One of the most common misconceptions which can put people off outsourced IT support is the belief that only an internal IT team can provide reliable, efficient support and ensure that any issues are resolved quickly.
This simply isn’t the case.
The advent of modern technologies allow the vast majority of IT issues to be fixed remotely and Service Level Agreements (SLAs) hold external IT teams accountable for performance, response and fix time. Even those companies who have their own internal IT team can benefit from the support of an external IT team to take responsibility for day-to-day maintenance, provide additional help in the event of a crisis or add specialist skills to the team’s repertoire.
However, sadly this does not mean that every outsourcing relationship runs perfectly 100% of the time. Like any business relationship, for outsourcing to be successful there needs to be certain elements in place to ensure that both parties fully reap the rewards and benefits.
1. Trust
It can be daunting to place a business-critical function such as IT in the hands of a third party, but trust is essential for a smooth working relationship. Of course, you should take the time to find the right IT support partner, but once you feel confident you must trust that your partner will deliver.
The emphasis here really is on finding a “partner” and building a “partnership”. If you have an IT support provider who understands your business, your goals and is dedicated to ensuring that IT supports the achievement of those goals, you will have an infinitely better working relationship than with a provider who’s just focused on the cycle of break-fix.
Discuss exactly what the service will include, who is responsible for what and whether there is any flexibility for customisation. It is important to make sure everyone is on the same page. If one side thinks understand differently you will never achieve alignment, nor achieve the results you want.
2. Communication
Communication is vital for a successful partnership. While you should expect regular updates from your provider and a consistent point of contact, you should be open in your communication. If you have a concern then you should feel comfortable raising it with your provider. They should also be able to respond and alleviate that concern – or provide an action plan for addressing it. Constructive feedback keeps the relationship running smoothly. For example, your external IT team may have facilities that allow feedback upon the completion of a service ticket. This feedback is invaluable because it allows both parties to learn from the experience.
3. Metrics
Agree on what success looks like from the outset, as this will be the benchmark for measuring performance. Use metrics to track the external IT team’s performance and their customer service. You want your employees to be happy with the service they are receiving.
Considerations
It’s important to understand that outsourcing your IT support is not a once and done thing. Successful outsourcing requires both parties to work in partnership with a clear understanding of each other’s responsibilities.
Of course, it may be necessary to adjust the Service Level Agreement in the future. But, the best part about a true partnership with your provider is you can have a two-way discussion and achieve mutual benefit.
By taking the time to find the right IT support provider, aligning their service delivery and your goals, and ensuring open, straightforward communication at all levels you will develop a lasting business relationship which truly elevates your organisation.
Email archiving is much more than just another IT solution. By implementing cloud email archiving, every department in your business stands to gain a wealth of benefits. Greater efficiency, streamlined processes and reduced costs are just some of the positive results you will see at a high level.
IT Department
IT Director, IT Manager, Network Manager
Eliminates the need for PST files and restorations of individual emails for end-users
Reduces the time it takes to back up the email server and allows it to run more efficiently
De-duplicates email data and removes it from expensive Tier 1 storage, resulting in reduced storage requirements and lower costs
Allows end-users to self-manage their email, for example restoring deleted messages, rather than logging support calls
Easy to budget and forecast for
Enable authorised personnel – such as the HR Manager – the ability to conduct their own investigations without requiring assistance
A fast and accurate way to search for all emails connected to a particular person, subject, attachment, client etc.
Ensures transparency and visibility required for fair HR investigations
Greater protection for employee privacy as a fully encrypted audit trail is generated with every search request
Manage HR investigations without the need for IT involvement with role-based security permissions and an intuitive search interface
A tamper-proof repository ensures the emails you retrieve are reliable and accurate, by removing the ability for users to edit or delete emails
Data Protection and Compliance
Freedom of Information Officer, Compliance Officer, IT Director
Provides authorised personnel with access to all email communications, ensuring transparency and visibility
Helps the company adhere to FOI legislation, financial regulations, data retention regulations etc.
Time-stamping and digital fingerprinting proves the data is authentic and exactly what was sent on/received by any given date
Senior Management
CEO, MD, Directors, Sales Manager, Customer Service Manager
Greater protection for the business against data leakage
Ensure that policies and procedures are properly enforced to protect intellectual property, patent data, client information etc. and make sure they are only held within the business
A greater understanding of how your business uses email e.g. how long does it take the Sales team to respond to a prospective client?
Happy Halloween, reader! Forget about ghouls and ghosts though because today we’re talking about something seriously scary. Working in the managed IT support and consultancy sector, we always hear about the latest breaches, newest methods of attack and many other security horror stories.
But even with scammers devising dozens of devious new attacks every day, zombie computers that answer the call of the botnet and stealthy malware which lurks in dark recesses of the network. By far the scariest thing we see when auditing businesses is that so many are ignoring old and known risks. It’s the stuff of IT nightmares!
What follows are the six most fearsomely frightening security stumbles we still see businesses make…
1. No centralised (pumpkin) patch management
With cyber-attacks a constant threat, maintaining systems security is critical and requires constant vigilance. However despite the threat of attack many businesses often still decide not to implement some of the latest security updates. One reason is that they decide they cannot afford the risk of disruption to services that patching can sometimes cause. This is a false economy. Leaving your business open to vulnerabilities could end up costing you more than the potential patch disruption.
Once a vulnerability has been disclosed it’s only a matter of time before hackers use that information to devise exploits. Heartbleed is one such example. Attacks against systems vulnerable to Heartbleed, a vulnerability within OpenSSL, allowed the disclosure of a small amount of data held in the system’s memory – which was potentially enough to retrieve usernames, passwords or other sensitive data.
A good patch management schedule should keep operating systems, services, firmware and applications patched and up-to-date. The patches should be applied regularly, on an agreed schedule and soon after any newly identified critical vulnerabilities are disclosed.
2. No multi-factor authentication
Passwords alone aren’t particularly secure. Weak passwords are like a cheap lock, easy to break and a useless defence against criminals. Despite the consistent advice telling them otherwise, many people continue to use classic passwords like 123456, qwerty and password. To try and combat this many IT teams will implement password policies, but sometimes these can often exacerbate the problem.
Complexity
Typical advice is that passwords should be: a minimum of 7 characters and contain uppercase, lowercase and numeric characters. However, that’s actually quite an easy requirement to bypass standard Microsoft technologies. For example, many users would pick Password1. As hackers become better at cracking passwords, what was once critical for password security is becoming less important
Change Cycle
It’s important to strike the right balance when setting rules which determine how frequently users should change their passwords. Forcing users to create highly complex passwords and change them frequently is often a recipe for disaster. Users will simply choose simpler and simpler passwords so they can remember them. Or they will end up just making small variations to the same password. For example, changing one character or one number. It’s also common to find passwords written down if requirements are too complex.
Lock Out Rules
When it comes to preventing brute force attacks rules which require the account to lock after a certain number of failed log-in attempts are the most effective. When establishing these rules consider the sensitivity of the account, how likely authorised users are to enter the wrong password and how much of a hassle it is to fix the situation when users get locked out.
The ideal option is some form of two-factor authentication, e.g. a password and a key fob. Sure, someone may find out a password but it’s unlikely they will also have an authentication fob. On the other hand, if someone were to find the fob it would be unlikely they could access your systems because they wouldn’t know where you worked or your password.
3. Not testing backup and restores
While it’s great that companies are investing in backing up their data, it’s no good if, when disaster strikes, the backups won’t work. All too often testing is the missing step when it comes to backing up data. This problem has only become acuter as backups become more complex. You must test simple backups much more frequently than Disaster Recovery plans – at least once a quarter. You will also need to test whenever there is a major hardware or software change to your backup system.
Your tests should be as realistic as possible, duplicating the condition you will face when you actually need to restore. If possible, test on the hardware you will restore to. Especially if you will restore to a different machine than the one that created the backup. Many businesses are also backing up to the cloud with no real plan on how they will restore operations should they lose a key system.
4. Running critical services on ADSL
Outages at the big providers are still a frequent occurrence and you only have to look to last month to see the painful impact of a major outage. Faulty domain name servers resulted in a widespread outage for Sky Broadband and BT customers starting at 07:00 and lasting for 9 and a half hours –wiping out the day for affected homes.
However, home users weren’t the only ones affected. Many businesses were hit by the outage as well – but this really shouldn’t have been the case.
Asymmetric Digital Subscriber Lines (ADSL) services aren’t a suitable solution for businesses. They are rarely backed up by a service level agreement (SLA) which strips you of your ability to claim compensation if their downtime damages your business and are typically down for extended periods when they do go down.
But despite all this, we still see businesses using them worryingly often. If you’re running a business of any meaningful size, you need leased lines at a minimum. These give you a reliable connection, are backed by SLAs and, if you invest in redundancy, can provide connectivity even during a disaster.
5. Not encrypting devices
Imagine having to explain to a client or your board that their sensitive information has been stolen or released to a third party? Terrifying? Well, it’s a real possibility for the business we’ve seen still failing to apply encryption across all devices.
A scary stat for both business leaders and customers alike is that encryption is used in only 4% of breaches. For customers, this means their private information is being released to criminals in an easy-to-read format. And for businesses, this means they will be facing higher fines due to their negligence.
Full encryption capabilities on all devices have been a necessity for years now and with the enormous quantity of data being shared and stored, the opportunity for a leak has never been greater. It’s now easy for information to fall into the wrong hands and, as far as the law’s concerned, that’s a data breach.
Any device which stores corporate data needs to be encrypted. If a CEO loses a phone on a business trip, that’s a data breach. If a laptop is stolen, that’s a data breach. If a USB stick is lost outside the company premises, that’s a data breach. But if in any of these cases, the information on the machine is encrypted, the risk drop to almost zero.
There’s a large range of IT systems that can help automate and control much of this problem without much complexity so there’s no reason businesses shouldn’t be doing something this simple.
6. Ghost accounts and shadow IT
We’ve seen these two threats in many businesses before and they’re both as scary as they sound.
Ghost accounts are the accounts of ex-employees who are still active on the network. They often crop up when an employee leaves and their account isn’t disabled as it should be.
As many as 50% of companies say ex-employees still have access to corporate accounts. For a disgruntled employee seeking revenge, this is an easy route to deal damage to your business. But what’s scarier is an unknown attacker leveraging the unmonitored account’s access rights to gain a presence deep within your network.
The simplest route to prevent ghost accounts is having a clear policy and process surrounding an employee’s departure which contains disabling their accounts. But technologies like Identity and Access Management can also help restrict the root of the problem. By only providing accounts with the exact permissions they need, any account compromise – ghost or alive – has a much more limited impact.
Shadow IT is another basic risk we regularly see not being controlled. Shadow IT is hardware and software which is running on the corporate network which is used by employees but unknown to the IT team. Shadow IT opens innumerable risks for a business and, unless you’ve taken proactive steps against it, it’s likely already on your network.
Controlling your shadow IT requires more than just tech since the problem has its roots in culture too. We have details on controlling your shadow IT in this blog. Fixing the problem can be a long road but ignoring it is simply not an option your business can afford.
Why are we seeing rapid growth in converged/hyper-converged data centre infrastructure?
Data centre infrastructures had to converge, predominately due to the demand for cloud/hosted services. The global economic situation, skills shortages with the market and escalating salaries simply led to a mushroom of technologies to help those running those data centres capitalise on the demand – straightforward market dynamics really. Sure, it would’ve happened anyway but the global market and amount of competition in the space certainly sped up the process.
As we are still in the race to zero on costs, led by Amazon, Microsoft and the like, the technologies available will continue to reduce the requirement for the level of skills needed right now. We are pretty much moving back in time where a single vendor provided and often managed the core platform. For example, mainframe and minicomputer systems. It just makes business sense now. A black box delivering computers, storage and networking, rather than lots of different pieces together with string.
What impact is it having on those working within data centres?
Those starting their careers in data centres must understand the value that their knowledge will have in the long term, and how this can be maximised as businesses turn to automated processes. Fewer people are needed to run a data centre than say three years ago, due to automation and orchestration technologies. The level of integration and APIs between vendors is getting sharper, reducing the number of skilled personnel needed to run operations on a daily basis. These changes along with the rise of the public cloud, into the mainstream, means career considerations need to be made.
The worst thing that data centre workers can do is push back against the move to greater automation and integration. Particularly public cloud integration. With Amazon and Microsoft opening data centres in the UK, they will start to hoover more clients in. This creates opportunity with the areas for development focusing on hanging different platforms and providers together. Engineering if you like – moulding and adapting services between data centres, vendors and suppliers. This, in turn, will lead to increased security and compliance requirements, creating a demand for in-depth cloud security and compliance skills and experience. This is really going to be one area that comes to the fore over the next two to three years.
What’s the demand for those with the right skills?
Datacentre IT professionals have to look into the orchestration, automation and the associated hybrid-cloud platforms. The skills required will revolve around these areas, focusing on making operations leaner, more reliable and giving clients more options. Obviously, the solutions from the likes of Dell and Cisco’s FlexPod are pushing out and down in the various sizes and types of infrastructure.
Can universities help?
I don’t believe that universities are up to speed on the rapid-growth of the cloud and data centre markets. It’s difficult to do as the change is so rapid; the customer and supplier side, the global giants and small startups are driving this on all fronts. By the time a student comes out of university what they learnt at the beginning could be irrelevant. If however universities and apprenticeships teach systems analysis, software engineering, networking and core IT skills this will help those going into the field. Once you understand the concepts then these don’t change. No matter how fast the market runs, IT principles are IT principles.
We find that those coming from IT-related courses which cover computing, analysis and software engineering principles benefit at all levels of their career. As you grow and the market changes you always have a base knowledge to anchor back to. Everything coming into the market is based on the same principles, just with new and innovative approaches.
As we all know, the legal sector is changing and changing fast. Several emerging challenges in the sector are driving this change, namely: globalisation, shrinking margins and innovation. But whilst change can be uncomfortable, failing to adapt means you die.
This may seem like a scary prospect (and it is) but the legal sector has the advantage of not being the first to go through these challenges. The world of manufacturing has suffered from the exact same problems of globalisation, shrinking margins and innovation and what separated the winners from the losers in that sector was their ability to leverage a set of principles known as Lean.
Manufacturers who both used technology to provide a competitive advantage and understood and implemented the principles of Lean become experts at adjusting to rapid change – something that law firms have traditionally resisted. However, as the pace of change increases in the legal sector, it’s something you will need to start doing.
So, to keep you interested, how will Lean help your legal firm? In short, you’d use proven business tools and strategies to allow you to survive and thrive in shifting sands, by:
Lowering overheads
Improving delivery times
Increasing client satisfaction
Pricing work more accurately
Freeing up resources across your firm
Making lawyers more efficient
Improving margins!
What is Lean?
Lean was born in manufacturing and was originally developed and used by Toyota engineers in the ’40s. Now, as you’d expect with continual improvement Lean has changed and matured. Generally, today when most people talk about Lean they are talking about Lean Six Sigma. This process was developed by Motorola in the late ’80s and is still widely used by all sectors, from finance through to retail. You’ll know that it’s not common in the legal space, very bizarre.
In short, Lean was born for the ‘systematic’ elimination of waste (“known as Muda”) in a process. Lean also seeks to identify and eliminate waste through overburden (“Muri”) and waste created through unevenness (varying) workloads. There is also a focus on the client who consumes a particular product or service around “value”. So it’s about reducing waste internally and increasing value for the client.
Now, if the potential here isn’t exciting you, you may be in trouble. If you also think you are already all over these elements, then I’ll almost guarantee that you aren’t. There is always room for improvement, everything can be improved. It’s about prioritisation. Prioritising what improvements deliver the greatest gain to the firm and ultimately the client. I’m a big believer in win-win relationships and that means the client has to be your partner, not simply a bill payer.
How does lean deliver improvements?
Lean uses the acronym DMAIC to structure improvement, generally continuous improvement, which is of course absolutely essential in a law firm in this day and age. DMAIC is always applied in the order shown below and stands for:
Define
Identify the business/process issue
Record the requirements of the client and the firm
Finalise the project focus
Define the project scope
Measure
Collect the required business data
Determine the performance of the process
Clarify the business opportunity
Identify quick wins where possible
Analyse
Undertake root cause analysis
Quantify the opportunity for gain
Prioritise root causes
Improve
Understand and develop potential solutions
Develop and select evaluation method and criteria
Evaluate risks
Optimise solution
Control
Monitor and adjust
Ensure desired gains are delivered and sustained
Standardise gains through standardisation
The above obviously goes around and around in a continual cycle. It’s surprising how many firms don’t have live documented processes and procedures. If you don’t have SOP (Standard Operating Procedures) then you are going to have to start. If you don’t have processes defined, how can you evaluate them and improve them?
Why is Lean particularly relevant in law firms?
This is the biggest issue – legal firms, in essence, are simply a business, predominately a service business and a consulting firm. Individually, they aren’t particularly different in what they do (although the individuals inside a firm of course have their specialisms). This means that a client choosing between one firm which hasn’t adopted Lean and still has a lot of waste (and thus, higher costs) and another firm that has adopted Lean, the client will choose the Lean firm every time.
A significant number of law firms have been way behind the curve in innovation for a long time and some who believe they are innovative are not. Not when you look at the advanced systems, processes and structures in other sectors. To begin making some real forward change, law firms need to start at the beginning and audit their existing systems to identify waste.
For Lean to be effective, firm leadership must embrace the principles. You can’t delegate and forget – leadership must be responsible, passionate and championing the reduction of waste and continual improvement in a firm. If you don’t do this then your competition will be, or an entity that isn’t even a competitor right now will be. Change in the legal sector isn’t a threat to those who embrace Lean – it’s an enormous opportunity and one you’re missing out on right now.
Flexible working is slowly becoming more common in the legal sector, with numerous firms announcing plans to implement the practice in the last few months or, at the very least, exploring the idea.
This increase is a response to numerous issues affecting law firms, whether it’s improving work/life balance for employees, the challenge of having global teams in different time zones, or in response to escalating rental costs – a particular concern for London-based firms, many of whom are starting to move out of the city.
We are also seeing a good number of start-up and boutique firms using quite advanced technologies to work from home or hot desk, giving them much better profit margins than their larger competitors. There’s no real reason why firms cannot increase the availability of flexible working.
The Benefits of Flexible Working
Flexible working can take many forms – part-time working, term-time working, home-working, compressed work, flexitime or hot-desking are all possibilities to explore. The practice can bring many benefits to a firm, among them including:
1. The ability to hold on to valuable staff
For example, those who need to work part-time in order to balance work and family life.
2. Reduced levels of sick leave
Employees will feel less run down due to a better work/life balance. Alternatively, they will no longer have to take sick leave in order to meet other personal commitments.
3. Increased employee morale, engagement and commitment to the firm
Staff will feel taken care of and have the flexibility to meet personal obligations and life responsibilities.
4. Improved productivity
Staff can work when they feel they can accomplish most and feel freshest – depending on the flexible work schedule adopted.
5. Greater talent pool to recruit from
It develops an image as an employer of choice, e.g. family-friendly, modern etc. Many workers these days, particularly graduates, have higher expectations and view flexible working as the norm.
6. Faster response time
Business decisions today can be made or lost in a matter of minutes. Having employees who can work from anywhere, at any times, means firms can be more responsive.
7. Reduced overheads
Flexible working initiatives like hot-desking have the potential to save money in terms of office space. For some firms, it’s unnecessary for every member of staff to have a fixed desk, and it’s a waste to pay for an empty desk.
Some firms implementing or exploring flexible working:
Herbert Smith Freehills
The firm has had a flexible working agreement since 2012, but in August announced plans to implement agile working across all its London based practice groups following a successful three-month trial. A number of partners and fee-earners were invited to work from home up to one day per week. The majority of those involved gave positive feedback; 89% reported improved work-life balance; 75% said flexible working improved their productivity and only 3% experienced negative responses.
Foot Anstey
The firm launched a “warm-desking” pilot in August, which is set to run for two months. The move is partly a response to a need to look for new premises in the city within the next three years.
BLM
In February, the firm announced that it was offering a flexible working program for all its London staff as it consolidates its two offices into one. BLM said they have invested heavily in technology to make flexible working simple and achievable.
The key to achieving the benefits of flexible working is implementation. Technology, of course, is important but also easy. Any IT department should be able to enable employees to work in the same manner, whether they’re in the office or not, without effort. A vast array of technologies and readily available Internet connectivity make it easy to collaborate in and out of the firm.
There are however also other softer elements to consider. Personality types, organisation and culture can all determine whether flexible working is a possibility for your firm. Overall you should focus on the business requirements first and foremost.
I was asked this question the other day and had an enjoyable discussion about it so I thought I’d jot down my thoughts.
In this blog, I’m talking in general terms outside of the ‘Magic Circle’. Technology turns off most business people, partners included, in the main. I don’t understand why so many technology firms in the legal sector fail to grasp this concept.
Even when you turn up and say “this product’s going to make your super effective because of XYZ” they’ll often switch off. They’ve heard it all before and been burnt by expensive and bad solutions in the past. Or because they are just confused by the numerous options. This is why there is so much of a ‘herd mentality’ in legal. I always find it a little strange that so many plod together, but I can tell you this will change, and rapidly, as the space comes truly competitive- basically like every other sector. Change is going to come so fast, but it’s not the technology that needs to lead it. The processes and models need to drive the change.
If I hear cloud, big data and AI many more times I’m going to explode. It’s boring for me, let alone lawyers having tech rammed down their throat in every email and publication. You are just talking about tools, and who cares about tools? Nobody except techs care about tools. I don’t care that my plumber has a new wrench with better grip, so why should ‘business leaders’ in law firms? Yes, these technologies may add value to a firm but many won’t until they are mature or integrated into a wider ‘business solution’ driven by a defined business strategy. Sure you may attract a partner’s attention with a fancy new mobile device, but often that’ll be the wrong device to really support a mid/long-term strategy.
Many firms will not truly engage technology until they have up-skilled general business improvement. Be that ISO, Lean Six Sigma, intelligent outsourcing etc. Technology is easy in general. Yes, there are exceptions, but generally, it’s easy when the business case and requirements are clear and championed by leadership. This needs to happen before the technology can really add its value. It’s surprising how many firms don’t have standard operating procedures. Or they don’t really review and develop them. This is pretty scandalous when most operations in legal are process driven.
In short, my message is that technology is not relevant without leadership, evaluation and analysis. You’ll see a rise, very quickly, and also many new entrants now the sector is opening. It should be led by increased efficiency (as stated) as margins are going to erode. I know that I don’t really pay any more per hour for legal services than I paid 10 years ago!
Cloud computing is more widespread than ever. 84% of businesses in the UK have adopted cloud in some form and 78% have formally adopted two or more cloud services in their business.
But although flexibility, cost reduction and scalability are the most common reasons for utilising the cloud, what is often overlooked is its ability to reduce energy consumption and run a greener IT operation. With policy and customers taking a harder stance on carbon emissions and rising energy prices, many businesses are now looking at ways of running a more sustainable operation – and the cloud is potentially a modern and efficient way of doing so.
How does the cloud help green businesses?
1. Resource reduction
Deploying a cloud-based infrastructure allows a single physical server to run multiple operating systems concurrently. With less equipment needed to run workloads, you can proactively reduce data centre space whilst also reducing your electricity running costs.
2. Shared resources & energy costs
Cloud providers have the expertise to carefully control the temperature and humidity in the data centre required to keep servers at peak performance. You will no longer need excessive machinery in-house to properly cool your equipment, and punishing fluctuations in energy costs can be mitigated.
3. Pay per-user, per-month model
As cloud services providers typically bill on a pay-as-you-go model this encourages users to only consume what they need. The scalability of the cloud means not only can customers increase their cloud capacity when needed, but they can also decrease it as well – lowering their impact and power consumption.
4. Energy-saving technology
Some large cloud service providers will have energy-saving equipment which would not be viable for small businesses to run, due to their cost and operation size. Thanks to the economies of scale though, growing businesses can gain easy access to this greener hardware without having to break the bank.
What are the obstacles for SMEs adopting the cloud in order to go green?
Obviously, the cloud isn’t a silver bullet for every business and its operations. However, in many circumstances, particularly in the SME arena, it’s a good fit and allows businesses access to big business solutions without the associated price tag.
The main obstacles include:
Specific applications don’t work well over a long line. This is due to latency sensitivity or the costs associated with the bandwidth required.
The speed and availability of broadband technology. A hindrance to small to mid-sized businesses, based in rural areas, without significant budgets.
Some large industrial areas don’t have a suitable infrastructure to run high connection speeds. This can be down to aluminium wire or oversubscription.
These obstacles can be difficult to overcome if you don’t the budget to run a leased line in from a point of presence to a considerable distance away. You could bundle together (bond) a number of xDSL type circuits together, and in some circumstances, this may be acceptable, as long as the investment stacks up. If you don’t go cloud then you can get cloud-ready. Start by rationalising applications, and virtualising servers and applications. If you go down this road, it’s unlikely the investment will be a waste.
How can an SME tell if their cloud provider is truly green?
It’s important to remember that data centres themselves run on a huge amount of power. There’s no single technology or initiative that makes a cloud provider green. It has to be a mix. Some factors include off-setting carbon, water conservation in the data centre, access to public transport so staff don’t need to drive, recycling as much as possible, and innovative cooling and heating recovery systems. ISO 14001 does demonstrate a commitment to improving efficiency and reducing wastage within a business from an environmental perspective. However, it doesn’t certify that a company is green in any way.
Being carbon neutral is a relatively significant undertaking that does demonstrate that a business is taking being green seriously. This really is the base standard for a green cloud in my opinion. Typically a third party calculates carbon usage that facilitates a suitable offset vehicle. For example, investment in a CO2 or methane capture project or simply just planting trees.
This is all very well and good but to really be green, I believe the business, particularly the data centres running the cloud platforms, need to be built to be highly efficient. If your business’s top priority is to be as green as possible then ask your cloud provider how they’re powering their data centre to establish whether migrating to the cloud is truly going to help reduce your carbon footprint.
What does the future hold?
The cloud can be greener going forward. To some extent, this will just happen naturally due to rising energy costs. Many providers tag the green badge onto what was is effectively a cost reduction strategy. Old data centres using old technology and facilities will be more expensive to run than new purpose-built, efficient ones. Due to the huge costs involved in powering and operating these facilities, it’s fairly obvious to identify a return on renovation or new build.
Data centre are being moved to colder regions of the planets to reduce the cost of cooling. Alternatively, some data centres in sunnier climates now use solar panels to reduce the chargeable power from the grid.
Obviously, virtualisation is still the big word throughout the IT sector. The more servers you can run on a single piece of hardware using the least power, the better the profit margin too. It’s that simple. Of course, you can also get a big tick in the green box too. Power costs, cooling costs – no business wants to pay for either.
Don’t forget, going green doesn’t just stop at deploying the cloud. There are many other initiatives your business can take part in:
Proactive recycling.
Educating employees about their carbon footprint and ways they can reduce this.
Being energy-conscious with utilities, e.g. heating, lighting, electricity.
Managed print solutions to help to reduce paper and resource wastage.
Both hailed as the future of working and criticised as the destroyer of efficiency, is remote working for every firm?
Remote working has existed since communications have been available to the roaming and remote worker. It has been pushed and pulled by enterprises of all sizes, and it has been claimed as the future of working and also criticised as the destroyer of productivity and culture. So, what should a firm consider before deciding whether to implement remote working?
Personality
Some people work best in a team or around other people, some work better alone and others work best in a mix. Most employees exist on this spectrum or as an outlier requiring either space to think or a strong social environment to nurture and drive them on. It is important to ensure you cater for all personality types for in whatever environment a firm chooses, as this will save money and HR headaches.
Communications
Often, when a key employee is not present during a meeting but is left to communicate via email and telephone platforms, so without face-to-face interaction, the meeting either comes to nothing. Or at least the employee is not as effective as they would have been had they been present. It is vital to consider how these issues will affect productivity and team working. Again, this will vary from person to person, role to role, business to business, but getting the environment right is critical.
Face-to-face video conferencing is the next best medium for communications. Nowadays, it is straightforward to talk face to face virtually and to collaborate via screen and application sharing through systems such as Microsoft Lync. Obviously, some of the dynamics are missed, but some virtual presence (telepresence) systems at the top end of the market provided by companies such as Polycom and Tandberg are impressive. Of course, the price points vary significantly, so mapping technologies to their correct applications are crucial.
Organisation
Managing and operating in a remote working environment is far from straightforward. The process can easily feel disconnected, since, for example, it’s impossible to round people into a meeting room, grab a working lunch, etc. Calendars become king and can also become saturated. People can disconnect as you lose some of the natural connections that occur between a team located in the same office..
Culture
Many firms bring their people together regularly to ensure team build bonds and align. With the best will in the world, it is impossible to get the best teams without them ever meeting in person. Of course, you can build trust from a capability perspective without a physical meeting. However, the bonding and softer side of relationships, the part that will give a team an edge, need that investment.
Apart from the get-together, it is possible to enhance the culture by creating virtual collaboration and social environments. Many businesses are using Yammer to fulfil this requirement, and much more. In essence, this is a private social network for businesses. SharePoint can help in this area, but it requires a little more work. Employees can post in forums, chat, upload photos, just like Facebook, except the focus is on the working environment. These tools do enhance and develop a culture, not merely for the remote working teams.
Striking a balance
If an organisation really plans its remote working strategy these can work just as well or arguably better than an ‘everyone in the office’ scenario. However, it is vital to think all aspects through properly, beyond merely implementing technology for remote access. You need to consider many factors, and not giving them due time will result in little gain, or even cause damage. Those who take remote working seriously will grow a better business with happier employees while increasing productivity and reducing costs. The potentials are too big to ignore. Technologies and people have advanced beyond recognition from the days of dialling in to pick up email or even using the trusty (slow) VPN.
Your organisation probably already has remote working in some form. Is it really delivering to its full potential? Could it be more effective? Could it improve the firm’s culture?
BYOD, CYOD, IaaS and SaaS may have been buried under waves of new acronyms, but although they’re buried, they can’t be forgotten. These four acronyms changed the way businesses’ networks are structured, they multiplied the complexity of connectivity, they incited the development of mobile apps for traditionally desktop software and, along with cloud, gave life to agile working.
But big changes often bring challenges and these need to be addressed before the full benefits can be gained.
What challenges do multiple devices pose for an IT team?
1. Security
You must first think about your OS and web browser security. Most mobile applications will be delivered via a web browser, and all web browsers and operating systems will have their own security vulnerabilities. However, if you can isolate the application delivery against these vulnerabilities, that’s a very good first step.
Network security will be another key area to consider. For a start, traffic will need to be secured between the device and the delivery platform in order to protect against man-in-the-middle attacks such as tampering and sniffing. To be safe, you should automatically assume that any network outside of the building is insecure and therefore make sure that appropriate controls (such as encryption) are put in place.
Of course, the BYOD trend raises additional security issues. Truthfully, if a specific technology is really beneficial to an employee’s work, the company should supply and control it. People have always been the biggest risk to a business in terms of IT security. BYOD only exacerbates that fact.
However, IT teams will nonetheless need to address this issue. Isolation of the consumer devices from the corporate network will be key. If you need to open particular ports – ideally just standard web ports for access – then so be it. Thin-client and VDI solutions can also work well to aid isolation from the corporate LAN. Even so, you will require two-factor authentication as a bare minimum, and, ideally, prevent the storage of company data on the device itself.
2. Network performance
Along with security issues, you also need to consider managing network performance when delivering enterprise applications to devices outside of the delivery platform. Sure, it’s great to have numerous xGbps connections into the data centre, but if the CEO is in a far-flung location, and an application doesn’t perform as it should, the repercussions can be serious. It’s essential to also factor in latency here, especially when using thin-client technologies to deliver your application services.
Network resilience at the client end is also an important area that resellers need to think about. While your cloud delivery platform may work well for the 50 task-based workers in a remote office on a bonded SDSL service, but when that local line goes down with no viable SLA, it’s going to hurt. It may not be your fault, but any issues with service will affect the internal customer’s perception of your team.
3. Preparing for the future
In order to add value, IT teams need to balance current needs with what’s likely to come next. Application delivery systems, cloud services technologies, and end-user device developments are fluid and changing rapidly. Therefore future-proofing is another important part of any mobile solution that you plan to deploy, manage and/or update.
4. The right support
Finally, it will be essential to provide adequate support for projects like these, either internally or with a third party. A lot of IT providers are jumping in, particularly from the ‘comms’ and ‘print’ side of the track, with a variety of Software as a Service (SaaS) and other cloud-based solutions. There are also a lot of IT companies pumping device control solutions that are too immature. This area is a whole new ball game, definitely not just a matter of hiring some extra skills.
New devices and apps will soon feature in IT environments to help deliver operational and productivity enhancements. As a result, it’s essential that you’re able to support the rise of these devices and related technologies adequately. The potential benefits and opportunities these tools can provide are too significant to ignore.
