[SecurityRatty] tag: heartburn

Loving customers frustrate security firms too

Fri, 13 Jun 2008 15:45:37 +0000

Roger Grimes has a good article up on his InfoWorld, Security Advisory blog entitled "Security firms frustrate loving customers". Roger details some specific examples of how security vendors just don't "show the love" to customers and prospective customers, with the result being lost business. Roger highlights three examples:

1. Making renewals a manual process with those annoying phone trees. I agree, when I hear the press 1 for this and press 2 for this, my blood starts to boil. There is no reason that this just can't be built into the product to renew over the web. Security or no, any software vendor not doing it this is just plain crazy.

2. Calling into a company with a sales inquiry and the sales guy never calls back. This one just kills me. When doing due diligence on potential acquisitions at a prior company I would call in or email with a sales inquiry and wait to see how long it would take for them to get back to me. It was a good indication of how well the sales organization and company functioned.

3. Killing the deal with one sided, overly legal and burdensome terms. Another one that I battle all the time. The CFO has to be able to recognize revenue so needs specific T&Cs. The lawyers want to protect the vendor against all eventualities and is doing his job. You want to make as few warranties and representations as possible to limit your liability. The result, the customer gets one sided, unfair document with fine print on maintenance pricing, renewals, SLAs, etc. Most customers don't even read the EULA. Take a lot at some of the ones with software you have bought. It may surprise you.

But in my best Fox News voice, lets be fair and balanced. So in that vein, let me give you 3 specific examples of how loving customers frustrate security firms:

1. The guys who picked the product leave and the new guy comes in and doesn't have a clue. This happens all the time, especially in the government. One guy or team buys the product for a specific reason and has all of the expertise. The new folks come in and even if they know your product is there, they don't know why or how to use it. They may feel they inherited this product and have their own favorite product in this category. They can't wait to replace you and either don't use the product at all or blame the problems of the world on it.

2. Buying the product and than "other priorities" delay implementation. A surefire recipe for shelfware. When I see this happening I tell our folks better to be a pain in the butt and force them to use the product they bought than to sit around watching the license expire on the shelf. The longer the product sits, the more it becomes a nice to have, rather than a must have, that drove the sale. Now sure, one can say that what does the vendor care, the customer paid. If he doesn't use it, less support costs. But you don't get renewals, you don't get upsells or referrals without customers using product.

3. Using the product in unintended ways. Another favorite heartburn of mine. Customers figure just because the application runs Linux underneath, why can"t I run (You Name It). We recently had a customer that was chewing up support hours like the dial at a gas pump today. It turns out the problems we all due to the all of the other software that he had put on the box, not to mention editing .conf files, database tables, etc. It is hard enough supporting the software we developed. It is a whole another story supporting software that you have written.

So Roger, yes the customer is always right and security vendors have to get their act together if they want to survive, let alone compete in these tough economic times. But customers certainly don't make the job any easier with some of the shenanigans they pull.

How do you spell R-E-L-I-E-F?

Wed, 13 Feb 2008 15:50:54 +0000

In the case of the 3Com-Bain-Huawei merger it is spelled "sell Tipping Point". As has been widely reported since this deal was announced, the fact that a Chinese company would own a substantial stake in an IPS/security vendor has caused significant heartburn within the Federal Government. This same issue kept Sourcefire from being acquired by Checkpoint (I bet that 200+ million looks good right about now). Todays article in the Washington Times indicates that Bain has officially notified the Treasury Department of its mitigation proposals including the selling off of Tipping Point.

In my mind the question is: Will that be enough? Is it only the Tipping Point stuff that causes the issue? Does 3Com have other sensitive technology. I don't know, but I am sure the recent arrest of 4 Chinese people on espionage type of charges did not help the Bain position. Also, do you spin Tipping Point off as a public entity. If not do you find an acceptable buyer. Does the fact that the buyer would have to be a US based company decrease the potential buyer pool, making Tipping Point less valuable? All of these are great questions that are going to need answers before this deal is finalized. In the meantime is being in M&A limbo taking its toll on 3Com. Questions, questions, questions, but I don't have the answers.

How do you spell R-E-L-I-E-F?

Wed, 13 Feb 2008 14:38:27 +0000

Student antics with cell phones, iPods means heartburn for school IT staff

Mon, 07 Jan 2008 21:00:00 +0000

Student antics with cell phones, iPods, and social-networking sites means heartburn for school IT staff charged with network security.