Industry news

Capgemini has secured an IT service infrastructure contract with electronics retailer Media-Saturn.

The contract will see the outsourcing firm deliver hosting capabilities and data center access along with providing main infrastructure services to 900 locations throughout Europe and Asia.

Capgemini Germany, Austria and Switzerland Infrastructure Services unit CEO Oliver Schwarz, said: “We can offer our client a tailored combination of infrastructure services, which will enable them to benefit from the transformation of their IT."

The internet age has made information a commodity and bred a new, savvier type of consumer who has access to a wealth of material. Making us all authors and editors, who roam the internet in search of nuggets of information that we can re-write or stitch together in order to gain an understanding of something. The upside of this has been a profound democratisation of information. The downside is the fragmentation of information, the erosion of authority and (for corporations) loss of control of their story.

This latter idea has resulted in companies realising the need to take control of their message and the way it is being communicated. This is so consumers have a clear idea about what a company is saying, without relying on the printed word.

A time for change

BergHind Joseph’s 2012 Global Players study reemphasises the importance of taking control of corporate messages. With the study not only demonstrating how companies in the Fortune Global 500 are responding to this idea, but how video is playing a pivotal role in achieving it:

- Nokia is currently using video to give a human story to the strategic move behind Nokia’s Lumia 800 smartphone.

- AXA has developed a series of videos which talk about various topics from their ‘Global Forum for Longevity’ – an initiative that shares knowledge between experts and the general public on the issues that increased life expectancy will create in the future.

- Deutsche Post DHL use video exceptionally well for their ‘Working Abroad’ feature, where three interviewees– one British, one Indian and one American –tell their story about working for the company.

Can video really deliver?

Whilst these large multinational organisations have the budget and ability to develop videos, can other (smaller) organisations afford to invest in video too? And if they do, will they ever see a return on their investment?

The reality is with the tools that we use to communicate growing in sophistication, so to have the results we want to see from them. That’s why - when referring to tools such as video – the results you want to reap should no longer relate to financial gain, and instead should refer to what you want a video to achieve once somebody has watched it.

This idea has resulted in creative communication agency BergHind Joseph developing a variety of videos that fulfil a plethora of objectives; from effectively communicating a new brand, both internally and externally across a global community; to helping the CEO communicate the new strategic changes being made in a business; to communicating and celebrating employee’s contributions within a multi-national business.

Gauging success

Whilst the intangible results a video delivers can be powerful, analytics now exist to actively demonstrate and measure the success of a video campaign too.

From tools that that make it possible to guarantee traffic to a film; to observing and measuring the demographic a film attracts; and even make footage clickable to encourage audience participation. This level of intelligence means that video is no longer a tool for simply pushing out messages; it offers a new level of engagement for viewers and provides fantastic market intelligence – something which very few communication tools can do.

Venafi’s EMEA Director Calum MacLeod examines why the Certification Authorities are still playing fast and loose with our safety and outlines the key steps to safeguard your business from disaster

Certificate Authorities (CAs) are still allowing themselves to fall victim to hackers despite a fundamentally catastrophic effects which a compromised CA can produce. Even after the DigiNotar disaster recent research shows that CA is still being compromised regularly. As there are more than 650 CAs trusted by commercial browsers, it only takes one of them to be compromised for hundreds of thousands of websites to be potentially under attack. It is unfortunately the case, that with 650 CAs able to issue certificates the probability is that at least some of them will, even after DigiNotar and Comodo, still not properly secure the infrastructure allowing the relentless hackers a way in.

Access, an international non-governmental organisation (NGO) and digital rights advocate maintains: “If a single one of the 650 public certificate authorities (CAs) that your systems support, by default, is compromised the entire system is compromised - so keeping 100% of the CAs at 100% compliance and 100% impervious from zero-day attacks is a very hard problem indeed.” I’d add, especially when you don’t control them!

As breaches have tragically become a regular occurrence, the different incidents seem to be turning into a blur as they add up. What might be shocking then is that the reality is most breaches actually go unnoticed, and even unreported, because many believe that these breaches are not considered newsworthy. According to the Electronic Frontier Foundation, public CAs are revoking approximately 50,000 certificates a month – this is nothing short of criminal. It is astonishing that in these days of heightened security, when the Olympic games is protected by massive security, tweeting too light-heartedly about security can get you locked up and air travel has almost ground to a halt because of security – some CAs are as well protected as cheese on a mousetrap.

Preparing and responding for a CA breach has to be a priority for every organisation. However, no one said it’s going to be easy. With several recent breaches, I believe it is important to learn and apply some practical lessons.

Filtering out the ‘Noise’

So what lessons, if any, can we learn and apply to the challenges we face from cyber-terrorism?

1) Too much information:

We all suffer from information overload. Many of us add to this deluge by subscribing to news-feeds, twitter, and various other information sources that effectively drown us in words. In addition we all receive “junk mail” from a variety of sources. And many of us – myself included – regularly contribute to the “essential reading” that you receive.

The problem is, amongst all this ‘noise’, is hidden a vital piece of information. Take the time to at least skim messages instead of just deleting them. You never know what might catch your eye, and give you an early warning!

2) There are bigger problems:

The problem with a ‘to do’ list is that it’s never, or very rarely, finished. Sound familiar? However, with many people feeding into fix lists it’s always easier to deal with the person shouting the loudest while someone who isn’t clamouring for attention, but could have the bigger issue, gets forgotten. Another common problem is the person prioritizing the items doesn’t fully understand the implications of the risks.

For example, those responsible for PKI and security have at best an “arm’s length” relationship with their IT colleagues, and as a result have little or no appreciation for the challenges that IT face. On the other had IT regards security teams with suspicion, and often are preoccupied with the suspicion that security just wants to take over responsibility.

This requires action by senior management at the CIO, CSO, CFO, CTO level to ensure that different groups cooperate rather than compete.

Robert Campbell, Managing Director at Ecommnet details varying methods of network connectivity and the modernisation of security authentication.

Networkless Connectivity

Instead of building separate physical or rigidly constructed networks for each organisation, one method that is gaining popularity is to create one network, and to control access to the services and data it houses at the point of entry.

Networkless connectivity removes the dependency on how the network is physically constructed and is instead dependent on an individual’s role within the organisation. Using access control technology, such as Cryptzone’s AppGate Security Server, the services and information each individual is granted access to will be determined at the point that they attempt to connect to the network. Returning again to the building analogy, it is akin to each person having their own unique key to the building that, when they unlock the front door, automatically opens all the doors within the building that they can legitimately enter, but also seals all the doors that they should not.

Access can be further controlled by what type of device is being used to connect and where people authenticate themselves. For example, if a user connects to the network from a PC within the organisation’s premises then they can access all files and information needed to perform their duties. However, if they connect from a laptop from home, they may be restricted to just calendar information or basic applications. Taking it a step further, access can be further controlled by the day of the week and/or time of day that the person is accessing the network to determine what they can do and see.

While this might all sound extremely complex, fundamentally networkless connectively is far more flexible, with the underlying infrastructure easier to build and manage.

Secure Authentication

As previously mentioned, a key security consideration is proving that the user is who they claim to be. Historically, many access gateways required an individual to enter their username and password combination to authenticate themselves. While this may have been adequate for one organisation functioning from one location, as soon as you start co-locating, or even allowing remote access, single factor authentication is woefully inadequate and easily circumvented.

For this reason the introduction of two factor authentication (2FA) is increasingly being driven by legislation and/or the need to be more secure. 2FA fundamentally is the combination of two of three elements:

1. Something you know – a username or password, etc.

2. Something you have – an authentication device such as a smartcard, etc.

3. Something you are – referred to as biometrics it involves retina or fingerprint scanners etc.

Just so we’re all straight, a username and password combination is not 2FA as it is two variations of one element i.e. two things you know.

Now that we’ve established what 2FA is, it’s time to look at what the options are. Fundamentally there are two main forms of authentication device:

1. A physical token or smartcard,

2. A virtual token – a mobile phone used to receive a passcode via SMS message or generate the code via an app.

While physical tokens have been used for numerous years, many would argue that they’re an outdated technology. In addition to the administrative nightmare of configuring each token, and the logistical headache of distributing them to users, they also have a shelf-life – typically two to three years. In contrast, virtual tokens on smartphones are far cheaper to manage (usually via a self-service portal), practically every pocket houses a device, and people are comfortable with their handset so user acceptance is easily overcome.

Networkless connectivity combined with strong 2FA allows straightforward user access, without constraints, to deliver a completely dynamic set up at the time of connection. So, whether you’re merging, re-merging, de-merging or just looking to introduce a more flexible working practice, securely, make sure its future proof and cost-effective. Instead of getting physical, it’s time to start thinking outside the box, and even the building.

Don’t tar and feather a whole industry when one high profile deal goes wrong.

“Don’t let the actions of a few determine the way you feel about an entire group. Remember, not all German’s were Nazis,” said Erin Gruwell, an American high school teacher so unorthodox and inspirational that first ABC News commissioned a documentary about her, which Hollywood picked up on and made into a hit movie*

Smart lady, wouldn’t you say? Well, a great deal of the Great British public could do with taking a leaf out of her book. Just because one high profile deal goes awry, it doesn’t mean that the entire concept of outsourcing should be written off. As I said on Sky News earlier this week, sourcing only arouses interest on the rare occasions it doesn’t work. It’s like a good quality central defender: you never know it’s there. Not until it makes an under hit back pass or heads into its own goal. But if one of the team makes a mistake, it doesn’t mean the whole squad are bunch of donkeys.

Of the 100s of outsourcing deals that make up the Olympics, only one gets talked about. And that is so wrong. To combat this depredation of our industry, we must unite and champion success, and correct some misconceptions along the way. The National Outsourcing Association is calling upon the entire outsourcing industry to demonstrate to the media, the business community and the man in the street that Outsourcing Works.

The man in the street is going to take some convincing. Earlier this year, the NOA commissioned a research project entitled “The Public Perception of Outsourcing” which discovered that to appreciate the value that outsourcing brings to the UK economy, the public wants to see evidence of the macro-economic advantages that outsourcing brings, such as its track record of job creation and its positive contribution to UK PLC. Well, let’s give it to them – this information is out there. Outsourcing is the second biggest aggregate employer in the UK. Every day, over three million people get out of bed, brush their teeth and go off delivering services for other brands. How can that not be creating jobs and economic benefit? Anyone who thinks otherwise needs to wake up and smell the coffee. Work is on-going to collate case studies and numerical evidence to support this argument – give us a call at the NOA if you believe you can add weight to the campaign.

Following a pilot to a selection of the NOA membership base, 80 organisations have already pledged their support to the campaign which will both celebrate success and share best practice, uniting our industry into one coherent voice that will elucidate the value that outsourcing brings to the UK. You don’t have to be a member to support the cause. Come and see us on online to find out more…

*Freedom Writers, with Academy Award winning actress Hilary Swank in the lead role. Set 1990’s Los Angeles, it is the story of Erin Gruwell’s challenge to educate so called ‘unteachable’ adolescents. Released in 2007 It was a box office success, created on budget of $21m, generating receipts of $44m. It was critically well received too: it scores 69% on Rotten Tomatoes, and 7.4 on imdb.

Robert Campbell, Managing Director at Ecommnet talks about implementing & managing secure access in a period of rapid change

It is no secret that the UK Government is still running at a significant loss. It is therefore no surprise that organisations are having to cut costs, and for the public sector, this has fast become its mantra. The NHS, Children’s Services, Housing and Regeneration, Local Government, the Police Force - everywhere you turn there is a generic call to introduce changes that will save money.

One popular initiative has seen many local councils consolidate their operations by co-locating their staff. NHS, education, council employees and others are all congregating together in one central location in an effort to reduce property costs. While on the surface this seems a practical solution, for the IT team it’s a logistical nightmare.

Physical Connectivity

Imagine if you will, each department existing in its own locale. Part of the infrastructure would typically include a physical IT network. Just like a building has walls protecting the contents inside, the network too would have barriers, or gateways, to prevent external access.

As organisations come together, under one roof, so too do the networks on which they function and this is where the complexity begins.

Sticking with the physical building analogy, if you give someone a key to the front door, without a thought to the security within the building, then that person is free to roam all the floors, corridors, offices and potentially rifle through the unlocked drawers and filing cabinets within. Similarly, a physical network is made up of several layers and it’s reliant on someone physically locking all the areas, or compartments, to prevent unauthorised access.

It is imperative that a company controls which individual has access to which services, applications and information and from where. They also need to ensure that each individual is actually who they claim to be. While this sounds pretty straight forward, it can be very complex to manage without the right tools.

Before I continue its worth clarifying that inadequate data protection will get you into a whole heap of trouble. If you’re in any doubt a quick internet search of ‘public sector data breaches’ will bring up a long list of organisations that stand testament to the size of the problem, and the penalties they’ve incurred as a result.

August was a month of economic gloom, with reports of slowdown in China and increased instability in Europe. Rising expectations of Greece’s expulsion from the Eurozone and difficulties arising in Spain have further compounded economic uncertainties.

China has reported a slowdown in manufacturing, with August placing figures at a nine-month low. The official Purchasing Managers' Index (PMI) which measures manufacturing activity, measured as reading of 49.2 for the country, the lowest seen since a drop in November 2011. China’s economy also reported the lowest annual growth figures in three years during the second quarter.

Europe also reported reduced PMI figures, with average PMI reading below 50 for the 17 countries employing the euro. A PMI reading of below 50 shows contraction in manufacturing output. The UK also reported decreased productivity with a PMI score below 50.

August also saw reports of European server market slowdown, with Gartner reporting a decline in revenue of 2.9 percent in the second quarter. Gartner analyst Jeffrey Hewitt said that in regards to server sales that, “In terms of revenue growth, only Asia/Pacific and the United States produced growth for the quarter, all other regions declined.”

A survey from the EEF manufacturers' association showed that the UK’s overall manufacturing output had entered into its lowest level since the end of the last recession in 2009. The survey comes after both the British Chambers of Commerce and the CBI devalued their growth forecasts for 2012 with the Office for Budget Responsibility expected to follow their prediction. Lee Hopley, the EEF's chief economist, said, “overall confidence appears to be draining away.”

As the economic outlook in Europe continues to remain bleak, outsourcing contracts are reducing in quantity. In KPMG’s pulse survey, support services contracts were not being renewed so readily, as businesses demand costs savings and become more prepared to wait for clear evidence of efficiency before embarking on outsourcing contracts.

While outsourcing contracts are being impacted upon by the global economic downturn, businesses as well as bunkering down and reducing expenditures, are also turning to the outsourcing of services during difficult times, where cost-savings are readily apparent.

North Korea and Iran have agreed to share research and technology in order to strengthen defences against cyber-attacks.

The new agreement, reported by Iranian news services, would see the two countries share research, student exchanges and science facilities.

Both Iran and North Korea have been hit by successive malware attacks, with Iran having been hit by repeated cyber-attacks, suspected to have been launched by Israel and/or the USA, in order to derail nuclear research.

Economic instability has seen outsource support services contracts fall in number, as businesses delay renewal during periods of uncertainty.

Business are increasingly trying enforce closer control on outsourcing contracts as cost efficiency is increasing demanded from services.

The reduction in outsourcing support services was revealed in KPMG’s pulse survey. Shamus Rae, partner in KPMG Management Consulting, said: “negative market conditions in the Euro Zone continue to have a detrimental impact on business confidence as uncertainty forces buyers to delay decisions, with the knock-on effect being a tighter rein over discretionary spending.”

The European Commission promoted the sharing of spectrum by providers in order to increase wireless connectivity.

The Commission highlighted the application of technology, in order to allow more than one provider to use a spectrum frequency. If such sharing was widely achieved, further spectrum frequencies would be available for other services allowing for improved connectivity.

Neelie Kroes, vice-president of the EC’s Digital Agenda, said: “We must maximise this scarce resource by re-using it and creating a single market out of it. We need a single market for spectrum in order to regain global industrial leadership in mobile and data and to attract more research and development (R&D) investments."