July 26, 1999 Behind
the News:
|
 |
|
July 26, 1999 Behind
the News:
|
|
Please
Note: This article first appeared in InformationWeek,
July 26, 1999.
Here we are at the end of a truly remarkable century of technological innovation and change, and we discover we've made what is arguably the greatest technological mistake of all time-the year 2000 computer date-field problem. Even if you've found a bigger blunder, you'd still be hard-pressed to find a more expensive mistake.But Y2K doesn't just pose a problem by itself. There are problems posed by the repercussions of the year 2000 crisis. For example, Y2K represents the greatest opportunity for fraud and theft in the history of computing-maybe the history of the world.
Among those using Y2K to prey on the fear and ignorance of others are a small but very dangerous group of financial advisers, religious zealots, and IT vendors-as well as all varieties of cons, scams, frauds, and crackpots-all eager to make money from
businesses that want to avoid a potentially serious situation. The fraud and deception these predators practice come neatly packaged as products, services, and self-serving statements.But companies with good systems management, security, audit, and control practices-and, most important, a good B.S. detector-will be more immune to such problems. As for the rest, hopefully they'll learn fast-if they survive.
Right now, the percentage of enterprises experiencing Y2K problems is about the same as the percentage of companies reporting any typical kind of computer security problem (about 65% to 85%). Naturally, few companies issue news releases when their systems are compromised, so don't expect them to come forward with how they were blindsided by Y2K-unless, of course, they have to.
That's why the volume of reported Y2K problems on specific dates (such as Jan. 1, 1999) signifies nothing in particular. Until now, practically no company would go out of its way to say a particular problem was caused by Y2K, even when it was. In fact, some companies have even gone out of their way to say that an actual Y2K-related problem wasn't a Y2K problem at all.
But now there's more incentive for enterprises to classify problems as being Y2K-related. It comes in the form of the newly passed federal Y2K Act, which may turn out to be one ofthe biggest legislative blunders of all time.
If there weren't so much at stake, this would be funny.
I've got a feeling that a lot of folks are going to regret supporting the Y2K Act, which both the IT and insurance industries fought so hard for, creating a tort-reform- minded coalition with nearly every other industry association and chamber of commerce in the country and promising enough campaign contributions to get 90% of the House, 80% of the Senate, and the signature of President Clinton behind it.
Many supporters of that law seemed to forget that while they were busy protecting themselves as potential Y2K defendants, they remained potential Y2K plaintiffs.
To avoid having the Y2K Act backfire on you, I advise you to proceed cautiously in Y2K-related situations, trust but also verify, and follow these simple guidelines regarding risk management:
- Test it thoroughly yourself.
- Have an independent third party validate and test it, too.
- Test your business continuity plans as well.
This applies not just to your own systems, but also to your supply chains. While you're at it, be sure to document your efforts.
And find a good attorney, because you may need one now more than ever before.
Leon A. Kappelman is associate director of the Center for Quality and Productivity at the University of North Texas and co-chairman of the Society for Information Management's Year 2000 Working Group. He can be reached at kapp@unt.edu.
Copyright ® 1999 CMP Media Inc.