A recent survey from the Gartner Group states that 20% of IT expenditures were on purchases of equipment that didn't work – yes – didn't work. As a consumer, we have certain recourses when things don't work. If you buy a stove and it doesn't work, you can return it to the store. The same applies to electronics on your network, with the added cost of restocking fees, your time trying to resolve the problem, and lost productivity. You may also incur fees for utilizing technical support, particularly if you are out of the warranty period. You may also have lost time while waiting for replacements, if the product is defective or will not provide the functionality that you want. Though it might turn out to be a difficult process, essentially the same recourses are available.
Software on the other hand, is a bit different. You don't own software, you own a license or "right to use" the software. Due the growing risk of network attacks and the lack of liability for licensed software, consumers lack of recourse is leaving some with a bad taste in their mouths.. At what point should a company be forced to fix the holes in their software and release no more until it is fixed? The short answer is probably never. Look at all of your End User License Agreements. Do a quick search on EULA on your hard drive. When you find them, most will include an exclusion clause stating that if the software is defective, you are entitled to a patch or refund of the purchase price depending on your locale.
If vendors cannot insure the security of their products consumers will take the matter into their own hands. This situation has led consumers to change their purchasing practices to help mitigate risk. There is a growing trend for IT managers to source equipment and software with a smaller target. Hackers share secrets about exposure points and holes in operating systems. The more companies that utilize a hardware or software product, the bigger the target and more attractive the hacking becomes.
There is a new barrage of lawsuits for products and software. Of recent note are the lawsuits against Microsoft on several continents alleging anti-trust infringements. Microsoft is also being sued for using their monopoly to overcharge for software operating systems. HP is suing Gateway over patent infringements. Spammers are being sued (and I am all for that one!). Pop-up advertisers are being sued for trademark infringement. SCO lawsuits are plentiful with various vendors joining in on the litigation. VeriSign is suing ICANN for delay in services. There is a trademark lawsuit against Google stating that the use of keywords is a trademark violation. There is even a slander lawsuit against Novell from SCO.
Most of these lawsuits involve trademark infringement, anti-trust laws, patent infringement, etc. This is different from product liability and certainly different from licensing agreements and product liability. With licensing agreements, you are not "buying" a defective product, rather you have the license to use it. With the new trend towards hacking the biggest target, this leaves many customers vulnerable to attack without the possibility of regaining lost profits and productivity. Will this change? There are certainly people out there with that in mind. The costs to businesses due to spam, viruses and other attacks is staggering. These losses are compounded by the need for security officers and full time personnel to handle patch management, etc.
There are a variety of companies that have emerged as a result of faulty or inadequate network components systems. These include virus protection, security protection and detection companies. On the hardware side, companies such as traffic shapers and prioritization software companies have been successful in launching products that make up for deficiencies in networks. Some are proprietary and some are based on open systems.
Key to protecting yourself is a good understanding of what you expect from the product you purchase and their company's ability to provide a solution. It is a good idea to have a demo period to provide proof that a system will work, if that is possible. Look also in news bulletins to determine how many lawsuits and/or flaws you can see. Check www.cert.org for a complete listing of security issues discovered. Finally, it is a good idea to have two vendors selected. If the top choice will not work, check out the other one. Lastly, do not buy any technology based on "name" only. Make sure that their solutions will provide your solutions.
Also, you will want to thoroughly understand any and all warranty statements. There are many types of warranties and guarantees. Some are parts and labor only, some are parts only and you supply the labor, while some include applications in their warranties. A big "gotcha" here is in assuming that if one component carries a one-year warranty that they all will. This is just not the case. For instance, if you are buying a chassis based switch with several cards, the cards may carry a much lower warranty period than the overall chassis. This little oversight can have significant impact on already tight IT budgets.
Carrie has been involved in the computing and networking industries for nearly 20 years. She has worked with manufacturing firms, medical institutions, casinos, healthcare providers, cable and wireless providers and a wide variety of other industries in both networking design/implementation, project management and software development for privately held consulting firms and most recently Network and Software Solutions.
Carrie currently works with The Siemon Company where her responsibilities include providing liaison services to electronic manufacturers to assure that there is harmony between the active electronics and existing and future cabling infrastructures. She participates with the IEEE, TIA and various consortiums for standards acceptance and works to further educate the end user community on the importance of a quality infrastructure. Carrie currently holds an RCDD/LAN Specialist from BICSI, MCNE from Novell and several other certifications.