CIOZone.com - Professional Network for CIOs and IT Professionals

By Bozidar Spirovski

Large enterprises rely on software products. And as everything else in large enterprises, the software products are large, complex, cumbersome and nearly unchangeable.

This last attribute is better known as vendor lock-in. Software vendors love vendor lock-in.

Here is a definition borrowed from Wikipedia: "Vendor lock-in, also known as proprietary lock-in, or customer lock-in, makes a customer dependent on a vendor for products and services, unable to use another vendor without substantial switching costs."

The Problem

Vendor lock-in exists in most large enterprise industries like Telco, Healthcare, Finance, Energy. Such industries rely heavily on certain computer systems or software products, usually dubbed Core Systems. Because most of the business transactions, logic and information are stored and processed by these Core Systems, the transition to a different Core System vendor is extremely costly and time consuming.

So most large enterprise companies simply continue to operate with the same Core System vendor, while they suffer:

1. Delays in patch or version delivery;
2. Poor quality product versions;
3. Inadequate compliance from the Core System to their local law and regulation; and
4. Ever increasing maintenance costs.

On the other hand, switching to another Core System vendor will result in probably the same end effect, with the added costs of the switchover.

The Solution

So is there a way to improve your position? Indeed there is, but with a radical move: there is only one thing that any software vendor reacts to -- risk of decrease in earnings from a customer.

To make this risk a reality for the vendor, the customer needs to reach a situation where competitors can successfully bid for software upgrades and new functionality without actually switching the Core System.

This is most easily achieved through the Core System's API interface. Most Core Systems have extensive Application Programming Interfaces (API), which can be used to exchange data with the Core System or issue commands to it. So instead of asking for every possible modification or new functionality from the Core System vendor, just use it as a processing core -- move everything else to other developers, which will need to adhere to the Core System API specification.

This way you can outsource the development of a lot of applications to other vendors, achieve better response from everyone and always have healthy competition.

Oh, and it will keep the Core System vendor on its toes!

Copyright © 2008 To Present · Information-Security-Resources.com

Bozidar Spirovski is an information security expert with Information Security Short Takes.

Comments (1)

	1. 02-08-2010 23:27
	Well this is already common among many of the companies I have worked with. For example, while the core system may stay at Windows there are many solutions available that allow competition. I do agree though that there are not as many as there once was in many fields but not for lack of API just lack of revenue. I may be able to build a better messaging solution then MS but once all the marketing, development and other costs are factored in, the endeavor is very front loaded with expenses.     People must remember it was not that long ago that everyone had their own systems that worked with only their systems. This was slowly replaced with largely targeted approaches. Now the same problem can exist on a higher scale, i.e. does a company think their MS offerings are too expensive so they want to switch to Linux.     my 0.02c    -sean Registered

This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

Only registered users can write comments.
Please login or register.