I must start out by saying that in my experience IT Vendors (typically the large multinational ones) don't set out to deceive or blatantly mislead their customers. More often it's an over enthusiastic (or desperate) employee who steps out of line. The Global IT Giants usually have very rigid and specific requirements that all employees must follow. Luckily this "usually" guarantees the customer some level of protection!
Many years ago I was at a meeting with a certain IT "Giant" at one of their facilities in Hawthorne, New York - They were keen to show me the depth of their product and services offering. After an hour I responded to this small group of managers (we were seated in a meeting room) about a certain set of issues I could, and was willing, to explore with them, only to be shocked by the only Senior Executive present, who immediately shot back at me, saying that "they truly suck at doing that", and that although they can do it, would prefer for us not to use them for that specific project. He would rather engage with us on other areas (of our business) where he felt they had better strengths. It was a breath of fresh air....and something I remember being blown away by hearing such straight talk. Indeed they were very direct, honest and it really helped build a relationship that was to last for many years to come. I wish more companies could have been like that. Sadly it was not to be.
1. The Y2K Bandwagon (or rather Fiasco as I would call it).
Biggest example of mass deception, illusion and even fraud (in some cases) I may add, that I have witnessed. The shear allure of milking clients ad nauseam for consulting fees fed what was to be a frenzy of "Fear & Threat". The reality was that most of these consulting firms (some quite large too), had almost zero skill on this subject and were often simply sending in low level audit staff to perform totally absurd tasks that added no value and did not really address the real issues at all.
At the time, I was responsible for IT systems and infrastructure as well as our manufacturing systems environment, where we had a large installed base of PLC's and other complex systems within all of our factories spread across a number of countries. It was not rocket science for Y2K issues on these PLC's to be tested by simply disabling the Lithium Iron batteries from PLC's and thus getting the date to reset back to the factory default and establishing what this time effect would have on the actual live systems (many were linked to databases). Of course, as expected the PLC's default date had no effect whatsoever....and months later we simply removed (for a day) all the Lithium Batteries during a normal routine maintenance weekend. Case solved. Y2K had no impact at all.
Yet every single one of the so called "Consultants" quoted us well into six figures to audit, test and modify (yes...they actually tried to feed us this nonsense too) our existing manufacturing infrastructure. Of course the board were concerned, but luckily they listened to what I had to say, and was able to prove to them the reality as well as hype....and of course not a minute of downtime occurred on the 1 January 2000. Not a single manufacturing company I knew had issues either..... just that many of them had been ripped off.....with the only comfort being a letter written by consultants to their board telling them how well prepared they would be.....Oh....and that the invoice was in the mail!
We often hear the joke that the definition of a consultant is someone who steals your watch and then bills you so that they can tell you the time. In the Y2K Fiasco.... this sadly turned out to be true! My view of that period was that the majority of Consulting Firms simply did not seem able to turn away from the "pigs trough" that overnight had become available, and easily succumbed to this temptation that they would later regret!
One would have thought that lessons would have been learnt, but sadly, only 18 years later, a new 2038 "bug" drama is already starting to take hold.....and some are trying to fool the next generation of so called "experts" all over again.
2. Vertical Industry Portals (All part of the DOT.COM bubble)!
During the height of the DOT.COM bubble my employer was being pressured by a "solutions company" who had already approached many of our global competitors and had convinced them to invest outrageous amounts into a new partnership that would own a Vertical Industry Portal that, besides other functionality, was going to "dominate and control" the supply of a certain natural "commodity", essential in our manufacturing process. They had all the details allegedly worked out, and how they were going to squeeze the suppliers. The portal owners would in effect dominate almost all global purchasing power.
It looked so easy and simple, specially in this DOT.COM era when there was more fear of being left out rather than of joining in on this new Internet wave. I was concerned as it really looked too simplistic and lacking in any real detail. The investment they were demanding was truly massive.
Thanks to the good folk from one the the leading global Research and Advisory firms, they agreed to meet with us and discuss our concerns. They said very little during that short meeting, but at the end of the session (mostly them listening, and trying to understand our business) said one thing: "We don't have all the answers for now, but we would strongly suggest that you SIT ON YOUR HANDS FOR NOW, AND DO NOTHING".
Thank heavens that is exactly what we did. We landed up being one of the very few companies in our market sector that did not get caught out in this "scheme". Our competitors lost many millions and the portal never even was able to go live. Its entire assumption was based on the belief that suppliers could easily be "squashed". This by a software house who never really understood our business at all....and as it turned out, the Vertical Portal business either!
I must add that it was not only the software industry who tried to climb onto this bandwagon of hype. Some of the so called Global Auditing/Accounting Firms were just as bad. They also carried out tactics of fear into many a boardroom and caused much panic without any real experience or knowledge. For them, it was simply the eager desire to sell consulting services at any cost lest they miss out on the new boom!
3. Cyber Security Hype.
I am not going to say too much except that no matter what you do and no mater whose solution you use or buy, there IS NO SUCH THING AS A 100% SECURE SOLUTION.
The best option is to apply common sense, best practice, and not cut any corners.
Don't fall into the trap of trusting only in an auditors checklist too. Its a false sense of security.
Sadly, if someone wants access to your data badly enough, either a Crime Syndicate, or a State Player.... there is no perfect solution! So take all those promises and guarantees from snake-oil salesmen with a pinch of salt. Its not worth the paper its printed on. You can have the best Intrusion Detection technology in the world....only to have the "hacker" gain access to your network from the inside. That is the methodology they will probably use anyway.
It reminds me of a certain company who only a year ago were promising that their product was "The World's Most Secure" email server. This claim was blown to pieces after the BBC commissioned two security researchers in the UK to examine this claim. Turned out that the "solution" was nothing more than a compromised Rasberry Pi based device with a litany of serious flaws. The device was found to be easily hackable giving away full Read, Write and Delete access without too much of a fuss.
4. A list of more "Smoke & Mirrors" witnessed over many years:
- Telecommunication Companies who provide Service Level Agreements (SLA's) where the agreement did more harm than good. They try to lock you in for far too long and then to add insult to injury, ignore faults in order to focus rather on reducing downtime penalties.
- Outsourcing - Initiated simply to avoid any in-house responsibility, and lands up being a never ending Nightmare. Sadly far too many outsourcing companies lack effective communication skills and avoid any form of meticulously detailed contracts. The customer is often to blame too, this as they don't conduct a proper vetting process either. Some of the largest IT disasters (most expensive ones too) I ever saw where due to poorly thought out and inadequately skilled outsourcing projects.
- Believing that only the largest ERP (Enterprise Resource Planning) software vendors can provide your company with a solution because of their shear size and brand recognition. Warning: Tread with GREAT caution because I have seen highly nimble, flexible and very profitable companies reduced to what can only be called a train wreck, having lost most of those competitive advantages and now find themselves constrained, restricted and unable to return to their former glory.
- Allowing a Software Solution company anywhere near an HR department - Why HR folk seem to lack any form of Strategy or Leadership I don't know, but keeping them away from software salesmen will save you a small fortune and a huge headache - Enough Said!!
No comments:
Post a Comment