Tim Murphy, one of our Sales Associates of the 2012 programme, takes a look back over 2013
Its been a while since the Computacenter Sales Associates posted on here, so there is much to catch up on…
The first important thing of note is that we have now been joined by the bigger and better than ever Associate Programme encompassing Sales, Line of Business and Services Associates. We would like to wish them the best of luck over the next 18 months we are sure you are going to love it!
“A fantastic understanding of the work that goes on ‘behind the scenes'”
So what has happened in the last year? Well there’s too much to cover for one blog so we have picked some highlights. In the first six months, we spent time with the Inside Sales, Partner Management, Bids, Marketing and Propositions teams. These rotations provided us with a fantastic understanding of the work that goes on ‘behind the scenes’ to make for a smooth and successful operation. We would like to say a massive thank you to everyone who took the time out to help with our development and teach us what we needed to know for the future.
The second half of 2013 had more of a technical and sales focus where time was spent within the various lines of business; Workplace, Software, Datacenter, Networking and Physical Infrastructure. Plus at the end of the year, we spent time with the Projects team. A great deal of time was spent within these teams where we experienced the technical landscape in which we’ll be working in the future.
Some concepts certainly seemed daunting at first but working with our specialists to break down their knowledge of technology and help us get to grips with it has benefited us hugely. On behalf of the Sales Associates, thank you to the teams involved for their time and effort.
The second quarter of 2013 was certainly an interesting period! As the rest of the business was very busy in closing the year, we were also in a very important period of our development. As part of our sales training we had to deliver presentations to some very senior audience members.
The first of these was a 30 minute session with Mike Norris (CEO, Computacenter). In this Mike played the role of a fictitious company CIO who was experiencing budgetary pressures and had difficulty in procuring software.
“We all came out of the experience feeling positive about our progression”
Our goal was to show Mike that we had learnt from the sales training process we had been though, and that we understood how to position Computacenter as a partner to help him achieve his goals. The feedback we received was invaluable – certainly a good audience to pick up from feedback from! We all came out of the experience feeling positive about our progression since starting the associate programme, but recognising we still have a long way to go to be performing at this level successfully in the future.
The second part of this process was a more in-depth, group-based project on qualifying the challenges of multiple stakeholders within the same fictitious business (played by Computacenter people) and providing a solution. The final presentation was to John Beard (Sector Director, Financial Services and Retail) and Pierre Hall (Line of Business Director, Workplace and Mobile).
The subject matter of this solution was more complex in detail. It exposed us to how Computacenter identifies challenges, provides solutions and articulates the business benefits succinctly. It was certainly a difficult process but working together with the Lines of Business Associates we all managed to come through it having learnt a great deal and put some new techniques into action.
In order to get this solution built and be able to understand and articulate the benefits we had to draw upon the experience of a wide range of people – all of whom we thank for their help.
“An experience that really put the last year into perspective for us”
A final activity in which we have been able to get involved was the recruitment process for the Associate Programme 2014.
This was an experience that really put the last year into perspective for us since it was only a year ago that we were going through the same rigorous assessment process ourselves. Being sat on the other side of the table this time, helping out candidates where possible was certainly rewarding. Working alongside the senior members of sector sales, lines of business and services for the respective process gave us the opportunity to reflect on the last year and the knowledge we have been able to build up through working on such an involved and structured programme.
Now working as buddies to the new associates we will be able to pass on our learning from rotations and help to continue with their growth in the same way that everybody around Computacenter has helped us.
To summarise, the last year for us has been a steep learning curve – working with a wide variety of people within Computacenter and being exposed to many areas of the business. We have six months left on the programme now working with the Contractual Services team and then moving into Internal Account Management.
We know we have a long way to go over the next six months in terms of learning and development but we’re feeling optimistic that by the end we will have achieved our goal of successfully completing the programme, and moving into Account Management. We hope you found this update informative. We will soon be handing over responsibilities for this blog over to the members of the Associate Programme 2014 to give you a view of their journey through Computacenter.
All the best
As we move through life, many of us will pick up sayings that we have heard along the way, whether from our parents, friends or otherwise. Sometimes though these sayings conflict with one another and have the potential to leave you in a quandary.
For instance, let us take the following two examples: “Stick to what you know” and “Change is good”
On the surface of it you have two sayings that could be used to influence your business strategy. At a second glance, it also seems that the two are in conflict with each other. But lets briefly examine the two sayings in context and walk through the thought process of each and see what we can learn from this, and indeed whether the two statements are actually contradictory.
Stick to what you know!
Many people I have spoken to when asked about a strategy to help the business develop and keep pace with the modern world in which we live, simply continue to do things the way they have always done because traditionally it has worked. Nothing wrong with that on the surface of things, why change a tried and tested method. The issue comes about when the market dynamic (both employee and customer) starts to change and puts the business in danger of appealing to a ever decreasing audience. Where in the past business was done face-to-face (as in actually being there), the market has now shifted away from this with people looking at and ordering products online rather than venturing out of the door. Depending on your business, this also means you might not need a physical space that has to be manned, so again providing tools to enable staff to work effectively from wherever makes good business sense; why rent a plush office if staff can work from home or another location.
Obviously this will not work for all companies, however those who not only survived the challenging market conditions but flourished, have actually applied both sayings in their business; stick to what you know and change is good.
Change is Good!
Certain elements of business need not change, if you provide good customer service, at a great price with a quality product and that works for you, why would you change it? The change comes in how you enable your business to provide the things that you are good at and known for, to the widest audience whilst reducing costs. Sounds like a pipe dream? Unified communications and collaboration technology enable businesses to do just that, leveraging the strengths of a business but enabling technology to drive business outcomes and ultimately increase revenue. As an example, look at businesses such as Amazon and eBay, primarily product sales to a large userbase using unified communications and collaboration technology.
An eBay user can use a number of devices to upload and make available content such as words and pictures in order to achieve sales, add into the fact that you can also transact payments from these devices really highlights the any device, any where, any time world that we have all come to live in. Using these technologies as well as others such as voice and video over the internet to drive that return to face-to-face communication and great customer service helps to drive customer retention and increased sales.
So in effect, stick to what you know – do the things that you have always done well, but do them better; but change is good – you might just need assistance in using some of the newer tools available to build and accelerate your company growth and performance and reach a wider audience and empower employees. Thats where we come in; looking at your business goals and aims, speaking with different part of the business to understand the pain points you experience right now, coupled with understanding where you are going allows us to provide a Unified Communications and Collaboration assessment service to you, a customised roadmap service helping you to get where you want to be.
Microsoft is going to end support for Windows XP SP3 April 8th 2014. A very well known fact, but with repercussions for XP systems still in use even now that are perhaps not appreciated.
The most obvious thing is that XP is not going to truly die; it is in more of a Zombie state and will continue as such long after Microsoft has stopped patching it. Despite comments from some, it is important to remember that Windows XP is a product from a kinder age and it is not possible to back-port the architectural changes seen first in Windows Vista (link), it has to go.
XP also comes with other problems, most obviously Internet Explorer (IE). For many going to IE6 was a significant jump in itself and has caused some development to enter an unfortunate technical cul-de-sac. Such dependence on historic browsers may not be as complete as some fear, but can be a default position from customer IT departments unwilling or unable to create a transition to something more defensible.
Weak XP systems are also likely to be running on old hardware, with their own problems, such as running out of disk space. It would not be unreasonable to expect that other security controls such as local antivirus are also at old versions. These systems are also likely to be running an old version of MS Office. I’ve seen examples going back to Office 97. These are end of life, or going out of life and will not run on later versions of Windows.
MS-Office also provides a very easily accessible attack surface, as good or better than the O/S itself as it is easier to exploit by Email. The threat from old systems must not stop at consideration of just the operating system but must also consider the browser and MS Office.
A recommended position
So, that’s easy, upgrade to Windows 7 and a new Office suite. Such an upgrade needs to integrate into patching, anti-malware, network security, reporting etc. This would bring the desktop O/S and Office under support but allow other security problems to be addressed in the rebuild such as local drive encryption etc.
So, what can we recommend if a customer can’t upgrade? Well, there are several direct technical issues and solutions discussed below. The problem of cost and upgrade disruption are largely beyond the discussion of this document but I hope looking at the major technical issues remains worth your time.
What to do about the browser problem?
One of the reasons given for not upgrading is the need to keep either IE6 or IE7 for some “internal reason.” So, what to do? First off, what is the extent of the problem, and how bad it is? For example, you might find yourself hearing an argument that an out of support browser is needed to connect to an out of support version of SharePoint, so an obvious if perhaps time consuming fix presents itself.
Assuming that the IE6/7 dependent systems can’t be removed immediately, the most interesting solution I have heard is to give users a second browser for Internet facing work and leave the deprecated version of IE as Intranet only. This means that the vulnerable browser is kept away from the big bad Internet, so reducing the attack surface to a much more manageable level and allows users to access online resources that are no longer interesting in supporting legacy browsers.
Probably the best browser for this purpose is Chrome, as Google have already stated they will keep updating the XP version into 2015 (link), and as such updates are automatic managing the second browser can be light touch proposition.
The difficult part is the browser isolation, but this can be managed by high quality proxy servers capable of distinguishing the browser version being used and preventing old versions of IE from accessing the Internet.
All the standard browser management techniques, such as IE settings in group policy, can also be set to make WWW access impractical via IE while allowing access to IE for local Intranet applications. There will be issues for users, and they will need to understand how to work with the “non default” browser correctly.
What to do about the browser plug-in problems
If the reason for not upgrading is legacy browser support we really need to consider legacy browser plugins. This is another problem that seems overstated by some IT functions but occasionally appears to be true. The free, make your browsing experience better – such as Adobe Flash, Shockwave, and MS-Silverlight are the most common cause of the pain. The second group are commercial and often expensive line of business applications that are more likely to cause real problems.
The free stuff needs to be challenged, sometimes line by line and item by item. Shockwave, Java, Air are all examples of items that weaken a system, often with little need to actually be installed at all. Where they have to stay, is it everywhere? Can modern versions or replacements be used to emulate the older version (Adobe reader for example.) Can the plugin be modified in some way to reduce the risk, for example unbind Java from the browser (certainly the Internet facing one.)
Where the problem are with high end commercial items that are not supported, and hard or impossible to replace a complex support issue results, but moving what is often a very small number of systems into a fully offline configuration is worth considering, leaving a user with two distinct compute instances.
Make sure that XP systems are not used as primary storage, even when in offline mode. The loss of these point solutions might have a very significant business impact.
What to do about the build image problem
As Zombie XP shuffles on it becomes more vulnerable, and more opportunistic infections will hit. So, in order to perform tasks like rebuild, VDI etc it becomes necessary to deploy the build fully hardened immediately, you won’t be able to have a base build of XPsp3 and then harden it later. This build image will probably need its applications, antivirus and system hardening settings updated often, and subjected to frequent testing.
What do we do about the anti-malware problem
For the time being there are many antivirus vendors who will supply and support high quality products to defend XP. My personal view is that this will continue as long as there is a large deployed base. We are just beginning to see the major manufacturers drop support for Window 2000 after all. So, this is one of the lesser problems. But, we are now relying on the antivirus to do much more work, so we need to include a full suite of technology including personal firewall, HIPS, download control etc. AV needs to be set more aggressively, and updates performed more rapidly. Engine updates become much more important; keep an eye for any vulnerabilities in the AV itself and make sure they are corrected quickly.
You may also consider something a bit more radical, for example using tools designed to oppose advanced persistent threat, or APT to further harden the system. Also monitor system, networks and traffic for evidence of malware (link.)
Beyond anti-malware is full on application control and application white listing. Though these will only work on well managed systems, and well managed systems probably wouldn’t have this problem in the first place.
What to do about the patching problem?
You can’t patch the XP any more, simple? But, you can patch many applications. It is also possible to reduce the attack surface by upgrading those applications. For example upgrade MS-Office which you can continue to patch. Also, Microsoft patch Tuesday needs to feed into your vulnerability lifecycle management as hackers are going to be reverse engineering patches for IE, Vista SP2 and Office 2007 to find exploitable vulnerabilities that appear in the common code bases.
What to do about old hardware
It has been a very long time since a general desktop hardware refresh has been necessary. Many systems purchased for Windows 2000 deployments are perfectly capable of running Windows XP. Though 15 year old PC’s are pretty rare, there will be many that are incapable of re-use. Even hardware only a few years old, and more so peripherals might not be expected to work beyond XP. It seems unlikely that anyone will find it helpful to make a case for staying on XP just because of the hardware costs, even for traditional desktop rollouts. The advantages in usability and performance are likely to be self evident. Perhaps more thought might go in the need for that hardware to support versions of Windows that will ultimately replace Windows 7.
There is so much written on general security practice but poor change management, local working practices and just general neglect weakens them over time, these can be restored and have very useful security outcomes, a few to start with:
- Shutdown anonymous shares, force credentialed connections
- Block LM authentication, many systems are still set to use weak authentication
- Check and enforce good password policies
- Remove unused accounts both locally and domain
- start logging properly, particularly at gateways, and read them occasionally
- Add robust device control, in particular block execute rights from removable media
- Stop using XP workstations for storage
- Control Internet access, inbound and outbound and make sure that the basic controls are mandatory
Remove the biggest threat, the Internet. If people really need to access internal applications then get them to do it from a different system than their general workstation. This can be either by creating a local virtual machine (Windows 7 can support its own) or perhaps VMware workstation. The XP physical machine can be ported to virtualisation. There are many possibilities where XP really has to stay for an extended period of time, just keep it away from the threats.
The best plan
The best plan is to have a plan, make sure risk, business impact, compliance and user acceptance are all part of the plan and allow XP to finally retire to the history books.