by Tom Field

Outsourcing: How to Adapt Your Offshore Strategy to an Insecure World

Jan 01, 20027 mins

In the best of times, offshore outsourcing is a tough sell to business executives wary of foreign entanglements. But today, amidst economic recession and terrorist warfare, there is heightened anxiety about the notion of handing off critical IT projects to vendors in such remote locales as India, Pakistan and the Philippines. At some companies, senior business executives have banned all foreign travel, and a few cautious CIOs have backed away from prospective offshore deals because of tightened budgets or perceived security risks. In response, the offshore vendors?mainly India’s, which are the biggest players in the marketplace?have launched aggressive marketing campaigns, featuring happy U.S. customers giving testimonials that are aimed at easing people’s concerns about offshore security.

Mind you, there’s no evidence that companies with existing offshore ties are trying to sever them. High quality and low cost have always been the dual attraction of offshore outsourcing. According to a recent Forrester Research report, offshore customers save an average of 25 percent on IT projects sent overseas, where skilled labor is plentiful and cheap, and industry analysts believe that that value proposition will continue to outweigh security concerns as IT budgets tighten in 2002. Since Sept. 11, Cambridge, Mass.-based Forrester Analyst Christine Overby, author of the recent offshore study, says she’s revisited 10 of the original companies she surveyed, and nine of them plan to continue with minimal or no change to their offshore strategy. “The one ’wait-and-see’ was a user I would classify as on-the-fence?even before Sept. 11,” Overby says.

Even so, the offshore market has had a tough year. Prior to the terrorist attacks, the U.S. economic downturn had resulted in slowed growth for many of the offshore vendors, some of which cut their staffs, rates or both to stay competitive. Marty McCaffrey, cofounder of Global Outsourcing, a Salinas, Calif.-based offshore consultancy, estimates that the Indian offshore industry, which had been enjoying 50 percent annual growth, will likely dip to 20 percent to 30 percent in 2001. And since Sept. 11, there has been a palpable buzz of uncertainty about the security of offshore marketplaces. Executives with little or no global experience are particularly leery of foreign deals; one vendor reports a prospective customer backing out of initial talks because some of the programming work was going to be subcontracted to Pakistan. And even some business associates of offshore veterans are a little jittery. At one prominent media company with plenty of offshore experience, a senior vice president responded to Sept. 11 by canceling all international travel for employees in 2002. The CIO doesn’t expect that order to stand, and even if it does, the company’s existing offshore deals shouldn’t be affected (they don’t require foreign travel).

Despite the occasional panic, CIOs with significant global experience say offshore outsourcing remains viable. “I don’t see any new attitudes toward offshore at my company nor in the industry either,” says Kim Ross, CIO of Dunedin, Fla.-based Nielsen Media Research (the TV ratings company), which has outsourced software development to Cognizant Technology Services in India since 1995. When Nielsen first undertook offshore development, Ross had to address senior management’s questions about doing important work in an unstable political environment, and he had to develop contingency plans in case of business disruption. “But you have to worry about [contingency plans] no matter where you outsource?even in the United States,” Ross says.

Thus, the key to offshore success today is not just ensuring that your people and systems are protected but making certain that senior business executives (and shareholders) understand what protective measures you’ve taken to secure your assets in an insecure world. Here are some tips from offshore outsourcing veterans.

Minimize Foreign Travel.

In six years of offshore outsourcing, Nielsen CIO Ross has traveled to India just once?and that was after the first year of working with Cognizant. The truth is, once you get past negotiations (where it really does pay to visit a vendor’s site and ensure you aren’t walking into a Kathie Lee sweatshop situation), offshore deals require very little travel. These contracts are managed quite successfully by the customer’s home-based project managers and the vendor’s account team, which frequently is split between the offshore location and the customer’s own headquarters. There is value in having in-house staff interact closely with the offshore team, but many companies are now finding videoconferencing to be a whole lot more cost-efficient than foreign travel.

Keep the Code Here.

Software piracy has always been a concern when doing business globally. But most offshore projects are no longer all done at the vendor’s remote site, on the vendor’s own systems (which may be corrupt or insecure). Typically, offshore vendors work via the Internet off their clients’ systems, applications and data, which all are housed on the customer’s own site or secure network. In Nielsen’s case, roughly one-fourth of new software development is sent overseas. “But they’re working on software that’s duplicated or resides here,” Ross says. “The real assets are code and business knowledge, and in our case they stay here.”

Have a backup plan.

Aside from international travel, the biggest concern many people have about offshore outsourcing is, What happens if communications or electricity is cut off? And in India, where electricity and telephone service fail daily, that is a legitimate issue. But it’s also been dealt with. According to McCaffrey, the top 20 Indian vendors all have redundant communications systems (including satellite and fiber-optic capabilities), and many of them also have personnel deployed in the United States, as well as overseas, also working on redundant systems. That is true at Nielsen, where roughly one-fourth of Cognizant’s account team is based in Florida, augmenting Ross’s own 400-member IT staff. “If we somehow lost capacity in India, it would disrupt some projects, but no aspect would cause a mission-critical failure,” Ross says. At LexisNexis, the Ohio-based news and information service provider, Senior International Liaison William Lewis’s backup plan includes multiple offshore sites. He started sending IT projects offshore to India in the mid-’90s but in 2000 decided to place some work elsewhere in the world. “I just don’t want everything in one basket,” Lewis says. Today, Lewis has IT work offshore in India and the Philippines, and he’s on the verge of signing an onshore deal with an American Indian-owned vendor.

Use a third-party broker.

For companies that simply don’t want to take on the risk of dealing directly with an offshore vendor, here’s a new option: Do it through a third party. Outsource the work to U.S.-based vendors that will subcontract at least part of the job to their own long-established offshore partners. IBM Global Services, PricewaterhouseCoopers and Providio are among the companies that are starting to broker offshore work for domestic clients, assuming not just the responsibility for delivering results but responsibility for contract negotiation and project management. It costs more to use these companies than it does to deal directly with offshore vendors, but Forrester’s Overby points out that the third-party brokers also minimize complexity, lock in the right expertise and keep labor costs in check. By 2005, Overby predicts, more than half of the U.S. companies that go offshore will do so indirectly, just as a means of minimizing risk and headaches.