3-9 April 2012 | computerweekly.com

Keep your data secure in a threat landscape in fluxWhat It securIty chIefs need to knoW In a World of shIftIng data rIsk page 11

Directing air trafficnatIonal aIr traffIc servIce vIrtualIses

desktop Infrastructure page 4

Automate to cut costsMobIle phone operator o2 saved MIllIons by autoMatIng busIness processes page 7

Agility for rapid deliverygazproM It dIrector rob prIngle

sprInts ahead of the coMpetItIon page 8

Inflexible workingWhy do so feW busInesses accoModate

flexIble WorkIng for staff? page 14

the week onlineHighlights from

premium content

London Overground passengers get free Wi-Fi

The Budget 2012: Are you better or worse off?

John Lewis on the hunt for 30 IT recruits

George Osborne’s budget 2012: IT sector wish list

Google Chrome more popular than Microsoft IE

Budget 2012: The highlights for the IT industry

DWP outsources IT for universal credit to India

Will the Budget turn Britain into Europe’s tech hub?

Will 2012 be the year of the first big smartphone attacks?

Student Loans Company leaks e-mail addresses

Get the latest it news via rSS feed computerweekly.com/rSSFeeds.htm

12345678910

moSt popular

> Leaders and laggards in the digital economyThe pace of digitisation is picking up rapidly as consumers, compa-nies and industries become increas-ingly connected at home, in the office and on the go. It is already obvious, however, that the speed at which this is taking place varies a great deal from industry to industry.

> Fighting economic crime in the financial services sectorThe Financial Services sector report from the results of PwC’s sixth Global Economic Crime Survey is one of the most comprehensive studies of economic crime in the business world. The focus of the current survey is the growing threat of cyber crime, its significance and impact on organisations globally.

> The next wave of digitisation: Setting direction and capabilitiesTechnology, internet and telecom-munications industries are undergoing a fundamental change towards near-complete digitisation, with redefinition of existing business models and value creation systems.

> The value of mobile and social communications to CRMAdding mobile access and social collaboration to CRM delivers significant benefits. A recent survey found providing sales people with mobile device access to CRM drives a 14.6% productivity increase; and adding social drives another 11.8% productivity boost.

photo Story

> Budget 2012: Ten things you need to knowGeorge Osborne laid out his ambitions to make Britain the technology hub of Europe. This photo story rounds-up the key points affecting tech businesses.

opinion bloGS

> Adrian Bridgwater: Free big data database for students and academiaMarkLogic has produced a free-of-charge academic licence for students and educators to gain access to its operational database technology for mission-critical big data applications. By learning how to implement technology tools designed to handle big data, MarkLogic hopes that students will have the skills necessary to unlock additional job opportunities after graduating.

> Jim Mortleman: Scrub commuting – give us LOOFaaS!Why are most of us still commuting substantial distances to and from the office on most days? When organisations woke up to the internet in the mid-1990s, one of its biggest touted benefits was the ability for staff to work remotely. Pundits talked up the opportunities for companies to save on office costs, boost workers’ morale and help further the green agenda by reducing travel CO2 emissions.

> Mark Ballard: ‘What’s an open standard?’ asks ISOThe International Standards Organisation (ISO) has admitted it doesn’t know what an open standard is, despite trying to have the UK’s open standards policy quashed. While open standards are being branded onto statutes around Europe, the legal authority on standards now refuses even to acknowl-edge its existence.

> Warwick Ashford: EU cyber crime centre to be set up in the HagueThe EC has announced plans to establish a European Cybercrime Centre to help protect European citizens and businesses against cyber threats. The centre is to be set up within the European Police Office, Europol in The Hague, and will be the European focal point in fighting cyber crime, focusing on illegal online activities carried out by organised crime groups.

photo Story

> IBM Blue Fusion at Hursley HouseIBM held its Blue Fusion event at Hursley House during National Science and Engineering Week. It was held to encourage over 300 students, aged 14 and 15, to join in exciting activities based on STEM subjects.

> Eight of the best cloud toolsCloud computing is a growing part of many organisations’ IT strategies. In this photo story, Computer Weekly has found eight of the best tools available for your company’s migration to cloud computing.

> Women in Technology: Learning the rules of a boys’ gameMaria Ingold, CTO of FilmFlex Movies, shares her experience of working in the male-dominated technology industry: “My father, a physicist, raised me to be curious, to question everything and to think. He’s passionate about science. Not once did he hold back because I was female. That created an amazing foundation to build on.”

> Universities fall behind on the automation curveUniversities and colleges have spent millions on technology over the past 10 years but still handling their day-to-day operations manually or semi-manually. When we consider the totality of the business operations, the bulk is done in a clunky way, with individuals handling their bit of the process and then passing on to someone else.

2 | 3-9 APRIL 2012 Daily news for IT professionals at ComputerWeekly.com

HM

TR

EA

SU

Ry

the week in IT

3 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

Mobile technology

RIM kills off consumer mobile business following Q4 lossesTroubled BlackBerry maker Re-search In Motion (RIM) is making big changes to its consumer operation. RIM said it will focus its efforts on enterprise mobility after posting large losses for the fourth quarter 2012. According to reports on Associated Press, RIM CEO Thorsten Heins said a turnaround required substantial change. “We plan to refocus on the enterprise business and capitalise on our leading position in this segment,” Thorsten Heins said. “We believe that BlackBerry cannot succeed if we tried to be everybody’s darling and all things to all people. Therefore, we plan to build on our strength.”

Privacy & data Protection

Barclays Bank card data vulnerable to mobile phone scanChannel 4 News has revealed fraud-sters could acquire the data held on Barclays Bank contactless card users by scanning the cards with mobile phones. Channel 4 News investiga-tors read Barclays Bank contactless card details using an adapted mobile phone app.

wireless networking

London Overground passengers get an hour’s free Wi-FiLondon Overground passengers are to get an hour’s free internet access with Wi-Fi hotspots at all 56 stations on the network. The first 12 will be installed at stations across the net-work by the end of the year. They will be operated by BskyB-owned public Wi-Fi provider, The Cloud.

offshore it services

750,000 more jobs will be offshored by 2016Businesses in Europe and the US will transfer about 750,000 jobs, includ-ing IT, to lower-cost locations over the next four years, taking the total number of jobs offshored to 2.3 mil-lion by 2016. But offshoring could stop in the next decade when there are no more roles to go, according to research from The Hackett Group, which looked at 4,700 businesses with annual revenues over $1bn.

Mobile networks

EU to begin new cuts to mobile roaming costs from JulyNew rules agreed by the European Parliament will force mobile opera-tors to lower the prices of making a call or downloading data abroad by July 2012. Once the rules are in force, mobile users will pay no more than 24p a minute to make a call, 7.5p to send a text, and 59p per megabyte for data downloads across Europe.

business aPPlications

Danone uses SAP to reduce carbon footprintHeath food maker Danone, which makes products like Actimel, the yogurt, has used SAP to reduce its carbon footprint by 22%. SAP provided the analytic software and sustainability services that allow Danone to measure carbon emissions for its 35,000 products to assess the environmental impact across the products’ lifecycle.

governMent & Public sector

Cabinet Office names 12 suppliers for Public Services NetworkThe Cabinet Office has named 12 suppliers for the government’s Public Services Network (PSN) framework, which will be worth between £500m and £3bn over two years. The PSN is intended to become a “network of networks” and it is hoped it will save £390m by cutting costs and providing greater flexibility. A further framework for PSN services will be announced in May and is expected to include a wider range of providers.

Managed services

Global SaaS spend to reach $14.5bn in 2012, says GartnerGlobal software-as-a-service (SaaS) sales are forecast to reach $14.5bn (£9bn) in 2012, up 17.9% from 2011 sales, according to Gartner. By 2015, the SaaS market is expected to reach $22.1bn. “After over a decade of use, SaaS adoption continues to grow and evolve in the enterprise applica-tion markets,” said Sharon Mertz, research director at Gartner.

retail & logistics

John Lewis on the hunt for 30 IT recruits during investment phaseJohn Lewis is to open its doors to 30 new IT employees as part of a wider investment plan. The business plans to take on over 50 IT recruits by the end of this year. Various IT roles are up for grabs, including project managers, business analysts, systems analysts, solutions architects and de-velopers. The chosen candidates will join a 280-strong team.

governMent & Public sector

Cabinet Office negotiates £75m saving on Oracle dealThe Cabinet Office has signed a deal with Oracle to save £75m by 2015 across central government depart-ments, the emergency services and the NHS. Oracle holds 70% of all government software licences, ac-cording to the government’s asset register. The government’s spend with Oracle is more than £200m, said Liam Maxwell, director of ICT futures at the Cabinet Office.

DWP outsources universal credit ITThe government is outsourcing IT development for the universal credit programme to India despite promises to keep large data projects in the UK.

About 500 workers in Bangalore and Mumbai are being hired by the outsourcing firms Accenture and IBM to help design and maintain a delivery system for universal credit.

The Department for Work and Pensions (DWP) signed contracts in December with IBM and Accenture worth £525m each.

The news comes just a week after it was revealed that the UK government has agreed to allow IBM to provide access to the personal data of the UK’s 43 million drivers in an Indian datacentre to cut costs.

IBM, which runs London’s congestion charge system, lobbied Transport for London (TfL) to allow the move to improve the profitability of the £60m contract it took over from Capita in 2009.

“The EU data law proposal is unnecessarily and unhelpfully overprescriptive. This poses challenges for its practical application”

Christopher Graham Information Commissioner

legislation & regulation

Will cloud sideline IT departments?

Source: Study conducted by Forrester Consulting on behalf of BMC. Base: 327 cloud computing leaders

Responses to the question: What do you perceive to be your

business executive team’s agree-ment with the statement, “Cloud

computing means I’m not as dependent on IT”

case study

How to virtualise the desktop IT that keeps UK air traffic in the sky

4 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

National Air Traffic Service head of IS Gavin Walker tells Cliff Saran about a VDI roll-out to give air controllers flexible IT

National Air Traffic Service (NATS), the UK’s air traffic controller, is rolling out an ambitious virtual desktop

infrastructure (VDI) programme.Last year, the company handled

2.1 million flights. Heathrow handles one plane landing every minute. The business is organised into five areas: airports, airspace, consultancy, de-fence, engineering and information. Each is run as a different businesses.

Gavin Walker has worked at NATS for 23 years and is now head of infor-mation services. Five years ago, the company began a project to migrate to virtual desktops, to modernise its Windows XP environment. Walker started by establishing a foundation based on low cost, resilience and a locked-down desktop, giving NATS a highly resilient infrastructure that drove down costs.

“We have a big SAP system and have taken out tens of million of pounds of IT expditure,” he says.

Multi-sourcingMuch of this comes from previous work moving from a single supplier to a multi-sourcing arrangement. The company now uses Serco; with Capgemini for SAP hosting; Amore Group for business applications; At-tenda for internet sites; BT for wide area networks; and Vodafone for mo-bile connectivity.

Walker wanted to make sure IT could help NATS improve the busi-ness. “What I am providing is flexi-bility, giving air traffic controllers more choice,” he said.

The result was NATS’ Future Workspace project. It uses role-based identity and access management, fed from an SAP HR system and linked to Microsoft Active Directory. It pro-vides VDI roaming, where users can access their desktop from anywhere.

The desktop is based on Windows 7 and Office 2010. Walker took ad-vantage of the company’s Microsoft Enterprise Agreement to offer staff the opportunity to purchase Micro-soft Office 2010 for just £9.99 for personal use.

He said 3,000 staff downloaded the program, which helped introduce the upgraded Office suite to employees

NATS air traffic controllers handled 2.1 million flights last year

business applications

with less training. NATS is also implementing an in-

formation management strategy and plans to deploy SharePoint for col-laboration. Walker wants to build an app store, so users can self-provision software, based on their job roles. He is also looking to establish a charge-back mechanism for departments to buy services from the IT department.

Change managementNATS talked to staff around the country about what they wanted from the IT outside the air traffic con-trol operations rooms, what worked and what could be improved. PC usage includes e-mail, reviewing and writing documents, filing expenses and running an application called First Brief, which controllers log into before going on a shift.

The controllers are light users of IT, says Walker. He had to make sure the new approach to IT would work for people such as the analysts at NATS who forecast traffic movement and assess the impact of snow and events like ash clouds. They tend to run number-crunching applications as

well as bespoke software.He says: “We interviewed a hun-

dred people to find out their chal-lenges, and came up with the Future Workplace strategy.”

He also made an animated video to show what the workplace would look like and started the process of selling the idea to NATS staff and business leaders. IT projects can fail if they do not get business buy-in.

NATS’s 35-strong IT department is non-technical. “We have a change management programme. The IT team focused on customer and change management. We want to un-derstand how to add value to the business. As a result, all the out-sourced contracts were written from user experience,” said Walker.

Supplier managementWalker was in the fortunate position that the business was sold on the idea of the Future Workspace.

He hired a contractor for the dis-covery phase of the project. NATS needed to identify problem areas early. This involved validating the in-frastructure, assessing how people

worked with applications, the perfor-mance of the network and the maxi-mum delay for login when users start up their PCs.

“It used to take over five minutes to login, which is not practical when a controller wants to check e-mail quickly,” he said. He promised the business a service level agreement for PC login of 15 seconds and needed to ensure the planned infrastructure was up to the job.

Walker ran into difficulties with the supplier responsible for the due diligence phase: “There were a lot of issues with how the supplier deliv-ered and we tried to address these”

He decided to use a different sup-plier, Point-to-Point: “When you work with suppliers it is about the in-dividual. Sometimes the right people sell, but the wrong people deliver.”

The shift to a different provider led to a five-month delay: “I had some difficult conversations with the busi-ness but they appreciated that the supplier had not delivered.”

Rather than attempt to roll out the full Future Workspace, Walker used Point-to-Point to initially deliver a scaled-back VDI called Springboard. The project provides Microsoft Office 2010, Visio and Project to 100 key stakeholders. Walker said users were chosen because they could work using just the subset of applications available: “Springboard demonstrat-ed immediate results and provided an indication of what the system would be able to do once in place.”

Springboard was well received: “If someone doesn’t take up the initia-tive, then it will never get used. Now, there is a massive pull from the busi-ness for Springboard.” ■

more online› NATS to roll out cloud-based virtual desktop infrastructure

› Photo gallery: The technology driving air traffic control

› How networking technology is improving air traffic control

Flic

kr

/to

ny

evA

ns

news analysis

How CIOs can overcome the barriers to raising the bottom line with BPM

5 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

Delegates at Gartner's recent summit heard how business process management drives down costs, writes Cliff Saran

Companies must radically rethink the way they or-ganise staff and collaborate if they want to improve

business, according to Gartner. Organisation leaders believe busi-

ness process management (BPM) can drive business improvement, but there remain several barriers to over-come in realising its full potential.

In a 2010 survey, 56% of business leaders said BPM was essential to their growth. For instance, the New York state department taxation and finance department realised a 60% reduction in cycle time and a $100m increase in tax revenue through BPM.

In the UK, Gartner said The Car-phone Warehouse saw a 120% in-crease in customer sales, thanks to BPM. Moreover, Gartner said CIOs in organisations that have implemented BPM spend 10% less on operational IT, compared to those who have not run a BPM programme.

Addressing delegates at the Gartner Business Process Manage-ment Summit in London, John Dixon, research director, said: “BPM delivers, and makes a difference to the businesses we operate in, but it is challenging and encompasses a broad scope of activity.”

Barriers to BPM effectivenessThe big barriers include organisa-tional politics, lack of experience and lack of resources to do BPM projects. “Your ability to sell your message is the biggest barrier to BPM,” he added

Janelle Hill, distinguished analyst at Gartner, said part of the problem is that BPM concerns process improve-ment, but if the baseline process is not good or subject to external dis-ruption, continuous process im-provement will not work.

She said organisational structure limits BPM’s effectiveness: “Most companies are organised on a func-

The Carphone Warehouse: Business process management increased sales 120%

“Stop focusing on process and structure and see how people interact with one another and with customers”

business applications

more online› The enterprise CIO’s guide to managing business processes

› Apply business process manage-ment to manufacturing operations

› Business process management systems pushed as game changer

tional, geographical or product basis. But these organisational structures create problems where there are boundaries between different organi-sational units where information can-not flow smoothly.”

The hierarchical structure of busi-nesses and reporting build layers of management, where people have to adhere to established protocols that are difficult to cross. “Each of us works in an operational island. We have no visibility. We lose the big picture,” said Hill.

She said this creates a barrier that prevents the business process from being optimised. She said: “There is no individual focused on end-to-end delivery. For instance, the customer gets want they want, not what they necessarily ordered, such as when someone accidentally orders 11 bot-tles of bleach, rather than one.”

For instance, in a typical business process, such as the order-to-cash process, it is possible to have a pro-cess owner.

However, Hill said that, while such a person may be accountable, they would have no authority or tools to analyse the end-to-end business pro-cess from order to cash.

Changing the culture Daryl Plummer, Gartner fellow said: “In business, things don’t go as planned and it is good to adapt. This

is what has been missing from BPM projects up until now.

“You will only get marginal im-provements using BPM. You need to embrace a step change. Stop focusing on process and structure, and look at how people interact with one another and with customers.”

Gartner has coined the term ex-treme collaboration to describe the step change in cooperation that busi-nesses must make. It involves taking advantage of emerging technology trends such as cloud computing, mo-bile computing, social computing and big data.

“To change culture and people, you must think how the way they work will change – this will help break down the barriers that stop BPM from evolving. Smartphones can break through organisational communications,” said Plummer.

Plummer said mobile video should be deployed in the business. “You can bring a range of people into a meeting without them coming to the meeting room. You don’t need to build a video conference facility when everyone has video conferenc-ing in their pockets.”

Plummer believes e-mail is redun-dant, given that people are using Fa-cebook alerts and notifications. Twit-ter and instant messaging can help others in the business find out what people are doing. This helps to break down the barriers put in place through organisational structure.

Measuring people’s performance is another barrier. Using a bell curve or a stack ranking tends to reward hero-ic behaviour, said Plummer, adding that this was not sustainable in im-proving business results. ■

Gartner Application Architecture, Development & Integration Summit 201221 – 22 June | Park Plaza Westminster Bridge, London, U.K.

gartner.com/eu/aadi

Cloud, Mobile, Web, and SOA: Future-proofing your Application Strategy

EARLY-BIRD DISCOUNT

Register by 20 April 2012 and save €300

Scan this QR code with your mobile device for more information and to register!

news analysis

How to save your business millions by automating back-office processes

7 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

Mobile phone company O2 is set to make substantial savings by automating business processes, writes Karl Flinders

Mobile operator O2 has deployed software to automate business processes, which the

company hopes will reduce the cost of back-office operations and its reli-ance on offshore recruitment to cope with spikes in workload.

The software enables the telco to make changes to business processes, freeing up the IT department to focus on major IT projects. O2 expects to save millions of pounds and get a re-turn on investment in the first year, with year two and three delivering pure savings.

O2, the UK operation of Telefónica, processes about a million transactions each month. To ease the expense of the workload, it employs about 400 staff in lower-cost locations.

Wayne Butterfield, head of back- office operations at O2, said that, al-though the cost of offshore resources to carry out processes is only a quar-ter of the onshore equivalent, it is still a fairly large cost.

Business process efficiencyButterfield said O2’s back office has about 400 individual mini processes. These are small programmes to work around bigger processes to support new service offerings.

Others are more general processes linked together to support a business need. Many of these are created be-cause there is no existing IT system in place. Each mini-process is a point of failure.

O2 has been running a process im-

“Many organisations

simply don’t know how

much improvement

opportunity they’re

missing”

Forrester

Business applications

more online› Find sweet spots for business process automation

› CIOs are improving business processes through automation

› IT process automation and performance monitoring

provement programme for the past five years. The company faced choic-es. It could have implemented a poli-cy to create unsupported macros for business applications such as Micro-soft Exchange to cater for change; it could have put in business cases whenever a fix was required; or it could have continued to expand the back office or automate processes.

Instead, it bought a licence to run 10 processes using business process au-tomation software from Blue Prism.

Butterfield said the company looked at three suppliers for business process automation.

Part of the business case for buying the Blue Prism licences came when Apple decided to change the size of the SIMs in the latest iPhone. With less than six weeks’ warning, 02 had to have a business process in place to deal with changing customer SIMs.

Butterfield said that before the au-tomation software was acquired, there would have been a three-month spike in demand for 60 full-time staff in India to cope with this.

“We were already in discussions with Blue Prism, and this helped speed up the procurement process,” he said.

O2 has already used the software to automate four processes – its SIM swap process; customer migrations to new deals; the process for unlocking phones; and ad hoc changes to bill-ing for large corporate customers.

There is more to come. “We pro-cured to automate 10 processes. There is still space in the licence, and we will do more,” said Butterfield.

The company is currently looking to automate tasks that are replicated, such as the internal business process of creating system IDs.

Self-service economicsButterfield said the reason O2 chose the Blue Prism software was the fact that business people can use it through a desktop interface.

The economics of self-service are too compelling to ignore, according to Forrester Research.

In a recent study, the analyst said enabling business functions to self-serve through the presentation layer provides the fastest and most secure means to quickly develop a new business capability.

“Within a governance structure set up by IT, this approach offers a new dimension to how business functions and IT can work together with a clear means of supporting each other,” said the Forrester report.

Forrester said many processes can be automated but are often over-looked due to the tendency for busi-nesses to look at bigger processes.

“Many organisations simply don’t know how much improvement op-portunity they’re missing. Tradition-ally, firms have focused on the big rocks in the garden while ignoring all the weeds that choke growth,” said Forrester.

As well as O2, Blue Prism’s cus-tomer list includes the Co-operative Banking Group, Shop Direct, RWE npower, Fidelity Investments, the NHS and Experian. ■How to automate processes

Forrester recommends organisations attempting to automate business processes should:l Assess the number of desktop artifacts used to coordinate work. These are the biggest source of opportunities for improvement.l Assess the methods and technology required for business self-service. Seek to empower business users to help themselves by building a culture of IT and business collaboration. IT will continue to provide governance, reliability and availability of services, while the business side concentrates on the market and its needs.l Consider the presentation layer as the integration mechanism of choice. With the primary goal of enabling maximum business configurability with the minimum IT involvement, this will help avoid breaking existing systems.

interview

Juggling to keep the lights on in a scramble to beat the competition

8 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

When Gazprom Marketing & Trading global IT director Rob Pringle turns up, things happen fast, writes Bill Goodwin

Last year, Gazprom Marketing and Trading (GM&T) rolled out a global SAP system, upgraded its gas trading plat-

form and built a system to integrate the two – all in the space of a month.

“That is the normal life of working at GM&T,” observes Rob Pringle, di-rector of global IT.

GM&T is the trading arm of OAO Gazprom, the Russian state-con-trolled gas company and the world’s largest natural gas company.

When Pringle joined from Centrica in 2009, GM&T employed just 35 IT staff and one business analyst. Today, he has a team of 150 IT staff in the UK, Manchester and Singapore. The company employs 800 people in all.

“The culture is very dynamic, and that has allowed the IT department to do things very quickly – much more quickly than other companies would allow us to do,” he says.

GM&T had to move quickly to catch up with competitors such as BP and Shell in the lucrative energy trading market.

“We had to put the foundations behind our core business capability in place in a very short space of time. Where most of our competitors have very mature operations, we have grown from quite a small scale,” says Pringle.

His first priority on joining the company was to develop processes for managing projects, gaining busi-ness sponsorship and delivering IT systems on time and budget.

In a year he took on GM&T’s big-gest programme to date, a trading platform for energy, carbon, financial products and foreign exchange.

The Gazprom Global Trading Plat-form (GGTP) allows GM&T to trade around the clock, shifting activity seamlessly from London, to Houston, to Singapore and back to London.

After evaluating proposals to build the system in-house, GM&T opted for a rapid roll-out of an off-the-shelf

“The culture is very dynamic” Rob Pringle, director of global IT at GM&T

IT leadershIp

platform – Endur from Openlink. Pringle used systems integrator Bar-inga to provide specialist skills.

The first phase of the project – for-eign exchange trading and financial products – went live in December 2011, after only 12 months.

“There must have been 100 people involved right across the company making it happen,” Pringle says.

Keeping the project simple and minimising customisation was essen-tial to rolling the project out quickly, says Pringle.

“We had a laser-sharp focus on what we actually wanted the product to do and we spent quite a lot of time getting that right,” he says.

The team opted to build the trad-ing platform on Gazprom’s existing Windows infrastructure.

And rather than follow the usual practice of rolling out new versions of the platform in each location, the team decided to build a single ver-sion of the software, covering multi-ple geographies.

“It is the same technology that very large organisations such as BP or Shell are using, and we are managing to deploy it in a very short space of time,” he says.

There are few off-the-shelf gas trad-ing packages available, so when it came to developing a liquified natu-ral gas (LNG) trading system, Pringle and the business team opted to devel-op their own solution. GM&T teamed up with Planlogic, which had a cus-tomised code library that allowed GM&T to build the system quickly.

The trading platform allows GM&T to trade cargoes of LNG. It handles a few trades compared with the GM&T platform, but the value of each is enormous, says Pringle.

GM&T was able to get the project up and running in just 10 months – an industry record, he claims.

“We had good relationships with the core business team, the IT team, and the external supplier to make it happen in a short time.”

Agility for rapid deliveryPringle and his team use agile meth-ods to deliver software. But the whole company operates in an agile way, he says.

“There is no point having agile de-velopment if you don’t have agile in-frastructure, agile management and agile governance to approve the busi-ness case in the right timescale.”

It is important the IT department has ultimate control – and ultimate responsibility – for delivering the project on time, says Pringle.

“If you just hand over the keys and a fixed-price contract to an external supplier, the delivery risk does not move away from you as a client or-ganisation,” he says.

For example, GM&T retains re-sponsibility for managing and com-missioning the hardware and soft-ware in the company’s managed datacentres in the UK and Singapore.

“The fact that we have our own as-sets, and our own technical infra-structure, means that we can deploy very quickly.”

Managing multiple projectsThe IT department’s close working relationship with the business is es-sential when GM&T is rolling out multiple projects simultaneously.

Just two weeks before the updated gas trading systems went live, in Oc-tober 2011, GM&T completed its roll out of an SAP system to manage fi-nance, treasury, procurement and human resources, across the group.

In the same month, the team rolled out an integration platform which links the trading platforms into the fi-nance systems and providers traders with real-time market data.

“October was a big delivery month, and all those programmes came to-gether at the same time very well,” says Pringle.

“We did that keeping the lights on with continuous change on existing platforms and business activity.” ■

This is an edited excerpt. Click here to read the full interview online.

more online› CIO interview: Myron Hrycyk, CIO at Severn Trent

› CIO interview: Steve Townsend, Transport for London CIO

› CIO interview: Guus Dekkers, Airbus CIO

SECURE THINKINGSECURE WORKING

Europe’s No. 1 Information Security Event

Organised by:

why attend InFOSeCURIty eUROPe 2012?

Access Europe’s most extensive & free to attend knowledge enhancing educational programme

Meet over 300 leading information security suppliers – identify best of breed, cutting edge technology & see real solutions in action

Hear from real experts & respected public & private sector IT practitioners to discover how they spent their budget on the right products, services and solutions

Network with your peers through a wide range of activities including workshops & evening receptions

Earn CPE credits by attending the free educational programme

>>>>>>>>>>

Register free now: infosec.co.uk/tech

24-26 April 2012Earls Court , London UK

community

Women in IT: Learning the rules of a boys’ game

Who’s hurtingmost, you oryour supplier?

10 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

My father, a physicist, raised me to be curious, to question everything and to think. He’s pas-

sionate about science (and poetry and drawing feet). Not once did he hold me back because I was female – he just shared what he loved. That created an amazing foundation to build upon.

In the 36 years since my father first showed me (in the basement of a mil-itary institution) how to write a com-puter program, I’ve seen a lot about technology and the culture that sur-rounds it. What seems clear to me is that there are three challenges for get-ting women into technology:1. Generate enough interest in tech-

nology to learn about it;2. Enter into the work environment;3. Stay and advance in it through to

CTO/CIO at board level.

Generating interestWomen are easily as smart and determined and capable of picking up the skills as men – regardless of whether the technology is hardware or software-based. So, it’s not about ability. The limiting factors seem to depend a bit on what country you’re in, parental and cultural support, and how you think your peers will react.

Back in 1986, when I studied com-puter science (with a minor in fine

art) in the US, there were about 40% women on the course. But when I came over to the UK in 1988 on ex-change, the number of women study-ing computing was around 5%.

That really surprised me. It struck me that the rigid curriculum in the UK of a science-based major only being paired with a science-based minor (or something “light” like psy-chology) was limiting potential ap-plicants to a very strongly left-brain orientated set.

I only started seeing a shift in the UK in the late 1990s when web de-velopment began to take off. Women (and men) who’d studied other, po-

Women are easily as smart and determined and capable of picking up tech skills as men

Bryan Glick leader Maria inGold opinion

tentially “softer” subjects, found web development a less onerous route into science. They could build their skills gradually, discovering their tal-ent for logic, pattern matching and drilling down into detail.

But that still leaves fear to over-come – fear of what other people will think, fear of not being good at it, fear of being good at it – and that fear can only be banished by the self-confi-dence and self-esteem that comes from within, not from what other people think. So, as a very good male friend in IT once said to me when I was a bit nervous about building a network from scratch, “Just get on with it girl”. And I did.

Entering the workforceThere’s a lot of exciting and cool work in technology. I helped develop the early days of multimedia on a PC, I worked on a steam-punk shoot-em-up game set on Mars, I used games technology to create visuals for nightclubs and band tours, and now I work in on-demand film delivery.

So, what does a woman bring that’s special to the play? I’ve seen three things – not exclusive to women, but often more prevalent: intuition, thor-oughness and empathy.

Intuition is another word for pat-tern-matching. It’s the ability to pro-cess a large amount of information at an unconscious level and make sense of it. That’s something highly useful in complex technical projects.

Women in technology are typically very thorough, as they often have to be at least as good, if not better, than their male colleagues to earn respect.

Empathy is an interesting one. It helps with sharing, cooperation, management and leadership skills and understanding the end customer and client relationships.

Stay and advanceStaying on its own takes some strength of character. Technology is still predominantly a boys’ game. It doesn’t mean women can’t play though. It does mean that in addition to being good at the technology, a woman also has to learn the rules of the game. ■

Maria ingold is chief technology officer and head of technology at FilmFlex Movies

Did you ever play the childhood game Chinese Burns? This involved grasping your opponent’s wrist with both hands and twisting

their skin in opposite directions. The loser was the first to yelp in pain. For added psy-chological pressure, you would shout, “Does it hurt yet?” in the face of your rival.

imagine Cabinet Office minister Francis Maude and colleagues doing something similar to their biggest iT suppliers.

Take Oracle as an example.Some 70% of all government software

licences are from Oracle. last week, the government said its annual spend with Ora-cle had been over £200m – to be reduced by £75m, thanks to a newly agreed deal.

Oracle will now apply the same discount to all government iT buyers. That’s another way of saying that Oracle has been ripping off Whitehall for years by offering lower dis-counts to some users than others.

Take Capgemini as another example.The firm leads the Aspire consortium,

which holds one of the biggest outsourcing deals, with HM revenue & Customs (HMrC). Earlier this month, Maude announced a £200m cut to the Aspire contract.

HMrC CiO phil pavitt said the renegotiat-ed contract brings some services back in house and ends Capgemini’s exclusivity. He cited one example of a small US supplier bid of several hundred thousand pounds for a project, against a quote of many millions from the incumbent. Guess who won?

Oh, and by the way, that Silicon Valley firm had approached Capgemini twice to offer its services and had been rebuffed.

HMrC is rationalising seven different SAp installations into a single platform. it handed back thousands of SAp software licences that were paid for, but not used.

Every private sector CiO should look at the scale of cuts and contractual changes forced by government on its suppliers and question whether they really get the best deal, and ask whose hands are wrapped around whose wrist. And they should look at their raw skin and ask themselves, “Does it hurt yet?” ■

editor’s blogcomputerweekly.com/editor

› This is an edited version. Click here to read the full article online

buyer’s guide

How CISOs can keep up security best practice in a threat landscape in flux

11 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

The role of the chief information security officer must adapt as businesses rethink their IT security, writes Cliff Saran

Over the past decade, the security landscape has changed, from one where everything was locked

down to the nth degree, to a more open approach that encourages col-laboration across company bounda-ries. As the smartphone phenom-enon has taken off, chief information security officers (CISOs) have needed to rethink what personal computing security really means.

So the CISO’s role is having to change to establish a security policy for risk and protecting corporate data that is not restrictive, yet will protect the firm’s crown jewels. Corporate governance is a major driver, with changes to EU data protection regula-tions and requirements for business-es to disclose data loss.

At the same time, the threat land-scape has evolved, with sophisticat-ed targeted attacks and a range of de-vices that require legitimate access to the corporate network. A raft of sur-veys published in recent weeks illus-trate how well business is coping and point to the weaknesses. The studies are generally positive. In fact, crimi-nals are increasingly having to resort to exploiting niche IT loopholes and targeting emerging technologies such as mobile devices, according to IBM’s X-Force 2011 Trend and Risk Report.

Strong and weak sectorsIn Verizon’s 2012 Data Breach Inves-tigation report, the company notes that the most-afflicted industry, once again, is accommodation and food services, comprising restaurants (around 95%) and hotels (about 5%).

The financial and insurance indus-try dropped from suffering 22% of all breaches in 2010 to about 10% last year. According to Verizon, the trend to the industrialisation of cyber crime is still in full swing, with the emer-gence of a supply chain of hacking tools, some with support and some even with service level agreements.

Finance and insurance sector: Attacks dropped to account for 10% of data breaches

risk management

more online› How the role of CISO must evolve to balance risk and business

› Forrester’s four steps for CISOs marketing security

› CISOs fear lack of mobile device control and visibility, survey finds

Verizon warns that such attacks can be carried out against large num-bers in a surprisingly short timeframe with little to no resistance. “Smaller businesses are the ideal target for such raids, and money-driven, risk-averse cyber criminals understand this very well. Thus, the number of victims in this category continues to swell,” warns Verizon.

In the PricewaterhouseCoopers (PwC) Fighting Economic Crime in Financial Services report, cyber crime was reported as the second most common type of economic crime experienced by their organisa-tions in the last 12 months, after asset misappropriation.

Cyber crime accounted for 38% of economic crime incidents for finan-cial services organisations, compared to 16% for other industries.

That is not wholly surprising, as the financial services sector holds large volumes of the type of data cyber criminals are interested in. There is an established underground economy servicing the market for sto-len and compromised data.

Cost of data breachesThe Cost of Data Breaches report from the Ponemon Institute looked at security breaches in 356 UK compa-nies across 11 industry sectors. The study, sponsored by Symantec, cov-ered breached records per incident ranging from approximately 3,500 records to more than 78,000 records. Average per capita cost of a data breach has increased from £71 to £79.

If the organisation has a CISO with overall responsibility for enterprise data protection, the average cost of a data breach can be reduced by as much as £18 per compromised re-cord. Outside consultants assisting with the breach response can save as much as £11 per record, according to Ponemon Institute. When consider-ing the average number of records lost or stolen, these factors can pro-vide significant and positive finan-cial benefits. Specific attributes or factors of the data breach also can in-crease the overall cost. Data breaches caused by third parties or a lost or stolen device increased the cost by £9 and £6, respectively.

The study reported that 36% of data breaches involved negligent em-ployees or contractors. However, ma-licious or criminal attacks have in-creased slightly from 29% to 31% of data breaches experienced by organi-sations. The researchers found crimi-nal activity was the most costly.

Accordingly, organisations need to focus on processes, policies and tech-nologies that address threats from the malicious insider or hacker.

So CISOs should take a lead. Ana-lyst Forrester says the CISO needs to become a trusted business advisor. However, given the strong focus on the technical skills required for a CISO, along with close links to IT, Forrester warned that security profes-sionals may lack strong business un-derstanding and connections.

In Forrester’s role description for the chief security officer, analyst An-drew Rose noted: “It’s important that CISOs reach beyond the aspects of the role for which they are directly accountable and take an interest in a wider portfolio of topics.

“Emotional intelligence skills such as creativity, intuition, empa-thy, leadership, flexibility, resil-ience, stress management, integrity and interpersonal skills will decide if the CISO succeeds to make securi-ty discussions a regular boardroom topic or not.”

After years of battling with securi-ty, CISOs are managing to get a han-dle on it. But risks are ever-present. Many computer-literate users still have little understanding of data ownership, the responsibility to keep records safe and not copying or e-mailing customer databases out of the organisation. ■

CW Buyer’s guidedata seCurity

part 1 of 3

buyer’s guide

12 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

For small and medium-sized enterprises (SMEs), the need to protect regulated data is a big enough headache. Now

they must add to the pain with the coming decree that when a breach occurs and such data leaks into the public domain, it must be disclosed to the Data Protection Office (DPO).

The need to disclose will be stipu-lated by coming changes to EU regu-lations under the data protection framework, which are to be imple-mented by in-country data protection bodies. For SMEs that centre their ac-tivity in the UK, this will be the DPO.

The proposals are currently in draft form and are unlikely to be fi-nalised for a year or two, so there is time to prepare for their likely impact in terms of ensuring the ability to comply and what might be added to a given company’s workload.

The new stipulations are likely to include the following:l Where consent is required, organi-sations must explicitly ask for per-mission to process data, rather than assume it;l Individuals should have easy ac-cess to data stored about them, and it should be easy to transfer it from one service provider to another. Individu-als will also have the right to demand that data about them be deleted;l Companies with 250 or more em-ployees will have to assign a desig-nated individual with responsibility for compliance;l Businesses engaging with cloud service providers should ensure that such providers meet data protection requirements;l Organisations must notify the authorities of data breaches as early as possible, “if feasible within 24 hours”, although this may be modi-fied to “without undue delay”;l The suggested fine for companies found to be not complying in law will be up to 2% of turnover.

For SMEs dealing with a lot of reg-ulated data, which for most will

vices of a third party without per-mission from clients and that they should be ready to hand over data at the end of a contract. 

This means any cloud service pro-viders that fall short will have to clean up their act to continue trans-acting in Europe. Some of these stipulations may lead to increased fees for cloud services, but overall, once the terms and conditions have been checked and agreed, many SMEs will find that well-provi-sioned cloud services are still a more reliable, more secure and cheaper option than running utility IT functions in-house.

Breach disclosureThere may not have been an explicit need to disclose breaches in the past, but the UK Data Protection Office had already laid down guidelines: “Although there is no legal obliga-tion in the DPA for data controllers to report breaches of security which result in loss, release or corruption of personal data, the information com-missioner believes serious breaches should be brought to the attention of its office.”

Furthermore, if there is an attempt to cover up a leak, data subjects (that is you and me, in our roles as private citizens) may be the first to find out, and the individual’s privacy is

Adapting to new data rulesBob Tarzey looks at how planned changes to data protection will affect small businesses

already enshrined in the Europe Human Rights Act – and most are not ignorant of their rights. 

Research commissioned by IT se-curity provider LogRhythm in 2011, reported the views of 2,000 UK con-sumers and concluded that they are “losing patience with organisations that endanger their customers’ data”, with 80% “concerned” about trusting organisations to keep their data safe.

The DPO already has the power to levy fines of up to £500,000 for fail-ure to take care of regulated data. Under the new proposal a company would need to earn over £25m (i.e. the high end of the SME sector) to face a fine this high.

The evidence to date is that the DPO is being proportionate and levy-ing fines well below the maximum, even for larger organisations. The DPO has also stated it is reviewing some of its other guidance to ensure it is ap-propriate for the needs of SMEs.

SMEs cannot ignore the new legis-lation, but taking a positive approach to it and making sure the necessary measures are taken to protect data and plans are in place to respond when a leak does occur is in the in-terest of any SME and its customers, regardless of what the EU says. ■

Bob Tarzey is an analyst and director at analyst company Quocirca.

mean personally identifiable infor-mation and credit card data, the first two items on this list may lead to an increased workload. However, the other items should not cause too much concern, and most make good business sense anyway.

Protecting dataFor any business, regardless of its size, data is a valuable commodity, so it makes sense to have someone charged with ensuring both its qual-ity and security. 

The existing UK Data Protection Act (DPA) already requires any busi-ness to have a “data controller” in place. To protect data, the controller needs to know what there is and where it is. This is getting harder as data volumes and the range of op-tions for storing it grows, including the use of cloud-based resources and mobile devices. 

It might be hard, but having up-to-date knowledge is not just about compliance, it is about ensuring the security of and having access to data that has intrinsic business value.

When it comes to engaging with cloud service providers, due dili-gence in their selection makes sense anyway. This should include check-ing on how they manage data. It is also being stipulated that cloud ser-vice providers cannot retain the ser-

CW Buyer’s guidedata seCurity

part 1 of 3

more online› How to prepare for proposed EU data protection regulation

› Top five SME security challenges

› UK public losing patience over personal data security

isTo

ck

ph

oTo

Want to hear from one of Big Data’smost influential architects?

Register now and join like-minded architects and senior ITprofessionals to discover what Big Data can do for yourorganisation.

Oracle, in association with Intel, is proud to announce thatDoug Cutting, Chief Architect, Cloudera will be joiningother industry experts as key note speaker at this fantasticFREE event.

We will be discussing how you can acquire unstructureddata with NoSQL and Hadoop, organise it with Map Reduceand Data Integration and finally analyse all your data - bothstructured and unstructured – using ‘R’ and agile datadiscovery tools for immediate business benefit.

Discover the impact that Big Data has on big business –Register now

London Keynote

Andy Mendelsohn,Senior Vice President,Oracle

London Keynote

Doug Cutting, Chief Architect

Manchester Keynote

Kevin Lancaster,Core TechnologyDirector, Oracle

Linlithgow Keynote

Xavier Verhaeghe, Vice-President EmergingTechnologies & SecuritySolutions Leader, Oracle

For questions please call +44 (0) 20 7611 3799 or oracle.events@ketchumpleon.com

flexible working

14 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

Technology enabling work-ers to carry out their jobs regardless of location is set to feature on many CIOs’

shopping lists. Flexible working offers business benefits and allows employees to improve their work-life balance. But will managers accept it?

Key to flexible working are tech-nologies such as mobile computing devices, cloud-based applications, video conferencing and even social media. But an ad hoc approach taken toward flexible working by many firms could mean policies are unclear and budgets cannot be set aside for the technology required to make flex-

UK is set to see a surge in flexible working. According to a survey of over 1,000 CIOs in 11 countries, car-ried out by Vanson Bourne for Citrix, by 2013 there will be a 249% in-crease in the number of personal de-vices used to support flexible work-ing. The research revealed businesses understand the benefits, with 83% believing that flexible working in-creases productivity.

There is also an opportunity for or-ganisations to cut costs. Wakefield Council expects to save £1m in prop-erty costs and a further £100,000 per year in telephony expenditure through deploying technology to pro-

What’s holding up flexible working?The benefits of flexible working are well documented, so why do so few businesses accomodate it, asks Karl Flinders

mote flexible working.Meanwhile, a better work-life bal-

ance is demanded by today’s work-force and flexible working is even seen as a key benefit when job-seek-ing. Many people want flexible work-ing options so much they will look for employers that offer it.

According to research from mobili-ty service provider iPass, 33% of workers would consider looking for employment elsewhere for better mo-bile working benefits.

The technology that supports seamless flexible working is also at-tractive to people looking for work. In its “Future of Work” initiative, IT ser-

ible working work.Recent surveys have revealed large

enterprises and their employees fa-vour flexible working.

At the same time, new technolo-gies are becoming available which make it easy for employees to access all the resources they need securely from outside the office, and estab-lished technologies are maturing into enterprise-ready tools.

In its New World of Work for Busi-ness Decision Makers survey of busi-ness leaders across Europe, Microsoft found 90% of UK businesses now allow flexible working.

This is one of the reasons why the »

flexible working

Mobile devicesThe adoption of mobile computing devices such as smartphones and tablets is outstripping established computers such as laptops and desktops. Businesses have already introduced policies to enable staff to use their own personal devices while at work.

Bring your own device (BYOD) schemes legitimise activity that was once unauthorised and out of the IT department’s control. Software publishers have recognised this and are designing their latest versions to be as at home on tablets as they are on desktops and laptops. Microsoft’s next computer operating system (OS), Windows 8, is a case in point.

The public test version of Windows 8 OS was announced at Mobile World Congress (MWC) 2012 on the last day of February. It uses the so-called Metro touch-based user interface and has built-in support for low-powered hardware. These display Microsoft’s aim to support growing tablet use.

Cloud servicesWith businesses increasingly moving to cloud-based applications the whereabouts of the user is less relevant. Services delivered over the internet securely can be accessed using mobile devices. This means workers need not down tools while travelling or at home. Enterprise business software maker SAP recently made its SME cloud-based software, Business ByDesign, available with iPad and iPhone support.

Desktop virtualisationVirtualising desktops provides staff with the same desktop regardless of where they are or what computer they use. Thames Water is trialling desktop virtualisation with 500 users following a pilot study. Virtual desktops are a reaction to users wanting to have the same experience whether in the office or working remotely.

Video conferencingCost-cutting strategies have already seen video conferencing being taken up by businesses. The technology is enabling massive financial savings and also helps organisations reduce their carbon footprints by reducing travel. The technology, which enables face-to-face communications, has matured in recent years as a result.

Workers can set up ad hoc meetings in seconds through commercially available video conferencing services or even on the internet via platforms such as Skype. For example, Fujitsu Group Properties – which provides central management services to firm Fujitsu – uses BT MeetMe Global Access conferencing to enable real-time collaboration between up to 40 people.

Social mediaWorkforces are increasingly using social media to communicate internally and with customers. Cloud-based platforms such as Twitter and Skype enable messages to be sent instantly. Communication platforms will be uninterrupted, even if the business systems go down.

Unified communicationsAccording to the International Engineering Consortium, unified communications is an industry term used to describe all forms of call and multimedia/cross-media message-management functions controlled by an individual user for both business and social purposes.

Bring your own device (BYOD) schemesThese allow workers to use their own computer for work and will increase flexibility as mobile devices become the tools of choice. This reduces hardware costs; increases flexibility because workers are always connected; and improves user satisfaction.

The technologies that drive successful flexible workingvices firm Cognizant says businesses will change how people communi-cate in work and with customers. It believes organisations will have to cater for this or risk losing staff to the companies that can offer them the technology they want at work.

But despite the almost universal acceptance that flexible working should be the norm and a good un-derstanding of its advantages, there is significant progress to be made if businesses are to reach their flexible working goals.

Microsoft’s European flexible working survey revealed that, despite the technology required for flexible working being mature, only 34% of UK businesses provide basic technol-ogies such as laptops and remote connection to the company network to enable more flexible work styles.

Furthermore, only 44% of busi-ness decision-makers have invested in collaborative technology such as instant messaging or videoconfer-encing software.

Microsoft’s report says: “Business-es must allow their IT departments to deploy the services which make flex-ible working a reality rather than a hyped-up concept.”

The ad hoc approachMany businesses have an ad hoc approach to flexible working which goes some way in explaining the lack of investment in technology that ena-bles flexible working.

Fotis Karonis, CTO at mobile ser-vice provider Everything Every-where, says the firm does not have a flexible working policy set in stone, but is open to it. He says it uses virtu-al private network (VPN) technology to enable workers to link to corporate networks securely.

Karonis says when Everything Eve-rywhere completes the integration of the Orange and T-Mobile IT infra-structures, it will be better set-up to allow flexible working: “A lot of our systems will be cloud-based and we will look at things like tablets and virtual desktops.”

Phil Pike, head of IT at West & Wales Utilities, says the company does allow staff to work from home on a case-by-case basis: “We will look to enhance mobile technology to give us the option but no formal policy is planned.”

But it is not just the technology in-

“Any investment must have a business case and the technology to support flexible working can be very expensive”

vestment shortfall that needs ad-dressing. Businesses are failing to properly communicate their flexible working policies and what is actually available to staff.

According to Microsoft’s survey, while 60% of business leaders say flexible working polices and guide-lines are available, 70% of workers are unaware of their existence.

Sean Harley, director of technology operations at SkyIQ, says there is a shortfall in how businesses formalise flexible working.

He says the technology is there but policies need to be clear and govern-ance needs to be formalised: “All the technology is already there, with lap-tops and softphones. You can fire up a virtual desktop on a home comput-

er these days. But you have to have the right levels of governance.”

The role of flexible workingHarley says the company has an in-formal flexible working policy but is unlikely to expand beyond this.

He says team knowledge is shared better when workers are in the office. Flexible working technologies are vital when people have to work re-motely but, “there is nothing better than face-to-face communications”.

Richard Edwards, analyst at Ovum, says although it has been al-most a decade since the government first announced the rights for people to request flexible working, “making it a reality is different”.

He says the business benefits of flexible working are difficult to prove and as a result it is difficult to assign money to the technology that sup-ports it: “Any investment these days has to have a real business case. The technology to support flexible work-ing can be really expensive.”

He says that where there is a real saving, such as reducing office space,

the investments can be justified. But if it is just increased flexibility that is the aim then businesses will proba-bly simply make do with the technol-ogy they already have.

Despite survey after survey reveal-ing that flexible working is almost universally accepted, this does not mean that it will suddenly take off. Most companies allow flexible work-ing as an option when required, but do not want it to become the norm. This partly explains why businesses have not invested heavily in technol-ogy to support the practice. ■

15 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

more online› Survey reveals flexible working technology shortfall

› UK businesses lead the world in flexible working

› Third of workers would change employer for flexible working

»

Finding Equilibrium: Balancing Resources, Demand & Benefits in the Age of Volatility

Gartner PPM & IT Governance Summit 2012

Keynote SpeaKerS

nisha pillai Former BBC World News Anchor Getting Your Message Across

SUMMIt CHaIr

Matt Light Research VP Gartner

19 – 20 June | London, UK | gartner.com/eu/ppm

Hot topICSIt program & portfolio ManagementIt GovernancepMo and enterprise pMoenterprise ppM for It and BeyondppM Software & Solutions

Early-Bird Discount: Register by 20 April and save €300

Web: gartner.com/eu/ppm Phone: +44 20 8879 2430 Email: emea.registration@gartner.com

storage

17 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

Data storage has long been something of an IT iceberg, with much of the data bulk and the challenges it cre-

ates unappreciated by businesses, and even by parts of their IT depart-ments. This has been changing over the past year, because of the attention paid to the buzz-phrase “big data”.

Behind the hype, the reality is that data has always been big and grow-ing, and that new analytic techniques will drive more consumption of data storage systems for some businesses.

Although flash memory is becom-ing a mainstream business storage medium, the bulk of working data is still stored on disk, and is likely to be for many years yet.

Big dataUse of the phrase big data reached new heights during 2011. Although the expression refers to a real IT trend, it has been abused by supplier marketing departments. Hype is far from new to the IT industry, and neither is big data, at least not in the original meaning of the phrase.

“Big” is a relative word, and the volume of data stored by businesses has been growing quickly for many years. The reasons for this have in-cluded the increasing digitisation of the workplace and proliferation of IT applications, and greater data archiv-ing driven by compliance and corpo-rate governance.

Exactly how fast data has been growing varies hugely, according to how data is defined. Some high-pro-file studies cite huge numbers for an exploding “digital universe” by in-cluding consumer data, and even transient data such as digitally-borne TV broadcasts and telephone conver-sations. For data stored by main-stream businesses, the growth is slower, but is still fast.

Enterprise data growthOne indication of enterprise data growth comes from industry esti-mates of the capacity of worldwide shipments of external disk storage systems, also known as disk arrays.

These have shown about 50% growth each year for the past 10 years, excepting brief pauses during the post-internet bubble and credit crunch slumps in IT spending. That has been capacity growth, not revenue growth, which has been lower. It also does not directly reflect growth in the volume of the primary or working

Meanwhile, suppliers of arrays of disk and flash memory drives are making their own contributions to the falling price of storage. While per-formance remains a battleground for competition, suppliers now empha-size the overall efficiency of their products, including the way that they use drive capacity.

All major suppliers’ arrays now in-clude a form of storage virtualisation called thin provisioning. Depending on how well this is implemented, it can halve the amount of capacity used to serve an application.

Another technique called data de-duplication has reduced the size of back-ups hugely, and is set for wider usage on working, non-back-up data.

The popularity of these technolo-gies reflects the need of IT depart-ments for new tools to handle ever-growing data volumes. Both technologies will continue to be de-veloped, as will other methods of im-proving storage efficiency, such as data compression and dynamic move-ment of data across tiers of flash and disk drives, according to the changing performance needs of the data.

In addition, array suppliers will continue competing to reduce operat-ing costs by simplifying storage man-agement, because administrative la-bour is still the largest single

Big data needs even bigger storageTim Stammers looks at current and future storage options for managing the rapidly growing volume of business data

component of the cost of storage. This has already seen the automation of previously labour-intensive tasks such as the allocation of storage ca-pacity to applications, and massive increases in the number of terabytes of data that can be managed by a sin-gle storage administrator.

Ovum expects that during 2012 the level of automation will increase in areas such as quality of service con-trols for storage systems, and the inte-grated management of back-ups, ar-chive and data snapshots. Lights out, zero-administration on-premise stor-age will never be achieved, but it is the theoretical goal. ■

Tim Stammers is a senior analyst at Ovum. This article is an extract from 2012 Trends to Watch: Storage data growth, big data, disk shortages, public cloud storage, flash memory, and other trends. Download the full report here.

copies of data stored by businesses. Some of the capacity growth has

happened because of the widespread migration from internal server stor-age to external storage area network (SAN)-connected disk arrays. Some has been because of increasing use of disk arrays to store back-up and dis-aster recovery copies of data as snap-shots and mirrors.

However, if it reflected a 30% growth in the working copies of busi-ness data, that would equal a 14-fold increase in size every 10 years.

Moore’s Law on dataCurrently, data is written to disk using a method called perpendicular magnetic recording. When this first came into use a few years ago, it al-lowed recording densities to double every year, beating even Moore’s Law for processing power.

That rate has since dropped to about 40% per year. However, a re-placement technique called heat-as-sisted magnetic recording is on the near horizon, and could deliver a re-turn to 100% annual growth in data density, and hence drive capacities.

Currently, the largest enterprise disk drives store 3TB. Seagate, one of the two major suppliers of enterprise disk drives, has said that 50TB drives could ship within 10 years.

Flash memory is also contributing to a reduction in overall storage costs, even though it is much more expen-sive than disk. Adding a relatively small number of flash drives to con-ventional disk arrays reduces the overall purchase price of those ar-rays. Flash does this by allowing the array to use smaller numbers of the fastest, most expensive disk drives, in favour of larger numbers of the cheapest and slowest disk drives. While flash memory prices are falling quickly, disk prices are falling even faster, on a per-gigabyte basis. This means that for the long-term future, flash will complement rather than re-place disk for most applications.

Efficient storage systemsTo exploit increases in disk capacity, the storage industry will soon need to adopt an alternative to the current RAID striping method of protecting data against disk failures, which is becoming impractical for very large drives. This will be a major technical change, but different methods are now shipping, and others have been proposed.

Thin

kS

TOc

k

more online› eBay boosts virtual servers with 100 terabytes of flash memory

› Big data: large problems or huge opportunities?

supplier profile

18 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

S ince it was formed in 1982, Symantec has become re-nowned for its security and data management products

and its anti-virus expertise. The com-pany employs 17,500 people world-wide. It had revenues of $6bn for its full year 2010 – about $4.1bn from enterprises and the remaining $1.9bn from consumers.

This makes Symantec roughly a sixth of the size of Microsoft in terms of revenue and headcount. The com-parison is significant because it high-lights the profitability of Symantec’s security technologies. The company is financially strong, with a healthy cash flow, and has consistently deliv-ered annual revenues of about $6bn in each of the past three years. This makes it one of the 10 largest software companies in the world.

According to Gartner, Symantec has the largest market share in the global security market (excluding se-curity services or network security equipment), dominating a fifth of the market in 2009, well ahead of tradi-tional rivals McAfee (11.6%) and Trend Micro (6.7%).

Positioned for growthBut Symantec is determined not to be complacent, despite having a massive installed base of users. It is quickly expanding its range of enter-prise technologies, and has made a number of strategic acquisitions over the past few years.

Its security suite is no longer built on shrink-wrapped anti-virus soft-ware and PC tools. In recent years, Symantec has been creating a portfo-lio of products that offers features such as full hard drive encryption (FDE), end-point security, authentica-tion and digital certificates, compli-ance-centred data back-up and ar-chiving, and PC configuration lifecycle management (PCCLM).

Symantec now has four major product segments: storage and server

and more established competitors such as EMC and IBM, say analysts. Clive Longbottom, service director for business process analysis at Quo-circa, says Symantec now faces many different competitive threats to multi-ple areas of its business.

Longbottom says that Symantec’s strengths are its large product portfo-lio, good customer base, and signifi-cant cash reserves, illustrated by its many acquisitions. He says that it has “good brand recognition and good technology in many areas”.

However, he adds: “Symantec still gets bogged down in its technology rather than concentrating on the busi-ness value a lot of the time. It has overlap in its portfolio that confuses prospective customers, and its cus-tomer base. Symantec is moving slowly to solution sales, but a lot of what it does is still a portfolio sale, with lots of different contracts and different upgrade and patch cycles.”

Securing data and peopleOne way in which Symantec is build-ing new momentum is by redefining its security vision. The new vision focuses on securing both information and people. It brings together data encryption, identity management, and securing the cloud for compliance purposes, among other things. “Our vision is protecting and enabling peo-

Symantec: Security vision redefinedBig Yellow is living proof that security is big business, having grown steadily in the internet boom to become the world’s largest security and data management supplier. Arif Mohamed takes an in-depth look at the company's development

ple to use and access their information over the internet and in their busi-ness,” says John Brigden, European president at Symantec.

Encryption can secure data more effectively, and technology users can be secured by using identity manage-ment. A key to this strategy is the product haul that Symantec gained from its $1.3bn VeriSign acquisition in August 2010. VeriSign sells a num-ber of identity and authentication products, such as secure sockets layer (SSL) certificates (digital docu-ments that allow users to access re-stricted websites), public key infra-structure (PKI) encryption (a system of hardware, software and policies that allow certificates to be used), and several identity protection and au-thentication systems.

But Gartner analyst Peter First-brook says: “This acquisition brought Symantec into the largely commoditised SSL server certificate market, which has only marginal synergy with Symantec’s other prod-ucts [… so it] will need to find a way to differentiate VeriSign certificates or use SSL certificates as a loss leader in an attempt to sell other Symantec products.” ■

This is an excerpt from a Computer Weekly special report on Symantec. Download the full six-page report here.

management; consumer security; se-curity and compliance; and services. Security looks set to be a top priority for IT professionals for the foreseea-ble future as the boom continues for mobile and remote working and cloud computing.

Acquisition strategyBetween 1989 and 2005, Symantec acquired 33 organisations. The two largest and most important acquisi-tions were Axent Technologies in 2000, and Veritas in 2005. Both of these respectively doubled Syman-tec’s revenues and the number of people on its payroll.

The Axent deal, which cost Symantec almost $1bn, provided vul-nerability assessment and intrusion detection products, managed security services and a network of security so-lution providers.

But the Veritas acquisition was even more profound for Symantec because it catapulted the supplier into enterprise data storage, security and management: uncharted territo-ry. Analysts considered it a bold fi-nancial move: Symantec bought Veri-tas for a whopping $13.5bn in July 2005. It was one of the largest soft-ware mergers to date.

If anything, Symantec’s push into storage management and security has opened the company up to stronger

more online› Special report on Accenture

› Special report on SAP

› Special report on Oracle

Are you driving big business benefits from Big Data?

HP Converged Storage Road Show

Where and When

BirminghamFazeley StudiosTuesday 17th AprilDirections

LondonMillbank TowerWednesday 2nd MayDirections

Join us at the HP Converged Storage Road Show

HP's Storage solutions are quickly being recognised as leading solutions to help you deal with today's challenges, with Gartner naming us as a leader in the Magic Quadrant for Midrange and high-end Modular Disk Arrays.

Join us at one of the venues listed to hear how HP's storage technology, as part of a Converged Infrastructure, has helped customers create these savings and tackle the challenges of a rapidly changing industry.

You'll have the chance to hear from Bryan Glick, Editor-in-chief Computer Weekly, who will be providing the context for the changing role of Storage within the rapidly evolving IT industry, and then from HP UK's CTO about our strategy to help you adapt to these changes.

You'll hear how our Virtual Storage and Backup solutions can help you save time and create tangible value for your business, and you'll see how we have already helped customers to make big cost savings. Plus you can hear how HP Storage helped a leading Formula 1 team towards success in 2011.

Register today for your nearest venue to secure your place at an event that can help you see how to create real value for your business.

Click here for more information and to register.

Agenda

9.30 - 10.00Arrivals and Registration

10.00 - 10.15Welcome

10.15 - 11.15Plenary - Part 1

11.15 - 11.45Break

11.45 - 13.15Plenary- Part 2

13.15 - 14.00Lunch and Exhibition

14.00Departures

20 | 3-9 April 2012 Daily news for IT professionals at ComputerWeekly.com

Apple pulls ahead in competition to insult customers’ intelligenceSince iOS was launched, users have complained that the battery gauge is inaccurate. You can plug in your iPhone/iPad and charge it until it says 100%, but it won’t actually be completely charged.

In a novel lesson in spin, the ge-niuses at Cupertino came back and didn’t deny the accusations pointed at them. They agreed with the mob but told them that, while critics were right in diagnosing the issue, they were wrong in calling it a “bug”. It is

neither – in fact, it’s a “great feature”.Apple vice-president Michael

Tchao pointed out the error saying: “That circuitry is designed so you can keep your device plugged in as long as you would like. It’s a great feature that’s always been in iOS.”

Because without that “great fea-ture” you wouldn’t be able to keep your device plugged in to the mains. Funny, Downtime always thought you can leave a device plugged in for

as long as you want.If it’s such a great feature why

didn’t they put it in their advertising? Downtime can imagine it now:

“The New iPad is revolutionary, it’s light, portable – and it can be charged for as long as you want!”

This is not the first time Downtime has had cause to observe that Apple treats its customers like imbeciles, but surely this time it’s going too far. They should’ve at least given a better explanation or the truth. But then people might think Apple is not per-fect – a world no-one wants to live in.

US military reconnaissance robot clears roofs in a single boundThe “sand flea” is not an insect you would find on a camel in the Sahara, it is a new robot being developed to help the US military conduct recon-naissance missions.

Although it does look a lot like a kids remote control car, the sand flea weights only 5kg and can jump 30 feet into the air.

Its rubber wheels and on-board sta-bilisation system help keep the sand flea stable during air time and land-ings. Click here to see the video.

The chances of Downtime getting one for Christmas? Pretty slim.

Octogenarian walks into plate glass and sues owner for $1mOn a visit to Apple’s glass-fronted Long Island store, US grandmother Evelyn Paswall ended up with a broken nose in an altercation with a glass door. Now she’s suing for $1m.

That’s despite the fact that Apple put warning stickers up last year after customers sustained minor injuries in two similar incidents.

The $1m suit acknowledges the warnings, but calls Apple “negligent” and says that the stickers are not a “proper warning”.

Passwell’s lawyer says the 83-year-

old did not see any glass: “Apple wants to be cool and modern and have the type of architecture that would appeal to the tech crowd, but they have to appreciate the danger this high-tech modern architecture poses to some people.

“The stereotypical Apple customer is a Gen-Y person or a teenager or a college student, but they have to realise that the elderly generation are their customers, too,” he added. ■

Heard something amusing or exasperating on the industry grapevine? E-mail cw-downtime@computerweekly.com

Prince William feels a right mugWe had to put up with a load of tat being released for the royal wedding and you’d be forgiven for thinking that would be that.

But oh no. Here comes the royal wedding anniversary tat. Form an orderly queue.

However, something is different here. Can’t quite place it though, can you?Is Kate’s hair different? No.Hang on, wait a minute – that’s Prince Harry, not Prince William!It seems the enterprising souls at guandongenterprisesltd.com haven’t

quite done their research properly. And Downtime is pretty sure they can’t get away with blaming a Google image search for this mistake.

Particularly as the slogan on the reverse appears to be imploring young Kate to have children with her brother in law. A member of the royal family bearing the child of a man who isn’t one’s husband? Such a disgraceful, nay, treasonous suggestion is surely unworthy of comment.

Downtime is tempted to purchase one now in honour of the laziness of non-fact-checkers everywhere.

downtime

Computer Weekly/ComputerWeekly.com1st Floor, 3-4a Little Portland Street, London W1W 7JB

General enquiries 020 7868 4282

editorial

Editor in chief: Bryan Glick 020 7186 1424 bglick@techtarget.com

Managing editor (technology): Cliff Saran 020 7186 1421 csaran@techtarget.com

Services editor: Karl Flinders 020 7186 1423 kflinders@techtarget.com

Head of premium content: Bill Goodwin 020 7186 1418 wgoodwin@techtarget.com

Content editor: Faisal Alani 020 7186 1425 falani@techtarget.com

Chief reporter: Warwick Ashford 020 7186 1419 washford@techtarget.com

Senior reporter: Kathleen Hall 020 7186 1426 khall@techtarget.com

Editorial & marketing assistant: Matt Scott 020 7186 1410 mscott@techtarget.com

Production editor: Claire Cormack 020 7186 1417 ccormack@techtarget.com

Senior sub-editor: Jason Foster 020 7186 1420 jfoster@techtarget.com

disPlaY adVertisinG

Sales director: Brent Boswell 07584 311889 bboswell@techtarget.com

Group events manager: Chris Hepple 07826 511161 chepple@techtarget.com

contacts