Good Ole Days
What ever happened to the good old days when the customer was always right?
We are working with a vendor to outsource one of our services. To do so, we have provided them hardware that they are maintaining at one of their data centers. In order to maintain that hardware they want to plug their network directly into ours.
I of course protested very strongly but in the end, they won and got their network plugged into ours so now I have to worry about what goes on in their network. They also do this with several customers so we have a situation where they are the hub for all the networks.
Upper management at my site pushed them hard but the vendor didn’t budge an inch. Despite having been given multiple options, they stuck with our least favorite, which places undue risk on our network.
Its obvious upper management weighs the service more than security. Switching vendors or bringing the service in house are both options we placed on the table but unfortunately, again upper management opted to remain with the vendor (who also provides shotty service).
What is a security curmudgeon to do in a case like this?
Don’t get me wrong. I’ve been repeatedly impressed with what I get away with as far as security counter measures. This is in fact the first time I’ve beaten my chest (and head) to no avail and simply out-right lost the argument. I’ve even consulted our security service provider, who by the way, is going to audit us in FY07, and they too agree whole-heartedly that connecting the networks is a very bad idea.
And still the vendor wins and does what they want on our network while we happily pay them an obscene amount of money each year simply to provide half-baked support. The only reason they are getting away with this is because its a mission-critical service, which is all the more reason to have a secure solution!
What’s the world coming to?
We use a vendor to host our servers in two data centers and our level 1 call center. The on-site tech at the data centers are absolute morons and because of some data I had deleted we found that they hadn’t been backing up our servers for 4+ months. And we pay them ungodly amounts of money for the privilege of putting our servers in their rackspace.
By iain on 09.29.06 12:54 pm
Ross Brown of eEye digital said it best in this post. He was talking about how to compete with Microsoft and was talking about how Microsoft treats channel partners like customers, which vendors serve.
They aren\’t called \”service providers\” for nothing!!
Like I said in the post on the next day; our relationships with vendors are our own making and therefore its our fault when the relationship goes south. Unfortunately I\’m not upper management. I\’m just a schmuck curmudgeon who loves to complain. =)
By Michael on 10.01.06 10:05 am
[...] Yesterday I blogged about an unhealthy relationship our company has with a service provider. Overnight that relationship took a turn for the worse. [...]