Editor’s note: RTP Beat is a regular feature on Thursdays.

RESEARCH TRIANGLE PARK–Executives from Cisco, Blue Cross/Blue Shield, and Peopleclick told a packed room at MCNC Wednesday that security software that works is in demand but elusive.

The CED Tech Forum allows entrepreneurs from technology-driven industries to explore and exchange ideas on the themes, issues, and trends driving the diverse information technology sector. Offering focused topics and discussions. The Tech Forum meets at MCNC in Research Triangle Park.

Moderated by Intersouth Partner’s John Glushik, the executives addressed the March Council for Entrepreneurial Development’s (CED) Technology Forum on what technology buyers are looking for in both the short and long term and how they select a product or service provider. “It’s a topic we revisit every year,” said Glushik.

The panel of executives who evaluate software purchases for their companies were: Chuck Churchill, senior manager of vendor and asset management at Cisco Systems; John Sternbergh, senior vice president and chief information officer, Blue Cross Blue Shield of North Carolina and Michael Eason of PeopleClick.

The trio agreed that security software that works is a major priority. They also expressed strong interest in applications to monitor complex systems.

Door openers

But they also agreed it is tough for smaller software firms to get a hearing and establishing relationships to get through the door is essential.

Churchill said Cisco is spending a lot of IT dollars “finishing off” its Oracle implementation and consolidating its “nonstandard players” into Oracle. “Many our resources are dedicated there, not elsewhere. But we are focused on security. That’s a very large initiative for us. We’d like to see a stronger play in security.”

But, Churchill said that these days, “fewer smaller applications are getting through the door” at its vendor management office. “A few years ago, all you had to do was keep making phone calls. Today, it’s much harder. The level of interest in small, one-off applications is not what it was. We’re focused on different initiatives now.”

Sternbergh, who noted that Blue Cross Blue Shield of North Carolina, has “122 ongoing IT projects now”, agreed that security is a number one concern. “We’re highly regulated and have a lot of compliance projects. We do them slowly and thoughtfully so they don’t disrupt business.”

Smaller software firms may have trouble meeting Blue Cross needs, though, he said. “It’s somewhat risky and frustrating to deal with a $10 million company trying to come up with a solution for a multi-billion dollar company.”

Open your kimono

Glushik asked how can smaller software firms do business with larger ones?

“You have to open your kimono and share financials,” Sternbergh said. Churchill said Cisco also does due diligence on software vendors to make sure they “meet a financial litmus test.”

Sternbergh added, “Some companies don’t want to do that,” but those who do not, are shown the door. The executives said that they expect to use software applications for years, and even with the source code, orphaned software can be troublesome to maintain.

Sternbergh suggested that a smaller software company might ask a larger company buy the product or take an equity stake in it. “We’ve done three or four deals as equity stakes, not with great success.” He suggested, “You might say, ‘Hey, we’ve got a better mousetrap, why not buy it? It doesn’t happen often, but it might open a door.”

Sternbergh said that a software vendor must be willing to back up its claims contractually. “We’ve had security application vendors come in and make all sorts of outrageous claims, but won’t back them up contractually.” That gets the door slammed, he said.

The real key to getting a major software buyer’s attention, however is to know someone. “I get dozens of calls every day from people I don’t know and that’s not going to do it,” said Sternberg.

Send your best

Churchill said vendors who come in meeting Cisco’s strict standards, such as being able to run on Linux and use an Oracle backend. One way to get through the door, he said, “Team up with a larger vendor already in this organization. If you say Sun or Hewlett-Packard used this product and had great success with it, we’ll listen.”

References from other users of an application are essential, all the execs said.

PeopleClick’s Eason said, “We’re focused on efficiency gains. We look for opportunities for improvement across a broad range. How can we do things faster and cheaper? But in 1996 or ’97, we were people in a garage with an idea, so we’re a little more open to small companies.”

Eason said there is a massive price disparity between large software suites that try to do many things and much less expensive point solutions. “People can get into that middle ground can do well,” he said.

Eason suggested that building relationships with buyers includes “send us your best people, don’t send us your scrubs. Find the best guy to talk to us and build that relationship as a great opportunity for a longterm win.”

References from people a company already knows are equally essential to service providers, Eason said. “If I had a buck for every outsource provider who called me in the last six months, I could retire,” Eason said. “Someone has to recommend you.”

Added Sternbergh: “It’s tough to get in. A phone call is almost sure to fail.” He noted that Blue Cross often relies on recommendations from its network of 40 other non-competitive independent health care plans in other regions.

But he concluded on a positive note.

“We never stopped accelerating spending during the downturn and it’s accelerating at this point,” Sternbergh said. “We’re always open to new technologies that help us with the bottom line. We’re an information company. We have no tangible products. We have to invest in automated systems and technology.”

Council for Entrepreneurial Development: