The Myths around IBM Third Party Software Maintenance

And it's a wrap.... I truly had a great trip down here in Australia again meeting customers, soon-to-be customers, and alliance partners with Greg Mennie and Stephen Madden . I finished it off nicely with a visit to the ITAM Review Wisdom APAC conference here in Melbourne with an opportunity to present at one of the sessions talking about the common "myths" I witness every day surrounding IBM Third Party Software Maintenance with Origina.

It still astounds me the thinking and conventional approach that is being applied to the management of IT assets, yet at the conference, I'm listening to every organization cite the same countless challenges they have around vendor audits, end-of-support policies, the challenge to discover what assets are even in the data center, managing staff behaviors, and the good 'auld "we need to do more with less".

I very much admire the work that Martin Thompson and Rich Gibbons are doing with their teams to elevate this subject to bring professionals together to network, share challenges, and learn/adopt new ways of addressing all of these challenges and I was delighted we were offered the chance to sponsor and participate in such a great event.

After spending the last decade architecting and designing our service offering, the majority of my time is spent these days helping organizations understand the value of our service and how it offers both choice and unquestionable value. Interestingly, over the past 12 months, I've noticed a sizeable increase in the aging rhetoric from IBM pushing forced upgrades and trying to cast a shadow over Third Party Software Maintenance as a credible alternative.

One of my teenage children asked me recently "Dad, what is the single most important life-learning lesson you've learned". Took me a few seconds to compose myself realizing how fast they had grown up, and another few seconds to ponder the question, but unequivocally I responded with "FEAR... I've learned it has a nasty habit of preventing people from realizing their dreams with missed opportunities, both personally and in their professional career". 

I figured no better way to tackle some of these "Myths" than to talk about the fear behind these perceptions.

Myth #1 - You can't provide fixes for our IBM software products as you cannot modify the source code.

Even today I still exhibit a small cheeky smirk when I get presented with this one. When my co-founder came to me back sometime in 2011 with his mad ideas on the back of a business trip to London identifying the emergence of the third-party software maintenance market and saying we were going to do it for IBM software I dismissed it with a laugh-out-loud moment saying it was impossible. My response mirrors the daily IBM customer rebuke, "There's just no way to solve software defects without modifying the source code". I, like everyone else, had been conditioned into a way of thinking because of how I had been brought up within the IT sector. It played on my mind for months as I challenged myself, "but sure why couldn't we?"

I recalled all those years as a senior engineer installing and supporting IBM software in the data center collecting emotional scars when frustration got the better of us when the software didn't work. What did we do back then when there was no fix for IBM software defects? Corporate amnesia aside, we developed a workaround! Workarounds came in various shapes and sizes from configuration changes, shell scripts, or even changes external to the product at the operating system level. 

Today, when we come across a validated software defect we first identify if the customer is already in possession of an entitled IBM software fix to address the issue. Many IBM customers still forget that with perpetually licensed software products they don't lose access to all those fixes that were made commercially available up until their S&S expiry date, but they do need to capture them before then.

The customer-identified defect I walked through in this example was relatively simple, but a really good one highlighting the type of issue that people would think is next to impossible to resolve without modifying the source code. In this case, the highlighted hidden radio box would not work when the administrator selected it, which resulted in sensitive information being displayed to end users.

The customer was not entitled to an IBM fix, but important to note that IBM did release one some months after the customer let their S&S lapse. We then set about identifying the most appropriate Independent Solution to address the issue. In the majority of cases, code is not required as a simple configuration change could resolve the defect. In this case that was not an option so we did develop code that was independent of the product's source code. By leveraging APIs in the IBM Case Manager product our independent code is called and overrides the default functioning of the product to ensure that the radio box works as originally intended.

Of course, I'm simplifying things to emphasize the point, but this would not be possible without the expertise and skill of our Global IBM Experts (GIEs). Having the experts who originally wrote these software products allows us to quickly identify how best to create solutions like this to minimize disruption for our customers.

Myth #2 - We'll be at greater risk of an IBM audit if we move to Origina

Unfortunately, the real truth is you are going to be audited regardless of whether you are with Origina or not, which poses the more important question - are you compliant with your IBM licensing terms?

I really do empathize with customers when it comes to IBM licensing, it really is complex. Coming from our old IBM business partner business we thought we knew everything about IBM licensing. We were wrong, very wrong! Before we even launched our TPSM service offering to the market we spent two years reviewing all of the IBM licensing agreements in detail. I quickly came to the realization that we would need to have a strong portfolio of licensing services as part of the overall offering to help our customers. Hands down we have some of the world's finest IBM licensing experts.

Today, our licensing services nearly outweigh our technical services in terms of customer demand. Our License Validation service ensures that every customer has a 100% accurate Effective License Position (ELP). Would it shock you if I told you that if you've been transacting with IBM for ten years or more 9 times out of 10 the entitlements listed in your Passport Advantage portal are incorrect? IBM hasn't done a great job of accurately calculating changes with product evolutions and metric ratio changes over the years.

Our Audit Defence service guides customers through the IBM license audit to ensure a successful outcome. This is delivered by ex-IBM license auditors who are well-versed in the dark art tactics used to identify non-compliance.

Our ILMT services help customers make sure that they are accurately reporting on usage consumption. For those IBM products ILMT cannot measure, our Global IBM experts help interrogate the products to pull the statistics for accurate reporting.

Every day we help our customers cultivate a better understanding of IBM licensing terms, the pitfalls to watch out for, and most importantly provide confidence in their license compliance. Wouldn't you rather be with a partner that has got your back?

Myth #3 - We're worried we will be exposed to new cyber vulnerabilities so need to stay with IBM for fixes

It really worries me when organizations think they are safe from vulnerabilities just by applying the latest security fix. Security is much much bigger than a software fix. Cybercriminals are constantly evolving their skills and becoming much more sophisticated in their efforts, and so too must we in defending against them.

I'm very proud of the significant strides we have made with the development of our security services in providing that much-needed confidence to our customers by keeping their IBM software estates secure. It's worth noting that 75% of the vulnerabilities we work on relate to the open-source components which are bundled with the IBM software products, not the IBM software itself. When it comes to bundled open source components we are not restricted by the same IP policies.

The first example I used in addressing this myth was the Log4J vulnerability. A combination of our extensive Cyber Threat Intelligence, IBM licensing knowledge, Global IBM Experts, and security teams allowed us to quickly pinpoint which IBM products, and more importantly, which versions were exposed. This allowed us to quickly develop mitigations for our customers. All at a time when the IBM support website stated they were working to figure out which of their products were affected.

Our Vulnerability Advisory (VA) portal is the equivalent of the industry's CVE databases. The moment we identify the emergence of a new vulnerability that impacts an IBM software product through our Cyber Threat Intelligence we work on mitigations that get published in our VA portal for customers to ensure they get timely mitigations to neutralize the threat. Remember, unlike IBM, Origina doesn't restrict which product versions we support so ALL versions (regardless of IBM EOS status) get full support.

In the second example, I walked through a customer example for Websphere Application Server. The customer had the latest IBM fix pack applied (8.5.5.17) and a vulnerability scan by the customers' internal security teams identified 8 high-risk vulnerabilities. In this scenario, we used our Vulnerability Shielding solution to neutralize all of these vulnerabilities. 

In recognition that there may exist a situation where we may not be able to address issues using independent code we developed our own solutions to mitigate emerging cyber threats. Our Vulnerability Shielding is one such solution focussed on web-based vulnerabilities. Working much like an anti-virus program it sits in the data path in front of the system and is protected and once it identifies the signature of a known vulnerability it has a corresponding payload to neutralize it before it gets to the software application.

This is a good example highlighting the fact that security fixes don't always come from IBM to resolve vulnerability issues, and if they do they may not be timely. In this case, the customer had applied the latest IBM fixes and thought they were protected. I hate pointing it out, but this "tick-box" security approach is flawed.

This brings us back to my point about security being bigger than a patch, I shared another statistic that shows that 85% of known vulnerabilities could be mitigated today just by employing proper hardening procedures. During the initial commissioning of an IT system, there is a lot of focus on security, the problem is that over time erosion of the security posture takes place due to upgrades, configuration changes of the software, and even new fixes (some fixes resolve the issue, but introduce new ones!). In short, a lot of weaknesses creep in that present countless opportunities for a threat actor.

And it's not just configurations, it's the behavior of staff (one of the challenges mentioned at the event). I recalled an example of another IBM customer who was adamant they needed to stay with IBM for security fixes. In a brief review before the meeting, we were able to show that some of their IT staff were opening and sharing configuration files on public forums to assist in troubleshooting technical problems, again not malicious but emphasizes how threat actors can take advantage quickly to compromise a system - and not something an IBM security fix is going to prevent!

Myth #4 - You say you allow us to operate older versions for as long as we like? Sorry, I just don't buy it

I get it. It's a really easy thing for me to stand up and say we can support all versions for as long as you need, but the reality is it's a much harder thing to deliver.

As one IBM customer pointed out to me recently, "Love the concept Rowan, but this is simply impossible due to the change that occurs in their IT environment". Sure, they may be happy with the version of the IBM product deployed, but the issue is with the upgrade of all the 3rd party vendor software products that interface with the IBM software product - all of which drag the IBM product on the upgrade escalator.

Anytime there is a need to upgrade software products in the data center the technical teams consult the vendor Interoperability Matrices or Software Product Compatibility Reports. These show which IBM software product versions that are compatible with 3rd party software versions. When the older IBM software version is not listed, then the customer is forced to upgrade the IBM software product to maintain "support".

Now, let's think about this for a second. Firstly, just because the older IBM software version is not listed in the Interoperability Matrix does not mean it will not work, it just means that IBM has not validated that interoperability in the labs. Secondly, remember, that all these interoperability matrices are only updated for products that are currently supported by IBM, not for End of Support versions. 

This is why we designed our Interoperability Validation service. It is designed to prove older IBM software product versions work with newer 3rd party versions. In very simple terms two things happen. First, our IBM experts demonstrate the correct functioning of the older IBM software product with the newer 3rd party product version. Second, the customer carries out a user acceptance testing program to confirm everything working ok. Upon both teams giving it the green thumbs up, Origina supports that configuration for as long as the customer requires. Once I explained the service and the process, it made sufficient sense for them to move forward being a customer.

It's a good example demonstrating how we extend the longevity of the IBM software asset.

Myth #5 - We'll be locked in

I'm always curious to try and understand what's behind a question.

Every decision we make in life has consequences and carries risks. There is no such thing in life as zero risk. I could walk across the road from the hotel I'm in at the moment and get knocked down, but I'll mitigate that by recalling the safe cross code that was drilled into me as a kid and only cross at the pedestrian lights.

Yes, of course, there is some risk in moving your support to Origina, but the risk of remaining with IBM I would argue is much higher!

But, I do get the concern. The Origina value proposition looks like a great opportunity, but I'm worried the business will change its mind in 7 months' time with the technical teams now saying they need to upgrade to get a new technical feature. You can always go back to IBM (not that you'd want to!) if the business changes its mind, that door is not closed. In fact, you can be sure that IBM would be only too delighted to win you back from Origina - so you have a strong negotiating position to avoid any potential reinstatement charges. Also, we can help you understand what those reinstatement charges would look like before you move to Origina so that you can re-disk the decision. 

In the very unlikely event that you ever did need to go back to IBM, don't forget any new version would be at least 18 months from your S&S expiry date. You'd never upgrade straight away to the first major release, so you're technical teams would wait probably a year for the first batch of fixes to come out for the new version to ensure stability, and the upgrade will probably take about another 12-18 months to carry out. You're already in net savings territory if you moved to Origina and went back to IBM!

Remember, we offer customers CHOICE. A choice that had not been there until we came to market with our service offering. We allow IBM customers to break free from these restrictive support policies that force customers on an upgrade escalator just to get "support". How does software become obsolete anyway and who makes that call? You? IBM?

Our message is that you should only ever upgrade in order to obtain a new technical feature. By the way, chances are we could probably create that new feature for you using our Feature Enhancement service allowing you to avoid the upgrade!

And remember, any change in an IT environment carries substantial risk. We've all witnessed the numerous high-profile new stories with CEOs losing their jobs and huge fines levied on organizations due to these outages. Being forced to perform these upgrades just to get "support" is absolutely ludicrous.

Just as I was boarding the flight last week to here in Melbourne one of our sales team in the US updated me on some of IBM's ever-changing sales tactics to keep customers on this escalator. 

The IBM customer had received an extended support renewal for an End of Support version of Maximo and paid these fees to IBM. IBM credited back the fees to the customer citing that they would not accept the payment for support unless the customer provided them with a written statement outlining when they would upgrade to a supported version. Jeez! Long story short the customer had no plans to upgrade the version they had deployed and was unaware they had any options other than IBM until one of our partners introduced them to Origina. 

Kinda begs the question, who is really locking you in?

Myth #6 - You'll never be able to provide the same support as IBM

Hmmm... I must admit, I do have to concede on this one and wholeheartedly agree.... because it's worlds apart! 

There's a common misconception that our support is just Technical Support. From the moment I went about designing our service the mission was always to prove how much more valuable our service could be over what IBM provides. It drew upon years of previous experience working with customers to understand their needs and wants, while at the same time experiencing the decay in the value of IBM's support.

To shine some light on what it really looks like I spoke about the recent accolade we were awarded by one of our customers in the UK, Sainsbury's.

In many respects, Sainsbury's story is much like many of our customer stories. During the initial conversations, the procurement and software asset management teams could see the significant opportunity Origina was bringing to the table, but there were some blockers to overcome.

You'll never be able to provide better support than IBM

Fearing a decision just made solely on cost, Sainsbury's chief technical architect cited concerns at the move. I personally went to meet him on-site and listened to all of the valid reasons why he thought we could not provide the same level of support they needed, which included direct access to the IBM labs at Hursley.

That may be so, but I was confident we had the best Global IBM experts in the world for the products we were proposing to support for Sainsbury's. I also knew those same IBM experts in our team were likened to "Gods" within the IBM technical community. I empathized with the concerns but took time to explain our model and took the time to show how it massively differed from that of IBM. Unlike IBM's random resourcing model, our model is vastly different. We assign a Primary and Secondary IBM expert, per product, which remains in place for the tenure of the support promoting knowledge continuity, speed of resolution and call efficiency. On the understanding that these IBM experts were available and dedicated to Sainsbury's, his concerns had dissipated for the most part.

We never had to fight with you to get you at the end of a phone

Understandably though, a bit more convincing was required. Sainsbury's preference was to run a trial of the service to help make a final decision. A support trial for their products ran in parallel with IBM support for the remaining 6 months up to the renewal date. Sainsbury's would use it to log support tickets with both Origina and IBM to determine the final decision. It was interesting news at the time knowing that IBM was well aware of this trial.

Quickly rolling forward 6 months without any feedback other than we knew we had put our best foot forward with the support I'll never forget the comment which was made by one of the senior execs in the meeting. Semi joking I posed the icebreaker in the meeting, "So... how did we get on?" only to be flabbergasted by the response. "Well Rowan, let's put it this way.... let's just say we didn't have to battle with you guys to get your technical experts at the end of a phone". To this day I'll never forget that response, but something we hear on an all too common basis these days.

Black Friday & Cyber Monday

The Black Friday and Cyber Monday sales events were a huge source of revenue for Sainsbury's. In previous years the IT architecture was struggling to cater to the volume of sales transactions and as a result, outages occurred which resulted in a significant loss of revenue. The first order of business was to help stabilize and prevent these outages. Leveraging our Meet-the-Experts service we were able to propose changes to the IBM software architecture to increase transactional bandwidth and avoid potential outages over the weekend. In addition, we deployed a team of twelve of our IBM Global Experts on the ground in shift rotation over the weekend which allowed us to quickly focus on getting systems back up and running if there was an outage.

The right answer isn't always to "Rip'n'Replace"

With a successful weekend out of the way and a sigh of relief, the focus quickly turned to what would happen in 12 months' time. Another vendor working with Sainsbury's was taking the line that the current architecture was legacy and beyond its sell-by date and a move to the cloud was the way to go. We challenged this proposition. Like many environments, there can be a premature knee-jerk reaction that when a system causes the problem it is no longer fit for purpose.

In reality, the IBM software environment had performed admirably for the last decade when you consider it was designed for 5-6 years of transactional growth, 10 years previous. The core products Websphere Application Server, Sterling Order Management, and Websphere Portal managed everything from sales orders, order fulfillment, and logistics. Truth be told, there was nothing wrong with the IBM software products, they were perfectly fit for purpose and up to the task of catering to Sainsbury's needs, they just needed to be re-optimized for the next 5-6 years of business growth.

Future success requires a change in mindset

The "Save to Invest" award is a testament to the value we provide customers each and every day. We help customers avoid unnecessary wasteful spending and divert those funds to much-needed innovation to ensure competitiveness in the marketplace. 

The team in Sainsbury's were brave. They had embraced an evolved way of thinking about how they managed their IT assets, very much aligned with the ITAM review's messaging. They looked the heroes, but more importantly, they were curious.

We all need to stop letting vendors fan those flames of fear and start taking control of our own software roadmaps. 

If you're curious to learn some more I'd really encourage you to watch this great video of a talk by my co-founder Tomás O'Leary alongside Gillian Leicester of PwC at the Gartner Barcelona 2023 event last week. It talks about what motivates us at Origina and what's behind the recent partnership with This Spaceship Earth. Gillian does an awesome job sharing her insights from a customer perspective and that activist mindset that has allowed her to deliver real value for the organizations she works for.

Enjoy!