Offshore Outsourcing: Big Savings, Big Risk

U.S. companies continue a pell-mell rush into offshore outsourcing of software development. Those that haven't stopped to look at global intellectual property law are in for a big surprise.

Instead, both companies underwent intensive internal security analyses, Stratford says. "We obviously reviewed with them what their procedures were that made this possible, and they instituted a lot of revised procedures," most of which she won't disclose, though she does note that GSSL won't let employees take home source code to work on it anymore. SolidWorks also has substantially changed its security procedures for U.S. workers, ranging from the way it handles access codes and office security to what it makes available on servers for remote workers. She says this might create some inconvenience for employees, but they don't grumble much about it. Stratford says the prompt response by the FBI and India's CBI quickly addressed SolidWorks' main concern, which was making sure it got its source code back. After the sting, all the copies of the source code were recovered from Verma's quarters. As for any strain in relations, she says matter of factly that "the reality is, everybody has the same issue with their own employees." To her, a potential landmark case serves mostly as "a wake-up call."

The truth is, SolidWorks got lucky. Verma allegedly contacted several competitors; only one of them told SolidWorks that its source code was up for sale.

Praba Manivasager, CEO of Renodis, an offshore advisory firm, says that he expects the Indian government to move quickly in passing stronger intellectual property laws, with the full support of Nasscom, India's main software association and a powerhouse lobbyist in the country.

Manivasager notes that the Indian government is already working to change its traditional reputation of being guarded and difficult to work with, both because the country is competing with China for overseas investment and because existing business investors were nervous about India's near-war with Pakistan two years ago. "It's actually overhauled a lot of international policies to help foreign investors come into India," he says. "This case could serve as a landmark case, but it will most likely solidify what we are seeing, which is more and more support for international business. The Indian government has a lot to lose" if it doesn't take the case seriously, he adds.The Closing ArgumentLaws or no laws, many believe it would help if U.S. companies would treat offshore software outsourcing with greater care. Many companies looking to farm out their development work care only about dollar savings and can be sloppy about everything else.

Ken Pfeil, CSO at Capital IQ, says the SolidWorks theft case should ring alarm bells at every company that wants to outsource. "You really have to dig on due diligence," he says. "[Require] background checks on employees, look at the company history and financial stability, look at their retention rates for employees." Turrini, the lawyer, recommends putting someone with deep pockets on the hook. For instance, insist on indemnification agreements with the outsourcing provider, and make sure that provider has substantial assets in the United States just in case. Failing that, he recommends, get insurance for source code.