“We want to redesign our website”,”We are considering replacing our internal system”
In such cases, choosing a vendor that perfectly fits your company from the countless options available worldwide can be quite a challenge.
However, even in these situations, it is possible to identify the key “red flags”—the specific points that indicate which system vendors should be avoided.
Table of Contents
When outsourcing system development, the choice of vendor is a critical decision for the client, as it directly impacts business outcomes.
However, there are “dangerous system vendors” who lack professional ethics or technical competence and cause significant trouble. These vendors share several common traits.
In fact, our company had a bitter experience encountering such a vendor many years ago.
To help you avoid the same mistake, we have categorized the “Characteristics of Dangerous System Vendors” into three levels, starting from Rank C.
This is not limited to system vendors, but from a client’s perspective, receiving some kind of response within “3-5 business days” at the latest is expected.
If the response is slow despite reaching out for a consultation, the client may feel, “I should stop consulting or requesting this vendor,” and their expectations or enthusiasm will cool down.
Such vendors will likely remain consistently unresponsive even after a contract is signed and the project begins. This creates anxiety, making you wonder, “Can this vendor actually deliver?”.
Suppose the system vendor’s site has pages like “News” or “Blog,” or an “Official SNS account.”
Vendors who have “not updated their information for over a year” on these platforms—essentially leaving them abandoned—require caution. This is because it becomes impossible to judge whether the vendor itself is truly active as a business.
Of course, it cannot be denied that the vendor or engineers might be “too busy with projects to update.” However, from the perspective of a system vendor’s external professional consideration, this is a point to watch out for.
Currently, “Mobile First” has become the mainstream standard for search engine evaluation criteria.
This concept emphasizes whether a site provides “optimal usability” for users viewing it on devices such as smartphones.
To achieve optimal usability, a site’s ability to “convert its display for mobile” is a crucial factor. In this day and age, having a “responsive” site optimized for smartphone viewing is a matter of course.
For instance, when a user views a site on a smartphone and sees the exact same layout as the PC version, they simply find it difficult to read and navigate.
Therefore, if a system vendor’s own site is not responsive, it can be judged that “this vendor is not keeping up with mobile trends, lacks technical skills, or simply has no interest in them.”
For corporate entities, it is common to request “competitive quotes” from multiple vendors. You would typically select a vendor by comparing these quotes and cross-checking the proposals against the costs.
However, you must be wary of any vendor whose “development costs are abnormally cheap” compared to others. Such vendors often keep estimates low by cutting necessary functions or man-hours, or they provide a price without having sufficiently conducted client interviews or requirement definitions.
On the other hand, if you request a quote from a vendor you already know, the price might be lower under the guise of a “friendship discount.”
Yet, even with a “friendship discount,” a cheap estimate carries the hidden message: “We will only perform work equivalent to this price.” Even if they are an acquaintance, they are running a business and cannot assist you as a volunteer forever.
In short, if you outsource system development based solely on a low price, you risk failing to receive satisfactory after-sales support after the system goes live, or encountering serious disputes.
The same applies when requesting website production or system development from freelancers (sole proprietors). While their costs are often lower, being an individual means they may lack the support structure expected of a corporate entity. It is important to choose according to the purpose and content of the system you are introducing.
The situation is different for design-specialized firms focused on creative production, but for vendors handling website production and system development, knowledge and technology in the “server and backend domain” are essential for the vast majority of systems.
For example, some website production companies frequently choose rental (shared) servers because the setup work is easy.
Of course, rental servers are not bad in themselves; they are a suitable choice in terms of cost and ease of operation, and they perform sufficiently for small-scale sites or sites with stable traffic.
However, for corporate clients, a vendor has an obligation to explain the merits and demerits before selecting a rental server. This is because the optimal solution for server selection varies depending on site scale, security requirements, and future scalability.
If that website production vendor lacks knowledge of “VPS” or “Cloud” beyond rental servers, we recommend confirming whether they have a partnership with a server management company that is well-versed in such expertise—even if it is through outsourcing.
If a vendor lacks this, it must be said that they are highly likely unable to provide appropriate infrastructure design or troubleshooting in an emergency, leaving them unable to guarantee the stable operation of your site.
To put it simply, SSL compliance means making a website SSL-ready (installing an SSL certificate) so that the website URL can be displayed starting with “https.”
This prevents the eavesdropping or tampering of communication content and improves website security. Additionally, from a search engine perspective, “https” sites are favored as a ranking signal, making them more likely to achieve higher search rankings.
However, a system vendor is fundamentally in a position to handle website production and system development upon request from clients. Unfortunately, cases still exist where such a vendor’s own site is not SSL-compliant.
From the perspective of security compliance, it must be said that such system vendors lack reliability.
Despite being system vendors, there are cases where the site cannot be displayed or results in a display error.
Normally, users browse sites using the latest OS and browsers with security in mind. If the vendor’s site cannot be viewed even when accessed from such an environment, it can be judged that the settings of the server running that site have not been updated or have some kind of defect.
For example, if an “ERR_CONNECTION_CLOSED” error is displayed when viewing a site, the cause is primarily considered to be server-side specifications or settings. This error occurs when the connection between the user (client terminal) and the server is unexpectedly disconnected, often caused by an incompatibility of TLS (Transport Layer Security) versions.
Support for old TLS versions (such as TLS 1.0 or 1.1) has been terminated by many browsers due to security issues. Therefore, if the user side requests a new TLS version, the connection may be refused if the site-side settings are outdated.
If such a phenomenon occurs, it is likely that the server specifications and settings supporting the system vendor’s own site have been left outdated. This serves as an indicator that the vendor has “low awareness of server technology and operation.”
A company’s website is the “face of the company” and serves as its digital business card. Setting aside the quality of the design, there are system vendors that do not even have a bare minimum website.
It is difficult to judge whether such a vendor is truly operating as a legal entity or what basis there is to trust them with a project.
A company that claims to “undertake enterprise system development” without its own website is a mysterious entity with an unclear core business.
While they might operate solely through personal connections, they should generally be viewed as untrustworthy.
As in any industry, it is generally safer to be skeptical of vendors who claim they can do “anything.”
“System development” covers an extremely wide range of fields, including website production, cloud construction, internal network setup, and core system development typically handled by SIers.
Typically, a system vendor has strengths in specific technical areas.
Despite this, vendors who assert they can do anything are often “masters of none.”
It is realistic to assume that no vendor exists that can cover all technical domains with high quality.
In contract development (service agreements), it is fundamentally rare for source code rights not to be transferred to the client. However, depending on the contract, there are cases where ownership of the source code remains with the vendor even after delivery.
* In “product-type” systems provided via SaaS or licenses, ownership usually remains with the vendor.
The problem here is “claiming they won’t hand it over after the fact, without prior explanation.” This behavior clearly aims to obstruct transitions to other vendors, effectively holding the client “hostage.”
Therefore, the only way to avoid trouble is to explicitly confirm “Will the source code be delivered?” and “To whom do the intellectual property rights belong?” before placing an order, and ensuring this is clearly stated in the contract.
While we have listed the tendencies of high-risk system vendors, there are various types of vendors even within the broad category of “system vendors.”
Here, we summarize the key selection points that ordering companies should keep in mind.
| Preparation | ||
| Mindset of the Ordering Company | Competitive quotes and comparison (2–3 companies) | However, do not judge by cost alone. In any industry, there is always a reason for being “cheap.” |
| Do not leave everything to the vendor | Do not leave the formulation of system specifications or acceptance testing (UAT) entirely to the vendor; take responsibility for conducting them yourself. These are the responsibilities of the ordering party and are essential as final checks before the system goes live. | |
| Evaluation of Specialization and Technical Aspects | Track record | Do they have a track record that can be shared externally? (Case studies publicly available on the internet are desirable.) |
| Areas of expertise | Are they well-versed in the specific project field, such as website production or business system development? | |
| Project scope | Do they handle projects in China, Japan, and other overseas regions? Also, can they handle communication in multiple languages? | |
| Technical capabilities | Confirm capability for multilingual display, performance optimization, and server construction in cloud environments. Also, check if they provide added-value services such as SEO / LLMO (AI Search Optimization) and web marketing. | |
| Capability | Clearly confirm what the vendor can and cannot do. | |
| Check before contract | ||
| Contract contents and conditions | Official quote | Confirm response hours, scope of work, conditions for additional costs, delivery date, etc. |
| Development structure | Confirm whether development is performed entirely in-house or if parts of the process are further sub-contracted to another external vendor. | |
| Support system | Confirm response hours, scope of maintenance support, and the communication tools to be used. | |
| Contract document | Always scrutinize the content and resolve ambiguities before signing. Specifically, confirm that intellectual property rights (ownership of source code) are explicitly stated. | |
Looking back at the tendencies of high-risk system vendors listed this time, it ultimately boils down to the vendor’s “attitude.”
If you do not sense an attitude of sincere engagement from a vendor, you should be suspicious of the risks that may be hidden.
By referring to the points in this article, you should be able to encounter a better system vendor for your needs.
| Website Development | https://beyond-shenzhen.cn/en/service/website |
| Managed Cloud Services | https://beyond-shenzhen.cn/en/service/server |
| Cloud Business System | https://beyond-shenzhen.cn/en/service/development |
For Website Development and Managed Cloud Services
▼ Company WeChat Official Account▼
▼ Contact person in charge WeChat ID ▼
WeChat Official Account
WeChat Official Account
Person in ChargeWeChat
【Case Study】Gaming Media Site "AUTOMATON CHINA"
【2026】Public Holiday Calendar for China, Japan, and Singapore