Millennium Meltdown

Endlessly discussed, relentlessly hyped and moving ever closer, Y2K is nearly upon us. While no one can be sure how the much-anticipated Y2K computer malfunctions will affect individuals, businesses or society as a whole, two things are certain: The Y2K problem is real, and it will impact your small business to some degree.

If you're looking for a reason to take this problem seriously, consider this: With less than a year to go before the day of reckoning, Y2K-related malfunctions have already begun to occur. Aside from the expected problems caused by credit cards with "00" expiration dates, last year the com-puterized material management system of the U.S. De-fense Lo-gistics Agency dropped 90,000 items from its inventory because of a date calculation error. Per-ishable items that were supposed to expire in two years (2000) were seen by the computer as having expired 98 years ago because it assumed that "00" meant 1900. This seemingly simple miscalcu-lation took nearly 400 hours to correct. What's worse, according to a Cap Gemini Millennium Index survey, the percentage of com-panies experiencing Y2K-related business problems, such as processing disruptions and financial miscalculations, is increasing every month, from 7 percent in De-cember 1997 to 44 percent in Octo-ber 1998.

Although the typical small business doesn't have as much inventory or as many computers as the U.S. military, Y2K consultant Larry Goldfarb contends small businesses will suffer from Y2K-related mal-functions to a greater extent than larger organizations will. "Not only do small businesses lack the budget to make the necessary changes to their computer systems, but small-business owners are also in a hype-induced state of denial about the problem," says Goldfarb. "They truly don't believe this is a [real] problem."

A recent study on small-business attitudes toward Y2K-related problems sponsored by Wells Fargo Bank and performed by the Gallup Organization supports Goldfarb's views. While more than 80 percent of small businesses are at risk for Y2K-related problems caused by malfunctioning computers, cash registers and other equipment, only 6 percent of the respondents considered the Y2K problem to be "very serious."

This lackadaisical response is disturbing when you consider the tremendous effort that has already been expended by government agencies and big business to battle the Y2K bug. The Securities and Exchange Commission, for example, has ordered all publicly traded corporations to disclose Y2K readiness and project information in their annual reports, including a "worst-case scenario." And both the House and Senate have introduced a wide range of Y2K-related measures, including the Small Business Year 2000 Readiness Act, which partially guarantees bank loans of up to $50,000 for small businesses seeking to replace or repair Y2K-vulnerable equipment, and an amendment to the IRS Code, which allows businesses to write off up to $20,000 in Y2K-related expenses on their tax returns.

Big business is also scrambling to make its computers Y2K-com-pliant. According to Cap Gem-ini Millennium Index estimates, U.S. businesses will have spent more than $500 billion by 2000 to solve Y2K-related problems, including inadequate software and hardware, lost produc-tivity and the resulting litiga-tion. For many of these companies, achieving Y2K compliance also means in-vesting in additional IT staff or authorizing the thousands of overtime hours required to audit every line of software used by the business. Big companies like General Motors and Amoco Corp. have each already spent more than $100 million on their Y2K compliance projects.

Seeds of Destruction

The origin of the Y2K bug is no mystery. In the Information Age's infancy, when large corporations and government agencies began using mainframe computers to automate tasks, the memory used to store programming instructions was scarce and expensive. Programmers writing the code for business applications were encouraged to conserve space whenever they could; one way was to use abbreviated date codes, with only two digits to indicate the year. Assuming their programs would no longer be in use by the turn of the century, programmers ignored the fact that come 2000, these computers would interpret the date codes with a two-digit year field of "00" as being 1900, and then incorporate this corrupt data into a wide range of date-dependent calculations.

Forty years later, this mistaken assumption is coming back to haunt a world far more dependent on computers than these early programmers could have imagined. And far from being corrected, the problem has been compounded by the millions of lines of code (studded with the problematic two-digit date fields) that were added to the original pro-gramming over the years, making the correction process tedious, time consuming and very costly.

Embedded chips, tiny micro-processors that control everything from VCRs to computerized switching units at nuclear power plants, may also be infected with the Y2K bug-but their programming is hardwired into the chip and cannot be audited or corrected. Instead, each and every embedded chip that is suspected to be non-Y2K-compliant must be inspected and, if necessary, replaced.

This faulty programming has also made its way into PC hardware and software, says John Grover, president and CEO of Duluth, Georgia, MillenniumPlus Consulting and author of Your Company's PCs and the Year 2000 (self-published). "A lot of people don't realize how vulnerable PC-based systems are to the bug," says Grover, "especially PCs built before late 1996. If you're running applications that rely on DOS for the correct date, you may have some problems with those applications after the year 2000."

In a small business equipped with a handful of desktop PCs, repairing or replacing non-Y2K-compliant equipment is relatively simple. The real source of most post-millennial business interruptions will come from outside your business, as a re-sult of the Y2K bug's potential effects on infrastructure: power, telephone communications and other services.

When a special panel under the Senate Banking Subcommitte on Financial Services and Technology convened recently to check the utility companies' progress on the Y2K problem, industry experts called the chances of Y2K-related outages "extremely low, but conceivable." But when subcommittee chair Bob Bennett (R-UT) polled 10 power utilities and asked how many of their most important computers had been fixed, he was given answers ranging from 5 to 54 percent.

Blessed with big budgets for modernizing and enlarging their computerized switching systems, telecommunications giants AT&T, MCI and Sprint have tackled the Y2K problem head-on; each will spend more than $200 million this year on their respective Y2K-compliance projects. Smaller regional telecom providers, however, don't have the same resources to battle the problem, and no one is quite sure what collective impact this may have on telecommunications as a whole.

Surviving the Bug

With so much riding on it, how can small-business owners minimize the impact of the Y2K bug on their enterprise? Triage-determining which systems are the most important to the health of the business and attending to those first-is a good way to start, says Gold-farb. If your business relies on desktop PCs, there's a simple test you can perform to check the Y2K compliance of your systems. First, back up all your files on disk or tape. Then manually reset each PC's clock to 11:59 on December 31, 1999. If, after a minute has passed, the clock reads anything other than 12:00 a.m. on January 1, 2000, your PC is vulnerable to the Y2K bug. If it passes the test, try again-but this time shut off the power after manually resetting the time. Wait a minute, reboot, and then check the time and date again. If there are errors in the time and date display, the PC's BIOS (basic input/output system) needs to be replaced or fixed with a software patch.

Software installed on your machines can also cause major problems, says Ed Yourdon, co-author of Time Bomb 2000 (Prentice Hall Computer Books), particularly if they are "orphan" applications. "The biggest risk for PCs is that they may be using home-grown software or some proprietary billing package that was developed five years ago by someone who has since disappeared," says Yourdon. "You could very well have Y2K problems with that application."

If you use many different types of software, it may be difficult to keep track of compliance issues. Grover suggests performing an inventory of your software and then going down the list and contacting vendors to see if their products require upgrades or patches of some type to be Y2K-com-pliant. Most software vendors post this in-form-ation on their Web sites. Software produced by vendors who can't or won't offer you a reasonable solution should be replaced immediately.

Shared Misery

Just because you've made your own business Y2K-ready doesn't mean your customers and suppli-ers have done the same, warns Gro-ver. "Early on, everyone was wor-ried about fixing their own prob---lems," he says. "Eventually, they realized their biggest problems could come from suppliers or customers who go out of business because of Y2K."

Asking a business partner if they've addressed the Y2K problem isn't sufficient, according to Grover. "It's not enough to solve your problem and know your partner has solved his. You have to know how the problem was solved and test it out beforehand," he says. "For example, if you're trading data with your partner electronically, and to fix the Y2K problem, you expanded your date fields to four digits, but your partner is using a windowing process [programming a computer to interpret two-digit numbers within a certain range as four-digit numbers] and still keeps two-digit date fields, you won't be able to handle each other's records." A good way to ensure that both businesses are on the same page is to use Electronic Data Interchange (EDI) standards like ANSI 12, an internationally recognized data format that allows businesses to exchange common documents without having to customize their hardware or software for each organization they do business with.

Shoring up your supply line is also necessary to prevent business interruptions. "Surviving Y2K means contingency planning," says Grover. "I'm advising my clients to develop lines of communication with trading partners. If you have a key supplier who believes [Y2K isn't going to be a] problem, you have to find another supplier."

Grover believes that legal actions stemming from broken contracts, unfulfilled orders or other Y2K-related business interruptions shouldn't be an overriding concern to small-business owners. "The saving grace is that there will be so many lawsuits, there won't be docket time for all of them," he says. "The safe thing to do is document everything, but lawsuits are the least of your worries. Business survival is your number-one priority. If you communicate with your customers and suppliers, that will help. The fewer surprises there are in the relationship, the less possi-bility there is that a lawsuit will arise."

The days after January 1, 2000, may be a time of crisis for some businesses, but this period may also present some unprecedented opportunities for those who are prepared to take advantage of the situation. "The whole world is about to have some serious computer problems. The situation may not last long, but if you're there at the right moment, that might serve you very well," says Leon Kappelman, chair of the Software Productivity Group Conference and co-chair of the Society for Information Management's Year 2000 Working Group, a nonprofit advisory team. "If competitors are in trouble, that may open up territory for your business in both local and international markets. How companies react to Y2K will determine who customers choose to do business with in the long run, because if their computers work and they're reliable and can deliver the goods, they'll be perceived as competent in other areas as well. Anyone who can afford to might consider stocking up on inventory so they can serve customers when other companies may no longer be able to. There is risk here, but there is also the possibility of great reward for the diligent."

Y2K Survival Kit

Web Sites

• http://www.score.org , the home page of the Service Corps of Retired Executives, provides articles, resources and links on Y2K for small businesses.
  
  
• http://www.microsoft.com/year2000 rates the Y2K compliance of Microsoft products and offers an extensive list of tools and resources.
  
  
• http://www.IBM.com/IBM/Year2000 , IBM's Y2K home page, offers information on its major platforms as well as a testing matrix to help you conduct Y2K tests on your systems.
  
  
• http://www.year2000.com is a clearinghouse of Y2K information, including a list of vendors, articles on the subject and e-mail updates.
  
  Software
  
  YMARK2000 from the National Software Testing Laboratory tests your PC for Y2K compliance. Download the software from http://www.nstl.com/html/y2klogo.html
  
  Book
  
  Time Bomb 2000 (Prentice Hall Computer Books), by father-and-daughter team Ed and Jennifer Yourdon, explains the Y2K crisis in clear, concise terms, presenting various scenarios to illustrate how Y2K could impact industry, infrastructure and society.
  
  Consultant
  
  MillenniumPlus Consulting (http://www.millenniumplus.com , 770-521-9959) works with small businesses to determine susceptibility to the Y2K bug and provides services to ensure compliance.
  
  

Talk The Talk

Now that you're a Y2K expert, you should leaarn to sound like one. Here are some buzzwords culled from the voluminous writings on the impending crises:

Doomsdate(s): Calendar dates that may cause computers to malfunction, such as 1/1/00 (Y2K), 9/9/99 (four nines are used as a "stop" code in some programs) and 2/29/00 (the extra day in a turn-of-the-century leap year).

Triage: Prioritizing mission-critical systems to determine where to focus your Y2K-compliance efforts. ("We must triage our mission critical systems before preparing them for the doomsdate.")

Going Dark: To have computer systems, electric power grids or even whole business operations fail as a result of the Y2K bug. ("If the electric power utility companies don't finish up their compliance efforts in time, our company can plan on going dark for a while.")

Workaround: A contingency plan designed to keep a business open despite Y2K-related failures of vital systems. ("When the cash registers go dark, we can always use battery-powered calculators as a workaround.")

Domino Effect: The failure of a non-Y2K-compliant system causing the failure of a Y2K-compliant system. ("Our workaround didn't take the domino effect into account, causing our whole operation to go dark.")

Bug Out: Once used by the military to describe a hurried evacuation effort, it now means to leave the city for a remote rural area to avoid social upheaval caused by Y2K-related failures of essential services. ("After the food trucks stopped coming and our supermarket went dark, we decided to bug out.")

TEOTWAWKI: Y2K survivalist shorthand for "The End Of The World As We Know It."

Contact Sources

Larry Goldfarb, fargoprov@aol.com

Ed Yourdon, ed@yourdon.com, http://www.yourdon.com

Thanks to Wired magazine, Westergaard Year 2000 (http://www.y2ktimebomb.com) and author Ed Yourdon.