Documente Academic
Documente Profesional
Documente Cultură
com
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
THE WEEK IN IT
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
IT strategy
IT Innovation
Mobile technology
IT careers
Public sector IT
IT suppliers
ALL OLYMPIC
SYSTEMS TO BE ON
THE CLOUD BY 2018
Systems underpinning Olympic
Games events will be run entirely
from the cloud by the 2018 Winter
Olympics in South Korea. Cloud
computing will also be used to
run core summer Olympic Games
systems for the first time at
the 2016 Olympic Games in
Rio de Janeiro.
ISTOCK
HOME
THE WEEK IN IT
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
Cyber security
Public sector IT
Data sharing
Financial IT
The question of how much data an individual should share was a key theme of
Tim Berners-Lees keynote speech at IP
Expo in London. Addressing a packed conference room, the father of the web said
opening up data for clinical trials is the
only way to solve big problems and, in the
event of a road accident, he would want
any doctor to access his records.
IT security
Cyber security
Data sharing needs accountability, says Financial transaction network Swift will
Tim Berners-Lee at IP Expo in London
not decide whether to cut off members
Lawyers of celebrities
whose private pictures were published by
hackers are threatening to sue Google for
$100m for failing to remove the images
from its search results and sites. Law firm
Lavely & Singer, which represents more
than a dozen of the women affected, said
Google should be held accountable. n
127.9
87.6
Latin America
33.5
Mature Asia-Pacific
32.5
28.8
23.9
Source: Capgemini
computerweekly.com 14-20 October 2014 3
ANALYSIS
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
HP buys
Eucalyptus as
it bets on open
cloud future
HP rivals
expected
toexploit
splitmove
High-risk strategy
ANALYSIS
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
Cloud architecture
Major changes
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
ANALYSIS
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
Cyber risk
and the
UKsCyber
Essentials
Scheme
Cyber
Essentials
ensures SMEs
protected
THINKSTOCK
HOME
ANALYSIS
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
Over-reliance on CES
CASE STUDY
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
HOME
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
YouGov
migrates
far-flung
datacentre
back home
Migrating
Department
for Education
to Gov.uk
Upgrading hardware
CASE STUDY
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
Lessons learnt
INTERVIEW
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
CW500
he University of
Oxford comprises
38 individual colleges, each full of students and staff with the
need to communicate across campuses, and
sometimes even across countries.
The university recently announced plans
to deploy new communications systems to
increase the use of bring your own device
(BYOD) and collaboration across the educational institution.
Darrell Sturley, deputy CIO at the university, says the project will replace Oxford
Universitys current systems with managed
services. The university has invested in
several new administrative systems over the
past five years and, with those investments
behind it, now aims to steer focus towards
building an IT infrastructure that reflects the
institutions academic needs.
This integrated communications project is
part of the overall initiative to give our admin
staff, researchers, teachers and students more
modern ways to communicate, he says.
The telephone system currently in place
at the university is almost 30 years old.
Although it still works, the technology
interview
Rather than simply replacing the phone system with a new one, the university chose to
explore what else was available. It decided
to look beyond telephony and consider what
else people might find useful, says Sturley.
This integrated
communications
project is part of the
overall initiative
to give our admin
staff, researchers,
teachers and students
more modern ways to
communicate
SEBASEBO/ISTOCK/THINKSTOCK
University
of Huddersfield
revamps Wi-Fi
with Meru
Networks
University
of Westminster
uses mobile
devices to
share data
computerweekly.com 14-20 October 2014 10
INTERVIEW
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
CIO
interview:
Peter
ORourke,
University
Campus
Suffolk
CIO
interview:
David
Matthewman,
Open
University
Were very
mindful that
students require
a modern working
environment
Until the spring, the story was us knowing we needed to do something different and
finding out what that different thing was.
Having chosen to work with Unify, were now
building the equipment, says Sturley.
We could just turn it on and say to everybody, right, there you are guys, get started,
but we felt that was not likely to generate
the most benefit and that proper preparation
and proper readiness was the way to do this,
says Sturley.
Sturley points out that the need for collaboration and communication has increased,
as has the number of devices each student
uses. Students not only have a laptop, but
may also have a phone and a tablet device.
The university has ensured the new system
will support the main smartphone operating
systems Android, iOS and Windows Phone.
Were very mindful that students require a
modern working environment, says Sturley.
It is student-led to a certain extent, as they
turn up with all kinds of gadgets and devices.
This system will allow students to make use
of a range of those.
Oxford University is a collegiate university
made up of several buildings, colleges and
campuses, and also has a unique teaching system based around personal tutorials. This dynamic makes communication
extremely important, and although the
university is very traditional, it is still technologically advanced.
As well as the tradition and the architectural heritage, we think its important that
students and staff have access to modern
IT systems and that working here is a 21st
century experience, says Sturley. This kind
of system can bring us all closer together
it can tie the colleges of Oxford University
together as one community. n
HUNTSTOCK/THINKSTOCK
HOME
EDITORS COMMENT
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
Computer Weekly/ComputerWeekly.com
1st Floor, 3-4a Little Portland Street,
London W1W 7JB
GENERAL ENQUIRIES
020 7186 1400
EDITORIAL
Editor in chief: Bryan Glick
020 7186 1424
bglick@techtarget.com
Managing editor (technology): Cliff Saran
020 7186 1421
csaran@techtarget.com
Head of premium content: Bill Goodwin
020 7186 1418
wgoodwin@techtarget.com
Services editor: Karl Flinders
020 7186 1423
kflinders@techtarget.com
Security editor: Warwick Ashford
020 7186 1419
washford@techtarget.com
Networking editor: Alex Scroxton
020 7186 1413
ascroxton@techtarget.com
Special projects editor: Kayleigh Bateman
020 7186 1415
kbateman@techtarget.com
Datacentre editor: Archana Venkatraman
020 7186 1411
avenkatraman@techtarget.com
Storage editor: Antony Adshead
07779 038528
aadshead@techtarget.com
Business applications editor: Brian McKenna
020 7186 1414
bmckenna@techtarget.com
Business editor: Caroline Baldwin
020 7186 1425
cbaldwin@techtarget.com
Reporter: Clare McDonald
020 7186 1426
cmcdonald@techtarget.com
Production editor: Claire Cormack
020 7186 1417
ccormack@techtarget.com
Senior sub-editor: Jason Foster
020 7186 1420
jfoster@techtarget.com
Senior sub-editor: Craig Harris
020 7186 1416
charris@techtarget.com
Sub-editor: Ben Whisson
020 7186 1478
bwhisson@techtarget.com
DISPLAY ADVERTISING
Sales director: Brent Boswell
07584 311889
bboswell@techtarget.com
Group events manager: Tom Walker
0207 186 1430
twalker@techtarget.com
Bryan Glick
Editor in chief
computerweekly.com 14-20 October 2014 12
OPINION
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
Gov.uk
cyber security
guidance for
business
Mixed
reaction to
ECs NIS cyber
security plan
National strategy
Co-operation network
Security requirements
EC standards
Enforcement
BUYERS GUIDE
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
DOWNTIME
How do VM
backup tools
fit in a cloud
backup and
disaster
recovery
environment?
VM backup
methods for
quick VM
recovery
BUYERS GUIDE
THINKSTOCK
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
BUYERS GUIDE
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
In the old days, if a server crashed then you would probably go through the following steps:
n Get a new server. Hopefully you would have a spare to hand probably an out-of-date
model, if it had not been needed for some time;
n Then, either: Install all the systems and applications software, attempting to get all the
settings as they were before, unless of course you had done that in advance which
would not have been possible if you had only invested in one or two redundant servers on
standby for many more live ones, not knowing which would fail;
n Or, for a really critical application, you may have had a hot standby, all fired-up and
ready to go. However, that would have doubled the costs of application ownership, with
all the hardware and software costs paid twice;
n Restore the most recent data backup, for a database that might be almost up to date, but
for a file server, an overnight backup may be all that is available, so only as far back as the
end of the last working day. Anything that was in memory at the time of the failure is
likely to have been lost. How far back you aim to go is defined in a backup plan as the
recovery point objective (RPO).
Virtualisation changes everything and increases the number of options. First, data can be
easily backed-up as part of an image of a given virtual machine (VM), including application
software, local data, settings and memory. Second, there is no need for a physical server
rebuild; the VM can be recreated in any other compatible virtual environment. This may be
spare in-house capacity or acquired from a third-party cloud service provider. This means
most of the costs of redundant systems disappear.
Disaster recovery is cheaper, quicker, easier and more complete in a virtual world. In the
idiom of backup, faster recovery time objectives (RTOs) are easier to achieve. At least, that is
the theory, but it can get more complicated with the need to co-ordinate different VMs that
rely on each other for example an application VM and a database VM so testing recovery
is still paramount and can forestall problems in live systems.
There are a number of different approaches, from tightly integrated hypervisor-level VM
replication through to disaster recovery as a service (DRaaS).
The leading virtualisation platform suppliers including VMware, Microsoft Hyper-V and
Citrix Xen offer varying levels of VM replication services embedded in their products.
They are tightly integrated into the hypervisor itself and so limited to a given virtual environment. However, this does give them the potential to achieve the performance needed
for continuous data protection (CDP) using shadow VMs as virtual hot standbys, minimising both RPOs and RTOs.
There are other products that tightly integrate VM replication at the hypervisor level, for
example EMCs RecoverPoint, which supports the co-ordinated replication and recovery of
multiple VMs, so it can ensure a VM running an application is consistent with an associated
database VM. Currently this is only for VMware but Hyper-V and cloud management stacks
such as OpenStack are on the horizon.
Another is Zerto, which says it has built in better automation and orchestration than the
virtualisation platform suppliers, further minimising the impact on the run-time environment.
Zerto currently supports just VMware but has plans to extend support for Hyper-V and
Amazon Web Services (AWS) which means, in the future, it will support failover from an
in-house VMware system to, say, AWS or another non-VMware-based system. Its product
could also be used for pre-planned migration of workloads.
VM snapshotting
Many other virtual-aware tools work by taking snapshots of VMs at given intervals. This
involves pausing the VM for long enough to copy its data, settings and memory before
computerweekly.com 14-20 October 2014 15
BUYERS GUIDE
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
returning it to its previous state. The snapshot can be used to recreate the VM over and
again. The RPO depends on how often snapshots are taken (which could be often enough
to be close to CDP, but that would affect overall performance). The RTO depends on little
more than how quickly access can be gained to an alternative virtual resource which, with
the right preparation, should be almost immediately.
A number of new suppliers specialise in virtual environment backup. Swiss-based Veeam
launched its product in 2008 and supports VMware and Microsoft Hyper-V. Nakivo
(founded 2012) only supports VMware. As these products have been built for a virtual world,
they have many of the required adaptations built-in from the start, for example creating VM
snapshotting and network acceleration to make off-site replication more efficient.
The traditional backup suppliers have adapted their products. For example, Symantec has
just released Backup Exec 2014, which it believes matches the capability and performance of
the new arrivals. Dell claims that its AppAssure mimics CDP by using a smart agent that
avoids freezing the VM and takes a snapshot at least once every five minutes. CommVaults
Simplana and Arcserve have also had the challenge of catching up.
One difference with many of the traditional suppliers is their capability to support both
older physical environments alongside virtual ones, which remains the situation in many
organisations. It also means their products are often used for migration, that is, for backing
up a physical server and restoring it as a VM.
Many cloud infrastructure service providers, for example Rackspace and Amazon provide
VM replication, enabling customers to put their own failover in place, but generally this is
limited to their own platforms.
The widespread use of virtualisation and availability of cloud platforms for recovering
workloads has led to a proliferation of DRaaS offerings. Here the replication of VMs is
embedded in the service, so the customer has little to do other than due diligence and to
sign on the dotted line.
Some are offered by cloud/hosting service providers; for example NTT Communications
IMPLEMENT A
has a European offering in partnership with US-based DRaaS provider Geminare. Broader
COMPREHENSIVE
disaster recovery specialists such as SunGard and IBM include DRaaS in their portfolios.
BYOD POLICY
DRaaS providers provide unique value to make it worth their customers while. Some take
this to a new level, for example UK-based Plan B Disaster Recovery says its Microsoft
GOVERNMENTS
Windows Server DRaaS offering can guarantee recovery, because it includes nightly testing
DIGITAL STRATEGY
of the recoverability of the images it takes of its customers server environments. This not
TO CUT RED TAPE
only ensures recoverability but often pre-empts problems the customer has yet to notice.
Plan B operates at the application level so is hypervisor-neutral, supporting VMware,
DOWNTIME
Hyper-V and Xen. Plan Bs service can image physical servers as well as virtual ones.
Quorum offers a service called onQ that was originally developed for the US Navy to enable
the rapid movement of processing from one part of a ship to another in times of battle damage, so it is very fast and very resilient, supporting physical or
How virtualisation changed disaster recovery
virtual Linux and Windows servers. OnQ is also hypervisor Cloud, virtualisation and disaster recovery
agnostic. In the UK it uses a local datacentre partner to recover
Best practice in backup and recovery
the customer server images as VMs, which it claims allows
RTOs as quick as a server reboot.
Interestingly, Plan B says that, whenever its service has been invoked to recover a physical
server in a virtual environment, the customer does not go back. In other words, disaster
recovery services can be used to migrate to virtual environments, but can also provide the
motivation to do so in the first place. And that may have got you thinking if cloud is good
enough as a secondary backup for even our most critical applications, could it not actually
also become our primary platform in the longer term? n
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
RISK MANAGEMENT
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
Implement a comprehensive
byod policy in your business
As IT departments come to terms with bring your own device (BYOD) schemes,
Warwick Ashford considers the policies to secure your firms network and data
THINKSTOCK
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
GCHQ
produces BYOD
guidelines for
organisations
BYOD poses
big threat to
small
businesses
RISK MANAGEMENT
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
With the significant productivity and customer service improvements achieved by allowing
employees and partners to access corporate data on the move, mobile computing is inevitable and unstoppable even in law enforcement. Most organisations allow employees to
access corporate data from devices, but with varying levels of controls on a variety of company- and employee-owned devices.
This fluctuates between sectors and countries. The public sector and highly regulated
industries such as finance typically have more controls. Mobile security controls are
more common in countries that have strict data protection laws, such as Germany.
However, a recent US survey, conducted by security firm Webroot, found the number of
employees using personal devices for work was more than double the number of those using
company-owned devices. This suggests a security gap especially with 60% of those using a
personal mobile device for business saying they either have no security or just the default
manufacturers features.
Another survey, conducted by security firm Eset, found 44% of respondents planned to
take their work-enabled mobile device on holiday in 2014, with over a fifth checking work
emails daily. But over a third also said they do not check if hotel Wi-Fi networks are secure
and private. Mobile computing has an important role in the business, but it is also incredibly
risky if it is not supported by a properly thought-out security strategy, says McMurdie.
While many large, well-resourced organisations do have the necessary security policies
and strategies in place, not all do. A recent survey conducted by Ovum and Dimension Data
found 70% of the UK organisations polled did not have a formal BYOD strategy, leading
employees to adopt a do-it-yourself approach to IT.
The survey found that, while 58% of enterprises are already re-assessing business processes and activities to exploit developments in mobility, 23% are either adopting a waitand-see approach, or have no plans. But this is proving increasingly risky, as employees use
mobile devices to access sensitive company data across a growing spectrum of systems and
applications. It is a really mixed bag, says McMurdie. While some organisations are seeking
security guidance on how to enable employees to do more with mobile devices, many other
organisations are failing to go through the full risk-assessment process.
Poorly prepared businesses typically tackle one aspect like encrypting all mobile communications but they fail to identify and address all the other vulnerabilities, she says.
Organisations typically block specific apps on company-owned devices and restrict browsing to whitelisted sites. But only in rare cases do companies restrict mobile functionality to
email, phone and limited browsing.
RISK MANAGEMENT
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
Although MDM suppliers are expanding into application management, Pelino says not all
organisations develop an understanding of the importance of managing applications,
content and services. A common problem is that IT organisations and security teams fail to
understand the broad demand for mobile computing across the different lines of business.
This typically results in employees going around IT and security, using cloud-based services
such as Dropbox to ensure they have online access to the data they need, says Pelino.
She says IT and security teams must understand the needs of business decision-makers, to
ensure they are addressed within the boundaries of the organisations strategy for managing
devices and apps. At the same time, it is vital to educate business decision-makers about
how important it is to be part of that, rather than going around IT and security, she says.
Typically, mobility initiatives involve only smaller groups of people but, as organisations
roll out these programmes for the whole organisation and across several countries, a
single policy becomes critical. As organisations move down the policy path, it is crucial to
involve the legal team to take care of the legal implications in different countries; and the
finance department to look at tax implications, payment plans and employee re-imbursements, says Pelino.
computerweekly.com 14-20 October 2014 19
RISK MANAGEMENT
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
Failure to involve all relevant parts of the business is one of the most common failings.
Policies cannot be created in silos as much as IT and security are critical players, this
cannot be done without looping in the broader organisation to ensure business, legal, regulatory, financial and HR needs are being addressed, she says.
An increasingly common approach in multinational companies is to define a policy vision
and then create a checklist framework of things that need to be considered in each country to
ensure BYOD policies are consistent with local laws and regulations. This enables each
country to create its own BYOD policy based on what the overall organisation is trying to
achieve. The frameworks are broader than just security or IT issues, says Pelino.
Frameworks typically include considerations such as: the devices supported; which groups
of employees will be covered by the policy; what type of services the company will reimburse employees for; which groups will be supported by a helpdesk; what will be included
in a self-service portal; and whether or not the company will provide its own app store for
approved applications.
Pelino says a good initial step is to segment the workforce based on the roles of individuals
and then decide what devices, applications, support services and networks are appropriate
for each group. Once you have a framework around those key areas, relative to your industry and your organisation, then you can put together a policy, which needs to include legal,
finance, and HR as well as IT and security, she says.
Education is another important element, says Pelino. The organisation needs to educate
employees about what they will be asked to sign up to, which devices to choose for the work
environment and why it is important to secure mobile devices at home and work, she says.
Finally, organisations and employees need to understand that these policies cannot be
static and must evolve as technology and regulations change. For example, some US states
are starting to introduce legislation that requires companies to re-imburse employees who
use personal devices for work purposes, says Pelino.
Adopting mobile computing and BYOD programmes comprises a strategic initiative for
many organisations, because of the perceived and real cost and productivity benefits, even in
the private sector and highly-regulated industries. But what this will mean for individual
organisations varies dramatically. Pelino says there are signs that some companies are
starting their BYOD initiatives by looking at what others have done, to learn from their successes and failings. The more mature organisations understand all the issues and are moving into application and content management, but these organisations account for only about
15% to 20% of those moving in this direction, says Pelino.
By far the most are in the early stages and are still focusing on devices or are starting to
move one step beyond by trying to figure out how to manage apps and content.
According to Pelino, even the most mature organisations are still living the challenge.
While these companies have moved beyond dealing with the security of devices and
applications and have put together a policy framework, many are still trying to resolve
questions around providing user support and improving helpdesk services for mobile and
BYOD. Nobody has all the answers yet, and the questions and concerns they have change as
they evolve their strategy along the maturity curve, she says.
Clearly we are not out of the woods yet when it comes to security for mobile computing
and BYOD programmes, but some organisations are making progress, having navigated the
basics successfully. As these mature organisations continue to push the boundaries in areas
such as support, less mature organisations can look to them to fast-track their own progress.
Above all, less mature organisations have to recognise that the threat of cyber attack
through mobile platforms is real and failing to act on the risk to corporate networks and
data should no longer be an option. n
computerweekly.com 14-20 October 2014 20
DIGITAL GOVERNMENT
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
The
accessibility
challenge for
digital by
default public
services
The digital
CIO: Making
the business
case for digital
technology
GORANQ/THINKSTOCK
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
hether because of a waved stick to cut costs or the dangle of a carrot to help
government engage with citizens, digital technology is transforming public
services. By focusing on citizens needs and adopting an iterative approach,
governments can learn as they go and evolve their online services.
In the UK, the government is striving to be digital by default. The Government Digital
Service (GDS), with its key message of making core services faster, easier and simpler for
the user, expects to save the taxpayer millions of pounds a year by providing services to the
public online.
The beta version of Gov.uk, the governments central web portal, is a key milestone on the
digital journey and will eventually become the platform for government online transactions.
Steve Halliday, past president at Socitm (Society of IT Management), GDS Identity
Assurance Programme board member and CIO for Solihull Council, says the digital by default
message is getting through, but it is not without its challenges.
There is more talk of digital by default, but it is focused on communities of digital interests or digital tribes, centred on transactions business process re-engineering or digital in
a big data sense. All have different functions and it is up to the CIO or the CDO [chief digital
officer] to take the Kofi Annan role of peacemaker, he says.
Digital is already saving the UK government money 500m by digitising a number of
its services and controlling spending on IT according to a report by the governments
Efficiency and Reform Group (ERG). The ERGs promise to increase digitisation and the use
computerweekly.com 14-20 October 2014 21
DIGITAL GOVERNMENT
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
DOWNTIME
of alternative delivery models appears to be paying off, and Whitehall departments are busy
redesigning their services for digital transformation for further savings. The Cabinet Office
estimates it could save 1.2bn by 2015.
No silver bullet
With more than a billion government transactions a year through 650 services, this is no
mean feat, but the goal of efficiency and saving taxpayers time and money are business
benefits that cannot be ignored.
This headline-grabbing business benefit of cutting costs is good news for economies feeling
the pinch in public services when money is tight. There can be pitfalls, however, if a digital
strategy is not thoroughly assessed.
In the US, Obamacare encountered problems with its roll-out, but with HealthCare.gov
improving, the will is apparent, even if the execution has hit bumps.
It seems more of an issue of politics and culture, says Halliday, warning that digital technology is not a panacea. Digital is not a silver bullet. Leadership and culture make the big
difference the old command-and-control style leadership doesnt work. Digital should liberate people with
good ideas and recognise the talents of the maverick
igital is not
and channel them into productive directions, he says.
The first person in a company to use Twitter was
a silver bullet
probably disciplined, but this lockdown attitude is fading, says Halliday. Digital is more than a shiny web
eadership
form. GDS is recruiting mavericks who understand the
and culture
customer-centred design and create things that work
for people rather than an organisation, he says.
make the big
Mark Thompson, group strategy director at consultancy Methods, says the GDS vision is a good one, even
difference
if it can be difficult to implement. Exemplar government departments are trying to change the way things
Steve Halliday,
are done with digital technology. The reason why some
Solihull Council
do less well is because, ultimately, digitisation is about
changing the machinery of government itself, he says.
Digitisation is transformational and government
departments need to have an appetite for the changes it brings. Strategies must be carefully considered, but Thompson believes digital works best where there are open standards.
There is a critical link between open standards and huge volumes of traffic and getting
everyone involved, he says.
Streamlined services
For digital to take off in government, Thompson says there must be a move away from silos
of activity where the same processes are done slightly differently by multiple government
organisations. Cutting out repetitive tasks and processes that are common to many government services, such as identity checking, is a major business benefit.
There is a tonne of good stuff going on, but where it is appropriate it would work better if
one thing was done by everyone in a particular way for example, identity checking. It would
trigger massive activity, and there is an enormous opportunity here, says Thompson.
For this to happen, he believes central government has to play a pivotal role. It is possible
to assemble a rainbow of different services, but it needs coaxing by people in the centre, so
activity converges together, he says.
Another business benefit of digital technology is its potential to improve the flow of information the lifeblood of public services.
Andrew Horne, managing director of the CEB CIO Leadership Council, gives the example of a US city where the CIO implemented digital technology to improve the sharing of
computerweekly.com 14-20 October 2014 22
DIGITAL GOVERNMENT
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
information between government agencies. For example, when a concert takes place, the city
is now able to send details electronically to the police, the fire department and the concert
venue simultaneously. In the past, information was not shared and each department had
their own little responsibilities, says Horne. Now information flows at the right time and in
the right sequence.
Dave Aron, fellow in Gartners CIO research group, believes digital leadership is a key skill
for government departments. There are two flavours of digital leadership favoured by CIOs
and CDOs, he says.
Some CDOs and CIOs are focused on digital channels, which are really part of marketing;
and the other group is focusing on the broader question of how to be successful in a digital
world. This strategy-led group is informed by the digital
context and they need strategic skills and the ability to
interact well, says Aron.
igital
The two groups are currently split, but Aron says the
group with the broader role will eventually take over.
technology lets
Government agencies and companies have to make
specific decisions in a world that is getting more digital
public service
and the vanilla IT approach is not appropriate, he says.
bodies think
Digital revolution
imaginatively,
DOWNTIME
HOME
NEWS
HP TO DIVIDE
BUSINESS INTO
TWOPARTS
CYBER ESSENTIALS
SCHEMES PROS
ANDCONS
YOUGOV MOVES
DATACENTRE
TOTHE UK
UNIVERSITY OF
OXFORD SUPPORTS
LEARNING WITH IT
EDITORS
COMMENT
OPINION
BUYERS GUIDE
TO VM BACKUP
AND RECOVERY
IMPLEMENT A
COMPREHENSIVE
BYOD POLICY
GOVERNMENTS
DIGITAL STRATEGY
TO CUT RED TAPE
Nadella pays the price for sexist remark Payment to make the blood run cold
Microsofts CEO Satya Nadella found
himself in hot water last week after
suggesting, during an interview, that
women do not need to ask for a pay rise
and should instead trust the system.
Such was the degree of hate-filled
accusations of sexism generated online
byNadellas comments, you wouldve
been forgiven for thinking Peter
Stringfellow had set up a joint Twitter
account with the resurrected corpse of
Jack theRipper.
Perhaps registering the animosity, and
to avoid running home one evening with a
stiletto heel protruding from his backside,
Nadella sensibly clarified his inarticulate
points,saying: Our industry must close
the gender pay gap so a raise is not
needed because of a bias.
DOWNTIME
Read
more on the
Downtime blog