Industry news

French outsourcing firm Atos, tendered £24 million worth of contracts from the Department for Work and Pensions in 2011 it has been revealed in Parliament.

The sum comes from four contracts last year including online identity checking service, a bereavement declaration service, occupational health services and medical services.

Atos will continue to tend the contracts in the coming years with contyatcts such as online identity service worth £47 million set to continue up until 2014.

UK IT salaries have risen by 4.3 percent on average over the last year, according to IT recruitment firm ReThink, almost double the national average of 2.3 percent.

According to the Office of National Statistics the average wage in the IT industry has risen from £38,500 in 2010 to £40,140 in 2011. ReThink surveyed IT directors and discovered that 54 percent of directors had increased staff pay last year.

Director at ReThink, Michael Bennett, said: "Salaries for many IT staff have actually fallen in real terms over the last year. However when compared with the average UK worker IT staff salaries are still ahead of the game.”

Sainsbury’s looks to increase efficiency while investing in support for growing online platforms. The companies online services currently represent the fastest growing online UK grocery business.

The supermarket chain currently makes around £800 million in annual turnover from its online platform. This year the company invested £163 million, up from £121 million last year.

Sainsbury, commented: “we have recently introduced new warehouse technology, which enables colleagues to work more efficiently, help improve product availability and reduce waste.”

The National Outsourcing Association (NOA) has entered into a strategic alliance with the National Business Awards (NBA) in a campaign to find the UK’s Business Enabler of the year.

The award is designed to highlight outsourcing organisations in public, private and third sectors that have made a significant contribution to economic and business growth within the UK.

Martyn Hart, Chairman of the NOA and a Shortlist Judge for the Business Enabler of the Year award said: “The Business Enabler of the Year award highlights the important contribution of the outsourcing industry to the British economy, and demonstrates how outsourcing has evolved to enable enterprise.

The rise of web based software has seen a race for the market share of cloud technology. At the forefront sits Amazon, who have capitalised on their early lead in creating a set of easy to use online programs, however the market place is fiercely competitive and Google moving to end Amazon's lead.

Behind Amazon lies Google which is playing catch up after failing to invest early in the new market, beginning development a full two years behind Amazon. Google entered the cloud market in 2008 but only began competitively marketing in 2011.

The cloud market has rapidly grown, with value expectations of $10.5 billion by 2014 from $3.7 billion in 2011, according to Gartner. Research commissioned by VMware indicates the European enterprises intend to spend nearly one-third of their IT budgets on web-based computing over the next 18 months. Microsoft, IBM and HP have all entered into the Cloud market beside Google, while Amazon have continued to maintain a strong lead with the biggest share of the cloud market.

Amazon has taken the early lead with its portfolio of web based tools including mobile applications, server renting and data storage at a highly competitive price. Amazon Web Services has attracted many companies as users and is currently used within 190 companies. Amazon’s business is rapidly approaching $1 billion in revenue.

Google boosts cloud spending to contest with Amazon

Google have been quick to recognise there mistake and reverse its position as the company ramps up employment of engineers and marketing staff as it rolls out web-based new features. Google has already begun to narrow the gap as cloud customer numbers have so far increased by over 10 percent each month of this year.

Google despite focusing heavily on their web-based services have a long way to go in order to end Amazon’s dominance of the market. Amazon’s services are set to expand yet further with Forrester research pointing to 44 percent of companies looking to employ the service in 2012. Google on the other hand saw a 23 percent reduction of their App Engine software in 2011 from 2010.

Google’s web based services have failed to provide the same levels of flexibility and support delivered by Amazon software which has proven to be so appealing to businesses, with Google offering fewer languages or the ability to deploy customer servers. In predicting increased spending on cloud computing VMware said that organisations looked to greater flexibility that cloud services could provide.

While Google have the requisite systems and technology to provide quality cloud software they have failed to attract users away from the long established, flexible and user friendly services provided by Amazon.

Statistics have been released this week, highlighting the number of local councils that have significantly downsized their in house IT departments. In some instances the reductions were incredibly substantial. West Sussex County Council recorded a 90% reduction in IT employees between 2008-09 and January 2012 and the trend looks set to continue. Public sector intelligence specialists Kable predict that spending on IT staff within local government is set to fall further, with research suggesting costs will drop 7% over four years, from £785m in 2012-13 to £739m in 2016-17.

While the outsourcing of local government IT may seem like a move likely to induce socio-economic ramifications, there are several benefits of ITO that should not be overlooked. Cost-cutting will be the core goal of any outsourcing contract, and within the public sector it is important to note that any financial efficiencies gained can be reinvested in other areas that will benefit most.

Neither should it be assumed that this cost-cutting will derive from laying off workers to source cheaper labour. Often it is the case that when a public sector outsourcing contract is negotiated, it is a priority to keep current staff in work. For instance, in the West Sussex County Council case, the number of IT council employees fell from 138 to 12 over a four year period. However the majority of staff involved were part of TUPE transfers that took place in 2010 and 2011, with the employees that once worked for the council transferred to suppliers, providing them with the background knowledge required for the projects.

Inviting private companies to tender for public sector contracts can also attract innovation and productivity improvements, leading to financial rewards. Suppliers are likely to use innovation as a USP in a competitive tender process, and an outsourcer is inherently more likely to provide innovation than an in house department. This is due to a number of reasons. Providing a financial incentive for innovation in the contract is best practice, something which an in house IT department is unlikely to have and therefore less likely to possess the motivation for implementation.

When innovation is a priority for a local government the financial clout required to implement the changes may mean that an outsourcer is also required. The vendor is likely to have the finances up front to implement large innovative changes, whereas local government have to deal with budgetary restraints. The investment can then be paid back over a longer period of time.

It soon becomes apparent that outsourcers have the capability to make real innovative changes and implement them in order to save money for the public sector. They have the capability and resources to think outside the box and create efficiencies that otherwise may not have been realised. While many may assume that outsourcing takes money out of the public sector, the long term benefits of outsourcing mean that local authorities can save considerable amounts and reinvest in the areas that really require it.

Learning to share: best practice for the implementation of shared services

Mathew Wells, Managing Consultant at ICT consultancy Hudson & Yorke, discusses what companies need to consider when opting for shared services

‘Shared services’ typically refers to the provision of a shared business function by a single team where it was previously handled by parallel teams in separate organisations, or separate teams within one organisation. For example, under the shared services model, one department provides a service for multiple organisations, or business units within a single organisation. The theory behind shared services makes logical sense – by pooling expertise together, businesses or local authorities can share the benefits of a wider skills base that would previously have been run separately and reduce cost at the same time. However, such cost savings sometimes take years to be recognised, and implementation isn’t always straightforward.

Perhaps the best known advocates of shared services are local authorities, which are well suited to the model due to their non-competitive relationships and the need to cut costs in recent years. In some cases a host council will provide the service for a fee, and in others a private company will take on a contract from a number of councils which then share the cost of the service. The advent of the PSN (Public Sector Network) looks set to further encourage a sharing approach, because one of the barriers in local authorities has been the cost of setting up a secure network infrastructure between the parties to an agreement. The PSN could therefore play a role in transforming collaboration in the public sector.

Whilst much attention is focused on local authorities, shared services have also been popular among financial institutions for years, and particularly so within large universal banks. Working within Hudson & Yorke’s financial services practice, I have seen various universal banks invest in shared services. The model can work well within large organisations because the entire philosophy of shared services lies in utilising economies of scale. Larger firms are naturally more able to benefit from this, but whilst the principle of shared services is easy to comprehend, in practice it can be a minefield. Financial services companies frequently make mistakes during the planning stages – we are aware of examples where firms have not taken the time to properly understand their business and the challenges which they want to solve through shared services. Running headfirst into a shared services model will almost always end in failure without proper planning and understanding. Similarly with governance – companies can sometimes be so fixated with planning and strategy, that they forget how the service needs to be run and managed in subsequent years. Many firms see the signing of a shared services agreement as the end of the process when in fact, it’s just the beginning.

Thankfully there are plenty of examples of best practice within financial services. One such project took place in a large universal bank, which was split into retail, investment, wealth and various other departments. The bank created a shared service centre for its ICT and back-office functions, such as HR, payroll and admin, cutting down on the repetition of these activities to deliver better efficiency at a cheaper cost.

Cost saving is often cited as the main reason that an organisation will opt for shared services, as funding and resourcing of the service is typically shared. The key is in sharing: not only does it reduce costs, but standardises and centralises the whole process. It can make running the back-office functions more efficient, delivering higher quality services to customers at a lower cost.

However, to reach this point a shared services model will require time and investment. In the current austere times we live in, companies are looking to demonstrate immediate cost savings. Shared services will typically take five years to create this cost reduction, with upfront costs such as purchasing of new technology, building and staff only adding to the bill.

When considering implementing a shared services model, strategy is everything. Developing a stakeholder consultation plan and understanding the current and future ICT needs of the organisation is vital. It is important to remember that what may benefit one part of the company may not necessarily benefit another, so consulting with stakeholders to define needs should be the first step. There is no point employing an infrastructure that only one part of an organisation can use – to get the most benefit a shared service should apply to all business units.

Secondly, companies should develop a robust business case. Cost reduction may be one of the main benefits of shared services, but cost savings may not always be clear initially. The principal impetus should be the delivery of real business benefits, specifically accountability.

Finally, companies should be wary of regulation, particularly in the financial services sector. Retail bank ring-fencing for example could lead to banks being wary of implementing a shared services model, only to be forced into a U-turn at some point in the future when regulation demands separation.

The bottom line is that shared services can offer very real benefits, but these won’t appear overnight. A clear strategy and thorough planning are necessary to realise the true potential of a shared services agreement, and once the agreement is in place proper governance is necessary to unlock maximum returns. Clearly there are many aspects to consider, but here are ten top tips for companies thinking about implementing a shared services model:

- Consider whether a shared services model is right for your business. Shared services generally only works for large companies, or organisations with fragmented business units.

- Plan well ahead of time. It normally takes 2-3 years to implement a shared services model successfully.

- Ensure proper governance. The work doesn’t end when a shared services approach is implemented.

- Develop a robust business case that takes into consideration alternative benefits to just cost savings. While cost-reduction will come in time, business benefits need to come first.

- Construct a stakeholder plan. All stakeholders need to have their say on whether shared services will benefit them.

- Ensure that planning doesn’t result in distrust. Remember that some departments within an organisation may have been responsible for certain functions for years – changing this could result in hostility. Communication with key stakeholders throughout the process will ensure sufficient buy-in across all business functions.

- Be aware of regulation and outside influences that could affect how shared services would run in the future.

- Know that centralisation isn’t appropriate for every single function within an organisation. In general, companies shouldn’t centralise core competencies that involve customer contact.

- Ensure that you look through a long-term lens. Don’t expect benefits to be apparent straight away because of the length of time it takes to change adapt and implement, but in the long run shared services can really deliver.

- Ensure that you have the right technology in place to enable shared services. Secure systems that allow joint working are key.

Business process outsourcing (BPO) has grown rapidly over recent years. As technology continues to develop and businesses continue to seek out faster, cheaper and more efficient ways of doing things, so outsourcing providers evolve their offering to match.

One current trend is the increase in on-shoring. In the past organisations have outsourced some of their processes abroad, but with businesses perhaps now more mindful of data protection and confidentiality issues, many more businesses are choosing UK based companies to undertake these processes. This promotes confidence that the company being used, has to comply with the same rules and regulations as the business placing the business. This is particularly important for the legal sector where tight regulations leave little room for error, with the outsourcer responsible for any breaches made by the service provider.

One growing trend that is gaining traction amongst businesses looking to outsource is the move away from retainer-led or minimum usage services to pay-as-you-go. Although this ad hoc approach may be thought to be more expensive than traditional contract rates, the flexibility is proving popular as it allows organisations to only pay for what they need, when they need it. Indeed, the leading firms operate a pay-as-you-go approach which is no more expensive than the businesses that insist on contracts.

Requirements for out-of-hours services are also more in demand, thanks to new technology all but eliminating the traditional 9 to 5 day. Many people, especially within professional services, now work longer hours, often late into the night or at weekends. If a tight deadline requires you to work around the clock, but the necessary admin or IT support staff don't work the same hours, then unnecessary delays can be introduced. With 24/7 support now offered by a growing number of UK outsourcing service providers, it means you can call upon much needed assistance as and when you need it.

Linked to the trend of out of hours support is the growth in mobile technology that allows people to take their work everywhere. In the past the productivity of many individuals was constrained by the working hours of their support staff, but the rise of mobile apps., now allows people to communicate directly with service providers at all hours of the day and night. Of course whether that's a good thing or a bad thing is a moot point.

The introduction of mobile apps is particularly relevant to transcription service providers as it offers the client the flexibility to be able to record their notes or thoughts whilst on the move, with the transcribed file often waiting for them on their return to the office.

DictateNow provides fast, reliable and confidential digital dictation and transcription services. With over 300 experienced typists all based in the UK, they serve a wide variety of sectors, including legal services, accountancy, medical, property and the public sector.

Prioritising the IT and technology needs of a business, while ensuring the IT budget is being used effectively, is arguably the biggest challenge facing CIOs and CTOs today. According to the October 2011 Forrester Research, Inc. report, “BC/DR Remain Priorities for 2012 But Take a Backseat to Cost-Saving and Efficiency Initiatives,” by Stephanie Balaouras, enterprises continue to spend an average of 6 percent of their budget on Business Continuity and Disaster Recovery (BCDR) efforts but in terms of overall priorities, BCDR will take a backseat to consolidation, business intelligence and virtualisation. The fact that these technologies have such a high priority makes the argument even stronger for BCDR.

Historically, the way technology solutions were developed and deployed meant CIOs and CTOs struggled with allocating budget, which often meant limiting investments in certain areas to cover other more pressing needs. Typically, technology solutions were one-hit wonders to address one, maybe two business needs at most. As such prioritising needs soon became a challenge and BCDR solutions were no exception.

However, when you take into consideration the areas enterprises are keen to invest in — virtualisation, infrastructure consolidation and cloud computing — the reality is these technologies are not discrete solutions like their predecessors. In fact, much of the hype has to do with the versatility they bring to IT and the businesses they support. By taking an overarching view of the organisation; what needs to be achieved and how technology can help, these solutions can and should be linked, including BCDR.

Business Continuity and Disaster Recovery in the Cloud Brings a Whole New Level of Cost Efficiency and Ease

Business continuity and disaster recovery solutions designed specifically for maintaining the operation of key business systems during a major event have traditionally been achieved via full physical backups and total replication. Often, this has doubled the cost of IT infrastructure needs, giving BCDR a reputation for being expensive and often unattainable. But virtualisation and cloud-based solutions have blown the BCDR physical paradigm out of the water. Businesses can use the cloud to better meet Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) in an easier and more cost-effective way.

At the end of the day, most BCDR budget decisions come down to how important or mission critical achieving a particular RTO and RPO objective is. In an ideal world, all businesses would choose the best possible RTO and RPO as possible. Who wouldn’t? But the reality is, when executives are shown the cost of a BCDR solution, all of a sudden the conversation moves from having the absolute best results to what amount of data or work loss is acceptable. Enter cloud computing and the pay-as-you-use model. Gone are the days when companies need to pay for additional computer resources for the occasional chance when they need them. Not to mention companies that own their own data centres and have redundancy and fail over efforts built in. This equates translating to additional infrastructure investments that are most likely rarely used.

By using cloud services for virtualised servers, storage, desktops and applications, businesses can ensure a redundant solution that meets their RTO and RPO objectives with minimal capital expenditures required. Additionally, data centres built for cloud services can offer BCDR not just at an inter-data-centre level but at an intra-data-centre level — providing an initial failover point locally before even having to physically leave the primary data centre.

The latest innovation in BCDR and where it is evolving is a complete, truly end-to-end strategy. Virtualisation and cloud will allow for everything from the desktop to the data centre and anything in between to ultimately have a BCDR solution available without breaking the bank.

BCDR Is Not Just About Preparing for Major Disasters

Natural disasters and national emergencies are typically what come to mind when companies think about their strategy for business continuity and disaster recovery. But the reality is that BCDR is about ensuring the business can continue to operate no matter what type of event or service interruption occurs. However, in a bottom-line-driven world, IT departments and executive teams cannot afford to bankrupt the business for the “what might happen” scenario.

In the end, it is up to the enterprise to determine how much risk their business can afford and what the best BCDR solution for their business is. The good news is that, thanks to virtualisation and cloud computing, the options are ever increasing while costs are decreasing, providing companies with economical solutions that provide even better BCDR coverage than ever before.

Translation — eventually every aspect of the business will be able to be BCDR’d.

India’s recent demand for European Union designation as a data secure country has brought the issue into the spotlight. Here we take a closer look at those nations which have achieved EU recognition and the benefits of doing so.

Article 25.1 of the Data Protection Directive (in the UK enacted through the eighth principles of the Data Protection Act, 1998) prohibits the transfer of personal data to a third county (i.e. a country or territory outside the EEA) unless that third country provides an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. Several exceptions to this rule are available including, in particular, the use of the approved EC model clauses.

Data transfers to third countries can take place in many circumstances, such as where an EU- based business relocates functions to subsidiaries outside the EEA, establishes an offshore shared service centre which processes, for example, HR or payroll data, where data is transferred for offshore processing as part of an outsourcing agreement with a third party supplier or as part of a hosting or cloud computing deal. The onus is on the data controller to ensure that he complies with the eighth data protection principle in relation to any cross-border data transfer of personal data.

The European Commission has designated a small number of third countries as providing adequate protection. The European Commission publishes a list of its decisions on the adequacy of personal data in third countries together with copies of the Commission Decision and Article 29 Working Party Opinion on which the decision is based.

The European Commission has so far recognised the following countries: Andorra (2010), Argentina (2003), Canada (2002), Faroe Islands (2010), Guernsey (2003), Isle of Man (2004), Israel (2011), Jersey (2008) and Switzerland (2000); the primary data protection laws considered by the Working Party to provide adequate protection being:

 the Qualified Law on the Protection of Personal Data, 2003 (Andorra);

 the Argentinean Constitution, Personal Data Protection Act No.25.326 and Regulation approved by Decree No. 1558/2001 (Argentina);

 the Personal Information and Electronic Documents Act, 2000 (Canada);

 the Data Protection Act, 2001 (Faroe Islands);

 the Data Protection (Bailiwick of Guernsey) Law, 2001 (Guernsey);

 the Data Protection Act, 2002 (Isle of Man);

 the Privacy Protection Act, 1981 (Israel);

 the Data Protection (Jersey) Law, 2001 (Jersey); and

 the Law on Data Protection, 1992, as amended by Swiss Federal Council ruling of 1993 (Switzerland).

The Commission’s webpage listing needs to be reviewed carefully because it appears to list Australia and, although there is an air passenger data transfer agreement between Australia and the EU, no general finding of adequacy applies to Australia. New Zealand, which the Article 29 Working Party found to be adequate in April 2011, is not yet listed, so we assume that the European Commission has not yet made an adequacy finding. The delay may be explained because, according to the Working Party, some concerns exist in connection with direct marketing and the oversight of data transfers. Israel’s 2010 adequacy decision was not without a few bumps along the way either, with a formal objection from the Irish government (a political move linked to the alleged use of forged Irish passports by an Israeli intelligence agency in the assignation of a Hamas operative in Dubai in January that year), requiring a full debate and vote, rather than the shorter written procedure which allows automatic adoption absent any objections by the member states. One can imagine that territories, such as Guernsey, Jersey and the Isle of Man, received a rather smoother passage through their adoption of data protection laws closely modelled on the UK’s Data Protection Act.

The US has not been deemed as providing adequate protection, however personal data sent under the Safe Harbor scheme signed between the EC and the US government in 2000 is considered to be adequately protected. Not all US companies can qualify for the safe harbor programme, e.g. companies in financial services, transport and telecommunications. There are also several international agreements to which the EU is a party which permit and require the transfer of passenger names records of all airline passengers (e.g. Canada in 2005, US in 2007 and Australia in 2008).

The benefit of recognition is that personal data can flow from the 27 EU countries and three EEA member countries (Norway, Liechtenstein and Iceland) to a recognised third country without any further safeguard being necessary. The recognition process can however give rise to pressure brought to bear on the third country to undertake some remedial action. For example, whilst making a finding of adequate protection in the case of Argentina, the Working Party urged “the Argentinean Authorities to ensure the effective enforcement of the legislation at a provincial level by means of the creation of the necessary independent control authorities.”

What is not entirely clear is whether the Working Party monitors how its recommendations are dealt with, if at all, once a third party has obtained a decision of adequacy and whether it monitors and reviews amendments to existing data protection regulations and the introduction of new data protection regulations, with a view to reaffirming (or otherwise) an adequacy finding.

As data protection and security is increasingly high up on the corporate agenda, recognition itself may add a degree of comfort to the enterprise sending data to that third country (recognising however that adequacy is not the same as equivalent). As reported by Economic Times of India, the India government believes that “recognition as a data secure country is vital….to ensure meaningful access in cross border supply.” Underlying this seems to be the fear articulated by Ameet Nivsarkar, vice-president of Nasscom, that “European companies start insisting on a data secure status as a critical factor for giving business.” As the European Commission recently announced its comprehensive reform of EU data protection rules, perhaps we will see an uptick in third countries looking to achieve an adequacy designation.