Forrester Predictions 2019 – Amicus ITS Digests: Session#3 – Digital Transformation

In the third of our sequence of digests on Forrester’s findings and forecasts for 2019, we look at digital transformation and how it will be different this year to last for many companies with Allen Bonde, VP Research Director at  #Forrester.

Allan Bonde’s first observation was that 2018 had shown that many firms’ experience of attempting large scale ‘big bang’ transformation had been problematic with a number failing in their endeavours.

This, Bonde felt, was frequently because people’s focus needed to shift from transformation efforts to innovation efforts to improve everyday processes. He illustrated this quoting the anecdote of a Chief Digital Officer who’d hidden his digital road map away and instead was looking to go out into the field to talk to others business leaders and gather grass route support for change strategy, taking small incremental steps towards improvement to make his transformation achievable.

Allen Bonde felt that in 2019 transformation focus would be on pragmatic efforts, creating efficiencies and taking big transformation and making it small.   Operational improvements would become higher priorities as companies ‘tuned up their digital experience stock’.

To execute this, Bonde said we needed to build up our cultural reinforcements as we accepted constant change. This meant re-evaluating strategy to put the right people in the right roles.   This would mean shifting customers to:

• Lower cost digital channels
• Launching digital products
• Turning data assets into new products
• Driving automation in everyday tasks faced employees and customers

Allen Bonde acknowledged this would be uncomfortable for a lot of people, currently modelling their business case on a B2C basis.  Instead though, Bonde felt that the B2B route would be the main profit driver, as digital leaders should look at the macro economic picture and decide upon their investments based on which tools would result in ‘payback’.

Forrester anticipate 25% of organisations will decelerate their digital spend either through an assumption they had done enough, or that they were worried about the economy – and will end up losing market share.

The winners would be the 15% of top companies who are customer-obsessed, who will look to invest more, build the right processes and modern architecture to be ‘fit’ and back this up with the right product managers and digital leaders to roll out the next phase of ‘pragmatic transformation’ using the right processes to achieve this.

Ben Davis, Snr Account Manager

Senior Account Manager for Amicus ITS, Ben Davis added:  “These observations by #Forrester echo with Amicus ITS’ thinking.  In the last two and half years we have been supporting our customer base in their journeys to digital transformation.  Our Consultancy efforts primarily focus on understanding our customers, their business outcomes, priorities, IT environment, challenges and budgetary constraints.  For the public sector, our customers are also challenged by other wider mandates including UK Gov’s Cloud First strategy.   For the health sector, the desire to achieve the digital transformation, create improvements and efficiencies is there in full.   However, there are so many legacy applications and keeping the lights on is as great a struggle as any desire to fulfil ‘transformation’”. 

“In the NHS, they are operating in a highly politically charged environment where targets and patient service must come first.  For instance, we see a resistance in Office 365 adoption because of the high ongoing revenue costs.  What this sometimes fails to take into account, is that in subsequent years, NHS organisations would stand to make significant productivity gains and efficiencies, making the operating costs far lower.  Those productivity gains and efficiencies are sometimes intangible.  For instance, a business may struggle to pin a value on the implementation of Microsoft Teams for collaboration, or say, Microsoft Forms (a powerful and easy tool for customer service questionnaires and surveys)”.

“Healthcare organisations are simultaneously looking to implement clinical advances which utilise the best of modern technology, but unless they are freed to be able to take the steps towards digital transformation, they will ultimately always face an uphill struggle.  Minister of Health, Rt Hon Matt Hancock MP said in September 2018 that he wanted to accelerate a vision of a greater technology-driven NHS.   This necessarily has to be more than a five year political plan which ensures it is not just full integration of technology across primary and secondary healthcare, but the binding in of health and social care with wider agencies to provide a full patient-centric service and efficient NHS”. 

“The road to digital transformation is not a rapid journey for any organisation.  The business change has to be carefully thought through and engaged with by all stakeholders to have a chance of success”.

If you are interested in discussing your digital transformation plans or any challenges you are facing in confidence, please contact our Sales team on +44 2380 429429.

Microsoft announces Customer Lockbox for Office 365

Microsoft announces Customer Lockbox for Office 365

During this week’s RSA conference in San Francisco Microsoft has announced a new feature for Office 365 called ‘Customer Lockbox’. This new feature is designed to provide unprecedented control over a customer’s content stored on Microsoft’s platform.

Customer Lockbox administers access control through multiple levels of approval within Microsoft. It logs and audits all Office 365 control actions and provides access with limited and time-bound authorisation.

Essentially this enables the owner of the Office 365 account to scrutinize any request for access to their data including support from Microsoft themselves. By default requests have a lifetime of 12 hours, after this time the engineer will be unable to access customer content and will have to submit another request for access.

Customer Lockbox will be available by the end of the 2015 for Exchange online and Q1 2016 for SharePoint Online. The new feature will not be enabled by default but those who do opt-in will increase the separation of server administration from the data stored in Office 365 resulting in an added layer of security.

Microsoft adding MDM to Office 365

Microsoft has announced this week that Mobile Device Management (MDM) capabilities will be coming to all their Office 365 commercial plans – for no extra cost.

The new MDM features are focused around the Office apps for Android and iOS and will include setting security polices to allow only compliant devices to connect, Device Management to force pin lock requirements and jailbreak detection as well as selective wipe to remove just Office 365 data without remove a user personal information.    In addition to the above healthy package other extended features are also available if you subscribe to Microsoft Intune (part of the Microsoft Enterprise Mobility Suite). These extended features include restricting clipboard features such as copy and paste and saving documents to other applications.    Microsoft is boasting its new mobile management suite is the only one that can fully manage its mobile Office apps.

With Office mobile apps being a natural consideration for organisations currently using Office on laptops and desktops – this play from Microsoft to both add additional control to organisations to protect their data ‘on the go’ and to make the service so reliant on their own Office 365 subscription is a smart one.

Managed Service Providers get to add their value here too, as Office 365 accounts can be fully or partially managed by a provider, whilst also offering local and around-the-clock support on both technical issues and emergency tasks such as wiping a lost phone.

It will be interesting to see how this develops with the imminent release of Windows 10 on both phones and small tablets – and where Microsoft will draw the line, if at all, on mobile and non-mobile devices and what is supported.

Week’s Technology News – 27th February 2015

Boards acknowledge cyber risk on their 2015 agenda

Back in 2013, following a KPMG report that cyber leaks at FTSE 350 firms were putting the UK’s economic growth and national security at risk, the heads of UK intelligence agencies MI5 and GCHQ then asked leading businesses to take part in a Cyber Governance Health Check.  The results were a stark wake up call.

As we reported in our blog on 19^th December, Board engagement is pivotal to the success of any cyber security plan and thwarting the eye popping 80% of preventable attacks in 2014.

The 2015 Cyber Governance Health Check has just been published and reveals that 88% of companies are including cyber risk on their Risk Register with 58%+ anticipating an increased risk over the next 12 months.  However, only 21% say their boards get comprehensive information and only 17% regard themselves as having a full understanding of the risks. This is clearly insufficient in the light of the continuing squeeze on data security and compliance measures.

You do not have to be a FTSE 350 to want continued trust from clients and the comfort of having up to date data security measures.   So wake up and smell the budding roses of 2015 and do your own health check review now:

• Re-evaluate what the unique crown jewels of your organisation are (key information and data assets) as they may have changed in in the 12 months.
• Review risk from any 3^rd party suppliers and avoid contractual complacency – get into active compliance.
• Be pro-active about risk and create a competitive advantage of rivals.
• Arrange for a ‘pen test’ and get in shape to be security fit for purpose in 2015.

Windows Server 2003 is dying – but Windows Server 2012 will offer an elixir

With the forthcoming end of life for Windows Server 2003 and cessation of support from Microsoft on 15^th July 2015, the effect will be severe for the many business still running this server in their data centre with exposure to cyber attack, unless considered steps are taken now to plan for upgrade.

Microsoft’s own survey recently confirmed that there were 22 million ‘instances’ (database environments) with WS2003 still running.

Organisations clearly need to plan their migration strategy – and quickly – if they are going to protect their infrastructure. End of support means no patches, no safe haven and no compliance.  Any company continuing to run WS2003 beyond July will fail regulatory compliance audits which could result in losing commercial contracts. So delays are not only expensive but highly risky.

The advances in the data centre with Windows Server 2012 RT offer integrated virtualisiation of compute, storage and networking along with enterprise class scalability and security.  The Cloud options of Microsoft Azure and Office 365 will deliver applications faster and increase productivity and flexibility – and take away risk.

Security implications

• Software and Hardware compatibility – If you are running a mixture of physical and virtualised servers, then priority should go to addressing physical assets, as most WS2003 licences are tied to the physical hardware.
• Compliance against many industry requirements has moved from a best practice ‘good to have’, to a mandatory requirement, so no option.
• Payment Card Industry Data Security Standard (PCI DSS) v2, v3 – providing adequate assurance levels to meet the requirements of PCI will fail.
• UK Government – connecting to the Public Services Network (PSN), whether through an assured connection or via an Inter Provider Encryption Domain (IPED) will be a headache if updates cannot be supported securely.
• Industry standards Industry standards such as ISO 27001:2013 and the Cloud Security Alliance all require you ensure your systems and applications are up to date.
• Disaster Recovery and Resilience  How do you re-start servers that are no longer supported? If DR is key to you business then migrating is a necessity will be fairly expensive.

Planning to move

• Integrate your servers and their lifecycle into your strategy and risk management process.
• Check what the servers do for you and do data mapping, flow and services exercise.
• Identify your core assets and check them against confidentiality, integrity, availability and likelihood of compromise to help future design and investment decisions.
• Create fit-for-purpose security architecture within your Cloud (ie should you need to retain legacy data which is rarely used – create security zones using layered firewalls, ingress and egress controls, file integrity and protective monitoring.
• Test – lots – and then get a 3^rd party certified security professional to conduct an ethical hack.
• Failure to plan is planning to fail – do not let your business suffer by putting your head in the sand.

This week’s technology news – 20th February 2015

Microsoft enjoys gold in Europe

Microsoft’s VP of Legal & Corporate Affairs, Brad Smith announced on 16th February 2015 that it had become the first major cloud provider to adopt an international standard for cloud privacy – which is also the world’s first.

This follows the EU data protection authority’s endorsement of Microsoft’s gold standard for cloud privacy back in 2014 (see our blog 17th April 2014).  The new ISO creates a uniform, international approach to protecting privacy for personal data stored in the cloud.

Smith is clearly pleased:  “The British Standards Institute (BSI) has independently verified that in addition to Microsoft Azure, both Office 365 and Dynamics CRM Online are aligned with the standard’s code of practice for the protection of Personally Identifiable Information (PII) in the public cloud”.

Where standards will affect business assurance and safeguards to industry, this new ISO is important commercially as ISO 27018 assures enterprise customers their privacy is safe – and the new standards promise the data will not be used for advertising.

According to Smith, Microsoft can only process identifiable data the customers provide and is obliged to notify the customers where their data is, and who else is using it (in case there are third parties in need of their data). Additionally, the company offering cloud services must notify the client in case the government requests disclosure of ‘PII’ data.

Google’s CIE says “Don’t get lost in the digital Dark Age”

Chief Internet Evangelist for Google, Vint Cerf, a “father of the internet” and holder of the highest civilian honour, the U.S. National Medal of Technology, addressed the American Association for the Advancement of Science (AAAS) annual conference in San Jose last week.  His talk aired concerns that all the images and documents we have been saving on computers will eventually be lost – and that future generations will have little or no record of the 21st Century as we enter what he describes as a “digital Dark Age”.

This would occur as hardware and software become obsolete (and as backward compatibility is not always guaranteed) and old formats of documents, presentations or images, may not be readable by the latest version of the software or retrievable from external hard drives.

“The key here is when you move those bits from one place to another, that you still know how to unpack them to correctly interpret the different parts. That is all achievable – if we standardise the descriptions…. We have various formats for digital photographs and movies, and those formats need software to correctly render those objects.  Sometimes the standards we use to produce them fade away and are replaced by other alternatives and then software that is supposed to render images can’t render older formats so the images are no longer visible”.

“Over time, we accumulate vast archives of digital content, but may not actually know what it is.”  As it is unclear what would be the most important data of our generation it was important to preserve as much as possible.

“The solution is to take an X-ray snapshot of the content and the application and the operating system together, with a description of the machine that it runs on, and preserve that for long periods of time. And that digital snapshot will recreate the past in the future.” Cerf calls this digital form, ‘Digital Vellum’ to be held in servers in the cloud – and accessible as required because descriptions have been standardised.

Whilst there is no guarantee of Google being around in 3000, the notion is that the x-ray snapshot captured is transportable from one place to another. So, it could move from say Google cloud to another cloud, or back onto a personal machine.

See video:  http://emp.bbc.co.uk/emp/embed/smpEmbed.html?playlist=http%3A%2F%2Fplaylists.bbc.co.uk%2Fnews%2Fscience-environment-31458902A%2Fplaylist.sxml&title=Net%20pioneer%20warns%20of%20digital%20’Dark%20Age’&product=news“>http://emp.bbc.co.uk/emp/embed/smpEmbed.html?playlist=http%3A%2F%2Fplaylists.bbc.co.uk%2Fnews%2Fscience-environment-31458902A%2Fplaylist.sxml&title=Net%20pioneer%20warns%20of%20digital%20’Dark%20Age’&product=news

When just one drop IS enough

An American company, Nanobiosym has shown off its latest mobile diagnostic device, ‘Gene Radar’, which can perform real time testing on a drop of blood, saliva or other bodily fluid to detect disease.

Using a nanochip in a mobile device, they claim it provides a gold standard at DNA/RNA level, revolutionising the previous mountainous PCR processing which went before it in medical profiling, to create more efficient scientific solutions to viral scanning.  A mobile scanner that can detect whether a person has Ebola, HIV or the flu virus in less than one hour has great significance. The technology can be deployed in wearables, smart phones and notebooks and apps for self diagnosis are also being developed apace.

Nanobiosym is one of several US companies chasing healthcare business in this sphere, including Corgenix (a Microsoft Gold Service Partner) and Nanomix.  CEO of Nanobiosym Dr Anita Goel is passionate about the opportunity for this new technology to truly democratise healthcare, especially in third world countries, which do not have the industrialised history and infrastructure investment in healthcare and take it to the people.

The personalisation and mobility of this healthcare offering is very exciting. It brings together physics, biomedicine and nanotechnology to diagnose conditions and is viewed by Goel has having the potential to cut the costs of some conditions by up to 99%, surely of interest to healthcare boards around the globe, where the pressure on budgets is forever being squeezed.

The development is eye catching when in the West, traditional HIV screening would cost $200 with results taking two weeks – and six months in Africa.  The outbreak and spread of Ebola hooked world headlines in 2014 and its impact is still being felt.  The new technology being developed by these companies can detect the disease at very low levels, before a patient is even showing symptoms.  In practical terms, scanning for this and other diseases at airports say, could help contain, advise and start pro-active steps for treatment, even affecting future generations.

The company is waiting for approval from the US Food and Drug Administration (FDA) before offering the device for sale.  With diseases like Ebola, it would be a straightforward tick for border agencies, keen to control migration of those affected. However the ramification for detection through apps of other genetic diseases like Parkinsons or Alzheimer’s carries with it the health warning that the patient’s very knowledge of the disease could alter and affect their life, decisions and outlook if pre symptoms were detected whilst there was still no cure.

See video:  http://goo.gl/FcBXoD

This weeks round up from Amicus ITS

£250,000 penalty for Sony
The Information Commissioner’s office (ICO) has fined Sony Computer Entertainment Europe £250,000 for breaching the Data Protection Act, The data breach penalty relates to the hacking of the Sony PlayStation Network Platform in April 2011, which compromised the personal information of over 77 million customers. At the time Sony took down their Playstation network for over 3 weeks, to rebuild a more secure online platform, with over 77 million world-wide affected this was one of the biggest security breaches in history, who will be next!

Office 365 Home Premium launched
Microsoft takes Office into the cloud and for the first time lets consumers pay via monthly subscription. As well as the ‘modern’ look, users also get perks such as extra SkyDrive storage and free worldwide Skype calls to landlines. This is a unique way of marketing the Office package, it makes Office very accessible through a price point that everyone can afford and in addition the ‘always connected’ features of the Cloud helps Microsoft fight software piracy, a win win for all I feel!.

Blackberry 10
RIM who recently changed their name to ‘Blackberry’ launched their latest and long awaited new platform Blackberry 10 in the UK on the 31/01/13. They decided to launch in the UK first as Blackberry’s UK’s market is one of their strongest, this launch is fundamental for the future of Blackberry. The Z10 and Q10 both look good and take the Blackberry style into truly modern phones. We believe it is unlikely to be enough to truly gain significant market share, but if there’s one market they will crack it will be the UK, so this is definitely one to watch.