Forrester Predictions 2019 – Amicus ITS Digests: Session#5 – Employee Experience

(L-R) Carrie Johnson, Sharyn Leaver and Sam Stern

Forrester’s Chief Research Officer Carrie Johnson asked Principal Analysts Sam Stern and Sharyn Leaver about employee experience and looked at the psychology behind work and the introduction of workplace automation.

In defining ‘employee experience’, Sam Stern said this was the “sum of their perceptions of their experiences working within an organisation, informed by how they feel about their employer and their working life for that company”.

Carrie Johnson reflected that Forrester’s predictions around large scale digital transformation for big organisations were that it would be very challenging (to avoid a workforce feeling excluded and devalued) as it involved a range of issues that had to be managed well to avoid failure, including culture.

Sam Stern commented that this would give companies a chance to look around their different departments to try to get some of the smaller things right. This included:

• Helping managers become better coaches
• Remove unneeded process or any broken rules that no longer apply
• Help employees be more productive in their daily work

Stern continued that with many companies currently experiencing generally low unemployment, employees had more options and might question whether their employers were doing enough with just smaller efforts. 2019 could mark an exodus of staff, unless the company was demonstrable in showing it cared and that staying was right for them and their future?

Sharyn Lever commented that whilst the road to transformation had to have regard for the legacy stack involved, forgetting the employee experience as part of this journey could form the biggest single cause of failure, as fundamental change was very hard for staff to accept.

Carrie Johnson observed that one fix or ‘band aid predicted for 2019’ was updating infrastructures from legacy technology. This created a natural path for the introduction of ‘Robotic Process Automation’ (RPA) to make processes more efficient.  How did that investment conflict with the investment into the employee experience to make people feel good about the work they are doing?

For Sharyn Lever, RPA was a very pragmatic investment as it was so specific, but she acknowledged it could have ‘unintended’ consequences in sending the wrong message to staff if they read into the transformation incorrectly without context and constructive guidance.

Sam Stern commented that it was imperative for companies to be explicit in messaging what RPA was not about in the workplace, otherwise people would make up their own minds – probably incorrectly.   Explaining to staff which areas of business would benefit most from the introduction of RPA would be more constructively received, if the plans were shared with employees in advance to get them on board (and offer a discussion).  “RPA is designed to take away from the human as many of the non-human tasks as possible as we ask them to do and automate them” ie. those which are boring or repetitive (as humans don’t tend to do this well as we lose interest when we’re not focused and quality drops).    Stern agreed it had to start with intentionality, not as a by-product of change, to ensure motivation and focus remained.  With the right messaging, staff have a chance to embrace change, not just be onside – and employee experience would be enhanced with recognition of their value and personal contribution.

Chief Research Officer Carrie Johnson was concerned that should we experience a downward economic trend in 2019 and investment went the route of RPA, that there could be a loss of trust for employees, as people’s instincts would naturally be to imagine their job was at risk if the focus went on technology, not the people.

Sharyn Lever commented that businesses needed to make time to re-think their core values to properly understand their identity.  Sam Stern added that if values and purpose were weighed against each other, a company had to be very clear about its values – and keep them in line of sight when making decisions. Doing this would ultimately lead to better business decisions, rather than selecting when to apply values.

In summary, both recommended steps to support navigating this tricky path included:

•  For management to keep staff focused and to manage any distractions
•  To allow employees time to get important work done either directly or in their teams.

◊  Statistically, the better employee response and higher productivity comes from employees feeling they are able to make progress on their most important work (and have distractions managed with minimum interruption of meetings/online tools interference.

• If employees can be supported to focus on the company’s core mission, this will align with the organisation’s wider strategies and lift productivity further.
• Finally, if the individual feels they are making personal progress this will be valuable in helping with staff retention and reduce the costliness and lost time of staff replacement.

Vikki Fox, HR & Client Relationship Manager

Vikki Fox, Amicus ITS HR & Customer Relationship Manager is unequivocal on the matter, “Amicus ITS is a 24×365 B2B IT Managed Service organisation and our staff are at the centre of solution delivery and customer satisfaction every day.  You have to start by focusing on your employee and think of them as a person not a commodity.  Their employee experience is pivotal to good retention, personal satisfaction and productivity”. 

“If you can lead staff with integrity, review any processes to remove those that are obsolete, whilst providing the support and training your staff need to grow personally – they will add value for you and you will have gained their trust through your performance”. 

“So when transformation and change inevitably comes (which it will with technology), you are far better prepared to talk things through and nurture their confidence by identifying the solution’s value and the employee’s fit – either as a consumer, or the expert guide for the customer”.

“Company vision can often seem distanced where it is not understood at floor level and recognised by all whatever the role.  Ensuring that everyone can identify with your organisation’s core values puts you on that path to a shared vision and sense of pride by association”.

“HR have a big responsibility for employee experience throughout the employee lifecycle, we are selling the opportunity, business, culture and environment from the interview and this experience must continue throughout the individual’s employment. My aim is to lead with integrity and ensure that as a team we understand and work within our company values”.

 

‘Orangeworm’ the new superworm hacking group that’s targeting healthcare

Hacking activity targeting the healthcare sector continues to rise.  New security research just released by Symantec has identified a global hacking group called ‘Orangeworm’.  Though its targeted victims accounted for a small number of organisations in 2016 and 2017 (mostly in the USA and Asia), some were identified as being based in Europe.  Analysis by industry has revealed that the healthcare sector is Orangeworm’s primary target, with 39% of hacking outcomes manifesting themselves in this data rich sector which includes hospitals and pharmacies.

Symantec said, “Based on the list of known victims, Orangeworm does not select its targets randomly or conduct opportunistic hacking. Rather, the group appears to choose its targets carefully and deliberately, conducting a good amount of planning before launching an attack”.

Orangeworm’s wormable trojan, named ‘Kwampirs’ is able to vet the data to determine if the computer is used for research, or contains high value data targets eg. patient information.  The Kwampirs then create a backdoor on compromised computers, enabling the hackers to remotely access equipment and steal sensitive data – and Orangeworm survives reboots.

The trojan worm has a penchant for machine software on critical hospital equipment which includes kit like x-ray machines and MRI scanners, as well as machines used to assist patients in completing consent forms.  If the ‘victim’ computer is of interest, the malware then “aggressively” spreads itself across open network shares to infect other computers within the same organisation and uses built-in commands to grab data. This includes “any information pertaining to recently accessed computers, network adapter information, available network shares, mapped drives, and files present on the compromised computer.”

The supply chain is a key part of this vulnerability funnel, with targets including manufacturers providing medical devices and technology companies offering services to clinics, plus logistics firms delivering healthcare products.

Director of Technology, Security & Governance, JP Norman advises:  “Ensure your anti-malware provider can detect Kwampirs activity and to prevent and detect an infection, ensure that:

•        A robust program of education and awareness training is delivered to users to ensure they don’t open attachments or follow links within unsolicited emails.
•        All operating systems, anti-virus and other security products are kept up-to-date.
•        All day-to-day computer activities such as email and internet are performed using non-administrative accounts.
•        Strong password policies are in place and password reuse is discouraged.
•        Network, proxy and firewall logs should be monitored for suspicious activity.
•        User accounts accessed from affected devices should be reset on a clean computer.”

Sales Director, Les Keen added, “Where there is the option for healthcare / supply chain organisations to prioritise IT funding, updating the Operating Systems is a primary, as is ensuring a strong and regular policy on Patch Management.  Our Sales and Security teams  are always on hand to review and audit organisational IT infrastructure and offer holistic remediation advice as part of our security readiness programmes.  Just call us on +44 2380 429429”.

 

The ‘hokey kokey’ of the Referendum debate

With June 23rd closing in upon us, political ping pong seems to be the order of the day.  With so many mixed messages in the market, it is difficult to see the wood from the trees.

As we are all aware this is obviously a personal decision, but I believe one that should be based upon facts not political point scoring around the pros and cons of a Brexit decision.

We are given some estimates suggesting the total economic cost of EU membership is around 11% of our annual GDP at around £200 billion.  Some say this money would be better spent on new British industries.  It is also stated that the EU is one of the world’s largest markets, accounting for 25% of global GDP.

The interesting point is that it is said that the EU is our biggest trading partner, with 45% of the UK’s exports to the EU, and 50% of all imports are from the EU.  You could argue that our membership makes us a more attractive destination for foreign investment.  Figures from 2012 show we received around £937 billion of Foreign Direct Investment, while 50%  of UK FDI is EU-related.

It is thought by ‘Brexiters’, we can independently pursue international trade deals with China, India and the US, this may well be true, but there is nothing stopping us today, or is there?

It is said that the EU has many layers of bureaucracy and regulatory issues.

I see that Nigel Farage believes we could strike an agreement with the EU that is similar to Norway’s, having access to the EU but not being bound by it.

And not to mention the most charged debate around the immigration effect on the country.

When I questioned my professional colleagues, it is very clear to me that they all have differing opinions, some to stay in and some to exit, both parties putting up convincing arguments and as far as I can see neither is wrong and there is value in both.

One thing that is understood is that we are all aware of where the EU has taken us as a country since 1972, but what will exiting deliver and where would this untrodden ground take us?    In reality, nobody knows.

I therefore question what the real issues are and whether we are being given all the correct facts, plus what are the motives? Will we ever understand what it will mean to us before we are asked to vote in 27 days time, or will we all be simply voting upon minimal information based on a favoured approach by our local MP’s – and on the basis of a set of reforms negotiated by Prime Minister David Cameron, be they weak or strong?

As an IT Managed Services Provider we could sit on the fence, however for a few of our customers, it could have major repercussions if we left the EU.

What do you think?  How might it affect your business?

Hactivists unmasked over BBC website collapse on New Year’s Eve 2015

“New World Hacking” finally claimed responsibility two days into 2016, following the attack on the BBC website which was a relatively common Distributed Denial of Service (“DDoS”) cyber attack.  The high profile targeting ensured that the BBC’s news service, iPlayer online TV and radio services were down for several hours on 31st December 2015, resulting in an error message being shown instead of the BBC homepage.

A DDos attack is where a website becomes overloaded with a surge of traffic it cannot handle, with result that the website’s servers stop responding to requests.

The targeting of the BBC was purportedly friendly fire!  The hactivists claim to concentrate on taking down websites supporting ISIS (Daesh) or sites affiliated to the terror group – and this exercise against the BBC was just to test the capabilities of their machines, because of the BBC’s high capacity to respond to traffic.  No doubt this made the BBC feel very comforted.

Amicus ITS security specialist Mark Heather added:  “This has been described as a DDoS attack but it appears to have been designed as a scoping exercise; not to attack the BBC per se, but to give the hactivists more insight as to their efficacy.  Unfortunately, there is little that companies can generally do to thwart this type of attack. But threat management can be deployed as part of a wider cyber security protection strategy”.

“Organisations can take certain preventative positive measures to thwart, circumvent or manage cyber threats.  ‘Threat analysis’ can be undertaken as part of an ongoing reputation exposure exercise. Your cyber security team can look out for any ‘Dark Chat’ underground threads published on web hactivist forums for example – and with this intelligence, then direct traffic towards a ‘honeypot’ mechanism for example” (see below)

Honeypots can be used to check content before anything is passed through the firewall, as one of an organisation’s strategic steps to beefing up their data security.  As Mark comments:  “Much like the weather, you cannot stop rain from happening, but you can wrap yourself up warm and get your umbrella out knowing what the forecast is likely to be”. 

The week’s technology news – 13th March 2015

‘Expectations vs Experience in migrating to Cloud Services’

One of the US Labor Department’s top execs,  Dawn Leaf, CIO, United States Department of Labor
was a keynote speaker at CloudExpo2015 this week.   The following is a precis of her key reflections to our UK audience regarding Cloud and the experiences from her part in the US government’s adoption of Cloud:

• AWS turnover at $1.67 Bn.  Now shows as its own revenue stream.
• 92% of UK enterprise expected to extend their data investment. Cloud is a data reality.

US Government move to Cloud
• Started 2011-12.
• Trigger:  DoL IT spend was $82bn p/a, with 80% of that cost on infrastructure and 80% of that spend being on maintenance and ops – had to change.  Galvanised move to consolidate data centres and migrate to Cloud.
• Size of challenge:  DoL alone has 28 agencies and its ‘mission’ affects 25m workers.
• IT services for 19,000 staff moved across 500 locations to Cloud services.
• 9 different infrastructures, none of which were standardised.
• Expectations:  expectations coming out of cloud service were to create on demand self service, broad network access and elasticity.
• Challenges identified by NIST Cloud Computing Technical Roundup.
• Had to review security and compliance in preparation beforehand and review firewalls before any department could connect to Cloud.
• Recommendation that any organisation should include an Operational Readiness Test Phase in their SLAs’ to prove that they could get to cloud, as safeguard.
• Part of prep, DoL had to upgrade bandwidth and assure desktop readiness.  They still had 10,000 people working on Windows XP.
• Dawn created standards and definitions for NIST (used across Gvmt depts).

Roadmap created
• Need clearly defined roles and responsibilities for interoperability.
• If an issue needs resolving, all sides engage, no silo mentality.  Frequently a 3rd party is blamed and hard to move forward in good time.  Gov had issues with Microsoft, but MS put their hand up + issues with Blackberry.
• Had to review cost challenges
• Needed to estimate mailbox cost per individual vs legacy – worked out the same @ $15 p/mailbox pp.
• Had to sell change to workers to avoid unlimited archive space for staff – housekeeping.
• Issue of Sharepoint which needed to be migrated – taken step at a time:  dealt with first legacy of MS Outlook – moving mail only first.
• Systems reviewed illustrated challenges – Sharepoint alone had 100 instances of legacy to map.  New policy drafted around Sharepoint for new form as primary need in new structure.
• Issue of datacentre consolidation would meet two objectives in US:
• DoL managed to reduce number of datacentres by x40 in 2015.  Datacentres now located in outside Washington in DC.
• Cost reductions came by checking that datacentres were ‘ready’ to be migrated.
• Changes created significant energy cost savings
• Consolidation also created significant reduction in operating costs.
• Bottom line:  two security operations in two silos supported by two people were costing $200k p/a.  Savings made by moving to one model.
a) Consolidation and standardisation
b) Migration needed redesigning in line with Government Digital Platform.

Reflections
• DoL now have 400 x more storage than before.
• Generally lots of legacy and services to migrate – cannot move lock stock.
• Serious challenge as affected lives so had to take it step by step.
• As a Gov organisation they faced legal requirements which were non negotiable.
• Had to adhere to FISA, with additional requirements around security inputs:
o High (sensitive referenced data) – lots of these for Gov – assessed that Cloud not less secure, but the costs jumped so greatly that on cost effective basis, better to have private Cloud or private federated Cloud approach in this band to protect national impacts.
o Medium (PII falls into this category) = there were 200 – all below national levels
• Used federated map risk programme to scrutinise.
• Gov assessed that with Medium risk data – Cloud did not create an increased threat to servicing.
• The main threat to any organisation is from within – its staff.  Cyber espionage whether criminal or run of the mill occurs with 000s of threats/hacks on daily/ weekly basis in US gov departments.
• Recommendation – need sound security practices
• Can take 2 years from selection of cloud partner to implementation.
• Budget and procurement cycles.
• Gov has to have back up plan to keep services going if all falls down
• Gov now has Cloud first policy – strategic decision in outsourcing.
• Closing vision piece – need more science and technology women coming through in sector. Headcount in room 5 out of 100 in theatre.

 

Overground underground wandering free?

Travelling to London for this week’s CloudExpo2015 at Excel, it was fascinating to do a quick spot check on the variety of devices used by commuters on the train and then the tube.

Around our section of 8 separate travellers sitting across two tables journeying on South West Trains into London Waterloo, there was a lot of technology on show.  Accompanying our little sample were two Mac iBook Airs, three iPads, one HP laptop, one Lenovo Think Pad, one Windows phone, one person read the paper and one person slept.  One commuter (working for a Financial Conduct Authority according to the asset label on their laptop) juggled three devices during the journey.  And then somewhat alarmingly, the gentleman sitting directly opposite worked away on his laptop oblivious about the fact that laptop monitor showed a post it note confirming his antivirus, VPN setting and login.  Truly further education needed about keeping a device secure, especially if it is not your own.

A short while later on the underground, there was no less by way of volume of devices.  The tube carriage with 14 seats facing each other, had 10 people variously using smartphones and iPhones whilst the size of luggage carried indicated tablets, iPads and laptops were being taken along for the ride. The remaining four read the freebie Metro newspaper.

Clearly society is very comfortable today with technology, certainly more comfortable having it as a barrier to avoid engaging with a neighbour en route.  The difference on show was that everything went decidedly smaller as we went underground to suit the environment and the sense of enclosed space.  This reliance on technology will only increase in future as our desire to have technology whilst on the move and to stay connected ramps up.  In contrast, the technology will get smaller, lighter and faster as devices and technology are completely interwoven into every part of our lives both during and outside work.

Week’s Technology News – 27th February 2015

Boards acknowledge cyber risk on their 2015 agenda

Back in 2013, following a KPMG report that cyber leaks at FTSE 350 firms were putting the UK’s economic growth and national security at risk, the heads of UK intelligence agencies MI5 and GCHQ then asked leading businesses to take part in a Cyber Governance Health Check.  The results were a stark wake up call.

As we reported in our blog on 19^th December, Board engagement is pivotal to the success of any cyber security plan and thwarting the eye popping 80% of preventable attacks in 2014.

The 2015 Cyber Governance Health Check has just been published and reveals that 88% of companies are including cyber risk on their Risk Register with 58%+ anticipating an increased risk over the next 12 months.  However, only 21% say their boards get comprehensive information and only 17% regard themselves as having a full understanding of the risks. This is clearly insufficient in the light of the continuing squeeze on data security and compliance measures.

You do not have to be a FTSE 350 to want continued trust from clients and the comfort of having up to date data security measures.   So wake up and smell the budding roses of 2015 and do your own health check review now:

• Re-evaluate what the unique crown jewels of your organisation are (key information and data assets) as they may have changed in in the 12 months.
• Review risk from any 3^rd party suppliers and avoid contractual complacency – get into active compliance.
• Be pro-active about risk and create a competitive advantage of rivals.
• Arrange for a ‘pen test’ and get in shape to be security fit for purpose in 2015.

Windows Server 2003 is dying – but Windows Server 2012 will offer an elixir

With the forthcoming end of life for Windows Server 2003 and cessation of support from Microsoft on 15^th July 2015, the effect will be severe for the many business still running this server in their data centre with exposure to cyber attack, unless considered steps are taken now to plan for upgrade.

Microsoft’s own survey recently confirmed that there were 22 million ‘instances’ (database environments) with WS2003 still running.

Organisations clearly need to plan their migration strategy – and quickly – if they are going to protect their infrastructure. End of support means no patches, no safe haven and no compliance.  Any company continuing to run WS2003 beyond July will fail regulatory compliance audits which could result in losing commercial contracts. So delays are not only expensive but highly risky.

The advances in the data centre with Windows Server 2012 RT offer integrated virtualisiation of compute, storage and networking along with enterprise class scalability and security.  The Cloud options of Microsoft Azure and Office 365 will deliver applications faster and increase productivity and flexibility – and take away risk.

Security implications

• Software and Hardware compatibility – If you are running a mixture of physical and virtualised servers, then priority should go to addressing physical assets, as most WS2003 licences are tied to the physical hardware.
• Compliance against many industry requirements has moved from a best practice ‘good to have’, to a mandatory requirement, so no option.
• Payment Card Industry Data Security Standard (PCI DSS) v2, v3 – providing adequate assurance levels to meet the requirements of PCI will fail.
• UK Government – connecting to the Public Services Network (PSN), whether through an assured connection or via an Inter Provider Encryption Domain (IPED) will be a headache if updates cannot be supported securely.
• Industry standards Industry standards such as ISO 27001:2013 and the Cloud Security Alliance all require you ensure your systems and applications are up to date.
• Disaster Recovery and Resilience  How do you re-start servers that are no longer supported? If DR is key to you business then migrating is a necessity will be fairly expensive.

Planning to move

• Integrate your servers and their lifecycle into your strategy and risk management process.
• Check what the servers do for you and do data mapping, flow and services exercise.
• Identify your core assets and check them against confidentiality, integrity, availability and likelihood of compromise to help future design and investment decisions.
• Create fit-for-purpose security architecture within your Cloud (ie should you need to retain legacy data which is rarely used – create security zones using layered firewalls, ingress and egress controls, file integrity and protective monitoring.
• Test – lots – and then get a 3^rd party certified security professional to conduct an ethical hack.
• Failure to plan is planning to fail – do not let your business suffer by putting your head in the sand.

This week’s technology news – 20th February 2015

Microsoft enjoys gold in Europe

Microsoft’s VP of Legal & Corporate Affairs, Brad Smith announced on 16th February 2015 that it had become the first major cloud provider to adopt an international standard for cloud privacy – which is also the world’s first.

This follows the EU data protection authority’s endorsement of Microsoft’s gold standard for cloud privacy back in 2014 (see our blog 17th April 2014).  The new ISO creates a uniform, international approach to protecting privacy for personal data stored in the cloud.

Smith is clearly pleased:  “The British Standards Institute (BSI) has independently verified that in addition to Microsoft Azure, both Office 365 and Dynamics CRM Online are aligned with the standard’s code of practice for the protection of Personally Identifiable Information (PII) in the public cloud”.

Where standards will affect business assurance and safeguards to industry, this new ISO is important commercially as ISO 27018 assures enterprise customers their privacy is safe – and the new standards promise the data will not be used for advertising.

According to Smith, Microsoft can only process identifiable data the customers provide and is obliged to notify the customers where their data is, and who else is using it (in case there are third parties in need of their data). Additionally, the company offering cloud services must notify the client in case the government requests disclosure of ‘PII’ data.

Google’s CIE says “Don’t get lost in the digital Dark Age”

Chief Internet Evangelist for Google, Vint Cerf, a “father of the internet” and holder of the highest civilian honour, the U.S. National Medal of Technology, addressed the American Association for the Advancement of Science (AAAS) annual conference in San Jose last week.  His talk aired concerns that all the images and documents we have been saving on computers will eventually be lost – and that future generations will have little or no record of the 21st Century as we enter what he describes as a “digital Dark Age”.

This would occur as hardware and software become obsolete (and as backward compatibility is not always guaranteed) and old formats of documents, presentations or images, may not be readable by the latest version of the software or retrievable from external hard drives.

“The key here is when you move those bits from one place to another, that you still know how to unpack them to correctly interpret the different parts. That is all achievable – if we standardise the descriptions…. We have various formats for digital photographs and movies, and those formats need software to correctly render those objects.  Sometimes the standards we use to produce them fade away and are replaced by other alternatives and then software that is supposed to render images can’t render older formats so the images are no longer visible”.

“Over time, we accumulate vast archives of digital content, but may not actually know what it is.”  As it is unclear what would be the most important data of our generation it was important to preserve as much as possible.

“The solution is to take an X-ray snapshot of the content and the application and the operating system together, with a description of the machine that it runs on, and preserve that for long periods of time. And that digital snapshot will recreate the past in the future.” Cerf calls this digital form, ‘Digital Vellum’ to be held in servers in the cloud – and accessible as required because descriptions have been standardised.

Whilst there is no guarantee of Google being around in 3000, the notion is that the x-ray snapshot captured is transportable from one place to another. So, it could move from say Google cloud to another cloud, or back onto a personal machine.

See video:  http://emp.bbc.co.uk/emp/embed/smpEmbed.html?playlist=http%3A%2F%2Fplaylists.bbc.co.uk%2Fnews%2Fscience-environment-31458902A%2Fplaylist.sxml&title=Net%20pioneer%20warns%20of%20digital%20’Dark%20Age’&product=news“>http://emp.bbc.co.uk/emp/embed/smpEmbed.html?playlist=http%3A%2F%2Fplaylists.bbc.co.uk%2Fnews%2Fscience-environment-31458902A%2Fplaylist.sxml&title=Net%20pioneer%20warns%20of%20digital%20’Dark%20Age’&product=news

When just one drop IS enough

An American company, Nanobiosym has shown off its latest mobile diagnostic device, ‘Gene Radar’, which can perform real time testing on a drop of blood, saliva or other bodily fluid to detect disease.

Using a nanochip in a mobile device, they claim it provides a gold standard at DNA/RNA level, revolutionising the previous mountainous PCR processing which went before it in medical profiling, to create more efficient scientific solutions to viral scanning.  A mobile scanner that can detect whether a person has Ebola, HIV or the flu virus in less than one hour has great significance. The technology can be deployed in wearables, smart phones and notebooks and apps for self diagnosis are also being developed apace.

Nanobiosym is one of several US companies chasing healthcare business in this sphere, including Corgenix (a Microsoft Gold Service Partner) and Nanomix.  CEO of Nanobiosym Dr Anita Goel is passionate about the opportunity for this new technology to truly democratise healthcare, especially in third world countries, which do not have the industrialised history and infrastructure investment in healthcare and take it to the people.

The personalisation and mobility of this healthcare offering is very exciting. It brings together physics, biomedicine and nanotechnology to diagnose conditions and is viewed by Goel has having the potential to cut the costs of some conditions by up to 99%, surely of interest to healthcare boards around the globe, where the pressure on budgets is forever being squeezed.

The development is eye catching when in the West, traditional HIV screening would cost $200 with results taking two weeks – and six months in Africa.  The outbreak and spread of Ebola hooked world headlines in 2014 and its impact is still being felt.  The new technology being developed by these companies can detect the disease at very low levels, before a patient is even showing symptoms.  In practical terms, scanning for this and other diseases at airports say, could help contain, advise and start pro-active steps for treatment, even affecting future generations.

The company is waiting for approval from the US Food and Drug Administration (FDA) before offering the device for sale.  With diseases like Ebola, it would be a straightforward tick for border agencies, keen to control migration of those affected. However the ramification for detection through apps of other genetic diseases like Parkinsons or Alzheimer’s carries with it the health warning that the patient’s very knowledge of the disease could alter and affect their life, decisions and outlook if pre symptoms were detected whilst there was still no cure.

See video:  http://goo.gl/FcBXoD

This week’s technology news – 23rd January 2015

Are you into Cloud yet?

Offering peer insight, a recent 2015 survey of over 200 IT and security professionals by US expert ‘not for profit’ organisation The Cloud Security Alliance (CSA), found that 72% of companies questioned, didn’t know the number of shadow IT apps within their own organisation.

This has been blamed on a lack of knowledge about Cloud by both IT staff and senior execs in organisations.  CSA’s CEO Jim Reavis explains:  “The word “Cloud” means different things to different people in a company.  In IT departments, “Cloud” often refers to a specific type of server virtualization technology, or use of IaaS platforms such as Amazon AWS.  For everyone else, SaaS is also “Cloud,” including used tools such as Dropbox, Google Docs, LinkedIn and Facebook”.

Another problem is procurement.  Employees can readily sign up for cloud services without any input from IT at all.  The answer for this would be to monitor outbound connections, block access to certain sites and manage the increasing proliferation of BYOD devices.  Staff bypassing the IT department can quickly create potential headaches and security issues for organisations in ignoring governance and compliance.

Security of data remains the top barrier to cloud adoption, however organisations are still moving forward in adopting cloud services with 74% confirming wholesale adoption, or at least step migration into Cloud services. Part of the holdback remains a lack of knowledge and experience by IT and business managers.  49% of companies with fewer than 5,000 employees reported spending more than 20% of their IT budget on Cloud services.

One of the ‘progressive’ spin offs for companies witnessing the data disasters experienced by major retailers, banks and blue chip names in 2013 and 2014, is the increased involvement of executives taking the decision making around IT to the boardroom which has risen to 61%.  This according to Reavis is a good thing: “We think it will help close the gap on some of the problems we were talking about.”

CSA hopes to enable organisations to make better decisions and help confidently and responsibly accelerate the use of Cloud services in their environments.  The whole report can be accessed at:
https://cloudsecurityalliance.org/research/surveys

Organisations seeking to take their first step into Cloud Services and wondering about security, compliance, scalability and flexibility or cost savings can review the Cloud framework videos offered by Amicus ITS at http://www.cloudservicesframework.com or our dedicated Backup +Recovery options at http://backupandrecovery.amicusits.co.uk

 

 

 

 

 

 

Windows 10 – The price for success is….Free!

This week Microsoft held a Windows 10 event, containing several big announcements that showed off a new Microsoft with fighting spirit. Press events are not usually Microsoft’s strong suit, but this latest event showcased a new mastery of showmanship reminiscent of Apple’s best product announcements.

The show started off with a bang; Windows 10 will be free to anyone running on Windows 7 or above if they upgrade within the first year of the Windows 10 release. This move alone will likely give Windows 10 the best launch yet.  Free upgrades of course will slash potential short-term profits on desktop licences but Microsoft is thinking bigger – and is a cunning strategy to grow Windows beyond the PC.

With Windows 8, Microsoft promised the same experience across all your devices, be they PCs, tablets or phones. This move did not play out as well as hoped. The idea was good but the execution left many feeling alienated, expressing they had been forced a mobile, touch-driven interface on their non-touch PC.

This time around the same strategy is in place but much of work has been done to tailor the interface to each particular device type, whether it is big, small, touch, keyboard and mouse, or even a mix.

If you are on a desktop you will see a new version of the much missed Start bar and on a tablet, the full Start screen Windows 8 introduced. These modes can also aquatically switch on hybrid PCs, for example detaching the keyboard on a Surface tablet will switch it from PC to tablet mode on the fly.

This is all well and good on an OS layer but it is apps that are hugely important today. During the event Microsoft demonstrated new universal apps like Office will run on Windows 10 from small phones to large PCs and these apps like the OS will also adapt to each.  This apps pitch alongside the free upgrade is Microsoft’s big play.

If Windows 10 gets the expected momentum, with users actively downloading new apps from the Windows store, app developers would be silly to ignore this huge new market. With these same new apps made for desktop, but also able to run on Windows Phones, this could give Microsoft’s mobile platform the shot in the arm it certainly needs.

What Microsoft is essentially doing is incorporating Windows Phone as a platform into just “Windows”, reflected in its new renaming; dropping the “phone” to simply “Windows 10” so it can reap the benefits from its desktop monopoly.

In addition, as part of Microsoft’s ‘Continuity’, they announced its voice assistant ‘Cortana’ will, for the first time, be branching out from just the phone to tablets and PCs also. This was demo’d by asking the PC with voice to find specific documents, search for photos from a specific month, dictate emails, control music and more.

As if this wasn’t enough, the much rumoured new browser was officially launched. Currently called ‘Project Spartan’, this browser will come alongside Internet Explorer which will be kept to handle legacy and corporate intranet sites. Project Spartan uses a new rendering engine alongside a different, newer look and feel. A new annotations feature lets you doodle on pages and share with others. Plus Cortana support is also built-in, letting you search with your voice and intelligently suggest searches as you start typing, based on previous interactions (such as showing flight details booked when typing in the airlines site).

All in all, Windows 10 is shaping up to finally live up to Microsoft’s ambitious goals which misfired with Windows 8. The free upgrade will ensure it gets the best launch possible, which will please consumers and developers alike, and give Windows Phone its best chance of success.

The sting in the tail is for hardware partners.  Obviously you cannot please everyone in this game – and with users getting free Windows 10 upgrades later in 2015, it is the hardware partners who will not be happy, as they will face that challenge of seeing their usual buyers staying away as for once they do not have to buy new PCs upon upgrade.

Microsoft’s Windows 10 event this week, wasn’t just about new software that was shown off.  There was also a big splash about the business implications for holograms and the persuasive use of collaboration technology with a new 84″ meeting display?   Interested – watch this space on Monday 26th January!

 

This week’s technology news – 3rd October 2014

Is another Black Monday looming for the major IaaS players?
The stockmarket crash of October 1987 was a harrowing period of economic history that had repercussions around the world.  In 2014, senior industry leaders are looking warily at the prospect of a potential collapse around the major public infrastructure-as-a-service (IaaS) players which could yet de-stabilise world markets again.

The historic ploy of slashing prices to base levels and expanding networks to take market share may all be about to unravel as the financials behind the biggest Cloud players is challenged.   “Hundreds of millions of dollars has been spent on building out public cloud infrastructure. We don’t know anybody in the world who is profitable”, said Steve Brazier,CEO of Canalys, who warned resellers to be very careful about directing customer business before checking out the financials of the major cloud suppliers. An isolated comment would be one thing to make headlines, but when it is echoed by other heavyweights including Cisco’s Snr VP of worldwide cloud and managed services sales, Nick Earle and others like Sue Barsamian, worldwide channel head HP’s Enterprise Group, it starts to add gravity.

Amazon Web Services (AWS) lost $2bn in the last four quarters and its parent, Amazon, is forecasting losses between $410m and $810m this quarter, believed to be largely focused on AWS.  AWS cut prices by 36% in Q2 and this hit revenues at a time when cap-ex increased 51% to $1.29bn. Neither Microsoft nor Google will separate out their costs around public infrastructure clouds, but the cost against profit is not anticipated to be any different a picture in this cloak and mirrors area.  Rackspace in the meantime, an early pioneer of public IaaS, is now shifting attention to the managed services market.  The difference may lie in whoever has the deepest pockets to ride out this perfect storm.  AWS is sitting on $5bn of cash, but put against Google’s stockpile of $61bn and Microsoft on $86bn, then AWS is by far the more fragile contender.

Why should we care?  Well, consider this… the CIA runs on AWS, as does NASA and the Dow Jones for example.   If AWS were to fall over from lack of cash, the bailout would have to come from the banks or Federal bail outs – and that would be more than just be a ripple on the financial markets worldwide.

The new EU Reformation
The EU General Data Protection Regulation, currently called the “EU Data Protection Directive”, will be immediately binding in all of the EU member states when it comes into force.

It will reform data protection legislation and online privacy rights and is expected to boost the digital economy. So a few key questions:

Who will become responsible for data protection in an organisation under the new regs?  Companies (250+ employees) must appoint a Data Protection Officer to take responsibility for the organisation’s legal obligations, noting that data protection is not just an IT issue, it is a people issue.

How will personal data be categorised?
There will be various types of data definitions requiring restrictions ranging from: “Personally identifiable information” (PII), usually considered to be either personal or sensitive information, the latter holding more restrictions than personal data, as well as other categories including children’s data (under 18) and employee data.

What should I do now?
PII – firstly, companies should review the existing PII they hold, be it printed data or electronic.
Policies – policies should then be reviewed to ensure they are up to date and enforced (eg. encryption of data, document shredding etc.), including checking confidentiality clauses with 3rd parties.
Educate the workforce – all staff need to be aware of the inbound changes and educated accordingly – and sooner rather than later to avoid future digressions.
Global security review – finally, a top down review of the information security system should be undertaken to check policies, procedures and infrastructure are in place to protect the company from a potential data breach.

This week’s technology news – 15th August 2014

1.2 billion stolen credentials

Security and Investigations company Hold Security has discovered a Russian crime ring’s hacking efforts, penetrating websites big and small in search of the lucrative digital commodity of user credentials. From a mass of cyber attacks, the group has acquired over 4.5 billion records. Within these, 1.2 billion are genuine, unique login credentials. This was accomplished by successfully attacking over 420,000 websites and is suspected to be by method of SQL injection.

SQL injection occurs whereby someone inputs malicious code inside a SQL database. This can be via a standard web form or by taking advantage of a custom URL, which passes data back to the server. Once inside the database, the code can execute its custom command eg. taking lists of usernames and passwords and sending them to the desired location.

There are several measures you can put in place to combat SQL injection and save your own data from criminal attack.

1.When requesting data in forms that will be sent to your database make sure you assign length restrictions.
2.Check data type and check custom text for uses of execute code commands.
3.In addition, monitor your databases to check only the correct type of information is being collected is equally important.

With another huge credentials breach it highlights the urgency for regular password changes as part of good governance policies to keep your data secure.

 

Technology tracking study for Parkinsons patients and improved clinical decision making

In the same week that the world heard the sad news of brilliant US comedian Robin Williams’ suicide (disclosed as a Parkinson’s sufferer by his widow after his death), another Hollywood star and Parkinson’s sufferer, Michael J Fox has publicised an olive branch of hope for Parkinson sufferers.   His foundation, The Michael J Fox Foundation (MJFF) announced its support and co-funding for a study and new wearable healthcare technology app to help doctors study the effect of different medications for sufferers of the disease in the future.  In a joint venture with Intel division Basis (spurred into action by senior advisor, former chief executive – and Parkinson sufferer Andy Grove), patients were provided with smartwatches armed with sensors to track sufferers in realtime.

The disease is believed to be caused by a mix of genetic and environmental factors, though its exact cause is still unknown.  Symptoms can include tremors, uncontrollable movements, impaired balance and co-ordination, stiffness, slowness of movement, loss of smell, decline in intellectual functioning, speech and swallowing problems.

In the tests, 16 patients and nine control volunteers wore watches which allowed more than 300 data points to be recorded ever second, translating to one gigabyte of data, per patient, per day over a four day period. The information gathered was then uploaded to Intel’s system by a smartphone carried by the wearers.   The data seeks to understand how people live with the disease and respond to treatments and drugs (which could also reveal unmet needs to improve treatment in the future). The digital tests were paired with hard copy diaries kept by the individuals, supplemented by two clinical visits for further tests.  The scientists intend to create new algorithms following assessment of the data, to enable body movement symptoms and sleep patterns to be automatically measured and made available for review in real time.

The next stage of the complex study will take place in Boston, New York and Israel and will involve releasing the app to enable patients to record how they are feeling and to report their medication intake, to inform future prescriptions and to understand gait, fluidity of movement, tremors, sleep habits etc. 24×7.   Mindful of the sensitivity of patient data, Intel confirmed it would encrypt and anonymise the data to safeguard privacy. They also hope that it will eventually lead to opening up the sensor driven platform to other research centres and wearable devices in future.

Other tech players involved in health tracking tech data and devices include Samsung’s Simband wristband, Apple’s Healthkit app and Google Fit software. Through their brand weight and increased market interest in digital healthcare including emerging names such as Theranos in blood testing and diagnosis, this is creating a momentum for the sector which is rapidly growing, as new possibilities and hope for sufferers of Parkinsons and other diseases open up in the future.

Females only a bitesize chunk of Apple’s apple

Apple CEO Tim Cook has voiced dis-satisfaction with the low ratio of female employees at Apple in a recent employee diversity report.  This disclosed a global 70:30 gender split in favour of a largely white male workforce.  This is by no means startling for the technology industry, but nonetheless marks Cook’s goal to see the ratio change over time.

Apple currently employs 35% females in non-tech roles, 20%  in tech positions and 28% in leadership roles.  For Cook though, the diversity message goes much deeper and wider:  “Our definition of diversity goes far beyond the traditional categories of race, gender and ethnicity.  It includes personal qualities that usually go unmeasured, like sexual orientation, veteran status, and disabilities.  Who we are, where we come from, and what we’ve experienced influence the way we perceive issues and solve problems.  We believe in celebrating that diversity and investing in it”.

In comparison, the UK IT sector currently employs just 15% females in tech positions and 9% in leadership roles (source ONS, Aug 2014). This is surprisingly down on the top job stats for women from just ten months ago at the back of the UK recession, when females held 15% of leadership positions in technology.

Given the future global growth for the technology and IT servicing sectors, it would great for the eoncomy for British female students exiting schools to get excited about jobs and career opportunities in the IT industry, as well as for employers to open their eyes to think about how they can attract this valuable talent pool that would change the skewed picture on both sides of the pond if we could take a leaf out of Cook’s book.

 

Microsoft squeezing Kinect into smart phones and more

Microsoft is no stranger to real-time 3D motion capture and has been facilitating developer’s innovative controller-free ideas for many years, using their Kinect for Windows sensor. The 3D sensor can let you navigate menus by moving your hands without actually touching any physical object. As clever as the device may be when utilised well, it is hard to argue the camera sensor is small.  On the contrary, the existing Kinect devices are big and bulky, limiting its use to larger areas with the sensor fixed and calibrated to a central, ideal position.

Microsoft’s Research labs are currently working on different technologies to miniaturise Kinect-like 3D depth sensing. One approach to accomplishing this task as demonstrated by Microsoft, involves turning a regular web camera into a depth camera. Using just low cost parts including a ring of LEDs, this transformation can take place in as little as 10 minutes, the down-side here being the greater accuracy and range from the bigger, more expensive units is lost.

When the technology hits the right size we could find Kinect branded cameras on future tablets and smartphones. Using face detection to unlock your device and sign in and even letting you take advantage of in-air hand gestures to control the interface. The most interesting uses of the mobile Kinect technology could be seen via third-parties, if Microsoft opens up the Kinect APIs upon a possible release. This would make the innovative ideas from existing and future developers a lot more accessible when more people have access to the technology.