Clouding the Outsourcing Issue

by

the catchBack in August, "CIO Zone" posted a blog outlining the top five cloud computing trends. Smack-dab in the middle of the top five was this one: "Custom cloud computing services," which delved into how outsourced IT organizations must focus on automated software and become experts in migrating to SaaS, PaaS and IaaS in order to ensure the least painful cloud migrations. It brought to mind how, in an effort to save money, so many businesses blindly hand over their whatever-it-is-to-be-done to outsourcers and hope for the best.

All you football fans might recognize this as a "Hail Mary."

The "Hail Mary" Doesn't Work in Outsourcing

In football, the Hail Mary has only a 5 to 10 percent chance of success, but desperate times call for desperate measures, so teams go for it. In business, however, lobbing one up and hoping for the best has no place, especially as it applies to outsourcing software builds. Relinquishing control over a software build can almost certainly yield quality degradation or compromised structural quality that promise a world of hurt in the form of technical debt or lack of security.

And, to be clear, quality problems are not necessarily due to sub-par outsourcers who couldn't care less about building a quality application. Communication issues or cultural differences — as in the case of overseas outsourcing — can play a big part in compromising quality. Fortunately, static analysis can catch code imperfections before applications are deployed.

But the benefits of static analysis go way beyond just catching a bad line of code. They also grant greater visibility into how the software is built — from soup to nuts. For example, static analysis can provide insight into whether an application is being complicated with 100 lines of code when one would suffice. It sheds light on whether the outsourcer's code includes repetitive processes, or if he is "coding in circles" (i.e., incorporating a process, negating it, then coding it back in). This ability to focus on the structural quality of the application as it is being built practically guarantees the application's overall health, which encompasses not only performance and security, but also ease of customization and transferability (for further upgrades or customization). In fact, think of this visibility as micro-managing a build project without having to be on site.

On a Clear Day...You Can See Forever

It's clear that greater visibility into an outsourced software project is critical to quash quality issues, but it can also ensure a project will be delivered on time and within budget. For example, when an outsourcer builds in extra, unneeded code, he drags out the project and its cost. More visibility into the build enables the supervision required to curb these unnecessary costs.

code in blueThe visibility into the process is no doubt a benefit to companies, but lest it seem like a yoke around the outsourcers neck,  the type of scrutiny that comes with static analysis tools can be a value-add for the outsourcer too. Greater visibility into the application as it's being built will very likely streamline the process, ensure a flawless application and result in a very satisfactory product...which in turn could mean more business for the outsourcer in the future.

Structural quality of applications doesn't have to be a casualty of outsourcing. When increased visibility into the project ensures cost and quality expectations are met, we can leave the Hail Marys to the football field.

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Jonathan Bloom Writer, Blogger & PR Consultant
Jonathan is an experienced writer with over 20 years writing about the Technology industry. Jon has written more than 750 journal and magazine articles, blogs and other materials that have been published throughout the U.S. and Canada. He has expertise in a wide range of subjects within the IT industry including software development, enterprise software, mobile, database, security, BI, SaaS/Cloud, Health Care IT and Sustainable Technology. In his free time, Jon enjoys attending sporting events, cooking, studying American history and listening to Bruce Springsteen music.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|