Chinese Government Raises Security Concerns for IBM, Oracle and EMC

On August 16, a branch of the Chinese government said it would investigate three large U.S.-based technology firms due to “security concerns”, naming IBM, Oracle and EMC.  The move – feeling somewhat similar to the US government’s security concerns on Huawei – is the first time Chinese government officials have openly addressed this issue.

However, this issue extends beyond IBM, Oracle and EMC. There is talk that Chinese government entities and state-owned enterprises (SOEs) will begin to shun foreign IT vendors in their IT environment, and instead replace them with local vendor solutions.  A number of foreign vendors are already feeling the heat.  In Cisco’s FY13 Q4 financial statement last week, its China bookings declined 6% YoY.  We have observed similar trends for IBM in China, and believe it is a headwind that will challenge MNC vendors to further expand their China businesses. 

While it has never been confirmed officially, the latest development seems to suggest the possibility of the Chinese government formalizing it as policy. In the past couple of months, I have already seen SOEs seeking out local suppliers, like Huawei, Inspur, Lenovo, and ZTE. The primary considerations were:

·        CIOs are concerned that critical business and customer data might be compromised after the Snowden revelation.

·        CIOs are cautious about holding off buying foreign equipment, pending new governmental policy in the coming years.  Hence, they want to prepare to protect their current investments.

·        They recognize the progress local vendors have made in the past couple of years in terms of both hardware and software development, and want to find the right opportunity to start using them.

However, I&O professionals in Chinese organizations will face these challenges with local vendors:

·        Small market share. Local vendors make up a small share of the overall IT infrastructure market for large organizations in China.  They typically lack partner networks in the country, thus limiting their capabilities for system integration and services delivery across the country.

·        Unproven in complex environments. Local vendor solutions are unproven in supporting highly complex environments.  For many large organizations, particularly government agencies and financial institutions, there are limited use cases from these vendors which will lead to risks for I&O professionals for any major implementation. In some key areas like mainframe computing and database systems, there is almost no local alternative. 

·        Slow on innovation. Foreign vendors typically lead in innovation, and many Chinese vendors follow trends set by the MNC vendors. Local vendors often lack innovation and do not prioritize long term technology visions or product roadmaps.

While the Chinese government and SOEs may wish to swap out foreign vendors with local ones – and our research identifies areas where it makes sense, which continues to grow – they should avoid knee-jerk reactions.  We expect these organizations to have to continue working with global suppliers, given that local vendors will find it difficult to solve several of their most complex IT challenges in the short term.