Industry news

Business IT security is a perennially favourite topic of discussion. From SMEs to multi-national corporations (and even in government circles), the security of IT systems is much discussed and yet there is a feeling that maybe it is not always given the consideration it deserves. At a recent conference, CompTIA CEO Todd Thibodeaux suggested that it would be sensible to allocate 10% of a company’s IT budget to providing security, and yet the evidence suggests that in reality this is often not the case.

For example, a Gartner survey recently found that the industry average spend on IT security is only about five percent. Perhaps even more startling is a report by the Ponemon Institute, Cenzic and Barracuda Networks which found that 88% of companies surveyed indicate they spend more on coffee than they do on securing Web applications!

In my experience this isn’t unusual. If we took a poll across a cross section of small businesses I suspect many would say they either don’t have a specific budgetary allocation for IT security or that it is a minimal amount. So why is there a shortfall between the professionally suggested levels and the reality of IT security within the business world?

Having spoken to and worked with countless IT managers and business owners the anecdotal evidence is that providing IT security is, to many, a task with somewhat intangible benefits. Like buying insurance, investing in IT security doesn’t give an immediate, visible, business benefit in the same way that purchasing a smartphone or company car does. In fact, very much like insurance, it’s a purchase that will only really remind you of its worth when disaster strikes – and then it will also make it very evident whether you have bought the right or wrong product for your needs.

Whilst failing to find the right level of protection could potentially leave your business open to serious problems, paying over the odds for products you don’t need makes equally bad business sense. So like most business decisions, finding the right balance is vital. The suggested 10% of budget may be a good guide, but naturally all organisations are different and the appropriate amount will vary depending on a wide range of factors, including the type of business and the potential threats to it.

When considering IT security for a business it is vital to understand the types of threats that could be a problem and the weak points in the organisation that leave it vulnerable. For companies that run an online ordering or sales system this could mean a specific threat to customer’s account or financial details by IT-savvy criminals. Most businesses hold personal details on their systems and there is a potential risk that these can be hacked remotely without proper protection being in place. At the most basic level, all businesses are open to threats via email viruses or lax security at the organisation’s premises, both on a physical level and also with regards to IT safeguards.

The physical security of premises is a vital, if sometimes overlooked consideration with regards to information security. Allowing unauthorised people to enter the premises opens up the likelihood that a malicious visitor could infiltrate systems and pilfer valuable information or even remove hardware. Despite the ability to remotely hack business systems, physical intruders are still a very real danger.

Businesses often forget the protection they already have through existing IT investments, which may not be fully utilised. Business systems often incorporate a certain degree of security built in, such as password protection which is vital to IT security. A robust policy that ensures employees and the management use unobvious and hard-to-break codes will significantly tighten security, as long as users don’t just keep the details on their desk!

Despite all the planning, in my experience many organisations lapse in their IT security from time to time, often when security software needs upgrading or renewing. Being an ‘out of sight, out of mind’ technology, cash-starved businesses may let this important stage slip and undoubtedly this can be one of the most vulnerable periods for IT security within an organisation.

Much like insurance, IT security is something that will cost a business dearly if it doesn’t consider the potential ramifications of not having the right cover in place. Whilst additional financial outlay is never welcome, IT security should be seen as a necessity much like other critical business expenses such as telephones or an office. After all, you wouldn’t do without fire alarms and fire extinguishers just because you haven’t had a fire!

As he unveiled his strategic review, Lloyds TSB chief executive António Horta-Osório said “This bank is losing money. We have to get this bank supporting the UK economy, we have to get this bank profitable and we have to repay taxpayer support.”

Indeed, as 41% of the bank is owned by the UK taxpayer, it is imperative that Lloyds are expeditiously proactive in their approach to getting back on track - they owe as much to the British public.

Although the strategy wasn’t as detailed as many of us would have liked, its sentiments are simple - Lloyds TSB needs to boost its revenues at the same time as dramatically slashing its costs. The targets are formidable - they include cutting costs by a further £1.5 billion per year and increasing revenue per investment customer by 50%+ by 2014.

The strategy will involve Lloyds TSB reshaping its business portfolio to fit its assets, capabilities and risk appetite - which, it appears, will be decidedly more conservative than under the previous strategy. Disciplined controls are to be put in place - there will be none of the wild gambling that led to the financial crisis.

Now Lloyds’ analysts and traders will seek out only the safest bets to stake the taxpayers’ money on - they must be assiduous in this quest, which will take time and strenuous effort. But investment strategy is a bank’s core competency, its main money spinner, so it’s crucial to train their focus on this area.

Lloyds TSB’s other initiatives include investing in being the “best bank for personal customers” by delivering “a simple, efficient and fair customer experience” and aiming to become the “best through-the-cycle partner” for businesses large and small.

This is exactly what a bank nearly half-owned by the Government should be doing - supporting the people, and giving the best possible opportunities to businesses - lending prudently and offering sage financial advice, especially to SMEs. Good old fashioned banking; another core competency where Lloyds is looking to raise its game.

These strategies will require major funding. The struggling bank needs to save billions before it starts pulling its weight for the UK taxpayer. Announcing that it will shed 15000 jobs internationally - as part of a strategy to focus its international efforts only on UK expatriates and organisations with strong existing UK ties - is just the start of the cost cutting.

Further to this, Lloyds will reduce the number of agreed suppliers from 17000 to less than 10000. On the face of it, this looks to be an unfavourable turn for the outsourcing industry - but I believe there are many positives to be taken from it.

Lloyds TSB, as witnessed through its work with the NOA, has long been a forerunner in managing outsourcing contracts and is fully aware that doing more business with fewer companies is a real opportunity to forge stronger working relationships with key partners.

Outsourcing could well be key to fulfilling Lloyds’ desire to “redesign processes,” “increase productivity,” “reduce complexity and costs” and create “digital distribution channels” - this is core work for many BPO and ITO providers who bring experience, expertise and technology to the table.

In order to make Lloyds TSB “leaner and more agile” we may also see a drive for innovation in outsourcing contracts. In my opinion, collaborating with the right partners, and trusting them to innovate, will let Lloyds TSB focus on its bread and butter: investing and lending wisely.

Intellect has said that the recent PASC report on government and IT includes allegations of anti-competitive behaviour and collusion, and suggestions of a 'cartel' operating in the ICT industry.

Intellect stated: "As the trade body for the ICT sector, we want to make it clear that this is not the case and cartels do not exist in our industry. On the contrary, this is a highly competitive market. Intellect would cooperate with any investigation into such allegations, but we believe it would be a waste of public money."

Everything Everywhere, formerly T-Mobile and Orange, has reported savings of £21 million in the first half of the year following IT integration work.

Everything Everywhere, jointly owned by Deutsche Telekom and France Telecom, achieved the savings by transferring IT infrastructure activities to T-Systems and through a five-year IT testing services outsourcing agreement with Capgemini

Tom Alexander, CEO of Everything Everywhere, said: “The first half of 2011 was a period of good progress for Everything Everywhere. We are delivering on our strategic plan set out in September 2010 and are ahead of plan with our synergy capture [cost savings].”

Capita's software services division announces it has secured a five year contract with Melin Homes, a provider of affordable homes in south east Wales, to enable a number of its departments to work as one collective team. Aligning its housing management, direct works and finance divisions will help Melin to create increasingly efficient working processes and streamlined services to the benefit of its residents.

Mark Gardner, chief executive at Melin Homes, commented: "We aim to make a positive difference within the communities in which we work and in order to achieve this, it is key that we maintain a fresh and dynamic outlook. Our use of IT and software is one way in which we can ensure this and we chose Capita because of its reputation in the market and its understanding of our needs. Now we look forward to working closely with the team to continue to develop our business efficiencies, which in turn will benefit our customers and their communities."

The Audit Commission will outsource all its in-house local public audit work to the private sector in the next financial year, Communities Secretary Eric Pickles has confirmed.

The announcement follows the decision to disband the Audit Commission last year which will refocus audit on helping local people hold their councils to account for local spending decisions.

The Commission has already been asked to begin substantive preparations for outsourcing. The contracts, which start from 2012-13, are expected to run for three or five years giving local councils and other public bodies the time to plan for appointing their own auditors.

Global Imaging Systems, A Xerox Company, has acquired Xerographic Solutions, Inc., a Rochester, N.Y.-based Xerox sales agent/dealer. Xerographic Solutions provides managed print and network services.

Established in 1991 by former Xerox sales manager Mark Perlo, Xerographic Solutions, Inc., serves customers in Rochester, Syracuse, Buffalo, Batavia, Olean and Jamestown in N.Y., as well as in Erie and Bradford in Pa.

The acquisition furthers Global Imaging’s strategy of creating a nationwide network of locally-based providers focused on improving document management and office efficiency for small and mid-size businesses. Earlier this month, Global Imaging Systems acquired Miller Technology Solutions, Inc., of Chesapeake, Va., and previously announced acquisitions in Iowa, Illinois and Florida.

Xerographic Solutions will become part of Eastern Copy Products, a Global Imaging Systems company, headquartered in Syracuse, N.Y. Perlo will remain with the company as a general manager and senior vice president.

“This acquisition combines Xerographic Solutions’ strengths in managed print services, with Eastern Copy Products’ leadership in innovative office solutions,” said Tom Salierno, Jr., executive vice president of corporate operations for Global Imaging Systems.

The merging of the academic and other services provided by the UK’s 160 universities could lead to job losses, Unite, the largest union in the country, has warned.

Unite’s concern centres on the current talks between Lancaster and Liverpool universities which are holding preliminary discussions to explore ‘the benefits’ of closer collaboration, and follows the sharing of services by Warwick, Birmingham and Nottingham universities.

Unite’s national officer for education, Mike Robinson, called for the management at both Lancaster and Liverpool to be ‘transparent and open’ in their discussions on shared services. At present, the talks were ‘opaque and hidden from view’. Liverpool employs 8,300 staff and Lancaster 5,200.

He said: ”Unite is concerned that services could be merged with potential for job losses. We call on the senior management of both Liverpool and Lancaster universities to make clear any closer co-operation will not result in compulsory job losses.”

An interim chief executive is in place at Suffolk County Council after former boss Andrea Hill resigned.

Lucy Robinson, who has been the council's director for economy, skills and environment since 2002, has taken up the post initially for six months.

Ms Robinson was appointed on a salary of £150,000 pro rata.

Andrea Hill, 47, who was appointed in 2008, stepped down as chief executive on 4 July after coming under fire over her £218,000 salary.

The crash left customers unable to use their card accounts as well as debit or credit cards when chip-and-pin keypads went offline.

The Post Office said all 11,820 branches remained open but it brought in emergency measures to ensure pensioners and benefit claimants were able to access money.

The network’s 2,000 cash machines were unaffected but those who could not use their card accounts were able to withdraw a £20 emergency payment.

The glitch is understood to be on the Post Office’s back office systems. Supplier Fujitsu is currently testing a fix for the system, to be released shortly.