31 Jan It's not Y2K, but changes to Daylight Saving Time could cause tech problems
Madison, Wis. – Forthcoming changes to Daylight Saving Time will have significant implications for organizations worldwide, but few business organizations are prepared to address their potential information technology impacts, according to a new report from Gartner, Inc.
Gartner, a technology advisor to client organizations, has found that few clients have a formal risk assessment and remediation program in place to address the potential impacts of the change, which could include disruptions at both the IT infrastructure and application levels.
Cameron Haight, a research vice president for Gartner, said organizations would have to take an inventory of their platforms and applications and create a list profile with tiered levels of priority. “We don’t put it in the same category with Y2K,” he said, “but there is the potential for business disruption.”
Do nothing, do harm
The changes, which are mandated in the Energy Policy Act of 2005, mean that Daylight Saving Time will begin almost one month earlier, on the second Sunday in March (March 11, 2007) instead of the first Sunday in April, and end on the first Sunday in November (November 4) instead of the last Sunday of October.
While Gartner characterized “DST” as a minor problem compared to the big code changes required for past issues like Y2K and the Euro conversion – simple patches for operating systems and infrastructure components will be the answer in most cases – it also warned that if organizations do nothing, significant business damage and liabilities could occur from applications performing their processing at the incorrect time.
What could possibly go wrong? Gartner said the possibilities include interruptions to calendaring and billing applications, security programs, and travel and trading schedules. In addition, bank transaction errors could result in late payments, cell phone and other tariff billing applications could incorrectly charge peak rates during non-peak times, and deadlines could be missed for admissions and other time-sensitive enrollment programs.
Gartner advised any organization that interacts with American business partners to conduct a review of time-related exposures such as calendaring applications that show incorrect recurring meeting schedules, including BlackBerry-style devices synching with an e-mail server.
According to Gartner, most of the top IT suppliers have prepared, or are preparing patches for supported products, but are downplaying the effect to avoid a repeat of Y2K-level panic.
Vendor bender
Todd Peterson, an information systems manager for Meriter Hospital in Madison, said Meriter has approximately 300 systems and applications combined, about two-thirds of which have a date component. As the hospital prepares for the change, it has been contacted by vendors, receiving periodic guidance from Microsoft, for example, but some seem to be behind the curve on how to support clients.
In the Madison market, Berbee Information Networks is the only technology vendor he’s aware of that has begun to hawk products to address the Daylight Saving Time issue.
Microsoft has informed the hospital that it will cost $4,000 for a date-and-time patch for its exchange server and Windows 2000 operating system. Windows 2000 is covered with extended support through 2010, Peterson said, whereas organizations with Windows XP would automatically have a patch sent with their monthly update.
Meantime, “we’re trying to figure out exactly which applications have their own internal time databases,” he said.
Not every organization has a lot of time-sensitive applications that also happen to be mission critical. Ed Meachen, associate vice president of learning and information technology for the University of Wisconsin System, said CIOs on the various campuses were nearly unanimous in their view that this “is not going to be a big deal for them.” He said people are using patches from Microsoft, Oracle, and third-party vendors to address the issue, and found it hard to believe that business organizations aren’t preparing to address the issue.
“I can’t believe that IT staffs in these businesses are unaware of it,” he said.
No patch zones
There will be cases where a standard patch is not enough to safeguard applications. Gartner cited the example of time-stamped data, which already exists in many at-risk applications and is unlikely to be updated by OS-level patches. Instead, they will require an application-specific patch just to make new entries correct, while existing meeting schedules entered before the OS or Java patch is applied, and occur in-between the new DST and old DST cutover times, will still be wrong.
Where patches are not available – for products that are no longer supported – Haight said organizations will need to determine whether there are manual “workarounds.” If not, it may be time to speed migration to more current versions.
International impact
The changes could be even more profound for international business. Between March 11 and 25, there will be a four-hour time difference between London and New York, instead of the normal five-hour difference, and a seven-hour difference between Frankfurt, Paris, Madrid or Milan and New York instead of their normal six-hour difference.
As a result, Gartner said any organization that interacts with U.S. business partners will need to undertake a review of their time-related exposures.
Since time is running short, and some glitches are inevitable, Gartner advised organizations to run a communications program for all staff well in advance of the change, and said support service managers should ensure that they are fully staffed on March 11 and 12.
Related stories
• Security concerns grow with mobile tech devices
• Windows exploit worsens as stop-gap measures fill in for official patch
• Dunn to step down as Medical College dean
• CIOs could keep companies out of hot water in court