, Microsoft, and Salesforce platforms, alongside significant involvement in Microsoft Copilot and AI initiatives, improving organizational efficiency.

    View all posts