Risks for an Enterprise Using a Non-enterprise Vendor
The big risk for not using an enterprise vendor is that much of the compliance responsibility resides, regardless of what the contract says, with the buyer. Much like it would be if you bought a 6-foot ladder when a 10-foot ladder was required; it isn't the responsibility of the ladder company to get you a 10-foot ladder. You have to bridge that gap yourself.
With a non-enterprise company, you have to either require an enterprise-class partner that will assure the result, or you have to perform that assurance yourself. I was at Cisco the other day and it has deployed 7,000 Apple computers to employees who support each other off of a Wiki. Cisco's IT organization effectively partnered with the users who wanted Apple laptops to close the gap between Apple, which isn't an enterprise provider, and Lenovo (Cisco's primary laptop vendor), which is.
Firefox has a similar process of passing much of the responsibility to users to assure the product, coupled with a Network Access Protocol solution that assured Firefox was properly patched and up to date, might provide the same kind of balance. Depending on policy, this may force some businesses into choosing an enterprise-class product and vendor like IE and Microsoft, but it doesn't have to.
In all cases, you have to recognize that the provider isn't enterprise-class and someone (IT, users or another vendor) has to bridge the gap or things that enterprises require like stability, security, reliability and customer/user satisfaction will suffer.
Oracle Problem: You Can't Bridge the Gap
While this works fine with companies like Apple and Firefox, I'm really stuck with what to do with Oracle. Part of what makes an enterprise vendor an enterprise vendor is it supports technology for long periods after it becomes obsolete. This is because enterprises, due to their large size and affinity for custom solutions, can't move quickly to new technologies. It may take over a decade to make some migrations and there are enterprises today running systems that were created in the '70s and '80s.
Companies like IBM and HP, by tradition and practice, support hardware in the enterprise class with services for 10 to 20 years after they have become obsolete and I've seen cases where they have even agreed to go longer than this. Even in the '80s, when IBM did things that violated the trust aspect of being an enterprise vendor and nearly went under, it never cut support on a discontinued enterprise product within five years of it being discontinued. Oracle's action to cut support on Itanium while it still has years on its current roadmap is unprecedented and, in this class, should remove its enterprise-class designation.
While I have seen vendors pull support from a shipping product that isn't doing well, it is unprecedented to see a vendor that sells to enterprises do this. And because Oracle prevents third-party support actively, the ICCC, the competitiveness council of the SIA (Software Industry Association), I'm told has filed complaints against Oracle in all 50 states.
In short, Oracle is not only not behaving like an enterprise vendor, it is aggressively preventing anyone else from bridging the gap. Steve Mills at IBM comments on this in his recent interview and is apparently having a Dan Quayle, Lloyd Bentsen moment when he describes Oracle's purpose as paying for Larry Ellison's toys (which it kind of is) and, given Oracle compares itself to IBM, saying IBM would never do what Oracle did and IBM will, by policy, continue to support Itanium.
I have this mental image of Steve Mills on stage with Larry Ellison after one of Ellison's "Oracle is becoming IBM" comments saying "I've worked at IBM most of my life, I've lived the IBM culture and cared for IBM's employees and customers. IBM would never do what you have done. Oracle is no IBM and you, sir, are no Thomas Watson."
I'll bet the number one wish from an Oracle customer is Ray Lane coming back to run the company.
Wrapping Up: Oracle's Future, IBM's Past
Back in the late '80s, while I was at IBM, I attended meeting after meeting arguing that IBM was breaking the trust it had with its customers and that they would revolt. They did and IBM almost went under, emerging as a very different and vastly more customer-focused company than when it went in. It thought it was "selling air" (an actual quote from an IBM VP at the time) and believed its customers couldn't move, much like Oracle does today. IBM was, and Oracle is, wrong.
I don't think Oracle fully realizes that governments and enterprises have choices and will even make painful ones to avoid a vendor that is obviously misbehaving. The damage Oracle is doing to HP is unprecedented, and the opportunity it is giving to IBM, SAP and even Microsoft is unparalleled and all because it has forgotten what it means to be an enterprise vendor.
With most non-enterprise vendors, you make a choice to back them up with your own services or third parties and this should always be taken into account when using one. Given that Oracle appears to be preventing these remedies, there is only one other, more painful, choice to be made. And that is to avoid Oracle. If you are an Oracle customer, I'm not telling you anything new, but you may be putting the decision off hoping the company will come to its senses.
I'll leave you with one other story that I recall coming from our IT Unmasked blogger Mike Vizard. He'd done a survey of Oracle customers and one outspoken CIO said, and it has always stuck with me, "I don't know who Larry Ellison's enemies are, but I'm afraid it is us." Me, too.