Reality IT: Flying High -- and Low -- With IT Legal Eagles

Although lawyers are dedicated to protecting our IT interests, they can also be a hindrance -- sometimes even responsible for scaring off vendors with promising IT solutions.

June 2, 2006

4 Min Read
Network Computing logo

They say laughter is the best medicine, which may be why lawyer jokes are so popular. I know I need some kind of treatment, because dealing with ACME's legal department drives me crazy.

ACME's legal eagles do play a role in securing agreements with new IT vendors for purchases and technology contracts. The irony is that while our lawyers try to protect our interests, they are always a hindrance and sometimes even responsible for scaring off vendors with promising IT solutions.

We frequently turn to our legal department when we need to establish an NDA (nondisclosure agreement) with new vendors. I won't let our IT staff give too much technical information to prospective vendors without an NDA to protect detailed discussions about our network. But this discretion comes at a price: Most vendors now have their own preferred NDA format, which usually prompts our legal department to suggest a mutual NDA to protect both parties. And then, as you can imagine, they haggle over changes while the IT department and vendor's sales staff wait anxiously.

Cross Purposes

In some cases we've had to walk away from a good product because the legal department refused to accept certain conditions of the licensing agreement or terms of service. Recently we had to eliminate two products on our shortlist because of interference from legal, though the vendors had strong technical and cost-effective proposals.We were evaluating responses to an RFP we issued to managed security service providers (MSSPs). The MSSP would remotely monitor our existing security systems and install a few new intrusion detection systems at various points. It would also take inputs from devices that generate logs and alerts, including our firewalls and some host-based and network-based intrusion detection systems already in place.

Because these MSSPs deal with security, they have standard terms and conditions they put in place with clients. But our legal department didn't like these conditions and suggested several changes. The vendor at the top of our shortlist balked at these requests, as did another contender.

We in IT almost came to blows with legal on this one because it was nearly impossible to convince the lawyers they were asking for too many changes to a set of terms these vendors have in place with most of their customers. We could not get them to see that they were actively interfering with our ability to put a solution in place that would increase IT security. They thought we wanted them to agree to terms that weren't to our advantage.

Making It Work

Despite all this, we have a fairly good relationship with the legal department.Over time I've learned to work with our in-house attorneys, and to help them work with us. The deputy counsel, Vinny Gambini, for instance, has worked with IT so long now that he grasps most of the technology lingo being slung around by my staff and the vendors. And he doesn't hesitate to ask questions so he can understand the particulars of a suggested hardware or software purchase.

And I have become somewhat conversant in the norms of legal agreements. I read over vendor agreements and make notes to Vinny if anything strikes me as unusual.

I've also developed steps that IT takes when interacting with the legal department. First, we get information to them as far out as possible; for example, giving them an agreement to review from a leading contender for a new purchase well before a final decision must be made. Building in lead time for the legal wrangling can really help keep the purchase process on schedule.

Second, we provide background information about purchases to better explain the intent of our proposed solution and the technology involved. Third, we get input from legal on documents like requests for proposals so we can insert the right lawyerly language. We also let vendors know what they will have to do to meet our legal department's requirements.

Lastly, we try to keep in mind that though the legal department can be a pain to deal with, it is looking out for the company's best interest--a goal we have in common.Hunter Metatek is an enterprise IT director with 15 years' experience in network engineering and management. The events chronicled in this column are based in fact--only the names are fiction. Write to the author at [email protected].

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights