Outsourcing

Just a few months ago I was writing about the Storm of the Century, Hurricane Sandy. Sandy was the second super hurricane to hit New York in just two years. The first hurricane, Irene, fizzled out just as it arrived and relatively little damage was done. Sandy lived up to its hype and shut down New York City. The last time I wrote about Sandy, I reminded everyone that when Irene struck in August, at the very beginning of the hurricane season, and that every needed to get their backup center plans ready, and to see if their outsourcing programs extra capacity to handle overflow in a disaster. And now we have an unexpected tragedy, the Tornado that struck Moore and Oklahoma City.

With all the attention on hurricanes, and even river flooding, little attention was paid to Tornadoes and other violent weather. If there is a message for us in Oklohoma, it's that our warmer weather is putting more energy into the environment, which in turn make violent weather more violent. Not every storm will be stronger, nor will it always last longer, and there many not even be more storms. However, we are going to see an overall upward trend of all these factors, and the most violent weather... the "events" of the century... are going to get worse. We're also going to see the "safe" areas within storm zones getting smaller.

Even in New York, there were always neighborhoods that took damage during big storms, but that's not where you would build a data center. There are areas in Manhattan that were never touched by Sandy, but it's a much smaller area than what was considered safe just days before Sandy. For planning purposes, any new data centers are probably going to be built at least a few blocks from the outer edge of the safe zone.

I asked it before, and I'll ask it again... where is your backup center or your outsourcing located? When was the last time you evaluated safety factors (weather, flooding, landslides, fires, power availability, etc.) for your centers? If any of your operations, including your headquarters, are in an area where the weather may be increasingly unpredictable or destructive, what are your plans? This is a question that is much better to ask before a disaster, than after one!

Photo: © Microsoft Corporation

According to Legal Technology News, the volume of litigation is rising but the amount of money being spent is falling. LTN quotes Robert Ingato, general counsel at CIT Group Inc., said the drop in cost comes from better use of data to target how the money is spent. New York City is using the same idea to manage the cost of litigation by expanding the number of lawsuits.

Wait a minute... NYC is saving money by spending more time in court? Big corporations and municipalities are lawsuit magnets; they get sued often, and each case is expensive. For each case, a decision must be made if they fight, or settle. Every organization uses a different set of criteria to decide when to pay and when to pursue, but in the past, the criterion was based on very imprecise data. Senior decision makers might set the rules for pursue or pay based on their experience years (decades?) earlier, when they spent more time in the court than the boardroom. This outdated and arbitrary data has led to higher legal bills for clients and corporations.

Today, law firms are using databases that provide more precise data on the potential cost of a lawsuit, especially e-discover and document review costs. Cost data is then compared against the probability of wining or losing a suit, based on the specific metrics of the case. NYC is now pursuing cases that were once settled early in the process. However, a big part of the cost of litigation is discovery and document review, and these costs are driving the pursue or pay decision. But those costs are about to change.

Technology Assisted Reviews (TAR) are far more efficient and much less expensive. New standards and new court findings are moving the courts towards more TAR and fewer obsolete Linear (or manual) reviews. That will slash the cost of review, and move more municipal and big corporate lawsuits back into the court. Which means that staff lawyers can spend more time on issues of law, and more of the discovery / document review work can be outsourced. The combination of more lawsuits, and more e-discovery, there is going to be a boom in ediscovery firms that specialize in TAR.

Photo: © Microsoft Corporation

In the last blog we learned that, after a series of well publicized industrial disasters, Walt Disney Company has decided to leave Bangladesh. Other major firms have decided that they are going to stick it out, and try to drive change in Bangladesh. However, different firms have decided to try different approaches.

A coalition of outsourcing clients from the US and Europe... including H&M, Benetton, J.C. Penny, Zara and the Gap... are working together to negotiate an agreement on fire inspections and building safety. This represents a historic example of industry negotiation, which shows that for all its problems, Bangladesh still has significant value to these retailers.

Walmart, the world largest retail store, is taking a very different approach. With 279 locations in Bangladesh producing goods for Walmart, they want to directly manage any changes and are committed to personally inspecting all manufacturing sites within six months. Unlike the industry agreement that the coalition is negotiating, Walmart's inspections carry the potential for contract cancellations.

Which approach is best? It depends on the company. Disney's decision to leave Bangladesh may be based on information that the public doesn't yet know about. However, merely leaving a country with problems without changing your approach to outsourcing won't make any lasting changes. The coalition approach may be the best for companies with a smaller investment in a country. Walmart's "take charge personally" approach makes sense for a massive outsource, especially after the supermarket scandals in Europe; supermarkets failed to personally test their "beef" products (or wanted to know their contents?), but easy to use DNA tests were available and were eventually used to expose the widespread use of horse-meat and other "banned" products.

Leave, do it yourself, or join the crowd... each is a legitimate approach. Depending on your needs, each approach may be the right one. But any approach to continue operating in Bangladesh, or any other country without robust and well enforced worker safety regulations, needs to include active management or monitoring. Otherwise, your firm just might end up on the cover of your favorite newspaper, in a story that you would have prefer to to have featured your competitors!

Photo: © Microsoft Corporation

The Walt Disney Company has decided that Bangladesh lacks enforcement for the basic safety regulations it needs for any location where they or a partner will conduct business. Disney is in the process of winding down production, and finding new locations for manufacturing. Is the problem Bangladesh, or are the repeated industrial disasters in Bangladesh a problem in outsourcing?

As stated in other blogs, the textile industry has a bad reputation when it comes to safety. In the US it was a textile disaster in New York City, the fire at the Triangle Shirtwaist Factory, that started the industrial safety movement a century ago. Just as the tragedy in Sandy Hook focused attention on the epidemic of gun violence in the US, so too did the death of nearly 150 textile workers galvanize a movement for safer working conditions. In Bangladesh, the building collapse has gained the most attention, but just a few weeks earlier 150 workers died in a fire, and a few days ago a smaller fire in another factory was fatal.

While the building collapse that killed over 1,000 works is understandably at the center of the discussion, fires have traditionally been the cause of large-scale industrial accidents in the Textile industry. Dust from fiber cuttings, flammable fabrics before they are fire treated, and storehouses filled with raw textile fibers all make fires easy to start if the facilities are not kept clear or do not have good fire safety features.

Disney's reaction is understandable, and it may be that the conditions in Bangladesh are too great for them consider other actions. However, if Disney is attempting to improve worker conditions, they might learn from the model that Apple is following in China. Foxcomm, the firm that manufactures the iPhone and other goods with the Apple brand, was abusing workers and underpaying them. Instead of breaking their contract amend moving the work, Apple continued to engage with Foxconn. Today, there are better working conditions and worker wages have nearly doubled.

Was worker safety the key to Disney's decision to exit Bangladesh, or will their procurement process just lead them to the next lowest-cost provider, in another country with weak worker safety laws? Keep reading this blog and find out!

Photo: © Microsoft Corporation

The latest cyber crime is a $45 million-dollar bank robbery. This is one of the biggest bank heists in history, bigger than anything Jesse James or Butch Cassidy ever imagined a robbery of this size! It is also THE bank heist of the 21st century, because of it's blending of cyber and bricks and mortar techniques. Let's see how it all went down!

According to Fox News, these criminals gained access to the systems that controlled the credit cards for the two Middle Eastern banks, one of which was the National Bank of Ras Al Khaimah PSC. Armed with credit cards that were altered to have unlimited credit, teams of operatives around the world went to hundreds of ATMs and made thousands of withdrawals, filling duffle bags and backpacks with wads of cash. This virtual/reality project could have used a better HR department. The team members working the ATMs weren't very sophisticated. The team in New York was photographed at every ATM, and didn't bother with disguises or even covering their faces. Team NYC is already in jail.

What makes this story particularly interesting is the way the robbers could create "unlimited" credit cards. Rather than hacking through the bank's firewalls and taking control of the bank's servers, they had a different idea. They applied for jobs at ElectraCard Services, in India. The bank that were robbed had outsourced credit card services to ElecraCard. The robbers believed that it would be easier to get the access they needed to the credit card system if they wokred at the outsourcer, rather than the bank. Apparently, they were right!

Did the banks intend to transfer the rights to setting credit card limits to an outsourced credit card processing firm? Probably not. But when you don't examine your systems, or put the time you need into security planning when you outsource, or if you simply look for the lowest cost "total outsourcing" agreement you can find, you're looking for trouble. Or in this case, trouble is looking around the world to find you!

Photo: © Microsoft Corporation

With all the issues of cyber threat, data theft and other abuses of corporate security, it's not surprising that there are organizations that are frantically working away at creating International standards for data security. Imagine a firm in doing business with three firms in Europe, a few more in South America and Canada and the US as well. Which standards do you adhere to? How do you know if you're spending too much or too little? What if there are contradictions between national standards? That's why these international standards groups exist, to drive consensus on standards between different countries.

Recently, one of these groups, the International Organization for Standardization, acknowledged that the issues for international data security are very similar to the issues for the collection and preservation of data for e-Discovery. They appointed a committee to look into the matter, and as a result they have just released the new standard, ISO/IEC 27050.

Having an internationally agreed to standard for e-discovery, will accelerate the move from old-style Linear document review to modern Technology Assisted Review (TAR). The development of new standards will also move more reviews out of the legal firm and towards outsourcing firms.

When reviews were largely manual, and conducted by lawyers it made sense for legal reviews to be managed by law firms. The main work of a TAR review is to manage computers and statistics. Lawyers still need to define the questions and review the results, but they provide their expertise in focusing on legal questions, not the technical or production aspects of a review. That's why Outsourcing increasingly makes sense as technology replaces lawyers.

Photo: © Microsoft Corporation

The textile industry in Bangladesh has had repeated industrial disasters, with a building collapse in April, and a fire last year. This week there was a new fire in Dhaka, the same city as the two earlier disasters. By comparison, this week's fire was relatively small, killing eight workers. According to the Los Angeles Times, if the fire had occurred a little earlier when the factory was fully staffed it might have been an even greater tragedy.

As the second largest textile exporting firm country in the world, it's not surprising that the disasters we're seeing are in the textile industry. However, companies that have been outsourcing in Bangladesh do need to take these three examples as a warning. If you outsource to Bangladesh, has a member of your firm ever personally inspected the site where your work is performed? Do ou know if any of your work is sub-contracted, and if so has all sub-contracting been approved and inspected by you?

If you don't have the time or money for money to continually inspect your site, why not just use the tools of the virtual office and put an HD webcam there and actually look at your site, whenever you want? Or use a tablet or smart phone and have someone give you a "tour" of the facility every few weeks?

It's neither costly, nor difficult to have whatever level of oversight you want at your facility. Clearly, there are a lot of high profile outsourcing customers who don't want to know what's going on at their facilities. Put a little effort into inspecting your outsourced facility, and it will pay off in big dividends.

Photo: © Microsoft Corporation

On April 24th a building collapsed in Dhaka, Bangladesh. Two weeks later the dead are still being found in the rubble, but with an official count of more than 800 deaths this is by far the largest disaster in the history of the textile industry. There are multiple active investigations into this tragedy, but it all seems to be a simple story of greed and the relentless pursuit of profit.

The building was designed (approved) as a mall, but was instead used for manufacturing. This meant that the building had not been designed to support the weight of the heavy equipment used in manufacturing; this equipment also created intense vibrations that that this type of building was not designed for. The owner then illegally added more floors to the building, creating physical stresses that the building could not withstand.

Workers saw a growing number of cracks in support walls but their managers ignored these signs and ordered them back to work. Why, because these managers claimed that their clients put them under enormous pressure to produce at the lowest price, and their ultimate clients (firms like Benetton, Joe Fresh, DressBarn and Wal-Mart) say that they did not know that their products were produced in this building.

Due to subcontracting and complex sourcing agreements, clients may not have known that their products were created under these conditions, or by these specific companies. However, if they don't know how their products are produced they either have a faulty outsourcing process or they don't really care how their suppliers work. The American textile industry has ALWAYS had pockets of unethical behavior. The term "sweatshop" was coined for slave-like work performed in exotic locations... such as New York City and Chicago. It's not a coincidence that America's most fatal industrial disaster was in a textile firm, the Triangle Shirtwaist Factory in New York City.

In the recent European Supermarket scandal, long supply chain with little supervision resulted in horsemeat being substituted for beef. In other outsourcing projects, substituting one company (or location) for another can result in just as great a scandal. The outsourced vendors and the clients share responsibility for how these projects work. Better oversight, and perhaps just a few more cents pay per hour could have avoided this tragedy. Today, many outsourcing contracts are in their 2nd, 3rd or later generation. Just as supermarket managers in the UK knew that beef should cost more than a Euro a pound, we have the data to know when you're paying a rate that results in dangerous or illegal working conditions. Bangladesh clearly need better regulation, but onshore client also need to admit when the price of outsourcing looks too good to be true.

Photo: © Microsoft Corporation

The sun is shining and there's barely a cloud in the sky. A perfect day to daydream about... disaster recovery! Why worry about disaster-recovery today? Well, two years ago, New York City got hit with a relatively early Hurricane, super storm Irene. Well, Irene wasn't quite thee super storm we though it would be, but it might have been a super storm. Last year, we were hit with a later hurricane, super storm Sandy. Sandy lived up to super storm hype. Six months later, some buildings in lower Manhattan are still not fully up and running.

Two back to back super storms. Will there be a third, and a fourth? The Mayor of New York City assumes that another Sandy type storm will hit, and is doubling the size of the NYC evacuation zone. Ten or twenty years down the road, New York may have sea gates hold back the ocean, buffer land to soak up the rains and new technology to keep the City that never sleeps from becoming the City that sometimes sinks. But for this hurricane season, and the next, it's up to individual corporations to develop their own disaster plans.

There're still a few weeks before the hurricane season starts. That's not enough time to build and test a new backup site, but it is enough time to work with an outsourcing service to get a shared service up and running. An outsourced backup site may or may not be a long-term answer, but if the East Coast is going to have the annual risk of a total shutdown for years to come, it's time to stop daydreaming and start signing a contract!

Photo: © Microsoft Corporation

If you outsource, and especially if you offshore, you need to use technology. Especially the Internet. Of course, if you don't outsource, that doesn't mean that you can escape technology. All firms need web sites, need to connect to customers across the Internet, deliver services to mobile devices, etc. The biggest threat of the moment to Internet security comes from China, which has been aggressively using cyber attacks for political and economic gain.

China may pose a threat to he Internet, but it is also the largest and best known outsourcing destination in the world. It seems strange that the world's largest outsourcer would want to destabilize the very technology that provides so much revenue. Well, its beginning to seem pretty strange to the Chinese government, and even the military. This week, senior Chinese military officials have begun meetings with the United States to discuss cyber-security. The Chinese are escalating cyber-security issues to avoid accidental escalation. According to the Chinese, the consequences of a major cyber-attack "may be as serious as a nuclear bomb."

Since the beginning of the year, tension has been escalating between the US and China over the growing number of cyber attacks and theft of US intellectual property by China. According to the New York Times, "the Obama administration has demanded that the Chinese government stop the theft of data from American computer networks and help create global standards for cyber-security."

The Chinese seem to be interested in de-escalation, but this problem is going to take a while to fix. If a country moves a warship to close to a neighboring country, the head of that country can issue an order to the ship to move. However, when you manage a cyber attack force built on the Chinese model, it's not so easy to make your neighbors happy. Part of the process of cyber war is deniability. Rather than attacks coming from government offices, they have come from small businesses and groups of individuals. A consultant for the New York Times phoned a "computer repair" store in China, where the manager admitted he was a member of a Chinese cyber warrior group, before he realized the call was from America and hung up. According to Chinese official, General Fang, "Anyone can launch the attacks -- from the place where he lives, from his own country or from another country."

The Internet can be a dangerous place, but if China and the US understand that the economy depends on the Cloud, Internet commerce and outsourcing, then we can agree that we shouldn't be developing methods of destroying these critical technologies. So, here's to a safer and de-militarized second decade of the 21st century. We all depend on the Internet, and in a global economy, we all depend on each other, so let's play nice!