The utilities have checked their mainframes. The airlines guarantee that their custom flight tracking systems have been Y2K compliant for months. Your local municipality has run multiple tests on the traffic signals along Main Street. Every day another corporation announces that it has completed its Year 2000 remediation efforts. Seems like we're on track, right?
Well, that seems to be the mood lately. We have resigned ourselves to allowing for the minimal slip-ups that will occur next January. We've even accepted the idea that a few problems may surface on February 29, 2000. But I don't think I'll explode if I can't read my email on January 3rd, the first Monday in 2000, because my word processor, my tax program, and the rest of the corporate network will be running quite smoothly. At least, that's what the IS manager said last week. He's gotten all of the latest information, and checked every 'mission critical' system. As of 2:00 PM yesterday, we are Y2K compliant.
But what about today? I'd be willing to bet that we aren't. Not anymore. Actually, we may have never been. Reason being: even though the Y2K team was using the most up to date information during their remediation efforts, that information changes on a daily basis.
Over the past two years, there have been hundreds of headlines regarding the Year 2000 Bug. Ranging from stories about which industry is ahead in its Y2K efforts, which countries are lagging, whose contingency plans are completed, and everything in-between; the coverage of this issue has been phenomenal. Unfortunately, there has been only a slight mention of the real challenge in Y2K remediation: the progress being made by information technology manufacturers on their own products.
As companies like Intuit, Microsoft, and other preeminent IT manufacturers continue to test, or not test their products for Y2K compliance, new problems arise. Through continued testing, products that were previously thought to be Y2K compliant may be found in need of a patch or other corrective action in order to function properly after the New Year.
So, how can a corporation's remediation efforts be completed if the manufacturer of the applied IT product isn't sure whether or not that product is compliant? The IS manager who completed the job three months ago and is on vacation until January is in for a surprise. So is the guy who finished last week. In fact, any corporate-wide declaration of total Y2K compliance at this point is premature. Because, since January 1999, over 2000 of the 36,000 hardware and software products that Infoliant Corporation has been tracking since 1997 have undergone a change in Year 2000 compliance status.
This is a serious problem. How can we be sure that our systems are compliant, if the manufacturers aren't sure that the applications, the drivers, or the code they have written will function properly next year? The only option we have is to keep our eyes and ears open and make sure that we stay as current as possible.
Infoliant Corporation, which holds a database of Y2K compliance information on over 36,000 hardware and software products from more that 600 manufacturers, has begun releasing data in order to keep consumers abreast of what is going on behind the scenes. Called the Compliance Trackerâ„¢ Delta Report, Infoliant releases information every month that describes which enterprise, network or desktop products have had a recent status change, and whether that change was negative or positive in nature. Unfortunately, about 1/3 of all the status changes since March have been negative, meaning that either the manufacturer has released information about a previously unknown Y2K glitch which makes that product non-compliant, or the manufacturer has decided to discontinue support for that product altogether. Another 1/3 are moves into the "pending evaluation" category, meaning that the manufacturer isn't quite finished testing the product.
In total, close to 3000 products in Infoliant's database are non-compliant and over 5000 require a patch or some other corrective action. In addition, there are approximately 1850 products in the "pending evaluation" category that haven't been tested for Y2K compliance as of yet. Another 1800 or so products will not be tested at all.
So what does this all mean? It means that if a corporation has already completed its Y2K projects, it has probably missed out on status change information for over 1500 products in the past three months alone. These are products from preeminent manufacturers like Microsoft, Sun Microsystems, Cisco Systems, Computer Associates, Tivoli, Sony, Hewlett Packard, Apple, 3Com, Wall Data, Lotus, and Lucent Technologies.
The changing compliance information issue is even larger than the Delta Report indicates. Each month, manufacturers make hundreds of changes to the corrective action plans required to make their products Y2K compliant. These updates are detected by Compliance Tracker and disseminated to Infoliant's subscribers, but are not included in the Delta Report because the product's actual status (still "action required") hasn't changed. Some manufacturers have revised the status of certain products as many as nine times since 1997, including significant updates to the patches previously believed to make the product Y2K compliant. This makes it extremely difficult for a corporation's Y2K team to make progress, because the patch they installed last week may be the first in a series of patches to be released for a certain product.
"Well then, what's the moral of the story?" you ask. Quite simply, the sky will not fall, the earth will not crumble, but there will be a lot of overtime for IS employees both before and after January 2000. The most important advice for a Y2K team is to get the newest information available, and then keep on looking for even newer information. Y2K remediation is an ongoing process, and some predictions are forecasting that remediation will last through the middle of 2002.
