Outsourcing: does it reward theft?

Turning a blind eye

  • alert
  • submit to reddit

New hybrid storage solutions

Opinion Simon Galbraith is co-founder and marketing director for Red Gate Software, a supplier of tools for software developers and testers.

As I was walking down the street last week I saw a young man loitering around a rich-looking tourist couple sitting down at a café enjoying a coffee - coats on the back of their chairs. There was a commotion and the young man picked up an expensive leather jacket from the back of the man's chair while he was distracted. The young man sauntered off across the square wearing the jacket as if it had always been his.

As I stood waiting for a bus yesterday a young woman approached me asking if I was interested in a leather jacket. She was attractive, flirtatious and a little bit desperate. I said "sure - why not"? I tried it on, it fit, and the girl told me it looked good on me. I'm not 100 per cent certain but I'm pretty sure that it was the same high-quality jacket I saw being 'lifted' last week at the café. Anyway it was a damn fine jacket. We haggled for a while over the price and settled on $50. It was a bargain; the jacket would retail for at least $600.

When I'm not negotiating for possibly stolen goods, I work as an executive of a small software company with a very simple business model:

1. We write simple software tools that developers and DBAs who use Microsoft technologies find extremely useful (comparing SQL databases, code profiling etc).
2. We market them.
3. Developers and DBAs who use Microsoft technologies respond to our marketing and visit our website. Some download a fully functional trial version of our software.
4. They try it out during the 14 days that the trial lasts.
5. Some of them buy it.
6. We use the money that comes from this to pay our costs and invest in further product development and improvement.
7. We continually try to get better at steps 1-6.

Since we started in 1999 we have had over 4000 customers. Our evaluators are from all over the software-producing world. Around 15 per cent of them are people based in India, China, Malaysia and other countries that have become global centres for IT outsourcing. Many large companies have decided to outsource some of their software development to these countries, citing the cost advantage as a key reason to make the switch.

Of the 15 per cent of our evaluations that have originated in these global outsourcing regions, we have made only one sale. Given our normal strike rate we'd have managed several hundred sales. I'm all for accepting a bit of statistical variation without getting anxious, but there is only one rational explanation - theft. (FYI - the one sale we made was to a British company's newly outsourced operation; the company insisted on licensing compliance from its suppliers.)

To put it plainly, a much greater percentage of corporate users in the developing world hack our licensing systems than do those in the more developed parts of the world. Incidentally, this doesn't apply to expats of these countries who when based in the USA and UK are stalwart customers of ours - we've sold many more licenses to Indian expats living in Alaska, for example, than we have to the entire sub-continent.

There are two logical reasons behind all of this - either it is the refusal of company management in developing countries to give people the tools to do their job properly and turning a blind eye to theft or, more seriously, the official management encouragement of the hacking.

Although losing 15% of our income to theft is annoying, imagine how much worse it is for software tool companies in these developing countries. Their home market is closed to them, which probably explains why so few decent vendors have sprung up despite their apparent abundant pool of talent.

What really gets my goat is the gleeful quotes about outsourcing that appear in the business press. "Bob Jones from Multinational Inc. predicts that his company will achieve savings of $23M over the next 3 years on development costs." These stories always make me wonder: Are these companies saving costs by using stolen software and generally shafting other people's intellectual property?

If I sent around a company-wide email boasting about how I had managed to lower my jacket costs for the next two years by purchasing a stolen one, you would consider it right and proper if my colleagues avoided me for a while and peed in my coke when I wasn't looking. When the CTO of a multinational corporation announces a new outsourcing deal, however, there are bonuses and accolades for 'saving' lots of money.

If you are a CTO reading this, you might be thinking: "What problem is it of mine that some whining tool supplier is getting shafted by the company I'm outsourcing to?" Well, consider this: There are some aspects of what you supply to your customers that boil down to intellectual property and some portion of what your company earns relies on that.

Let's imagine that Multinational Inc. takes Tiddly Ltd. to court to contest an alleged IP violation. Multinational might face a novel but very effective technique on the part of the defence: Multinational Inc. has no respect for IP in its own operations; in fact, the company is happy to use outsourcing as a vehicle to avoid it. Irrespective of the rights and wrongs of the legal argument, Multinational is going to find it hard for any judge or jury to rule significantly in its favour. Multinational might win, but it will probably only get a dollar and no costs.

If you fail to insist on compliance from companies that you are outsourcing to, then how can you argue for compliance in your own IP? If a company wishes to be avoid this legal and ethical issue, it must put explicit terms in its outsourcing contract that suppliers will use no stolen or hacked software in the work under contract.

As you might have surmised, I decided not to buy that mythical jacket. The reason I didn't should be the same as the motivation behind integrity in outsourcing: people do business with me and my company because we have integrity. Companies that lose their integrity lose their business. No-one thought that being dishonest at Enron was a problem until it was too late. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
Not appy with your Chromebook? Well now it can run Android apps
Google offers beta of tricky OS-inside-OS tech
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
prev story


Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.