Due diligence of an acquisition target extends far deeper than you think
Enterprises with an acquisition appetite for advanced-technology manufacturers face IT issues that are unique in the corporate-buying world. Even the most seasoned due-diligence teams can miss IT issues whose roots are growing beneath their feet.
In this article—adapted (and anonymized) from numerous true stories in Ensunet’s case histories of supporting more than $4 billion in IT acquisition support—we’ll shine a light on particular issues you may not have considered before. But we guarantee that, after reading this article, you’ll never miss them again.
The problem beneath the surface
In this story, the acquisition-target company specialized in the design and manufacture of high-tech devices—electronic-laden gadgets that connect to, and communicate with, their customers’ IT networks. This is the kind of situation that’s increasingly common in the IoT, or Internet of Things, world.
We’re describing this as just one story, but it’s the amalgam of several. They all shared the same issues.
In each case, the device maker had recently completed a major sale—for hundreds, even thousands, of devices, worth millions of dollars—to a number of major customers, each of which had its own IT network. On the ledger, device-makers’ prospects looked great. It burnished their reputation—and price—as acquisition targets. Everyone was pleased when these companies were acquired.
It was only later that the problems surfaced.
In every case, the devices had been designed and built using an outdated operating system or some other such noncompliant component. And so the problems didn’t appear until after 1) the systems were designed and manufactured, 2) sold to customers, and 3) attempted to connect to the customers’ IT networks.
Note that we said “attempted.” It was at this point that the customers’ internal IT departments caught the out-of-compliance devices attempting to “infiltrate” or compromise their networks, and so they did what any good IT department would do: They locked them out.
The roots of the problem
On the surface, stories like these seem like they couldn’t happen in the real world. How, after all, could cutting-edge device manufacturers create such wildly out-of-compliance systems? How could enterprise customers, with state-of-the-art IT systems, purchase such devices? Why did it take so long for this problem to rear its head?
The issue—as we’ve noted before and will continue to point out—is less technical than it is cultural. As is unfortunately common among device-makers, their R&D departments were often siloed from their internal IT departments. This let them develop their products using outdated operating systems and components. No one knew. Not even the sales reps who purveyed the products.
An analogous situation existed at the customers who purchased the devices. Their acquisition departments weren’t properly inculcated to internal IT protocols. They never asked IT to evaluate the products. They assumed they’d be compliant, and went ahead with their purchases.
You can guess where these stories went—to an extent. Yes, it was a nightmare for all concerned. And it was a glaring black eye for the acquisition leaders (and their due-diligence teams) for having missed problems that hid in plain sight.
Fortunately, Ensunet was able to remediate these situations, upgrading the devices and their ecosystem of components and operating systems so that they would, finally, be accepted into the customers’ IT networks. But in each case, it was costly, time-consuming, and above all, avoidable.
Stories like these are, unfortunately, all too common today in the fast-moving world of tech-device-maker acquisitions. It takes expertise and experience to see them in advance.
Ensunet has both. Contact us today to learn about our pre-merger IT due-diligence services, as well as our post-merger integration services.