Coping with today’s security and compliance challenges

By Ian Kilpatrick, chairman of Wick Hill Group, specialists in secure IP infrastructure solutions and convergence.

 

A greater range of threats, more complex threats, and how to deal with these threats on a limited budget, with static staff numbers, are some of the issues faced by organisations today.

The challenges include compliance and licensing, as well as a host of security issues around areas such as ever-increasing remote access; the growing number of mobile devices; virtualisation; convergence; wireless; data loss; and the consumerisation of equipment.

A variety of solutions is available to deal with these threats. Continue reading

Bring Your Own Device Will Free Workers

Employees should be liberated and be given the opportunity to use their own devices at work, according to communications specialist and cloud computing company Qubic. The company’s Managing Director said that an archaic IT policy is unhelpful for workforces that want to be more flexible.

As more businesses consider the introduction of BYOD (Bring Your Own Device) to enable staff to use their laptops, tablets and smartphones at work, managers are being warned that old fashioned IT protectionism is no longer relevant. As long as due diligence is paid to security issues, workers should have the freedom to work across a variety of devices, it is argued.

Chris Papa, the Managing Director of Qubic, said, “BYOD is an incredibly useful concept. Our working patterns and environments are changing and as a result, we need access to tools that will enable us to cater for that. Accessing networks via a remote cloud system really showcases the capabilities that cloud computing provides.  As long as a secure private cloud is used, and data security remains stringent, it provides a great deal of freedom for workers and can deliver cost savings for businesses in terms of equipment costs.

“BYOD will be as successful as the security that underpins it. The risks should be assessed and devices monitored. This way, employees can be productive without putting their companies in unnecessary danger.”

Chris warns that there is still a large amount of awareness that needs to be created in regards to compatibility issues when it comes to using an employee’s own device to connect to a Local Area Network (LAN).

“One issue that can become problematic and can in some cases slow things down is when companies overlook the suitability of their personal devices for work, particularly when it comes to laptops. Quite often this process can be made easier at the buying stage to ensure that workers know the right equipment and specifications they should look for. Of course, current machines can be upgraded but if it is the employer left with the bill for this, it could become a stumbling block for adoption. When these aspects are taken into account, firms can benefit hugely from employees using their own devices in a professional capacity.”

Chris Papa, the Managing Director of Qubic

Cyber Security In The Wake Of Consumerisation

The dawn of the Internet brought with in many things, including the birth of cybercrime – providing criminals with a new way of conducting wrong-doings. There’s also no doubt that cyber-attacks, whether internet or intranet-based, continue to grow in sophistication. Unfortunately, cybercrime costs the UK economy £21bn a year, affecting businesses, enterprises and organisations, everywhere.

In light of this, businesses need to be able to understand what can be done to safeguard and protect the confidentiality, integrity and availability of their information assets – especially as end users are becoming more mobile, moving sensitive data along with them. However, the disturbing reality is that many small and medium enterprises (SMEs) are unaware of, or appear unconcerned by, the security risks they face with regards to information assurance.

These risks have been increased by the latest trends such as  Bring Your Own Device (BYOD) and the increased usage of uncontrolled and unauthorised, internet based file repositories, such as Dropbox in the enterprise  – which are rapidly being incorporated into the workplace. In fact, this move towards a more flexible style of IT governance, combined with an increasingly mobile culture, is creating a lucrative portal for cyber criminals to exploit – offering them a far lower likelihood of prosecution when compared to traditional crimes.

However, as business users start to use multiple mobile devices more expansively than ever before, IT departments have to keep up with the pace of change, by finding ways to combat this problem. An effective security defence is required; one that is a nimble tactical approach that can react rapidly to the threat of a security breach and act decisively and automatically when a response is required.

Moreover, businesses need a strategic approach to cyber security to balance risk management with business opportunity. Even the smallest businesses need to learn from previous infiltration, exfiltration and business disruption attacks and take practical steps to combat cyber threats.

Traditional cyber security measures remain critical – patching regime, antivirus, perimeter defences are all necessary – but contemporary threats demand enhanced and innovative responses if they are to deter hackers; indeed, one must now assume that someone ‘will’ get in. One thing that may help is having an agile cyber security solution that is designed to consider eventualities before they occur and deal with them when they do.

Once a secure and effective solution is in place – one that works with the business – companies can reap a number of benefits including: fast breach identification, contained and isolated localisation of issues, rapid and automated resolution and uninterrupted productivity – without full system lockdown and full incident lifecycle visibility to support impact analysis.

There’s no doubt that hackers are getting smarter. It’s no longer feasible to only do patch updates on current systems and hope that this will do the job. By bringing in additional defences and responsive technologies, for instance, non-signature based malware detection, application execution control or even a virtual security engine that can adapt to business changes, organisations can build a defence-in-depth capability. IT departments need to learn to identify both internal and external threats or engage someone with the necessary skills to get the job done.

In the wake of consumerisation, no matter the size of the company, you need cyber assurance.

By John Green, CTO at Prolinx

Technology Headlines: Yahoo, Apple and Eduardo Saverin

The news that Yahoo chief executive, Scott Thompson, had stepped down this weekend was not the only major technology news. Here is a look at a selection of the other leading technology headlines.

Apple have announced that they will stop using the phrase ’4G’ in their iPad adverts, as it is deemed misleading given that 4G is not widely available in the UK and the iPad will not work with it when it is.

Facebook’s Brazilian born co-founder, Eduardo Saverin, has renounced his US citizenship ahead of the company going public on Friday. His decision means he will avoid paying around $600m (£373m) in tax when he picks up his share of the site’s stock offering.

Sticking with the social media giants now as Facebook have announced plans that will allow users to may a small fee in order to further promote their posts. At present trials are being carried on with users in New Zealand.

Does Software Piracy Matter?

Think of software piracy, and images of counterfeit goods being sold in shady establishments or downloaded from unscrupulous websites probably spring to mind. In fact, under-licensed software use is also a widespread and long-standing problem, and forms a large slice of the software piracy pie.

Under-licensed software is where software has been installed onto more PCs than the licence agreement allows. For example, a licence may support the software being installed on up to 20 personal computers (PCs), but it may end up being installed on 30 PCs. Its use is sometimes seen as acceptable due to a belief that it does not hurt Intellectual Property (IP) owners or the economy, but this could not be further from the truth.  According to the BSA’s 2010 global software piracy study conducted by IDC, under-licensed software was installed on 27 percent of PCs in the UK with a commercial value of £1.2 billion.

Software piracy also deprives the economy of much-needed revenue and jobs – an additional study by IDC found that reducing the PC software piracy rate in the UK by 10 percentage points over four years would create 13,011 high-tech jobs, £5.4bn in new economic activity and £1.5bn in additional taxes by 2013, with 87 percent of those benefits expected to remain in the local economy.

But where should the buck stop in a business in terms of handling software licensing – and why is it not treated in the same way as other business assets?

While most companies keep track of their mobile phones or car fleet, many managers either turn a blind eye to under-licensed software use, or are entirely unaware of the problem. It is generally assumed that that the IT director or the financial director is shouldering the responsibility of managing a company’s software assets. In fact, in 2011, the BSA polled 250 Financial Directors (FDs) in the UK about their attitudes towards software piracy, and found that despite 85% of FDs being responsible for their company’s software licensing, only 7% claimed to be very confident that the software was being deployed correctly, and almost 30% admitted that illegal software could be used in their organisation.

A risk to cash flow and business operations 

The Business Software Alliance (BSA), a global organisation representing the software industry, is committed to the eradication of software piracy through both education and enforcement action. Already in 2012, the BSA has taken action against companies found to be using under-licensed software. Blackpool-based building services engineering company, George Morrison, paid £10,000 in damages while Rugby-based power-conversion company, Converteam UK Limited, was made to pay £8,000 for using under-licensed software. In most cases, the price of using under-licensed software far exceeds the cost of doing things properly, and the impact on cash flow of unexpected legal costs and purchases can be very harmful to the business bottom line.

In addition, being caught using under-licensed software deeply affects brand reputation. In this increasingly competitive economy, reputation has emerged as a major differentiator between brands. Unfortunately many firms, knowingly or unknowingly, put their reputation in jeopardy by using under-licensed software. The BSA also encourages employees or members of the public to confidentially report any businesses that are breaking the law through software piracy. Reports are incentivised, and whistleblowers could receive a substantial financial reward for outing illegal software use. Incidentally, the BSA has launched a campaign in Reading this month to ensure businesses in the area hold the correct licences for all software installed on their devices. As part of this campaign, it is encouraging reports of the suspected use of under-licensed software to be made via a hotline or the BSA website, for a potential reward of up to £20,000.

While under-licensed software may appear to be of identical quality to licensed software, it carries significant potential business risks.  Firstly, businesses using under-licensed software may not have access to technical support.  Secondly, they won’t receive regular software updates, so may be giving away their competitive edge as they will not have the tools they need to do their job properly.  Thirdly, and most importantly, they may not have enhanced protection against viruses and malware, as in some cases only critical security patches will be applied to under-licensed software.

Licence to save

More positively, effective management of software licenses can provide significant savings on staff time as well as software costs. Managing IT assets correctly through an effective on-going business process, known as Software Asset Management (SAM), can identify instances of under-licensing and also when too many licenses exist.

The long game

A double-dip recession and continued exposure to wider European economic pressures dictate that UK businesses keep a close eye on their assets and software is no exception.  It is the accepted method for business interaction, crossing vertical sectors, geographic regions and business sizes, and, as such company directors must take software licensing more seriously, and audit it regularly alongside all other business assets.

By valuing the IP of software as much as other business assets, we can have a positive effect on the UK economy, as well as ensure that UK Plc is running itself on state of the art software that is legal, safe and fit for purpose.

By Julian Swan, Director of Compliance Marketing of the Business Software Alliance (BSA) in EMEA

Is The Mobile Optimisation Message Really Getting Through?

It’s no secret that we are becoming a global community of smartphone worshipers. With year on year increases of adoption looking more and more like phone numbers, the mobile web is, without question, the new frontier for online business. And with any new frontier, there will be those who understand the terrain and find gold and those who don’t … and find rocks.

Web adoption itself, back in the 1990s and early 2000s, was, undoubtedly, a phenomenon. Developers dashed, money flowed, bubbles grew and investors got very rich, or very poor, very quickly. It was a time of mass conjecture about consumer demands & behaviour which spawned the greats such as Amazon, Ebay & Google and spurned the not-so-greats – you might have to, er, Google boo & webvan.com.

The current speed of adoption of the mobile web is 8 TIMES FASTER. Yes, 8 times.  And it’s not just idle traffic either. Online consumers are no longer the wide-eyed wanderers who would marvel at a moving image on their computer screen, they are now informed, impatient and agile and the mobile web is rapidly becoming their new playground.

In a recent survey of mobile web users carried out by the Compuware Corporation; 71% expected websites to load as quickly on their mobile phones as their desktops with 74% only willing to wait five seconds or less for a page to load. 46% would be unlikely to return to a website that they had trouble accessing via their phone and 34% said they’d likely visit a competitor’s mobile site instead.

So, what if you’re doing it right?

While the highly negative impact of an inadequate mobile presence is there to see, for businesses that are doing it right, it seems there is a similarly dramatic, positive pay off.

A recent study by web analytics solution, KISS Metrics, showed that a site optimised for mobiles is able to generate almost twice the average traffic per user than sites which haven’t. And it’s not just user engagement which is enhanced; the research suggested that, on average, visitors are 51% more likely to actually do business with an online retailer if it has a mobile site.

Given the compelling evidence on the benefits of mobile optimisation, it seems staggering then that, in a study carried out by Magus in partnership with Investis, still only 20% of the UK’s largest corporations currently provide support for mobile devices.

Slow on the uptake

The apparent lack of endeavour by business to go mobile seems to be predominantly due to;

  • The sheer speed of growth of the mobile web which has meant that even larger businesses with strong strategic focus and awareness of the opportunities are struggling to keep pace with a domain that is evolving so rapidly.
  • Businesses having to re-educate themselves and evaluate how to best transfer the functionality and consumer experience which has been developed for their desktop sites, to the different priorities and requirements of their mobile visitors.

The way forward

As is commonly the case, businesses with foresight who adopt early will see the greatest benefits in the gold rush.  With the current speed of changes taking place with the mobile web, even brand new enterprises, which enter the field fully understanding the mobile game, will likely enjoy huge rewards while recognisable heavyweights which don’t catch on quickly enough, might well see themselves disappearing out of view.

Go mobile now

Unlike the early days of web adoption where getting a company website up and running was potentially time consuming and costly, getting a mobile optimised site these days can be cheap and quick. With services such as goMobi from Daily Internet, a mobile site can be created from an existing website dynamically within minutes and then modified wherever required. While some businesses will want nothing less than a feature-laden bespoke solution, the DIY approach can ensure an almost immediate branded mobile presence.

Create content with mobile in mind

Web content is, even now, commonly created with a one-size-fits-all mentality. In order to properly engage mobile customers, consideration must be given to creating stand-alone content which is mobile specific, tailored to the requirements and priorities of people on the move.

Mobile marketing & strategies

Due to marketing to mobile users still being a relatively new technology, data remains scarce on its power and ROI but, with over 13% (and growing rapidly) of all UK web traffic now coming via mobiles, it deserves serious consideration in any marketing strategy.

And if none of the above has convinced you, take it from someone who’s had his share of online success, Google CEO and Chairman of the Board Eric Schmidt who recently heralded “mobile first in everything” as the new rule at Google.  Enough said.

By Abby Hardoon, CEO & Founder of Daily.co.uk

Enforcement Of “Cookie Law” Requires Action By All Businesses With A Website

UK businesses could face fines of up to £500,000 if they fail to meet tough new website privacy laws which come into force this month, according to EMW, the commercial law firm.

EMW warns that there are no exceptions to the law for smaller businesses.

The regulation will come into effect on 25 May 2012 and will mean that visitors to the website will have to give permission for the website to download ‘cookies’.

A cookie is a temporary computer file which gathers information about the user’s online activity. It is activated by a user when they access particular pages on a site.  The cookie is sent from the website to the user’s computer and remains once they leave the site. When the user returns to the site the cookie allows the website to remember their preferences and settings.

“The effect of this change in the law will be far-reaching; any business that has a website will almost certainly use cookies at some point or other. The upcoming deadline is a wake-up call for those businesses that have not yet updated their website to gain consent from users,” Matthew Holman, Solicitor, EMW, said.

EMW explains that the old law only required businesses to give users the opportunity to ‘opt out’ and was often done by referring to the cookies in a privacy policy.

“This law marks a major shift in responsibility for the use of personal data: previously the user had to opt-out, now the user has to opt-in from the beginning,” Holman continues.

EMW says that businesses need to take three practical steps to prepare for the new rules:

  • review what cookies are used by their website
  • decide on the appropriate course of action to ensure that consent is obtained for the use of cookies (i.e. using pop-ups or banners on the website to obtain consent)
  • ensure that these measures are implemented on or before the 25 May 2012

“The risk of a £500,000 fine for extreme infringements of the rules should send a strong message to businesses that they must be ready in time,” said Holman.

EMW says that those businesses that have already taken action to deal with the new law should make sure that the websites cookie message is clear, user friendly and understandable.

“For most businesses it is very important that web users enjoy using their websites, so strict compliance with the law is not enough,” adds Matthew Holman.

“To be successful, businesses need to make sure that their website also remains user friendly.  That can be quite difficult to do when asking users for permission to use their personal data. To this end, collaboration between web designers and lawyers is important to ensure that the website meets the legal requirements whilst remaining pleasing to the eye and user friendly.”

By Matthew Holman, Solicitor, EMW

The Death Of The Office Server

Once the lynch-pin of every single office, the every day server is now on the verge of being a mere relic, an eBay listing, a forgotten piece of technology. CIOs and IT managers will no longer have a use for it. This is not because there is anything wrong with it, but because technology is becoming more readily available and easier to use.

This is especially the case with cloud-based business applications, data storage, SaaS and PaaS becoming the norm for many businesses.

Storage stories

For so many years now, the office server has been a central part of the workings of any IT set up. Considered the brain or hub of a company’s network, facilitating back-up and storage of its most vital completed work, the failure of this server has proved catastrophic for many businesses. Overloading, power-outs, overheating and downtime all cause dips in productivity, lost business, problems related to the loss of vital data, and the list just goes on.

The traditional office server also takes up space, an expensive commodity these days, with many businesses diversifying and making allowance for flexible and home working to suit busy lifestyles and constricted budgets.

Up, up and away

The emergence of the cloud was initially greeted with some trepidation by businesses, with many fears about security and reliability surfacing. Understandably businesses wanted to ensure its safety and efficacy before entrusting their precious business data, processes and applications to it.

The concept of relying on an outsourced ‘invisible’ platform for everyday storage and business processes such as CRM, ERP and e-mail took a bit of adjusting to, but is now rapidly becoming a dominant business technology choice.

Software as a service (SaaS) innovators such as Safesforce, NetSuite and Oracle have provided cloud-based ERP, CRM, e-commerce, accounting, supply chain management and inventory software to businesses across all manner of sectors, both improving their operational effectiveness through simple to use applications, and reducing their IT support and set up costs. Retail businesses can also now see the benefits of NetSuite point of sale applications fully integrated their back office function, which provide instant visibility of vital business and inventory information across any store.

These applications have played their part in committing the office server to the annuls of history for many businesses, in turn also making the fallibilities of the back-up tape, VPNs, the IT department, patches, upgrades, maintenance, disk space, memory and uninterruptable power supplies a mere distant memory.

The application of efficiency

Increasingly, businesses are incorporating add-on applications to their businesses allowing them to integrate all manner of business functions through the cloud. These functions, which include sales dashboards, point of sale accounting and CRM to name a few, are often accessed by different staff in their relevant departments on varying scales. Cloud computing makes huge sense in these situations, as the required applications can be accessed by the staff via permission based access – passwords — through the cloud on a SaaS basis. This has a double edged efficiency saving for businesses.

Firstly, cloud-based software and services are more cost effective as the company only pays for the levels of actual software usage, as opposed to a company purchasing 30 licenses which are not all used, or used enough to justify the cost. The flexibility to ramp up and down the level of usage required removing and adding users dependent on business requirements maximises the cost effectiveness of the IT systems within any business. In addition to this, accessing cloud based platforms and software completely eradicates the requirement for on-site storage – an office server — and the associated support and maintenance costs. Any faults with the software are solved off-site and downtime is minimial. Equally, data is stored securely and businesses need no longer worry that a technical failure like a server explosion may damage their valuable data.

A good example of a company using cloud-based software to completely transform the way it does business is Reading-based Ecocleen. The eco-cleaning and support service franchise business implemented a cloud-based business management platform which saw it become completely server-less and streamline its operation, enabling it to work more effectively.

The company switched to a cloud-hosted integrated CRM platform which stored all corporate data in one single database, with access to KPI data, integration with back-office accounting and ERP through simple dashboards. The implementation of this SaaS cloud-based platform enabled Ecocleen to automate all customer billing in electronic format, adding to its eco credentials, and roll out a centrally-controlled e-marketing campaign.

The business, which has a number of regional offices, had traditionally operated disparate, regional IT systems which had hindered a uniform, branded marketing and CRM strategy and visibility of customer activity. The self-service portal within the new solution will allow the regional Ecocleen offices to quickly and easily access information relating to their transactions. The company had been using Sage Line 50 and Excel to collect and analyse KPI information, a time-consuming and complex process.

Replacing these systems has allowed the regional offices to access KPI information in real time and benchmark their own performance against each other or their own targets, which works as a motivational tool. This, together with the efficiency-saving impact of the platform is projected to play its part Ecocleen’s growth strategy, with predictions that the platform will assist it in going from 11 regional offices to an anticipated 25 over two years with a 120 per cent increase in revenue.

It is clear from examples such as this that the implementation of a cloud-based solution can help improve the efficiency of a business, providing the opportunity to focus on and expand its core business to meet financial and business targets. This ‘work smarter, not harder’ concept along with the reduced costs, worries and inconveniences associated with cloud-based applications mean that when it comes to eliminating the traditional storage and software hub, the server, or ‘brain’ of an operation, the decision really is a no-brainer.

By Andrew Peddie, Managing Director, First Hosted

What To Expect From The Workplace Of The Future

Not long ago the workforce was predictable and easy to define with most employees working routine office hours and using a fixed desktop office computer. Today working practices are highly variable: we respond to emails at all hours from smartphones, work from a variety of places and collaborate and exchange ideas via different platforms including social media. What’s more, many small businesses are starting as home-based or part-time ventures and we’re seeing greater flexible working patterns and expectations of always on connectivity inside and outside work.

But how do these new, technology-driven means of working affect companies and employees? Dell and Intel recently published the first instalment of a new TNS Global research project — ‘The Evolving Workplace’ — which aims to gain valuable insight into where and how the workplace is evolving. 21 industry experts including 11 UK representatives from the likes of Advanced Workplace Associates, the BBC and Orange Business Service offered perspective on the opportunities and demands associated with these trends:

1) Expect a tougher work-life balance

With flexible working patterns on the rise, and greater connectivity, it will be harder to distinguish between, and measure, company time versus non-company time

2) Increasing device choices

For the mobile worker in particular, resting alongside a laptop will likely be a smartphone and more and more often a tablet. While the number of devices is increasing, the need for compatibility and interoperability becomes more important — all of which is underpinned by the move to ‘the cloud’

3) Changes in adoption of devices

The number and types of devices and operating systems are both proliferating and converging. As cloud computing takes hold, the range of applications and functionalities will continue to rise. Compatibility could be less of an issue as the next generation of hardware and software should offer this as inherent capability. Tools traditionally confined to large firms are and will increasingly be more widely available to small businesses because of consumer-driven demand

4) Closer employee monitoring

In the workplace of the future, the availability of pervasive technology will make it easier for companies to monitor what employees are doing. Potentially more data will exist on what employees are doing at any given time and employers may take more interest in analysing this information. As such, employer-employee trust will be one of the most valuable resources that positive workforces can cultivate

5) Employee-led IT innovation

One-size-fits-all solutions implemented from the top-down are likely to be phased out in favour of systems designed by employees to suit their own needs. Interoperability and ease-of-use will be crucial for the increasingly decentralised organisation, and employees are more likely to turn to software solutions that are easily available and often freely available. Employees increasingly expect to be able to pick and choose the software and devices they want to use.

Work attitudes and work practices are evolving rapidly, fuelled by advances in technology and widespread broadband connectivity which is enabling the free-flow of information, ideas and other knowledge resources. Our world of work is being redefined and, with it, the traditional expectations of workers, managers and businesses of all sizes are being challenged. While some companies have been quick to embrace the benefits afforded by technology, we’re sure to see a significant gap between those who welcome change, and those who do not.

Dell and Intel will shortly be unveiling the findings of a global survey of workers across multiple industries which will delve deeper into where the change is happening and how, along with the opportunities, risks, and the impact it will all have on a variety of business types.

By Kevin Peesker, General Manager — UK and Ireland Dell Consumer and Small, Medium Business