AN INDEPENDENT SUPPLEMENT FROM MEDIAPLANET ABOUT EFFECTIVE IT MANAGEMENT

30 MAY 2008

EFFECTIVE IT MANAGEMENT

Maximise your IT investment in a regulated world

AN ADVERTISING INSERT BY MEDIAPLANET2

CONTENTS

Virtualisation 4-5

Green IT 8

Effective InformationManagement 9

Security 10

EFFECTIVE INFORMATION MANAGEMENTA TITLE FROM MEDIAPLANET

Project Manager: David NorthfieldEditor: Ron CondonProduction Manager: Katherine WoodleyDesign: Sherine BarnesPrepress: Jez MacBeanPrint: News International

Mediaplanet is the leading Europeanpublisher in providing high qualityand in-depth analysis on topical industry and market issues, in print,online and broadcast.

For more information about supplements in the daily press, pleasecontact Simon Kenneally

Tel: 020 7563 8897simon.kenneally@mediaplanet.comwww.mediaplanet.com

EFFECTIVE IT MANAGEMENT Introduction

Jose Barosso, president of the Euro-pean Commission, is making the im-provement in European energyefficiency a central theme for the nextfew years. In a major speech at theCeBIT technology trade fair in Marchhe made it clear that the Commissionsees the use of ICT (Information andCommunications Technologies) as thedriver of improvements and innova-tions throughout the whole economy.

In the software sector integratedbusiness systems have become com-mon place even for medium andsmall sized organisations. The debatehere is to whether you want to buyyour solution from one of the mega-vendors who have consolidated themarket over the last few years or pre-fer a smaller supplier who can providea more tailored solution for your in-dustry and business – but might be ariskier prospect in the long term. And,perhaps a shock to IT vendors, the de-sire of customers to make more fromthe systems that they already haveand enjoy the promised returns ontheir investments.

There is also the increasing choiceof whether you even run your ownsystems. There are a growing numberof companies offering ‘software as a

service’ over the web and providers ofout-sourced IT. It is yet to be seen ifthese channels will become the norm.They might work for outsourced billproduction or accounting and au-tomating the sales-force through theweb, but is loosening control of mis-sion critical processes and the tech-nology which brings an organisationits competitive edge really desirableor even feasible?

The ‘digitalisation’ of the businessworld continues with paperless busi-ness processes becoming a reality andvirtual meetings and collaborationpossible through web, video confer-encing and the move of social net-working into the business systemsarena.

This puts added pressure on net-works, communication and security.Recent government data losses havemade everyone acutely aware throughtabloid headlines of the importance ofprotecting information, identity andprivacy. The increased demand for al-ways on, always available systemswith information presented in theright format through a range of de-vices, only makes the issues morecomplex to manage.

The need for unified communica-

tions with a growing number of ap-plications and devices and the virtu-alisation of systems to provide a moreefficient IT infrastructure requiresnew types of visionaries and archi-tects to make sense of the possibilitiesof the ICT landscape. Consultantsmust provide new services and adviceand the focus of training must shift.

The ICT industry has come of age.The reality is that the world economycould not function without software,hardware and communications tech-nologies – but the industry needs tostep up to its responsibilities.

Jairo Rojas is director general ofBASDA, a UK-based, member-driven

organisation that represents IT or-ganisations of all sizes from theworld's largest business software sup-pliers through to UK headquarteredmedium and small sized businesses.

Jairo Rojas, director general of BASDA, the voiceof the UK business software industry, assessesthe current trends in the IT sector.As the first decade of the 21st Century draws toits end the IT industry faces new challenges…and is even being asked to play a major role insaving the planet!

Effective ITpowers theworld

BY JAIRO ROJAS IS DIRECTOR GENERAL OF BASDA

IN ASSOCIATION WITH

www.basda.org

3AN ADVERTISING INSERT BY MEDIAPLANET

Cyber crime threatens the core infrastructure supporting critical business activitiesTapping into fibre optic cables is easier than you think!

As one tries to assess the damage and possible consequences of the millions of people now open to data fraud afterthe spate of recent data losses, none quite as disturbing as HMRC losing two disks containing 25 million personaland financial records, it has to be asked ‘what happens if this information was freely available to anyone possessingoff the shelf eaves-tapping equipment?’

State-of-the-art fibre optic networks are now deployed by many banks, insurance companies, enterprises, governments and public services, supportingcritical business activities such as real time data mirroring to disaster recovery sites or the communication backbone between data centres such as athird party IT outsourcing companies. It just so happens that this is now a new area where cyber crime is rife.

If no security precautions are taken to prevent the theft of data, the consequences could be devastating. Unlike this most recent case where disksor a laptop have clearly gone missing, in a premeditated tapping of an optical network it is extremely unlikely that the victim will even be aware thatthe perpetrator exists; information will not go missing as our data thief will be simply eavesdropping and copying what transpires over the network.

Examples of such breaches include Verizon's optical network in the US where it is believed someone was trying to access the quarterly statementof a mutual fund company prior to its release—information that could have been worth millions. Other examples of where networks have beenoptically tapped into include the Dutch and German police, pharmaceutical giants in the U.K. and France, and three main trunk lines of Deutsch Telekomat Frankfurt Airport in Germany.

Hacking into fibre-optic communications is not just a theory, but constitutes a real danger that needs to be taken seriously. The only effective responseto this threat is the encryption of the data at the point where it leaves the protected internal realm.

Potential risks of optical networksThe notion that fibre optic cable is particularly secure when compared with traditional copper wire is no longer accurate since there are variousso-called “Optical Tapping Methods” which can be used, to extract data from fibre optic networks. The risk of being detected is very slight,if not non-existent.

To determine which fibre optic cables are being used by a particular organisation is relatively easy as the individual cables in a cable loom are markedfor maintenance purposes. Thus it is sufficient to identify the cable emerging from a building and tap into it from a freely accessible splicing point(joining of two optical cables). Hundreds if not thousands of these splicing boxes are typically installed in optical networks, which as a rule, are kept

in housings that can be opened with a square locking key.For as little as £500 ‘off the shelf’ coupling devices can easily access and monitor the flow of data information without the useful signal having been noticeably changed when it reaches the recipient,

or without disturbing network operations. It is sufficient to bend the fibre keeping the cladding (protective layer) intact, in order to be able to track the exchange of information with little or no chanceof being detected.

What could it mean to your business? The world has been shocked to think that the institution that sets the standard and writes the rules, legislating how data needs to be protected can be today at the forefront of one of thelargest losses involving 25m files containing individual personal information.

In the commercial sector directors are now made personally liable, and can be forced to pay damages and fines and can even face imprisonment. In regards to HM Revenue and Customs the questioncan be rightly asked as to who will ultimately take responsibility?

For some industry sectors the worst impact can be the devastating customer’s trust which as in the case of Northern Rock can have huge consequences not only on the investment and stability ofa financial institution itself but can have far reaching implications that can reverberate across the whole financial sector effecting the economy of a whole country.

After the humiliation of the negative press coverage, the financial damage does not stop with the potentially disastrous consequences of a drop in its share price. There are huge additional indirectcosts associated with a breach where sensitive data, whether it is National Security Numbers, Health Data, Credit Card details or other financial records are lost. Some of these costs will be linked toPublic hearings, call centers, investigations, and credit checks.

With an estimated cost of between £50 and £70 per customer, it is unlikely that in this situation the HM Revenue and Customs will go out of business as it is clear who ultimately will pick up thetag for this ‘oversight’!

Protect fibre optic networks using encryptionWhen data is being transmitted over fibre optic networks, sensitive information is almost always involved, whether from financial institutes, insurance companies, pharmaceutical and chemicalindustries or public administrations. If the integrity, confidentiality and authenticity of this information is not 100% guaranteed, the user of this technology may be exposed to a risk ofimmeasurable proportions.

Cyber crime is clearly on the increase, with the prospects of huge rewards and minimum risk; today’s ‘hackers’ are professionals. In reality, the only sensible and truly secure course of action to guardagainst attacks of this nature is to encrypt information using special high performance encryption solutions when transmitting across public networks. It is not surprising that Swiss Banks regard theencryption of optical connections to be an integral part of their corporate information risk management strategy and Best Practice procedure. It is also interesting to note that for many years it hasbeen a matter of National Security for Governments and it’s Military to encrypt optical networks.

SolutionInfoGuard provide a product series specifically designed to address the needs of encrypting high speed optical networks with their seamless, low latency encryption solutions with outstanding 100%performance throughput.

These high speed link encryption devices support all the main transmission protocols such as Ethernet, Fibre Channel, FICON and SDHwith speeds of up to 10Gb/s. At InfoSecurity in April in London, InfoGuard had their debut showing of the first ever multiprotocol encryptiondevice supporting up to 10 Ethernet, Fibre Channel and FICON connections over a single transmission link. The flexibility and modularityof the encryption architecture allows customers to easily change input speed and protocol enabling users to customise their securityrequirements not only for today but also in the future, supporting different MAN, WAN and SAN applications at data rates of up to 10Gb/s.

InfoGuard is a member of Swiss ‘Crypto Group’, one of Europe’s largest and most renowned ICT security providers employing a staff ofmore than 300, with customers in over 130 countries and over 55 years of experience and continuity in the field of information security.

Bernard Everett Region Sales Director Western and Southern Europe InfoGuard

InfoGuard Regional Office · Ashley Hall Farm · Ashley Green Road · Chesham, Bucks HP5 3PFTel. +44 1494 772 294 · info@infoguard.com · www.infoguard.com

PROMOTIONAL FEATURE

AN ADVERTISING INSERT BY MEDIAPLANET4

VirtualisationEFFECTIVE IT MANAGEMENT

Virtual worldThe concept of virtualisation is almost as old ascomputing itself. From the earliest mainframemachines of the 1960s, systems designers foundways of splitting the available computing powerand memory so that various jobs could run onthe same piece of hardware simultaneously.

The separate jobs, known as ‘virtualmachines’ enabled the scarce and ex-pensive resources of the computer tobe shared and exploited, therebyachieving the IT equivalent of puttinga quart into a pint pot. It was cleverstuff, and given the high price ofcomputers at the time, essential to getthe most out of the investment.

With the introduction of siliconchips in the 60s and the realisationthat Moore’s Law (which states that thepower of a chip will double every 18 to24 months) would continue to apply,virtualisation did not appear to matterany more. With cheap hardware get-ting cheaper and more powerful all thetime, virtualisation seemed a pointlessexercise, a technique of purely histor-ical interest.

Designers of software got lazy. Whyshould they bother writing efficientcode when processing power andmemory cost next to nothing, and themost important thing was to get theprogram out of the door before itscompetitors.

Software became ‘bloatware’ – fullof fancy features that hardly anyoneneeded or knew how to use – andcompanies continued to buy in new

hardware to handle every new busi-ness application they wanted to run.Data centres got larger and larger, butstill that didn’t really matter becausethe benefits seemed to outweigh thecosts.

Then a combination of factorscaused companies to think again. Theprice of commercial office space wasrising, the price of energy was startingto become an important factor on thebalance sheet, and we also saw the riseof the ‘green’ movement.

Companies eager to show their cor-porate social responsibility decreedthey would cut their carbon emissions,and if that saved money at the sametime, then all the better.

So the focus fell on the IT depart-ment, now a major consumer of en-ergy, to pull up its departmental socksand it was clear that, with so muchslack usage of resources over the pre-vious years, it would not be hard tomake improvements.

And so virtualisation was rediscov-

ered with avengeance. One sure-fireindicator of the change of mood camelast August when EMC, the informa-tion management company, decided tofloat 9 per cent of its VMware unit,which had been developing virtualisa-tion software since 1999.

Despite the gloomy state of the mar-ket for hi-tech stocks at the time, thesale raised $11bn at $29 a share, andwithin hours shares were trading for$59. The market knew that virtualisa-tion, and VMware in particular, wouldbe in big demand across the whole ofindustry and Government as theyscrabbled to improve their IT perform-ance.

So how does virtualisation work?The great breakthrough that virtuali-

sation, and VMware in particular, de-livers is that it allows multiple appli-cations, even if they have beenwritten to run under different operat-ing systems, to sit on the same phys-ical computer and share resources –including processor, sound, graphics,storage systems - without interferingwith each other.

It is hard to exaggerate how muchpower and flexibility this gives com-panies in managing their IT. Becauseall machines are ‘virtual’, it meansthat they can easily be reassigned todifferent hardware as the need arises.Instead of allocating one applicationto a server, applications can be loadedalongside each other on the sameserver, thereby making the best use ofresources.

“Companieseager to showtheir corporate

socialresponsibilitydecreed they

would cut theircarbon emissions,and if that saved

money at thesame time, thenall the better”

AN ADVERTISING INSERT BY MEDIAPLANET 5

EFFECTIVE IT MANAGEMENT

The fact is that many servers cur-rently run at well below their full ca-pacity – typically at around 15 per cent,and sometimes as low as 5 per cent. Vir-tualisation allows the hardware to be ra-tionalised and for server utilisation to beboosted to as much as 80 per cent.

In practice, that means you have farfewer boxes pumping out heat, andyou need less air-conditioning to coolthem down. And with some centralLondon office space now renting atmore than £100 per square foot, halv-ing the size of the data centre (oravoiding the need to build a new one)has real financial benefits too.

You also have far less to manageand maintain. If you are running 1000servers, it means you have 1000 boxes,1000 power cables, 1000 network ca-bles and so on, all of which need look-ing after and which can go wrong. Byreducing that to fewer more powerfulservers with redundant power suppliesbuilt in, and fewer cables, the wholething becomes much easier to manageand control.

Servers are only part of the picture,though. The fragmentation of systemsover the last two decades resulted instorage systems being equally under-utilised. Each server had its own disksattached, each storing their own ver-sion of company information – andusually running half-empty.

With the emergence of network-at-tached storage, it means that all the in-formation can loaded into a centralpoint, and then accessed by the serverson the network. That not only makesbetter use of the available storage ca-pacity (and cuts costs and power con-sumption too) but it also allowscompanies to begin to tackle one oftheir biggest challenges – the relent-

less rise in the amount of data theyneed to store.

So much data, so little informationThe research company IDC has calcu-lated that the amount of digital infor-mation created and replicated lastyear amounted to 161 exabytes (anexabyte equals one billion Gigabytes).That is about 3 million times the in-formation contained in all the booksever written up to the present day. By2010, IDC says the information added

every year to the digital universe willincrease more than sixfold to 988 ex-

abytes. And the pace of growth willcontinue to increase.

These numbers are so large as to bemeaningless, but they have forcedcompanies to keep increasing theirdisk capacity every year to accommo-date what they feel is vital informa-tion.

On closer inspection, however, mostcompanies’ systems are clogged upwith rubbish, and multiple copies ofrubbish. Consultants generally work towhat they call the “50/50 rule” whendealing with customers’ storage.

They generally find that 50 per centof the storage is unused, and that 50per cent of the data is unrelated to thebusiness. And there can be a lot ofduplication; if one member of staffdownloads the latest Arctic Monkeysvideo from YouTube, he’ll want toshare it with the rest of the company,so they all have a copy on their sys-tems.

By consolidating storage, it is mucheasier to manage duplication of in-formation, and also to control thetypes of information stored. Somecompanies also announce they aredoing an audit of information stored

on the company systems (which canresult in some rapid deletions), whileothers adopt a policy of moving un-used data into archive storage after aset period.

One further driver for consolidationof storage is the increasing amount ofregulations that companies need tocomply with – whether it be data pro-tection, or the safe management ofcredit card numbers. If information isallowed to reside on multiple systems,it is hard to prove to auditors or reg-ulators that information is properlyprotected. But with data kept firmlyin one place, tight control becomesfar less of a problem.

And this leads us to a new areawhere virtualisation is making an im-pact – on the desktop. That inventionof the 1980s, the PC, made comput-ing ‘personal’ and put a very power-ful and potentially dangerous tool inthe hands of nearly every officeworker. Connected to the Internet, thePC is prone to viruses, spam, Trojans,begging letters from Nigeria, andspoof messages trying to prise yourbank details out of you.

The PC is also expensive to run. It

needs regular updating to keep it safefrom threats, and it probably needsreplacing every three years to keep upwith the latest version of Windows.

But now the techniques of virtual-isation offer a new approach. Insteadof providing each user with a top-of-the-range PC on their desk, their ma-chine can be ‘virtual’ and held on acentral server, where it can be man-aged and backed-up without any userintervention. The type of device theuser has is irrelevant. It could be adesktop PC, a laptop or a thin-clientterminal. As long as it is able to com-municate with the server – it couldeven be a PC in an internet café – theuser can work as if they had theirown PC on their desk, but withoutmost of the inherent dangers.

It could be argued, in fact, that vir-tualisation is taking us back to wherewe started, with those mainframes ofthe 1960s, and to a more centralisedmodel of computing. But this is noretrograde step. It is just a question ofre-learning some of the lessons thatwere forgotten for a couple ofdecades, and delivering a more effi-cient and reliable IT experience.

“It is hard toexaggerate howmuch power and

flexibility thisgives companies

in managingtheir IT. Becauseall machines are‘virtual’, it means

that they caneasily be

reassigned todifferent

hardware as theneed arises ”

Virtualisation

It's amazing what can happen when you s

Virtualisation and beyond

Information technology has brought massive benefits to private companies, consumers and thepublic sector, but it has also created a raft of new challenges.

Systems have grown more complex, requiring ever more qualified staff to run them, and theincreasing amount of electronic equipment, on desks and in data centres, consumes a vast amountof energy. At the same time, our reliance on systems to store and process our data leaves usvulnerable; if the systems fail for whatever reason, we grind to a halt.

One man with a deep understanding of these issues is Adrian McDonald, VP and general managerof UK and Ireland for EMC, the information infrastructure company. He sees IT organisationsincreasingly struggling on tight budgets to meet the unrelenting demands of their businesses.

“Our customers face some key issues. The volume of data is exploding, and the averageorganisation is handling 60 per cent more information every year,” he says. “At the same time,budgets are rising by 5 per cent maximum, and in most cases are staying steady or even being cut.”

And it is not just the quantity of data that hard pressed IT directors have to contend with. Theyare also being asked to provide a better quality of service.

Adrian McDonald again: “So not only do [IT departments] have to manage 60 per centmore data every year with no increase in budget, but they also have to deal with a numberof additional challenges they did not have before. Business continuity requirements, forexample, are far more stringent than they were just five years ago. Then they have tocomply with a whole new raft of regulations. And they have security requirements whichbecome ever more exacting and complex as their businesses seek to work closer with end

users or consumers.”This combination of total reliability, compliance with regulations (such as data protection), and

security (to avoid systems being compromised by outside hackers or inside fraud) is whatMcDonald terms as ‘Qualified IT’.

But this is now just the basic benchmark that all organisations need to meet. On top of that, theIT department has to be far more responsive than in the past in order to add competitive value totheir business. Competitive edge is built on business flexibility, so companies need their ITdepartments to react quickly when the need arises. McDonald says that not long ago, an ITdepartment might be given 12 to 18 months to deploy a new application. “That is now comingdown dramatically. Now they are expected to be in production in six months or even less,” he says.

But with no extra money to make it happen, how do they achieve it? McDonald says that theanswer lies in the ongoing automation of management processes across the IT infrastructure,driving increased productivity.

“We cannot employ more and more IT specialists to deal with this ever-growing mountain ofdata that we have, and to gain the information that is held within it, without going to moreintelligent forms of automated information management. In recent years, EMC has focused muchof its investment in products and skills to help our customers plan and progressively deliver thiskind of automated capability” For most organisations, the first phase of this move towards greaterautomation is the consolidation of sprawling IT infrastructure. Physical consolidation strategieshave, in recent years, been supplemented by virtualisation as a means of making better use of

Virtualisation is the current hot topic for organisations seeking IT efficiencies - but it is only one part of the essentialtransformation that IT operations must embrace.

An interview with Adrian McDonald, VP and General Manager, UK & Ireland - EMC

A clear picture of your entire information landscape will help you provide your company with the strategic andcompetitive edge it needs. Visit www.emc.co.uk/biggerpicture to learn more

see the bigger picture

assets. “Consolidation can take many forms,” says McDonald. “We have seen customers go fromrunning five data centres to two; from 300 applications to 250; or from 2000 servers to 400, andso on…They are basically trying to increase their rate of utilisation.”

Server virtualisation has come through as the earliest quick win, he says. “It is a no-brainer,because servers are running at such low utilisation levels. We are seeing server virtualisation ratesimproving by between two and eight times. “

As he says, the average server typically only runs at around 15 per cent utilisation, and oftenless than that. Virtualisation enables utilisation of up to 60 or 70 per cent. Similarly, it has beenpossible to make huge savings by organising storage more effectively in order to achieve betterutility of the physical assets.

Virtualisation has attracted much attention and plenty of investment, but it is still largelyperceived as a cost-reduction exercise. This overlooks the many value-creating possibilities thatthe technology makes possible: improving the reliability and usability of systems, and helpingto streamline management processes.

Backup, recovery and archiving is a prime example. “We enable more efficient processes in thisarea to free up the 24-hour cycle in IT,” says McDonald. “And we do it in a way that keeps theinformation easily accessible, either online or nearline, and allows the value of that informationto be sustained over time.”

This not only reduces cost (by making better use of storage assets), but also allows companiesto start using their historical information much more intelligently. For instance, data warehousing

applications that are able to exploit efficiently archived historical data give companies a muchimproved, single view of their customers, and enables them to deliver better service at lowercost.

However, harnessing these considerable benefits is not a straightforward task.Virtualisation creates many new possibilities, but it also demands new approaches to thepolices and processes governing the deployment and management of applications, storagecapabilities, security and backup and recovery systems.

“It brings up implications across the whole of IT,” says McDonald. “You can’t get to anoptimised solution without working with people who have real expertise in that area. Webelieve that EMC, as the home of information consolidation, information management,and virtualisation, are in the best position to handle the job. It’s what we think about allthe time. We have the tools and the experts to navigate through the processes and policiesto take advantage of consolidation and virtualisation.”

Implemented correctly, virtualisation can bring huge benefits. It allows companies totake out more costs from IT and increases the ability of IT to respond to the business morequickly. But it is only one part of a much bigger picture of consolidating, and ultimatelytransforming IT infrastructure and operations; a picture in which the automation ofinformation management processes remains the guiding objective. Getting this right is aspecialist job, says McDonald, and one that EMC is uniquely equipped to perform.www.emc.co.uk/biggerpicture

PROMOTIONAL FEATURE

AN ADVERTISING INSERT BY MEDIAPLANET8

Green ITEFFECTIVE IT MANAGEMENT

The pressure is not entirely altruistic,or based solely on concern for theplanet, of course. It comes at a timeof soaring fuels prices and in someparts of the country, areas reachingthe limit of their generating capacity.

No matter, the fact is that the rapidexpansion of IT usage has resulted in ahuge demand for electricity. If wayscan be found to reduce its voraciousappetite, then it will benefit both theenvironment and company finances.

Much effort has already gone intotackling the huge amounts of powerconsumed by data centres, where sys-tems had grown up haphazardly overthe years on the back of cheap powerand readily-available office space. Thereceived wisdom of the time was thatfor every new application an organi-sation deployed, it was simpler to buynew servers and storage subsystems(which were also coming down inprice) rather than trying to make bet-ter use of existing equipment.

It did not matter that for every extrakilowatt consumed in powering newequipment, an extra kilowatt wouldalso go on air-conditioning to keep itfrom meltdown – so a data centre’s en-vironmental impact came in the formof a double-whammy.

Green ITWith IT now accounting for an estimated 2 percent of CO2 emissions in the world, thecomputer industry has come under increasingpressure from users and green campaigners aliketo see what can be done to clean up its act.

With consolidation of systems andgreater use of virtualisation, however,it has already been possible to achievesome fairly significant improvementsat the data centre level, with some or-ganisations rationalising their IT estatedramatically.

But the improvements don’t need tostop there. The office is the new bat-tleground for energy saving, and ex-isting approaches to IT offer plenty ofscope for improvement. For instance,the new generation of multi-functionoffice printers have been designedwith energy-saving in mind. By com-bining the functions of printer, scan-ner, photocopier and fax all in onebox, and by adding plenty of extramanagement features to minimisepaper, ink and electricity usage, theycan replace a whole army of smaller,less efficient devices around the office.

Printers can also be set to print dou-ble-sided by default (saving paper),and forms can be designed to use lessink. If that is also backed up with acampaign to save paper (by not print-ing off emails, for instance), then thesavings can mount up more.

Then we turn to the PC, whichmight at first sight look like a fairlyinnocuous piece of equipment, draw-

ing a mere 70 to 150 watts of power.But multiply that by the hundreds orthousands that companies run in theiroffices, and the problem becomesclear, especially when again you addextra air-conditioning to offset theheat they generate.

Some companies try to tackle theproblem by persuading staff to use thepower-saving features on their ma-chines, and also to turn them off atlunchtimes and in the evening.

But that is just nibbling at the prob-lem, and for some companies a moreradical approach is needed. “We havecustomers in the City of London whowere literally running out of power.The issue was actually hampering thegrowth and development of their busi-ness,” says David Angwin, head ofmarketing Wyse, a company that spe-cialises in ‘thin-client computing.”

His customer have chosen to take

out their PCs and replace them withWyse terminals, which have the same

look and feel as PCs, but which leaveall the processing to a central server.This means they have no local mov-ing parts and have a power rating ofbetween 6 and 20 watts. “Even taking

into account that you need to add toyour server capacity, we regularly de-liver a net saving of between 50 and90 per cent,” he says.

The thin-client approach has someother ‘green’ advantages too. Whilethe life of an office PC tends to be nomore than three years, thin-client ter-minals can go on for eight to tenyears. If any upgrade is needed, thattends to be done on the server, leav-ing the terminal unchanged. WithPCs, any new software upgrade willusually force an upgrade or replace-ment of each desktop machine.

Whichever approach you take, it isworth checking at www.epeat.net,where you’ll find the Electronic ProductEnvironmental Assessment Tool, that isdesigned to help purchasers to evaluate,compare and select desktop computers,notebooks and monitors based on theirenvironmental attributes.

“We havecustomers in theCity of London

who wereliterally runningout of power ”

AN ADVERTISING INSERT BY MEDIAPLANET 9

Enterprise Resource Planning EFFECTIVE IT MANAGEMENT

Software companies such as SAP, Or-acle, Peoplesoft and JDEdwards (the last twonow owned by Oracle)flourished on the boomas large companieswent through thesometimes painfulprocess or stripping outall their old applica-tions and putting in thenew all-encompassingsystem.

The sheer expenseand complexity of thedeployments meant thatsmaller companies wereexcluded from enjoyingthe benefits of ERP. Butover time, a whole newsoftware sector hasemerged to provideERP-type systems at amore affordable price.Furthermore, many of these systemshave been designed with specific in-dustry sectors – such as manufactur-

ERP software comes within thereach of smaller companiesMore than a decade ago, big corporations began to see the error of running different IT systems for various parts of theirbusiness. Instead the concept of enterprise resource planning (or ERP) developed where all the functions of the business wereclosely integrated into a single system and shared databases.

ing, distribution or finance – in mind,so that the prod-ucts require littletailoring or ex-pensive consul-tancy to startearning theirkeep.

The entry intothe market byMicrosoft by theacquisition ofGreat Plains andNavision, helpedto spread theword, and bringdown prices. Butas some of theexamples belowwill show, thereis an abundanceof well-triedsoftware to fitmost budgets.

Nevertheless, installing ERP is amajor step for any company that mayinvolve installing new hardware, trans-

ferring data from old systems to the newone, changing processes and proce-dures, and training staff to use it.

Skimping on any of these areas maylimit the benefits you get from the fin-ished article. But the benefits are po-tentially huge.

“Many people who run their busi-ness with two, three of four differentbits of disparate software, requiringhours of data input and manipulationand re-keying, which is a poor use ofvaluable resource,” says Andrew Mor-gan, CEO of Anagram Systems “Wehave one client who previously used torun three bits of software and it tookthe MD five days to get his figures outat the end of the month. Once he wentdown the integrated route he could doit at the push of a button.”

That view is echoed by DominickMonkhouse, head of itlab, a consul-tancy: “In a lot of SMEs their impor-tant data is spread across a range ofapplications that cannot talk to eachother. It is a bit like every member of ateam speaking a different language.

But if all this data is pulled together inone system it makes it easier to use,saves time and money, helps with re-porting and ensures people can workfrom anywhere globally. By doing thisyou could increase sales (by 40%) andcut your operations costs (up to 70%).”

Having one set of data to managealso means less chance of discrepan-cies and a single version of the truth,as Vernon Spencer, technology directorat Cambridge-based Visual Planet, dis-covered when he installed the WinmanERP system from SSL Winman.

Visual Planet produces the technol-ogy that drives the big interactivetouch-screen displays that you nowsee in high street windows. With busi-ness expansion, Spencer says commu-nication between departments wasgetting harder. “Our team of staff thatare only involved in the manufactur-ing process have less awareness of thebigger picture. This was creating com-munication issues as the sales teamneed timely information on orderprogress and capacity.”

The ERP system is now used to drivelarge displays in each department sothat everyone can see that bigger pic-ture.

In a very different type of business,Rococo Chocolates has moved fromusing a simple accounting packagefrom Sage, which ran on a laptopowned by financial controller GerryKerins, to an ERP service supplied byNetsuite, which requires little invest-ment in IT, and handles all back-upsautomatically.

The system covers accounting, salesmanagement and logistics processes,and includes a real-time dashboardfunction, which lets staff see immedi-ately what is happening in a particulararea of the business. For instance, the

staff in the warehouse can see theday's orders, and senior managementcan look at sales and profitability. Italso allows customers to place ordersthrough their own NetSuite interface.According to Kerins, it means every-one knows the exact status of their de-partment, saving time and improvingthe efficiency of the business.

But advantages like these require agood deal of thought and planning.And according to Charles Noden, anERP specialist at consultants Totalam-ber, system changes can sometimesencounter a good deal of hostility ifpeople are not involved from the start.

“The first thing that needs adjust-ing is a company’s mindset,” he says.“Key stakeholders need to representeach division of the company in orderto buy into the advantages of movingto ERP. Another way of reducing thepain is to have a dedicated team ofboth external and internal represen-tatives so that the external consult-ants bring an impartial overview andan internal team has the capability todeliver.”

And he advised a stepped approach toease the transition. “Total paralysis canfollow an installation if SMEs try to dotoo much too soon, particularly whendoing so without sufficiently training orinforming their staff,” he says.

Choosing a good team of advisersto help with implementation certainlyseems to be a key factor in ensuringsuccess. Before going with any com-pany, take up customer references,preferably from someone in the samebusiness as you, and don’t be fooledby flashy sales literature or websitesalone. With some software, there isalso an active user group, which canbe invaluable for the exchange ofideas and talking over problems.

“The sheerexpense and

complexity of thedeploymentsmeant that

smallercompanies wereexcluded fromenjoying thebenefits of

ERP”

AN ADVERTISING INSERT BY MEDIAPLANET10

Security EFFECTIVE IT MANAGEMENT

The Department carries out the researchon more than 1000 companies everytwo years, and the results give the mostreliable picture of how well organisa-tions are coping in protecting them-selves and the information they hold. Italso provides allcompanies with abenchmark againstwhich to measuretheir efforts.

And there wasgood news. The pro-portion of companiesthat now check in-coming emails forviruses has risen to95 per cent, and 82per cent of them do adaily update of theiranti-virus software toensure it will catchthe latest attacks.Nearly all the compa-nies also scanned forspyware and spam,most protected their website with a fire-wall, and most encrypted their wirelessnetwork transmissions.

So was this a cause for rejoicing?Well, maybe not. Because informationsecurity is now much more than justkeeping out spam and viruses, althoughthose things are important too.

The key for anyone planning a secu-rity strategy is to understand that infor-mation is the lifeblood of mostorganisations; security therefore has tomake a much broader sweep, and an-swer some of the following crucial ques-tions.

One key area concerns business con-tinuity. What happens if your computersystems break down? How long couldyou survive without having to find newor alternative systems? Can you get atthe information? Is it regularly backed

“I’ve got my anti-virus software, soI must be fine…..”Last month the Department for Business Enterprise & Regulatory Reform (BERR) published amajor study on the state of information security amongst British businesses.

up and do you have a plan worked outthat will cope with, say, fire or flood, ora long-term power black-out?

Then you need to know that infor-mation you hold, and how it is pro-tected. Do you have any control over

information leaving theorganisation? Couldsomeone copy yourcustomer file on to theirlaptop, or even theiriPod, and carry thatvaluable information toa competitor?

Do you know if staffare surfing the internetfor pornography, orsending offensiveemails to their col-leagues or customers?

Do you comply withthe requirements of theData Protection Actwhen handling per-sonal data? Do youknow whether you

comply or not?Do you handle credit card details – do

you comply with the Payment Card In-dustry Data Security Standard? Do youknow what it is?

OK, enough questions, but theyshould be enough to demonstrate thatholding personal or commerciallysensitive data is a tricky business.And when you connect up to the In-ternet, and start exchanging informa-tion electronically, then the pitfallsbegin to multiply. Private informationcan leak out to rivals, and criminalscan use the Internet to penetrate yoursystems, even if they are based on theother side of the world.

So how do you protect yourself? As the BERR report discovered, while

two-thirds of businesses said they have

a business recovery plan in place, onlyhalf of those plans had ever been testedto see if they work.

Remember also that software ven-dors are constantly making new im-provements to their products in orderto patch any vulnerability that is dis-covered in their code. It is importantto ensure that all your software isbang up to date with the latestpatches – the hackers know about thevulnerabilities and will soon punishany unpatched system they find. Intests, it has been shown that a poorlypatched system connected to the In-ternet will become infected within 15minutes.

Do your staff take information outof the office on laptops computers, forexample? If any of that data is sensi-tive or confidential, then encrypt thefiles. That way, if the laptop is lost or

stolen, the information will stay se-cret. Again, the BERR report discov-ered a huge gap between theory andpractice: “77 per cent say protectingcustomer information is very impor-tant, but only 11 per cent prevent itwalking out of the door on USBsticks. 71 per cent have procedures tocomply with the Data Protection Act,but only 8 per cent encrypt laptophard drives.”

More importantly, make sure youhave an explicit policy covering in-formation security, and you train staffto make sure they understand the pol-icy, and why it exists. If the policy isjust something to make life awkward,they will find ways around the rules,but if they can see why the rules arethere, they are more likely to enforcethem.

But British business is still a long way

short of making this standard practice.According to the BERR report, 55 percent of companies claim to have a doc-umented security policy, and only 40per cent provide security awarenesstraining for staff.

To be successful, however, infor-mation security should not be some-thing enforced by the IT department,but decreed and practised by seniormanagement.

And is if senior management needany persuading that this is important,then show them what can happenwhen security breaches occur. As theBERR report says, the total cost of abreach can be extensive: “When inci-dents became know about externally,the damage to their reputation costsmall business between £1,500£6,000, and large businesses between£30,000 and £250,000.”

“In tests, it hasbeen shown thata poorly patched

systemconnected to the

Internet willbecome infected

within 15minutes.”