The Art of Selective Outsourcing

Q&A: eWEEK corporate partners shore up internal resources with external services.

eWEEK technology editor Peter Coffee and eWEEK Executive Editor Stan Gibson recently sat down (virtually, anyway) with three members of eWeeks Corporate Partner Advisory Board to discuss outsourcing—how its changing both in terms of perception and practice.

The Corporate Partners in attendance were Kevin Baradet, chief technology officer of the Johnson Graduate School of Management at Cornell University, in Ithaca, N.Y.; Tom Miller, senior director of IT at FoxHollow Technologies, in Redwood City, Calif.; and Francis Rabuck, president of consulting company Rabuck Associates, in Philadelphia.

Where are you getting your work done? So many options have opened up in terms of the acquisition of capability in the form of network-resident services and third-party providers of Web services, as opposed to things that you would have previously done with code that you either had to write or deploy on-site.

And, at the same time, there have been a number of untoward events, like the bombings in Mumbai, India, and the disruption of transportation from London because of terrorist threats.

We wondered whether these and other things have caused organizations to re-examine the economics of deploying remote resources, both human and otherwise.

/zimages/4/28571.gifA new study reveals that the outsourcing boom may be over. Click here to read more.

Are you making more use or revised use of outsourced development talent and hardware and software capability?

Miller: At this time, we outsource very little. Were a midsize business, and we really focus on our closeness to our internal customers as we develop products. So we try to do very little outsourcing at this point.

And when we do outsource, cost is not the key business driver for us; rather, its a skill set that we cant replicate internally here, and, due to timeliness, we need to have an outsourcer assist us. And that outsourcer could be through many different forms, whether its a direct outsource agreement or its a professional services engagement or something else.

Id like to look at the top and the bottom of the specialization ladder there. Are there things youre outsourcing that you dont really think of as outsourcing because theyre such low-level services? Im thinking of something like e-mail or firewalls.

Miller: The only things we do outsource that are part of a service for our tiering for security are anti-spam and anti-virus. Its a no-brainer.

We actually see messaging as integral to the way we operate. Our messaging system has to be very robust. And, for compliance reasons, we have to be careful of how we use our messaging system.

You talk about outsourcing of those security services as a no-brainer. Is that a changing perception, or did you feel that way years ago?

Miller: I felt that way years ago. And its limited security. I wouldnt even use the word "security," per se, because [anti-spam/anti-virus] is a managed security operation. Its really something thats more of a commoditized item.

But when we do deal with outsourcing arrangements, we focus on, as I said, not just the costs as a business driver but what would it cost to replicate those systems internally, as well as what type of disaster recovery/business continuity we would have to add on to any systems we deploy that will be less expensive and easier to manage externally.

On the flip side, when we deal with outsourcing companies, we always look at things like exit strategies. We look at their time-to-respond issues. We look at quality metrics. We look at their fee structure. Because theres a certain set of core fees that they charge, and then any time you want to do anything beyond that, you feel like youre getting nickel-and-dimed.

Next Page: Compliance considerations, the need for specific skill sets.