Cyber Services
Infrastructure Services
Data & AI
IT Operations
Case Studies
Company & Content
Insights
Strategies
Partners
Contact Us
ITHQ logo with stylized orange chef hat and turquoise text.Contact Us
Cyber Services
Infrastructure Services
Data & AI
IT Operations
Strategies
Case Studies
Company & Content
Insights
Partners
Back
Skills-as-a-Service
ITHQ SAFE logo
SAFE Cyber Resilience Strategy
Resilience-as-a-Service
Data Resilience
Abstract geometric design with one orange semicircle and three dark teal circles forming a square pattern.
Identity & Access Management
Abstract geometric design with one large orange circle and four teal semicircles on black background.
Extended Detection & Response
Geometric design with two dark teal quarter circles on left and one orange quarter circle on bottom right.
Vulnerability Management
Abstract geometric design with three dark teal quarter circles and one orange quarter circle.
Threat Detection & Response
Automated Compliance
One orange circle above three interconnected dark teal circles forming a triangular pattern.
Auto Vulnerability Remediation
Next Generation Firewalls
Abstract geometric pattern with a black diamond and teal and orange shapes in a square layout.
Security Service Edge
Abstract geometric design with teal square and triangle, black triangle, and orange triangle on a black background.
Email Security
Square divided into teal bottom-left and orange top-right triangle with a black triangle in the center.
Privileged Access Management
Abstract geometric design with an orange semicircle on top and two dark teal quarter circles at the bottom.
Protective DNS
Attack Surface Management
Security Controls Validation
Rapid7 MDR-X ITHQ Solution
Back
Skills-as-a-Service
Abstract geometric flower-like design with four rounded petals, three teal and one orange.
AWS Cloud Services
Data Resilience
Abstract geometric design with an orange circle and four dark teal quarter circles arranged in a square.
Flexible Storage Services
Unified Multi-Cloud Management
& Optimisation
Back
Circle divided horizontally with contrasting quarter circles in black and orange inside a dark teal background.
FlowAI
Abstract logo with an orange diamond shape in the center and four dark teal rounded triangular shapes surrounding it.
FlowInsights
Back
Skills-as-a-Service
Abstract logo with an orange diamond shape in the center and four dark teal rounded triangular shapes surrounding it.
Networking Services
Abstract geometric design with an orange check mark inside black and dark teal diamond shapes.
Direct Internet Access
ITHQ VAST logo
VAST Strategy
Abstract geometric design with a central black star shape and surrounding teal and orange triangles.
Network Assurance & Automation
Abstract geometric design with four dark teal quarter circles and one orange quarter circle forming a symmetrical pattern.
Unified Cloud Monitoring
Abstract geometric design with orange and dark teal curved shapes and a black circle.
AI-Powered UCaaS
Back
ITHQ SAFE logo
SAFE Cyber Strategy
ITHQ VAST logo
VAST Strategy
Back
JT (Jersey Telecom)
David Lloyd Leisure
Scan Computers
HubSpot Elite Partner
Hippodrome Casino
Les Ambassadeurs
Worldwide Currencies
Back
Abstract icon showing a brain with orange left side and blue right side circuit connections.
About Us
Half orange and half dark teal abstract semicircle above a dark teal semicircle on a black background.
What We Do
Abstract geometric design with dark teal shapes and an orange semicircle on white background.
Careers
Abstract geometric design with two dark teal leaf shapes on top and one dark teal and one orange quarter circle below.
Life In IT
Insights
Orange arrow pointing right inside a white diamond shape with a teal background.
Videos
Articles
Sectors
Orange arrow pointing right inside a white diamond shape with a teal background.
Casinos and gambling premises
Case Studies
JT (Jersey Telecom)
David Lloyd Leisure
Scan Computers
HubSpot Elite Partner
Hippodrome Casino
Les Ambassadeurs
Worldwide Currencies
Back
Orange arrow pointing right inside a white diamond shape with a teal background.
Videos
Articles
May 7, 2026

The Wicked Tech Problem: You Are a Passenger in Your Own Vehicle

Vendor lock-in is not just a technology issue. Bundling, platform dependency, and reseller bias create resilience risk, says David Thomas.

hands breaking free of chains against sunset

Vendor lock-in is not just a technology inconvenience. It is a resilience risk that weakens negotiating power, reduces flexibility, and leaves organisations exposed when vendors change pricing, support, packaging, or strategy.

TL;DR

  • Vendor lock-in is a resilience risk, not just a procurement issue.
  • Bundling, platform consolidation, and reseller incentives can create structural dependency over time.
  • A single platform may simplify operations, but it can also become a single point of failure.
  • Deliberate multi-platform architecture helps preserve leverage and optionality.
  • VAST helps organisations make dependency risk visible, measurable, and actionable.

There is a moment most technology leaders recognise, even if they rarely say it out loud.

You are sitting in a vendor review. The roadmap looks familiar. The pricing has shifted again. The features you relied on are now in a higher tier. And as you work through the options, you realise that most of the decisions shaping how your organisation operates have already been made for you by someone whose interests are not the same as yours.

You did not choose this in one dramatic moment. You arrived here through a series of individually reasonable steps. A bundled feature activated because it was already there. A platform standardised for simplicity. A reseller relationship expanded because procurement wanted fewer suppliers. An integration adopted because it made short-term operational sense.

But here you are: a passenger in a vehicle you thought you were driving.

This is not an accident. It is the predictable outcome of how enterprise technology is sold.

How it happens

The model is well established. Bundle the product into the licence. Make it the default. Embed it deeply enough that switching feels costly. Then, once the dependency is structural, adjust the commercial terms.

In April 2026, Salesforce, on behalf of Slack, brought legal action against Microsoft in the UK. The allegation was simple: bundle the product, make it the default, and let inertia do the rest. By the time an organisation thinks it has made a choice, the decision has already been made for it.

Regulators recognise this dynamic because distribution power, applied consistently over time, becomes market control. It happened before. In the late 1990s, Microsoft bundled Internet Explorer with Windows and faced landmark antitrust action in the United States. The product was not the problem. The delivery model was.

The names change. The dynamic does not.

Vendor lock-in is really fragility

Most organisations describe this as vendor lock-in and consider it acknowledged. That framing is too comfortable. Lock-in sounds like an inconvenience. Fragility is closer to the truth.

When Broadcom acquired Symantec, many customers learned the difference. Pricing increased sharply. Support narrowed. Organisations that had spent years embedding the platform across their security estate tried to move and found they could not move at the speed the situation required. Emergency workshops. Exit programmes. Compressed timelines. And in many cases, significantly higher costs accepted simply because there was no prepared alternative.

VMware customers are now living through a similar sequence following Broadcom’s acquisition of that business. Different product. Identical commercial logic.

Once a vendor has structural dependency, they have pricing power. The buyer who has no credible exit has no leverage. When you cannot leave, pricing is no longer a negotiation. It is a condition. That is not just a technology problem. It is a resilience risk, and it is one you should never be in.

The route to market is not neutral either

Most organisations scrutinise vendors. Fewer scrutinise the channel through which they buy.

Over the past decade, many large organisations rationalised their supply chains. Fewer VARs. Consolidated procurement. Simpler contracting. Better economies of scale. The logic is sound.

But supply-chain consolidation introduces its own bias. A reseller is a commercial entity with its own margin structure and incentives. If it earns more from one vendor than another, that shapes what gets recommended. The bias is structural, not personal, but it is real. You are not always being sold the best solution. You are often being sold the most profitable one.

When an organisation consolidates its route to market around one or two resellers, it is not just streamlining procurement. It is also narrowing the range of options it will ever be shown.

A healthy diversity of routes to market is not just a procurement preference. It is a resilience consideration.

The single pane of glass is a sales pitch

The vendor answer to complexity is consolidation. One platform. One dashboard. One throat to choke.

The single pane of glass has been the dominant pitch in enterprise technology for two decades, and it has served vendors extremely well. Buyers, less so.

The problem is not that a single platform is always bad. It is that you are trading architectural flexibility for operational convenience, and the cost of that trade only becomes visible when something changes. A price increase. An acquisition. A strategic pivot. A support change. A geopolitical shift that calls your infrastructure assumptions into question.

Across Europe, organisations are already questioning their exposure to US hyperscalers such as Microsoft and Amazon Web Services. Not out of ideology. Out of risk awareness. Because dependency only becomes visible when control is tested.

At that point, the single pane of glass becomes a single point of failure.

A better model: deliberate multi-platform architecture

The alternative is not chaos. It is not duplicating everything. It is disciplined optionality.

The model that works is a deliberate multi-platform architecture built around three principles.

Strategic platforms with crossover coverage. Select two or more strategic platforms with genuine overlap in critical areas. Not because you want to run both for the same purpose every day, but because if one becomes commercially untenable, you can activate equivalent capability elsewhere with minimal disruption.

Best-of-breed tools that integrate. Use specialist tools where they genuinely outperform the platform players, but make integration part of the buying decision from the start. Depth of capability matters. So does portability.

Tactical non-adoption of overlapping features. When a platform offers a feature that duplicates something you already have from a better source, do not adopt it simply because it is included. The moment you rely on a bundled feature you did not consciously choose, you give that vendor another anchor point.

This is not anti-vendor. It is good architecture and good commercial discipline.

Strong vendor relationships, on your terms

None of this argues against deep, productive relationships with strategic vendors. Quite the opposite. Strong vendor relationships are often how you get the most value from your investment.

The distinction is intent.

A strong relationship entered with clear eyes, a mapped architecture, and a credible exit strategy is a position of strength. A deep dependency that accumulated by default is a position of exposure.

The question is not how deep the relationship is. It is whether you could end it if you needed to.

The VAST Strategy: a joined-up approach to resilience

This is not purely a cyber question. The consequences of dependency reach across operational continuity, infrastructure, financial exposure, data governance, IT performance, and strategic agility.

At ITHQ, we address this through the VAST Strategy: Visibility, Availability, Stability, and Transmutability.

Visibility means understanding what you actually have: overlapping tools, embedded integrations, contracted dependencies, and reseller relationships that have quietly accumulated over time.

Availability means ensuring critical capabilities remain accessible even if a platform changes terms, a supplier relationship breaks down, or a commercial model becomes unfavourable.

Stability means reducing the likelihood that an external vendor decision turns into internal disruption.

Transmutability is the most important of the four. It is your ability to say no. No to a price increase. No to a forced roadmap. No to a commercial model that no longer works for you. If you cannot say no, you do not have a strategy. You have a dependency.

ITHQ delivers the VAST Strategy across four domains: SAFE for Cyber Resilience, RISE for Infrastructure, FLOW for Data and AI, and PACE for IT Operations. Together they help organisations see where resilience exists, where it does not, and what it would take to move if conditions changed.

Organisations that have that picture have negotiating power. Organisations that do not are passengers.

The question to ask this week

If your primary vendor changed the rules tomorrow, what would you do?

If the answer is unclear, delayed, or dependent on emergency planning, the risk is already present. You are not operating your platform. You are operating within someone else’s commercial model.

That is what VAST is designed to change. It helps make dependency risk visible, measurable, and actionable before conditions force your hand.

This is how the system works. The question is whether you are designed for it.

Lastest blog posts

View all posts
hands breaking free of chains against sunset
May 7, 2026
Strategy
The Wicked Tech Problem: You Are a Passenger in Your Own Vehicle

Vendor lock-in is not just a technology issue. Bundling, platform dependency, and reseller bias create resilience risk, says David Thomas.

Read On
muddy rugby players head and shoulders
January 27, 2026
Strategy
ITHQ Resilience Strategies: Game Plans With The Win Built In

Achieving measurable resilience via strategic tech investment … ITHQ is with you from kick off to triumph.

Read On
January 6, 2026
Strategy
The Messy Middle: Why IT Strategy Must Go Beyond Brainstorms If You Want Real Resilience

Why treating IT strategy as a boardroom exercise falls short. Discover how joined-up, strategic implementation builds true resilience.

Read On

Want to know more? Let's talk.

Call us: 020 3997 7979
Mail us: transform@ithq.pro
Visit us: The Tower, 48 Goffs Park Road, Crawley RH11 8AY
Contact Us
ITHQ logo with Crown Commercial Service Supplier, ISO 27001 and 9001 certification, and Cyber Essentials certified badges.
One NDA logo badgeFast Growth Index 2024 logo supported by UBS with curved text reading fast growing firm in the south.
Services
Cyber ServicesInfrastructure ServicesIT OperationsOur StrategiesData & AIManaged Services
Data & AI
coming soon
About ITHQ
What We DoAbout UsPartnersGet In TouchInsightsWork With Us
Legal
Privacy PolicyTerms of BusinessModern Slavery StatementAcceptable Use Policy
Created by ITHQ
All Rights Reserved