Let’s be honest folks our customers like it simple and when you’re talking about anything in today’s technological world it doesn’t get simpler then COTS software. (Commercial-Off-The-Shelf Software) Can you really blame them for wanting it that way? Buying the latest version of project management software at Best Buy is a heck of a lot easier than hiring a team of sweaty nerds to write a custom system for you.
COTS gives businesses fast and easy access to cheaper, more reliable, high quality, complex software. Who doesn’t want that? Yet COTS isn’t everything it’s cracked up to be. The biggest problem with COTS in its epidemic status (and it is everywhere, think about how many people use Microsoft Word) is the substantial security risks that it poses. COTS is cookie cutter software, you get exactly what you pay for, no more, no less, its base.
Let me give you an example, on October 25, 2001 Microsoft released Windows XP to the general public. Windows XP contains a partition to house what is called an Administrator account. Your typical user doesn’t bother to set up this account, or even knows it exists. Most users set up their profile on the operating system put a password in place and call it a day—falsely assuming they are protected. Unbeknownst to the user the Administrator account lays dormant and for most doesn’t cause any problems.
But if someone wanted to hack your system all they would have to do is bypass the operating system startup, activate the unprotected dormant Admin account and just like magic they now have full rights and access to your computer.
This is something that is built into Windows XP from the get go, it comes with the system. This is exactly the sort of thing the US Department of Homeland Security was talking about when they said that software security is a serious risk of using COTS software. Don’t mistake me COTS has its place in our tech society, it’s a mechanism akin to evolution for computers. Without some kind of baseline software proliferation our digital society couldn’t move forward.
Fortunately, that risk is easily mitigated by the use of specialized consultants. When I’m counseling a new customer, I’m not just selling my company and a software package, I’m selling our specialized consultant team as well; COTS software is the reason why. Be honest how many people reading this article knew what a hacker could do with your Administrator account? How many of you even knew it existed in XP? Microsoft has done an admirable job of curbing that risk in future versions of Windows, but with COTS these kinds of security breaches will always exist. COTS software will always be capable of bringing your company to a grinding halt. That is without the use of Specialized Consultants.
So the next time you’re evaluating a new software solution and your boss asks you why they shouldn’t just take the software itself without your consultant. Feel free to use my example and point out the gaping holes in Windows XP. As society moves ever forward with advancing technology and the spread of things like COTS software, let us all remember the eternal wise words of Spock:
Computers make excellent and efficient servants, but I have no wish to serve under them. Captain, a starship also runs on loyalty to one man. And nothing can replace it or him.
—Spock in “The Ultimate Computer”