Feeds

Outsourcing: does it reward theft?

Turning a blind eye

  • alert
  • submit to reddit

High performance access to file storage

Opinion Simon Galbraith is co-founder and marketing director for Red Gate Software, a supplier of tools for software developers and testers.

As I was walking down the street last week I saw a young man loitering around a rich-looking tourist couple sitting down at a café enjoying a coffee - coats on the back of their chairs. There was a commotion and the young man picked up an expensive leather jacket from the back of the man's chair while he was distracted. The young man sauntered off across the square wearing the jacket as if it had always been his.

As I stood waiting for a bus yesterday a young woman approached me asking if I was interested in a leather jacket. She was attractive, flirtatious and a little bit desperate. I said "sure - why not"? I tried it on, it fit, and the girl told me it looked good on me. I'm not 100 per cent certain but I'm pretty sure that it was the same high-quality jacket I saw being 'lifted' last week at the café. Anyway it was a damn fine jacket. We haggled for a while over the price and settled on $50. It was a bargain; the jacket would retail for at least $600.

When I'm not negotiating for possibly stolen goods, I work as an executive of a small software company with a very simple business model:

1. We write simple software tools that developers and DBAs who use Microsoft technologies find extremely useful (comparing SQL databases, code profiling etc).
2. We market them.
3. Developers and DBAs who use Microsoft technologies respond to our marketing and visit our website. Some download a fully functional trial version of our software.
4. They try it out during the 14 days that the trial lasts.
5. Some of them buy it.
6. We use the money that comes from this to pay our costs and invest in further product development and improvement.
7. We continually try to get better at steps 1-6.

Since we started in 1999 we have had over 4000 customers. Our evaluators are from all over the software-producing world. Around 15 per cent of them are people based in India, China, Malaysia and other countries that have become global centres for IT outsourcing. Many large companies have decided to outsource some of their software development to these countries, citing the cost advantage as a key reason to make the switch.

Of the 15 per cent of our evaluations that have originated in these global outsourcing regions, we have made only one sale. Given our normal strike rate we'd have managed several hundred sales. I'm all for accepting a bit of statistical variation without getting anxious, but there is only one rational explanation - theft. (FYI - the one sale we made was to a British company's newly outsourced operation; the company insisted on licensing compliance from its suppliers.)

To put it plainly, a much greater percentage of corporate users in the developing world hack our licensing systems than do those in the more developed parts of the world. Incidentally, this doesn't apply to expats of these countries who when based in the USA and UK are stalwart customers of ours - we've sold many more licenses to Indian expats living in Alaska, for example, than we have to the entire sub-continent.

There are two logical reasons behind all of this - either it is the refusal of company management in developing countries to give people the tools to do their job properly and turning a blind eye to theft or, more seriously, the official management encouragement of the hacking.

Although losing 15% of our income to theft is annoying, imagine how much worse it is for software tool companies in these developing countries. Their home market is closed to them, which probably explains why so few decent vendors have sprung up despite their apparent abundant pool of talent.

What really gets my goat is the gleeful quotes about outsourcing that appear in the business press. "Bob Jones from Multinational Inc. predicts that his company will achieve savings of $23M over the next 3 years on development costs." These stories always make me wonder: Are these companies saving costs by using stolen software and generally shafting other people's intellectual property?

If I sent around a company-wide email boasting about how I had managed to lower my jacket costs for the next two years by purchasing a stolen one, you would consider it right and proper if my colleagues avoided me for a while and peed in my coke when I wasn't looking. When the CTO of a multinational corporation announces a new outsourcing deal, however, there are bonuses and accolades for 'saving' lots of money.

If you are a CTO reading this, you might be thinking: "What problem is it of mine that some whining tool supplier is getting shafted by the company I'm outsourcing to?" Well, consider this: There are some aspects of what you supply to your customers that boil down to intellectual property and some portion of what your company earns relies on that.

Let's imagine that Multinational Inc. takes Tiddly Ltd. to court to contest an alleged IP violation. Multinational might face a novel but very effective technique on the part of the defence: Multinational Inc. has no respect for IP in its own operations; in fact, the company is happy to use outsourcing as a vehicle to avoid it. Irrespective of the rights and wrongs of the legal argument, Multinational is going to find it hard for any judge or jury to rule significantly in its favour. Multinational might win, but it will probably only get a dollar and no costs.

If you fail to insist on compliance from companies that you are outsourcing to, then how can you argue for compliance in your own IP? If a company wishes to be avoid this legal and ethical issue, it must put explicit terms in its outsourcing contract that suppliers will use no stolen or hacked software in the work under contract.

As you might have surmised, I decided not to buy that mythical jacket. The reason I didn't should be the same as the motivation behind integrity in outsourcing: people do business with me and my company because we have integrity. Companies that lose their integrity lose their business. No-one thought that being dishonest at Enron was a problem until it was too late. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.