Archive | March 2013

The Internet – “Potentially the most critical of critical national infrastructure”

The internet is not new. Developed in the 60s for military purposes and evolving in both scope and popularity ever since, the Internet has become second nature to much of the developed world. When Tim Berners Lee formulated the linkage between the hypertext mark-up language (HTML) and the internet that spawned the graphical, interactive World Wide Web as we know it, who would have thought the internet would become the essential “commerce and communications” hub it now is.

But all of that “usefulness” and “interesting stuff” does not come without concern. Use of the internet is for all intents, unpoliced, unlicensed and without service levels. For many the internet has been used to transport and transact virtually every form of digital information that can be encapsulated into an IP network packet. To that end the last decade has normalised the use of the internet for essential commercial and fundamental electronic communications – and in the eyes of many it is clear that we may now fail to function effectively without it.

It’s no longer just about technical topics like “internet security” or “latency”, but the quasi business aligned perspectives that include customer satisfaction, yield, loyalty, advocacy and customer retention. And magically, all of these elements are often realised at a marginal cost when compared to the “off internet” legacy approach.  This has propelled the internet to become a real “critical national infrastructure” element as essential to the business world as it is the personal world. But what happens if the internet disappears, fails, or is compromised? – dare we think of the day the internet finally “stops”.

Thankfully there are many supremely capable technical individuals around the world tasked with ensuring the internet doesn’t fail and due to inherent multiple levels of technical resilience, a full scale internet shut down is unlikely (but not impossible), however it is now a straightforward activity to shut down a corporate web server or the online presence of an organisation or group of organisations. The now infamous DDOS (distributed denial of service) attack is a commonly used approach to bombard a named web presence with unrequested traffic until it overloads and ceases to function.

Due to the essential commercial value delivered by corporate web sites and the financial revenue impact (and equally customer loyalty / goodwill) of a period offline, protection against DDOS and other malicious hacking approaches to take a web platform offline must now be fundamental to all. This week we have seen heightened awareness due to of one of the biggest cyber attacks of its kind involving a DDOS attack on a particular organisation at a level fourfold greater than had ever been previously experienced.  And for those aforementioned organisations underpinned by the internet, this mass DDOS attack has allegedly “slowed down worldwide internet traffic”.    

It may be time for you to consider a number of key points – is the internet an essential communications and commercial transport layer for your organisation?” and if yes, “What is the maximum period of offline activity could your organisation tolerate (i.e. no web presence, email availability or web access)?” and finally, “how slow is slower for your organisation when discussing internet related performance concerns”.

The web facing Internet presence of an organisation performs many key functions; most importantly acting as the prospect or customer initial “landing zone or gateway to the organisation”.  When discussing the corporate visibility on the net – now you see it, now you don’t is definitely NOT a humorous customer experience.

It’s time for DDOS protection for all.

Until next time.

Twitter: @colinwccuk

 

 

Consumerisation of IT

Image

Raising a child has been one of the proudest moments of my life, and being a fan of technology and gadgets it was a given that my son would follow in my footsteps. Now my son is not even 3 years old yet, but give him an i-device and he is more than capable of navigating it to find and use what he wants. The thing is, he expects everything to work like an i-device. He touches and swipes on the TV screen and wonders why nothing happens and expects everything with a screen to respond to swipes and touches.

His frustration at the lack of continuity across devices reflects what I see and hear from customers with regard to unified communications and collaboration. I get questions such as “why can’t I perform what should be an easy task on device x that I can do on device y?” or “why do I have to do things differently at work from at home to get the outcome I require?

The consumer world will always be more integrated and support a larger number of devices and features than corporate environments and this causes frustration, especially to the younger workers; this is for many reasons which we will not discuss here, but the way many modern businesses work restricts the adoption, interoperability or functionality of many modern collaborative tools and in turn their employees productivity, but that’s a subject for another blog.

What I like about i-devices is their ease of use, my son at 2 years old observed me using these devices and picked up the use of them pretty much instantly. Much of that comes down to the way that the user interface works. The other factor which is not specific to i-devices is that the user experience appeals to the senses to engage the user; I see and then I touch and something happens, sometimes visually, sometimes auditory or sometimes both, pretty much like reality. The virtual environment on the screen responds to your interactions just as you’d expect from the real world.

If we extend that to a wider audience, we get a similar experience with most of the tools that we use today, telephones all work in pretty much the same way, numbers remain the same, dialling is the same, email, text messaging, facebook, twitter etc. All function similarly in that the backend infrastructure can be accessed on many devices, be they tablet, phone or computer to provide mostly the same functionality regardless of the device used.

You could argue that it really doesn’t matter what device you use to create or access resources and information, as today most devices are good enough, and the user experience created by the application user interface is what separates a successful platform from an average one. Forcing people to change the way that they are and the way they work is not conducive to productivity. From my experience, good applications provide the best user interfaces to suit the device that the application is being accessed from. This is where I believe the future of unified communications will be. The device will simply become a tool that allows us to do what it is we want and need to do. The user interface and how it allows the user to access whatever, whenever will be the differentiator moving forward. Personally I can use pretty much any device to access what I need, what bothers me is badly written user interfaces  which prevents me from doing what I need to do or precluding me from accessing something because I don’t have the right device.

The challenge for application developers is to ensure that your user interfaces are usable and intuitive and that the back end protocols are inter-operable with other vendors; the challenge for Computacenter? Working with you to help guide innovation, change and collaboration without disrupting the workplace and making everything work seamlessly in the background so you don’t have to……

The Changing Face of Healthcare

In line with other public sector organisations, the NHS is required to make savings over the next few years. In total, these savings will amount to approximately £20Bn and are expected not to come from front line services, but rather to be found in rationalisation and efficiency savings across the board.

One way in which Acute Trusts and Mental Health Trusts are seeking to meet this challenge is to undertake Estates Rationalisation Programmes. Many organisations have a number of sites which are extremely expensive to run and are often providing limited services which can be carried out better in the community or linked with other NHS delivery to bring efficiencies.

For example, at some Trusts Community Nurses are based at a site where they have to attend each morning to log in to systems and collect their workload before setting off to see patients. At the end of the day, the clinician is required to return to the site to input the results of each clinical session undertaken, as well as ordering any follow ups required. This seriously impacts on the total time available to clinicians to meet with patients.

Technology can help. By making clinical systems accessible over mobile and wireless technologies in a completely secure and safe manner ensures that the clinician is able to access notes and patient details at the point of care. In the case of areas where mobile and wireless coverage is far from perfect (anything from rural areas to city centre housing estates and high rise blocks for example) systems can be made available in an “offline” mode. In this mode, the clinician still has access to information which is at most 24-48 hours out of date, but still very relevant to the patient.

The ability of these mobile clinicians not to have to come in to a “base” on a daily basis will reduce the amount of wasted time in travelling, and will increase total clinician-patient face time on a daily basis.

But Trusts need to think carefully about how this is achieved. Requirements of the Data Protection Act, the underlying principles of Caldicott and other NHS specific regulations around patient data security cannot be dismissed. The ICO (Information Commissioners Office) has been fining NHS organisations large sums for the loss of data, and so Trusts must ensure that data is fully secured both at rest and in transit.

Solutions will need to ensure that mobile devices (including BYOD devices) are properly secured and can be centrally managed – including full remote locking and remote wipe. In the case of clinical information, there is a requirement that the information is encrypted at all times. Furthermore, IT Directors and CIOs will have to ensure that such solutions are not open to “screen scraping” technologies.

But it is not only the information which needs to be secure. We also need to secure our staff. Clinicians are already vulnerable when out working in the community. Some are seen as targets for FP10 forms (prescriptions) or for possible drugs they may be carrying. Others invite attack simply for being a clinician. Equipping these staff with expensive mobile devices may increase the risk of muggings etc.

To prevent this, Trusts must employ strong lone worker solutions. A number of these are available ranging from solutions which are manual – based on mobile phone usage – to technically adept solutions which track locations (GPS) and have two way radio built into them which can be operated without patients/citizens being made aware. This then allows an emergency call centre to listen in to the situation and summon the appropriate assistance. The small costs of such systems and the decreasing costs of mobile solutions is quickly saved in the ability of organisations to reduce their estates footprint and to treat more patients in a shorter time.

But a word of warning. It is easy for CIOs and IT Directors to over-promise ROIs and perceived benefits of such systems. Any such implementation should be done in a phased approach allowing impact on services and savings to be correctly measured and monitored before a whole systems roll out. There are issues around ICT training, availability of hardware and solutions, security and even clinical adoption which need to be carefully ironed out before any programme is initiated. And one of the major reasons for failure of IT Programmes in the NHS? Clinician Engagement – the Trust must ensure that key clinicians who represent their areas are involved in the design and build of any mobile solution.

As an IT person, I can design a technical solution which will best meet the technical need – I cannot design a solution to be used in clinical areas without clinical input. I will only look at the technology, I need the clinicians to tell me how they work to ensure that workflows are logical to the use cases. Running a Proof of Concept with a partner of choice who is technology and vendor agnostic will allow Trusts to mix and match all solutions available to find the best approach for their specific clinical and business needs. Not all mobility solutions are the same, and not all security solutions are designed with the mobile workforce in mind. Overall, Trusts need to ensure that they select the right partner who is able to work closely with them to assist them in achieving their goals.

Are you COPEing?

There has been the usual flurry of mobile reports over the weekend from the likes of Gartner, Citrix and others. One of the articles that caught my eye was entitled “COPE Will Outshine BYOD in 2013”. Now we have talked in many of our CC blogs about how this industry loves an acronym or two and this was a new one on me. So if you live in the world of reality and to save you endless hours of wonderment I can explain it  for you –  COPE is meant to stand for ‘corporate owned, personally enabled’.

Now while you remove the cynical smile from your face, I thought there was a little more to the substance of this article. We all know that BYOD has reached the top of the hype curve and when you examine just how many Enterprise organisations have actually removed all of the corporately owned end user devices and let employees run their business from their own personal devices  -you’ll find that the answer is actually – very few.

I have been known to say on many occasions that ‘consumer IT’ and ‘BYOD’ are not the same outcome and here at CC we are definitely seeing a shift in our clients spend moving to more lightweight and touch enabled devices. However, we also see a range of new IT challenges — from security, compliance and management, to cost and human capital management, as organisations are rapidly forced to invest in some form of mobile device management (MDM). In a recent Gartner research note published at the back of last year they noted that MDM market has been growing, and will continue to grow in 2013, with the market size estimated at over $500 million, and more than 100 players!

The COPE article also stated that “Although a recent study shows that  77 percent of BYOD employees dislike the use of mobile device management (MDM) on their device, the “personally enabled,” or “PE,” aspect of COPE allows employees to choose the company-approved device they favour while also enabling them to use it personally and professionally”.

I can relate to this; as outside of the IT literate, high net worth and high fee earning individuals in an organisation – most would happily be given the right device to get on and do their job properly and accommodate for situations whereby they can access certain personal services if they want to (was it any different in desktop/laptop only days?).

However, there is clearly still some tension in reaching the right balance. Citrix recently published their quarterly enterprise mobility cloud report and one of the unexpected findings from the aggregated data showed that “Dropbox was on the blacklist, but was also one of the most heavily-recommended apps from enterprise IT (in the enterprise app catalog). This juxtaposition speaks to Dropbox’s simultaneous usefulness and risk! Organizations can’t decide!”

So how it for you? Is your mobile device strategy as clear as a bell or are you just about in a position to COPE? I’d be really interested in your viewpoint….

Who said the Wireless LAN is not already the “primary LAN”

It looks like the BYOD term has been knocked off its perch (well for a short period at least) as the hottest term around – the big story is now “the Wireless LAN”.

In recent years every mobility or BYOD discussion resulted in a “to MDM or not MDM” debate with the consensus MDM was a must have technology (whether it delivered all of the outcomes originally promised is the discussion of a future blog). However as we fast forward through the start of 2013 the BYOD topic now starts and ends with a debate about “wireless networking effectiveness”. In the time before the “mobility wave” the wireless LAN most commonly experienced by the corporate end user was a home based network of convenience deployed with simplicity in mind but often lacking in reliability.

But how things have changed, what was a useful add-on to the physical RJ45 cable based corporate LAN environment has now become the talk of the CIO agenda and potentially the bane of many CIOs lives. That same wireless network used by guests, learned end users (who knew how to sneak the secret passwords) and the handful of approved laptop users is fast becoming the defacto connectivity environment for most end users. Where is the RJ45 port on a tablet computer, or modern Smartphone – does anyone care? Why embrace the inflexibility of laptop use tethered via the physical RJ45 network port when it becomes free and supremely flexible when connected via a high performing wireless network environment. The behaviour of many of us in both personal and professional arenas toward wireless connectivity has changed. In previous years, the IT aware individual within a household configured and used the home wireless network due to awareness of it at work – now the generation Y/Z digital natives not only own the home wireless network for social, education and entertainment ideals, but equally expect it to exist all the time everywhere.

Searching for a wireless hotspot is a teenage norm and second nature to all due to the ubiquitous use of smart phones, tablets, hand held games consoles and all fundamental to a digital native personal or social existence. But it doesn’t stop there, the behaviour outlined previously synonymous with a generation Y/Z persona now exists within us all, from the seven year old expecting the ipad to connect to download the latest update to “Temple Run”, to the corporate professional checking into a hotel on business uttering those now all too common words at reception “what is the key for the wireless network”.  Do you ever remember the physical network deemed so fundamental to our work/home existence as the wireless network is today – it actually was, but in our minds it “wasn’t” and their lies the hypnotic magic of the wireless or WIFI network. This blog homes in on WIFI wireless networks but the ever reducing blur between WIFI and service provider 3G/4G networks forces us to summarise it all as “THE WIRELESS NETWORK” (not technically correct, but you get the picture).   

The wireless network underpins and enables the new world order, one where the end user can have the best connected experience of “ME” but at the swipe of a hand can choose to be part of a worldwide “WE”. That only works if the nothing stops connectively and no rules exist for connection (i.e. “it’s not available or limited to times, zones, locations”). The wireless network is already the primary network and with “gigabit wireless” coming soon destined to be so woven into the fabric of our personal and professional existence we face a “world wide stall” at times of wireless network failure. Some would say it makes the task of maintaining and securing these wireless networks far more important than we think. Uuummm, I think I can feel another blog coming on.

Until next time

Colin W

Twitter: @colinwccuk

No place to hide if you know what to look for

There is nothing like a good story in the IT world to generate a flurry of online chatter. In recent time weeks the “homeworking ban” proposed by a well known technology company has risen to the top of the corporate discussion agenda.

But this blog is not about the ban as such, but new information about additional insight that validated or supported the merit of “withdrawal of work from home privileges”. It is rumoured that information gained from vpn logs (that record remote connections) highlighted a reduced use of the vpn platform, thus indicating little use of remote connectivity to the corporate network.

If we cast our minds back, IT logs were considered by many to deliver more hassle than value. Rarely was anything of use found within, but they still were key elements to be stored securely and reliably, as part of the backup regime. It’s true, database vendors have always utilised logs to good effect to aid with transaction integrity and recovery, but for the rest of the IT community, logs equalled hassle…

But in the case of the use of log data for evidence to support the “homeworking ban” or the forensic use of log information for analysis after a major security breach, and worse still the use of log information unbeknown to us for malicious intent to launch a security attack – these examples indicate there was always “gold in the hills” but few knew where to look.

System logs pretty much exist for all elements within IT systems, software, hardware, process, you name it, everything has one and often many logs that hold a treasure trove of insight for those clear on how to and what to look for. SIEM (security information and event management) platforms, deemed by many as the perfect tool to reactively and proactively interrogate log data and turn it into true business insight, are moving from desirable (unless PCI compliance forces their use) to mandatory corporate information systems. SIEM solutions are ideal for taking often meaningless IT system data and presenting correlated, relevant business insight.

Many of us lack the time to look in system logs, nor understand what to look for (and equally what to do when we find what we are looking for), so the deployment of a market leading SIEM solution will certainly provide all of the gain with none of the pain (the configuration and deployment headaches of old are long gone).

The moral of this blog, don’t presume because you may not know how or where to look, that the information doesn’t exist. You just need to know what you are looking for (and hope someone skilled isn’t looking before you find it).

Until next time.

Colin W