5-11 July 2011 | computerweekly.com

Microsoft takes to the cloudbut where is office 365’s silver lining for large enterprises? page 5

A buyer’s guide to virtual desktopshow to mitigate latency, energy and data security issues page 8

Is nearshoring the new offshoring?the uK businesses choosing it outsourcers in eastern europe over india page 12

the week online

2 | 5-11 July 2011 Daily news for IT professionals at ComputerWeekly.com

Highlights from

whitepapers

Android Market infested by rogue apps, says Symantec

read full story

lulz Security announces it is to disband following hacking spree

read full story

Microsoft launches cloud-based Office 365 for SMEs

read full story

Government cancels SME contracts, hands deals to Capita

read full story

Mozilla releases final version of Firefox 5 for download

read full story

Google complies with 89% of uK content removal requests

read full story

Buyer’s guide: Does IT need its own ERP?

read full story

Growth of ‘shadow IT’ use outside IT department control

read full story

Royal Mail appoints third CIO in 18 months

read full story

unite members at Fujitsu’s Crewe site to strike

read full story

Get the latest it news via rss feed computerweekly.com/rssFeeds.htm

1

2

3

4

5

6

7

8

9

10

most popular

> CW+: Smart grid cybersecurity strategy – industry proposalsThis report from the Energy Networks Association puts the case for the government and energy networks to jointly develop a cybersecurity strategy for smart energy grids. Download whitepaper

> CW+: Getting to grips with server virtualisationWith pressure on business to improve its ability to respond to external developments such as changes in markets, evolving regulation and increased customer expectations, many organisations are exploring how to drive opera-tional and procedural change to help the business keep up. Download whitepaper

> CW+: Special report on CiscoThis six-page report analyses the challenges facing Cisco, its financial performance, the services it offers, its place in the IT market and its future strategy. Packed with graphs and diagrams, it is essential reading for any organisation working with, or thinking of working with Cisco.Download whitepaper

> CW+: AVG security threat report Q2 2011AVG Threat labs has identified 702 command and control servers which collect online banking credentials from hundreds of thousands of people and businesses worldwide.Download whitepaper

case stuDy

> Electronic case filing at the Royal Courts of JusticeWhen a major IT project at the Ministry of Justice to roll out an electronic filing system failed, Nigel Kelly, e-working project manager, created a digital court record system from scratch using an entirely different approach. Kelly explains why small-scale IT projects are the key to success in the public sector.computerweekly.com/247129.htm

opinion bloGs

> Bryan Glick: So, David Cameron, still think Google Health could be used in NHS IT?Google quietly announced last month that it plans to “retire” – shut down – its Google Health online medical records service. This may not, at first, appear especially relevant to the uK, since the service was specifically targeted at uS citizens with the unique challenges of the uS healthcare system. computerweekly.com/blogs/editors-blog

> Karl Flinders: Everything Everywhere cloud project will have implications for an industryBack in March I wrote about Everything Everywhere’s outsourcing deal with T-Systems. Everything Everywhere is the uK joint venture between Orange and T-Mobile. It has outsourced its IT to T-Systems for 7 years for £700m. computerweekly.com/blogs/inside-outsourcing

> Mark Ballard: How government aimed to exploit personal data tradeThe £3bn trade in tip-offs about people in car accidents has exposed the seedy side of the personal data market. Seedier still are draft government plans to cash in on this bonanza when it ought to be sticking to the Tory manifesto promise to give people control of their own personal data.computerweekly.com/blogs/public-sector

> Jenny Williams: Avanade sets up women in IT initiative to increase number of female staffBusiness technology services firm Avanade has launched a new initiative to tackle its lower-than-average number of female staff. Only 14% of Avanade’s workforce is female, compared with an average of 35% of IT staff being women across Europe. computerweekly.com/blogs/witsend

case stuDy

> Business process improvement: Co-operative Financial ServicesVirtualisation and business process optimisation are key to the strategy of Co-operative Financial Services following its merger with Britannia. computerweekly.com/247121.htm

> Virtualisation’s role in datacentre cloud economics/consumerisationThe role of virtualisation in achieving cloud economics in the datacentre and mediating the digital platforms staff use to handle organisations’ data. computerweekly.com/247109.htm

STO

CK

By

TE

> Back to the future with government ID plansThe government’s new identity assurance strategy is a significant and welcome change of direction. until last year, the Identity Cards Act sought to provide government with monopoly ownership of our identity. But now the Act has been repealed and proposals brought forward to let us choose our own identity provider in an open marketplace of trusted providers. computerweekly.com/247095.htm

> Security profession must make nimble risk-based decisionsWe talk a lot about new technology, but there are few times when technology really tears up an organisation’s rulebook – but that is what the “cloud” and the iPad have done, writes Matthew lord, CISSP. computerweekly.com/247053.htm

report

THIN

KS

TOC

K

the week in IT

5-11 july 2011 | 3Daily news for IT professionals at ComputerWeekly.com

strategic it planning

IT spending heading for 7.1% global growth in 2011Worldwide IT spend is poised to grow 7.1% in 2011, reaching $3.67tn (£2.29trn), according to Gartner’s quarterly outlook. This is an up-ward revision of the 5.6% growth projected by the analyst firm in the first quarter of this year. Spending on public cloud services is set to grow nearly four times faster than overall IT spend in the next five years.computerweekly.com/247149.htm

strategic it planning

GPs will need to spend £1.7bn on IT investment for NHS reformsGPs will need up to £1.7bn to invest in data analytics, business intelli-gence tools and a platform to join up systems if they are to deliver commis-sioning under the government’s con-troversial NHS reforms. More than half of all GPs (57%) believe that at least 10% of NHS efficiency savings should be re-invested in IT to deliver better patient care.computerweekly.com/247124.htm

staffing & training

Royal Mail appoints Catherine Doran as third CIO in 18 monthsRoyal Mail is to get another CIO – its third in less than 18 months – when former Network Rail development director Catherine Doran takes over the role from 1 September. Computer Weekly revealed in May that Doran was leaving Network Rail. For the past two-and-a-half years, she has led a multimillion-pound transformation programme at Network Rail.computerweekly.com/247119.htm

desktop computing

PC remains dominant business IT platform over mobile and tabletThe increased use of mobile and tab-let devices in businesses will fail to topple PC dominance over the next three years. A survey by Freeform Dynamics reveals the majority of IT staff believe PC price, power and per-formance improvements will drive an increase in PC adoption by 2014.computerweekly.com/247151.htm

it services & outsourcing

Cleveland Police saves £10m in extending shared services dealCleveland Police Authority is set to save almost £10m on top of £50m already identified through an exten-sion of Cleveland Police’s 10-year £175m share service deal with Steria. In June last year Cleveland became the first police body to use Steria to share services such as finance, HR, payroll and fleet management in Ste-ria’s dedicated datacentres.computerweekly.com/247142.htm

security alerts

TDL-4 virus builds indestructible botnet of 4.5 million computersOver 4.5 million computers around the world have been infected by the TDL-4 virus. The owners of TDL are trying to create an indestructible botnet protected against attacks, com-petitors and antivirus companies, said security company Kaspersky. The botnet targets Windows PCs and is used by cybercriminals to manipu-late adware and search engines, pro-vide anonymous internet access and launch other malware.computerweekly.com/247153.htm

it services & outsourcing

Cambridgeshire Council signs broadband school network dealCambridgeshire County Council has signed a seven-year public sector network contract with Virgin Media Business, estimated to be worth £30m. The network will connect the region’s 250 schools, 90 corporate sites and 69 community outlets. The deal will also improve broadband across the area’s 250 schools.computerweekly.com/247141.htm

risk management

International collaboration shuts scareware cyber crime ringsTwelve countries have collaborated in an anti-cyber crime effort to shut down two crime rings that cost £46m in losses to over 900,000 peo-ple through fake security software known as “scareware”. Law enforce-ment officers seized 25 computers and servers in the UK and continen-tal Europe, and 22 servers and com-puters in the US. computerweekly.com/247102.htm

security alerts

Symantec finds 60 rogue apps on Android Market over two daysSixty rogue applications were found on Android Market over two days in March according to Symantec. The firm revealed the extent of the rogue software in Google’s popular online marketplace as part of a study of the security of Google’s Android and Ap-ple’s iOS mobile operating systems.computerweekly.com/247118.htm

risk management

Government’s smart grid project will need tight comms securityGovernment plans to create a smart grid for energy networks will require a co-ordinated focus on cybersecurity as communication networks play a key role, according to a report from The Energy Networks Association. The survey said government and net-work providers need a more coherent approach to secure the smart grid.computerweekly.com/247136.htm

Lloyds Banking Group cuts IT jobs Lloyds Banking Group will make about 15,000 job cuts, including back-office and IT jobs, as part of an overhaul of its business following a major review.

The bank said better end-to-end processes and IT platforms will contribute £1.5bn of annual savings. This will involve rationalising multiple systems acquired when Lloyds Banking Group took over other finance firms.

Lloyds also said it will not offshore further UK permanent operational roles. In October, the bank reduced the number of offshore workers by 1,750, but made 2,700 UK IT workers redundant at the same time. But Steve Tatlow, assistant general secretary at the Lloyds TSB Group union, said operational roles at the bank do not include IT jobs and there is likely to be more offshor-ing of IT, particularly as the bank attempts to reduce the number of different platforms it uses. computerweekly.com/247148.htm

“I’m excited to help revitalise Myspace by using its social media platform to bring artists and fans together”

Myspace owner, Justin Timberlake

social media

Global IT spending growth forecast

Source: Gartner June 2011

Har

dwar

eUS$375bn

Sof

twar

eUS$244bn

IT s

ervi

ces

US$793bn

Tele

com

sUS$2,015bn

All I

TUS$3,427bn

12.1

%

3.1%

7.3%

5.9%

8.4%

Har

dwar

eUS$419bn

Sof

twar

eUS$268bn

IT s

ervi

ces

US$846bn

Tele

com

sUS$2,140bn

All I

TUS$3,672bn

11.7

%

6.6%

6.9%

7.1%

9.5%

2010 2011

more onlineCIO interview: Dave Benson, ex-CIO of News Corpcomputerweekly.com/247096.htm

CIO interview: Chris Chant, UK government director of G-Cloudcomputerweekly.com/247023.htm

interview

Data management makeover boosts efficiency and retains independence

4 | 5-11 July 2011 Daily news for IT professionals at ComputerWeekly.com

Pieter Schoehuijs, chief information officer of AkzoNobel, talks to Cliff Saran about using IT to make efficiency gains

P ieter Schoehuijs has been chief information officer for two years at global chemicals and coatings

company AkzoNobel, whose brands include Dulux and Hammerite in the UK.

Schoehuijs is managing the IT strategy as the company makes the transition from a holding firm to be more centrally managed. IT is play-ing a major part in that transition and “there is hardly any project that does not have strong IT involvement”.

The IT environment at AkzoNobel is complex and makes use of on-shore and offshore outsourcing serv-ices, as well as cloud-based soft-ware. “We rely on external partners for our infrastructure, to manage da-tacentres and provide desktop sup-port for example,” Schoehuijs says. The company also uses software-as-a-service products such as Sales-force.com and Concur.

He says AkzoNobel is implement-ing shared services to improve effi-ciency, and continues to use more standard processes such as data warehouses and master data man-agement. “It is possible to examine raw materials across all business units, for instance to check if there are environmental issues,” he adds.

Data managementThe idea of a common view of busi-ness information across the whole company is tempting for many firms because it allows the manage-

ment team to make more informed business decisions. But such busi-ness insight is not easy to achieve because of the way information sys-tems are deployed organically and cultural and political differences within organisations.

Schoehuijs admits that creating a single version of the truth, through master data management, is a very large undertaking at AkzoNobel due to the way the company used to be organised.

Over the past few years, Schoehui-js’ predecessors have “moved moun-tains” to consolidate datacentres and wide area networks, he says. “We are now doing the same thing with sys-tems. Two years ago we had 200 ERP systems, we are now down to 120. But it is like sprinting a marathon – we are looking to get the number down to 10 over five years.”

Some companies, such as chemi-cal firms Dow and BASF, have tack-led the problem of ERP consolida-tion by running a single version of SAP across the whole of their organ-isation. But such a strategy does not fit well at AkzoNobel, says Schoehu-ijs. The challenges are not technical, but relate to the way individual businesses within AkzoNobel oper-ate. “We treasure agility in our busi-ness units. Our strategy is deter-mined by our desire to harmonise certain processes across the busi-ness, while giving a level of inde-pendence at the business unit level,” he says.

This is why AkzoNobel will end up with 10 systems, rather than a sin-gle instance of SAP. The centralised systems will include human resourc-es, procurement, treasury and a data warehouse.

New ways of workingConsolidating the number of IT systems will support new ways of working. “Imagine trying to connect an iPhone or iPad to the enterprise when there are hundreds of systems. The challenge is completely non-lin-ear. Even with 120 systems, you need 120 interfaces, and you need to test and validate all of them. This leads to spaghetti consolidation,” says Schoehuijs. In other words, while a company may be able to lower com-plexity by reducing the number of IT systems, each one that remains will introduce its own complexities.

As for iPhones, iPads and other consumer technology, Schoehuijs

says consumerisation is becoming more visible. “People are flocking to social media sites and demanding iPhones and iPads. The key is to have an open mind and explore how to make [these things] work.”

Blogging is one of the areas the company has begun to explore. “There are sites that allow people to connect together. We found that a couple of thousand people were using one of these sites. We are now running a pilot to see if an alterna-tive platform can provide a more controlled environment. We are also engaging with some social media sites to see if we can regain control of user data, and have issued con-duct guidelines.”

IT plays a key role at AkzoNobel, which means Schoehuijs gets in-volved in steering committees for the bigger projects at the early stages of planning, when the business is first deciding what it wants to achieve. There is also a growing hunger for in-formation, as information drives effi-ciency. “We are trying to improve ef-ficiency to respond quicker either to changes in the supply chain or politi-cal challenges.” ■

“Two years ago we had 200 ERP systems, we are now down to 120” Pieter SchoehuijsAkzoNobel

It strategy

CIO SummitPieter Schoehuijs will be attending the CIO Summit, an event for the CIO to assist forward-thinking IT executives in meeting often-conflicting demands.

The summit brings together leading European CIOs investing in innovative solutions to boost their bottom line, and solution providers aiming to position themselves at those investment hot spots to reap the benefits.

For more information about the CIO Summit, e-mail chris.hepple@computerweekly.com

more onlineNews: Office 365 takes MS online – but is it good for the enterprise?computerweekly.com/247139.htm

News: Microsoft launches cloud Office 365 for small businessescomputerweekly.com/247128.htm

In depth: Microsoft Office 365 versus Google Apps for Businesscomputerweekly.com/247147.htm

news analysis

Where is the silver lining for the enterprise in Microsoft’s Office 365?

5-11 july 2011 | 5Daily news for IT professionals at ComputerWeekly.com

While Microsoft's cloud offering is aimed at small businesses, Cliff Saran asks if it leaves larger firms wanting

Launching Microsoft Office 365, Microsoft’s UK manag-ing director Gordon Frazer said the software would help

small businesses reduce the cost of running IT services. According to Frazer, early adopter customers are reporting a 50% saving on IT.

Gurdeep Singh Pall, a corporate vice-president at Microsoft, pointed to the benefits of software as a serv-ice: “It’s like signing for electricity or water. The software is always fresh.”

Office 365 customers in the UK in-clude Alliance Healthcase, Horn-blower business brokers, UKBI, St Andrews College, Ealing Council, Dorma and Kensington Enterprises.

Cremyll Sailing, a charity that takes young people sailing, is one early adopter. It is using Office 365 as a central place to share documents. Users work on their standard Office products and can upload documents via a Windows mobile phone.

Lifting the IT burden for SMEsClearly Microsoft is targeting small businesses with little or no IT experi-ence. This makes sense, given that in the UK, most of the growth in the economy is expected to come from small businesses. And unlike in larger organisations, IT is often an ex-pensive barrier to a small company. So through Office 365, Microsoft promises to help small businesses by reducing the cost of IT.

Entrepreneur Doug Richard, founder of training firm School for Startups, said: “In a large business, technology is a competitive edge. For small firms, it is a burden. Small businesses want services, rather than another product.”

While Microsoft bought Skype and provides products such as Office Live, Microsoft’s ultimate goal has al-ways been to merge on-premise soft-ware with online services, through

Microsoft Office 365 on Windows Phone 7

“In a large business, technology lends a competitive edge. For small firms, it is a burden. SMEs want services.”

enterprise software

the concept of software plus services.Bola Rotibi, an analyst at Creative

Intellect, said: “Microsoft has always had the idea of software plus service. If you have bought Microsoft Office you can still use it with Office 365.”

However, much of Office 365 al-ready exists. “Users can already do a lot with Microsoft’s existing prod-ucts. The only one new addition is real-time editing, which enables two people to collaborate. But Google has had this capability for a long time,” Rotibi added.

What’s in it for the enterprise?Significantly, the larger enterprise was notably lacking from Microsoft’s Office 365 launch presentation. Angela Ashenden, principal analyst at MWD Advisors, said: “There was

very little talk about the enterprise, particularly those businesses that bought Microsoft’s Business Process Online Suite (BPOS). BPOS includes many Office 365 products such as SharePoint, Exchange and Link - the Office Communications Server.”

Ashenden said BPOS was a host-ed service, rather than a cloud serv-ice, which meant it could not offer the same levels of cost savings now available on Office 365. Although it was hosted by Microsoft, users needed to implement the BPOS sys-tem, while Office 365 runs directly in the cloud, and the software is up-dated automatically.

To benefit from Office 365, users will need to run Microsoft end-to-end. This spells a departure from Mi-crosoft’s other online offerings such as Hotmail, that can be accessed from any device with a web browser. In fact, the mobile component requires Windows Phone devices.

Vodafone is one of Microsoft’s business partners developing prod-ucts for small companies that include Office 365. Through its Vodafone One Net service, businesses can buy

Office 365 on a per-user/per-month basis, combined with broadband and fixed and mobile telephone calls. Of-fice 365 will be available to One Net customers for €5 per user per month.

Tom Craig, Vodafone business service director, said: “For a small business, Office 365 gives the best ex-periences when used with a Win-dows Mobile phone.”

Remaining questionsPeople who use Blackberrys and iPhones will get some access to Of-fice Live, once Microsoft integrates it with these platforms. The key ques-tion for such users is whether Micro-soft will provide much more than what is already available through Ac-tiveSync, the Microsoft technology for synchronising Exchange inboxes on different devices.

Questions remain how Microsoft will support users who want to move from BPOS onto Office Live. Micro-soft, like other cloud providers, will need to clarify data sovereignty is-sues, if Office Live is to be taken seri-ously. While it does have a datacentre in Dublin - so it can guarantee data resides in the EU - Microsoft is head-quartered in the US and will be sub-ject to US legislation, such as Home-land Security, as well as UK and EU law. It is far from clear how govern-ment legislation will affect data in the cloud. But this will be an issue enter-prises will need to address if they are to take Office 365 seriously. ■

This is an edited version of the full article, which can be accessed on the uRl below

more onlineNews: ICO to fine firms up to £500,000 for data breachescomputerweekly.com/239936.htm

News: ICO gains powers to back new EU data protection rulescomputerweekly.com/246506.htm

News: Surrey County Council fined £120,000 for misdirected e-mailscomputerweekly.com/246929.htm

news analysis

Don’t tangle with the data watchdog

6 | 5-11 july 2011 Daily news for IT professionals at ComputerWeekly.com

Warwick Ashford looks at how CIOs can keep their companies off the radar of the Information Commissioner's Office

C ivil monetary penalties imposed by the Informa-tion Commissioner’s Of-fice (ICO) for data breaches

are helping to increase awareness and spur action by UK companies worried about damage to their brand, even if they are able to afford to write off up to £500,000 for being in breach of the Data Protection Act.

But what are the criteria the ICO uses for imposing a penalty and what can UK organisations do to ensure they are not on the ICO’s hit-list?

Mick Gorrill, a former ICO enforce-ment officer, has joined London-based legal firm Field Fisher Water-house and was on hand at a recent information security forum to answer these and other questions.

The penalties were introduced along with other enhanced powers for the ICO from April 2010, after it became clear in 2007 that UK organi-sations were not taking seriously their obligations under the Data Pro-tection Act (DPA) and that existing powers of enforcement and sanction were inadequate.

The first penalties were issued in November 2010, and although there have been relatively few since, Gor-rill expects the ICO to settle into a rhythm of six to 10 a year.

Who is at risk?The ICO can impose a penalty on any data controller, including private, public and voluntary sectors. Crown Estate Commissioners are the only exceptions, which means the ICO can go after any organisation that handles any personal data, but this does not include data processors. Every or-ganisation remains responsible for its personal data even if processed by a third party.

However, before the ICO can im-pose monetary penalties, two specific requirements must be met.

First, there has to be a serious con-travention of one of the eight data protection principles.

Second, the contravention must be likely to cause substantial damage or distress. To satisfy this requirement, the contravention must be either de-liberate, or it must be shown that the data controller either knew or ought to have known there was a risk the contravention was likely to cause substantial damage or distress, but failed to take steps to prevent it.

Information commissioner Christopher Graham: increased powers to impose fines

risk management

The risk element is key, says Gor-rill. The ICO will always ask for a risk assessment, so organisations should ensure they have one, can demon-strate they have given thought to data protection and have put some poli-cies and processes in place.

These things are essential, says Gorrill, because apart from deliberate or repeated contravention of the DPA, failure to carry out a risk assessment and recognise the risks of handling personal data or failure to take steps through policies and processes to prevent a contravention, are the top reasons that will make the ICO more likely to impose a monetary penalty.

If things do go wrong and the ICO imposes a monetary penalty, all is not lost because the ICO must serve a data controller with a notice of intent, after which the data controller has 21 days to provide written representa-tions to the ICO.

This presents an opportunity for organisations to point out all they have done around risk assessment, policies and procedures, says Gorrill, which may lead the ICO to opt for an enforcement notice and audit in-stead, as the ICO must consider any written representations before mak-ing a final decision to issue a fine.

Carefully worded presentations can save many thousands of pounds

or stand as a foundation for an appeal against a monetary penalty, he says.

Have any organisations appealed against a penalty?No appeals have been made so far, says Gorrill, but organisations who find themselves in this position should look to the requirement that a contravention must cause substantial damage or distress before a penalty can be imposed. A challenge to this requirement is one of the most likely bases for an appeal, he says.

If a breach occurs, what should organisations do?After containing the breach, Gorrill advises organisations should gather as much information as possible and compile a comprehensive report about what went wrong to help put together a strategy to prevent similar breaches in the future.

Should organisations always notify the ICO?If an organisation decides not to inform the ICO of a breach, it should carefully consider the risk, says Gor-rill, because not reporting it will be viewed as an aggravating factor that will not only increase the likelihood of a penalty, but could also increase the penalty.

It is always best to notify the ICO, and the comprehensive breach report can be used as a basis for this, but Gorrill warns against rushing to the ICO before there is a good under-standing of what went wrong.

Tell the ICO early, he says, but if necessary, issue a holding statement to buy some time to investigate, seek advice, put systems in place to pre-vent further data losses, and compose a carefully considered report that de-tails all the mitigating factors that will make the imposition of a mone-tary penalty less likely.

How long can you wait?Realistically, says Gorrill, there is a 7-10 day window before informing the ICO to get up to speed and help anyone affected by the breach, such as providing credit reference checks or compensation.

But it is important not to wait too long because, while the ICO consid-ers early reporting a factor that miti-gates the level of the penalty, waiting too long may increase the penalty. “If you keep it secret and also don’t tell the data subjects, subsequent discov-ery by the ICO will lead to an en-hanced penalty,” he warns.

Where there are no grounds for a monetary penalty, organisations must remember the ICO will continue to issue enforcement notices if a data controller contravenes the DPA prin-ciples and has caused or is likely to cause any person damage or distress.

Security experts agree it is impos-sible to guarantee the safety of data 100%, so given that breaches will continue to happen, organisations can significantly reduce the likeli-hood of regulatory action in the UK by following the steps outlined. ■

community

Static analysis is king in the land of software testing

Can Microsoft face a world of no licences?

5-11 July 2011 | 7Daily news for IT professionals at ComputerWeekly.com

For every thousand lines of code output by commercial software developers, there could be as many as 20 or

30 bugs on average.As they progress through the de-

velopment cycle, defects that are found become exponentially more expensive to fix – it is at least 30 times more costly to fix software in the field than during development.

I recently started a discussion on the “Static Analysis” LinkedIn forum on the topic of “What can static analysis find that other forms of testing cannot”, which led to a healthy and informative discourse from the other participants. I was so impressed with the debate that I wanted to share some of the most thought-provoking ideas from the forum.

Developers are already aware that the cost to repair defects increases the further into the software devel-opment lifecycle a defect is allowed to persist. For this reason, there is value in addressing newly detected defects as they are identified be-cause they cost less time and effort to repair. By lowering defect numbers during development, or-ganisations can lower the cost of development by delivering higher

integrity code to testers that require less test case generation for effec-tive coverage.

Defects in parts of code not exe-cuted during normal operation and error-handling routines are things that are usually close to impossible to test with most other forms of test-ing. Static analysis helps here. A good example is its ability to spot what I call an “invisible defect”, which is memory corruption or a leaked system resource.

The execution is usually way past the place in the program where the defect is when it manifests into

It is at least 30 times more costly to fix software in the field than during development

Bryan GlIck leader rutul Dave opinion

a visible error. Testing for such defects using traditional testing is like trying to find the fatal disease that caused the death by figuring out the time of the death. By looking for the defect like a null pointer de-reference that leads to a visible error like a program crash, static analysis is testing code for invisible defects.

Static analysis can show the ab-sence of bugs while other testing methods usually focus on showing their presence. For example, while functional testing a mobile phone application, a QA tester will be looking for the visible bugs – miss-ing functionality and unexpected behaviour in context of what he or she is testing. But what about the hidden resource leak or uninitial-ised variable during execution that will result in an error only after a certain number of iterations or in another part of the software?

Overall, its main advantage is it forces the developer to look at their code again and make improvements towards reducing code complexity and to help in maintaining the code going forward.

The forum was a good reminder of how topical the issue of software testing has become for businesses. I would say it is probably one of the most time-consuming and frustrat-ing processes for a developer – es-pecially if they don’t have access to the right tools. The sheer complexi-ty and size of the software being de-veloped these days makes develop-er testing a challenge that will not go away any time soon and is not one that should be ignored.

For some fascinating data on software testing, take a look at the Software Integrity Risk Report, a commissioned study conducted by Forrester Consulting on behalf of Coverity. ■

Rutul Dave is a senior development manager

at Coverity , a company that builds tools

and technology to equip developers with

resources, techniques and practices to

improve the integrity of software.

Microsoft, which describes itself as a “cloud company” these days, has made its biggest and perhaps most important foray

into the cloud with the launch of Office 365 (see page 5). It’s fair to say that if the soft-ware giant can’t persuade customers to take its most widely used business application into the cloud, then it would raise huge ques-tion marks over the supplier’s entire strategy.

But in typical Redmond style, there has to be a catch. Microsoft simply cannot afford all its major corporate users to suddenly rip up their desktop Office licence agreements and run to the cloud version instead. This is what Microsoft calls “software plus service” rather than “software as a service”, the latter being the definition most pundits would use for true cloud computing. That, after all, is what you get with the obvious rival for Office 365, Google Apps for Business.

If you’re a small business, you can buy a genuinely cloud-only Office 365 – although for some, the absence of SSl encryption may be too much of a security headache.

But much of Office 365 nonetheless smacks of the result of a business meeting, where a senior executive asked a room of developers, “How do we take Office into the cloud without losing any of our desktop licence revenue?”

It’s an understandable and inevitable question, and one that Microsoft has to ask. Thirty years ago, someone in IBM probably had a similar meeting, and asked, “look, these PCs are great, but how do we use them to sell more mainframes?”

Bill Gates would often talk of the disruptive power of technology, and while the cloud is in reality an evolutionary, not a revolutionary strategy for IT leaders, it promises to disrupt the supplier environment a lot more signifi-cantly. Or at least it does for those suppliers that deny the reality of what the cloud really means – and for IT buyers, one of the things it means is freedom from the restrictions of traditional software licensing. And that is the question that should be worrying Microsoft the most. ■

editor’s blogcomputerweekly.com/editor

THIn

kS

TOC

k

read the full comment atcomputerweekly.com/blogs/cwdn

buyer’s guide

8 | 5-11 july 2011 Daily news for IT professionals at ComputerWeekly.com

The concept of thin client computing goes back a long time. The first computers, using green-screen moni-

tors, were carrying out all the busi-ness logic at the centre and using the monitors as a means of presenting the results to the user. As distributed computing took over and PCs prolif-erated, organisations soon saw infor-mation disseminated across a multi-tude of devices. Through the use of

suddenly becomes far more valuable and dangerous - it now contains data that may have value in itself, and can be lost through theft or carelessness.

Even in the office, having hun-dreds or even thousands of devices configured differently causes a man-agement headache, and a failure in any one device can lead to considera-ble productivity impact while a re-placement device is sourced and pro-visioned to the same state as the failed device.

To the rescue came thin client, or server-based computing. The most common form of this is where a us-er’s total desktop is run on the serv-er in the datacentre and only the graphical interface is presented to

How to mitigate latency, energy and data security issues for mobile usersClive Longbottom looks at strategies for dealing with thin client issues arising from centralising an organisation's data

the user at their access device. This is great in theory - all data is kept central, the device type becomes immaterial, provided that it can support an access session and all control is placed back in the hands of the business via the datacentre.

Latency and energy savingsThe problem is, user experience is not always what is hoped for. Net-work latency and bandwidth can have a big impact on how the user perceives the experience, and even small issues can make regular use of such a system tiring to the point where users try to find ways around using such centralised systems.

Organisations also find many of

centralised stores masquerading as virtual local drives, this was brought back under some degree of control.

Then mobility raised its head, with users working out of the office using laptops or home-based computers to carry out work. There seemed to be nothing for it except to provide full systems for these people, with the ap-plication and data held on the device itself. This approach is still the de facto means of providing access to personal productivity applications (such as Office tools). Many enter-prise applications also download data, so a specific client application can be used to work away from the office. But this means that what should just be a £700 access device

CW Buyer’s guidevirtual desktops

part 1 of 4

buyer’s guide

5-11 july 2011 | 9Daily news for IT professionals at ComputerWeekly.com

the promised gains just don’t materi-alise. Energy savings based on replac-ing desktop PCs with low-energy thin clients don’t always add up; after all, a PC is just as useful as a thin client as an access-only device, and many organisations carry on using these relatively energy-hungry devices and actually see their overall energy usage increase.

So, are completely virtualised desktops (virtual desktop infrastruc-ture, or VDI) the way forward? Cer-tainly, when looking at task workers who are tied to a specific desktop de-vice it can work well. LAN speeds mean response times are adequate, the VDI images can be defined and managed centrally to serve hundreds or thousands of users and low-energy access devices can be rolled out as and when required.

Mitigate mobile security riskHow about the more mobile user? A completely centralised system may not be the right approach for them. However, these are the users who present a greater security risk, so providing them with a completely mobile-based system introduces too much risk. Recent research from Quocirca demonstrates the increas-ing consumerisation of IT means more people will be coming to IT with non-standard devices, expecting them to be able to be used for access-ing corporate systems.

The same research found growing use of tablet devices in the more re-mote workforces. The key here is to abstract the device from the function. It is possible to maintain a fully cen-tralised image in the same way as a standard VDI approach, but to copy that image to the device. This can be held in a virtualised space, so there is no interaction possible between the device, its basic operating system and applications and the corporate image running in its own secure environ-ment or “sandbox”.

Such systems do still present a de-gree of security risk – data is still being stored within this virtual image – but this can be mitigated through flushing any data down to a central store as soon as network connectivity is made, or ensuring data is deleted if anyone attempts to access the sand-boxed environment via non-preferred means. For those who spend a great deal of time disconnected, this pro-

“Having hundreds or even thousands of devices configured differently causes a management headache”

vides the best balance between cen-tralised control and capability to carry out their corporate function.

Stream data and applicationsIt is further possible to stream ap-plications down to a device on the fly. Here, the intelligence of the end device (its CPU, operating system and so on) is still used to run the ap-plication, but the application is kept updated in the datacentre. On log-ging out, any data created or changed is flushed back to the server, and the associated data footprint is wiped completely from the device, remov-ing security concerns.

This approach is very useful for those who will be connected to the network for most of the time, but may be accessing systems over a low-bandwidth or high-latency connec-tion. The initial application stream should be provided over a high-band-width connection, but from there on-

ward, only the changes need to be passed down and use very little bandwidth. Data access times can be improved through the use of wide area network acceleration tools, (such as Expand Networks, Riverbed, Blue Coat or Silverpeak), so providing a very fast experience for the user.

Server-based managementThere are many ways of providing a virtualised environment that im-proves security, ensures data is cen-tralised and improves the capability to manage a disparate, decentralised and increasingly consumerised, user-device environment.

Indeed, just the process of central-ising data can solve some issues, with read-only application clients and restricted capabilities such as cut and paste enabling users to con-tinue working without the a com-plex approach to virtualised desk-tops and/or applications.

Along with the main players of Cit-rix and VMware, smaller players such as Centrix, RES Software and AppSense provide tools and systems to manage the user experience through a seamless aggregation of a hybrid system, where parts of the vir-tual system will be based around VDI, some around desktop streaming

and some around application stream-ing. Likewise, those who have emerged from a hardware world, such as Igel, Wyse and ChipPC, offer software that makes the most of these increasingly intelligent devices, ena-bling users to gain the most from a more centralised system.

The answer may not always be VDI – but it is increasingly apparent that it will be server-based comput-ing to provide the information con-trol that today’s organisations are striving to find. ■

Clive longbottom is a director of analyst Quocirca

more onlineWhitepaper: Microsoft Exchange 2010 on VMwarecomputerweekly.com/245930.htm

News: Acer and Samsung unveil Google-powered Chromebookscomputerweekly.com/246634.htm

News: Citrix hails end of PC era, aiming to tackle cloud concernscomputerweekly.com/246799.htm

buyer’s guide

10 | 5-11 july 2011 Daily news for IT professionals at ComputerWeekly.com

IT and operations executives are facing unparalleled rates of change. Cloud is threatening to erode traditional datacentre

boundaries. Likewise, consumerisa-tion and the rise of the empowered employee are threatening desktop and device boundaries. As a result, today’s IT departments need to re-as-sess their strategies. This is not about incremental improvement, though.

This is about rebooting the strate-gy to meet dramatically altered

monitoring, automation and adopt-ing IT infrastructure library (ITIL). If you’re already implementing or plan-ning for these reboot initiatives, con-gratulations - your business will be appreciative. If not, then re-assess your efforts. The business may pro-ceed with or without you.

Support empowered staffIn 2010, IT professionals were chal-lenged to support the social media and mobile technology demands of the empowered employee. To do so, IT professionals plan to improve user experience through desktop transformation. Of the 772 inquiries Forrester received on desktop trans-formation, 78% focused on client virtualisation and unified commu-

How to exploit virtualisation in the datacentre and on workers’ devicesDoug Washburn considers the role of virtualisation in achieving cloud economics in the datacentre and mediating the teeming array of digital platforms with which employees handle organisations’ data

nications. Here are prime examples of the types of inquiries that an IT director at a large financial services company asked us when seeking ad-vice on improving user experience with desktop transformation to sup-port employees:

“I would like to better understand client virtualisation: What are the benefits to IT and end users alike? How does it impact staffing ratios? What technologies and vendors should I consider?”

“I need advice on developing a strategy and road map for unified communications, enterprise collabo-ration and enterprise portal. Do I need individual strategies and road maps? Is there a framework available that describes these topics, especially

business requirements.To better understand what your

peers are doing, Forrester analysed 2,033 client enquiries on IT and oper-ations in 2010. The research found IT leaders are focused on three key areas. Leading the way, 38% of IT and operations professionals were in-terested in improving user experi-ence with desktop transformation using new PC architectures and mo-bile devices, client virtualisation and unified communications. Close be-hind, 35% expressed interest in de-livering cloud economics in the data-centre with converged infrastructure and infrastructure-as-a-service (IaaS). And a healthy 27% of IT profession-als sought information about their IT operations through performance

CW Buyer’s guidevirtual desktops

part 2 of 4

buyer’s guide

5-11 july 2011 | 11Daily news for IT professionals at ComputerWeekly.com

how they relate to and differ from one another?”

Virtualise across platformsEmpowered employees rely on social and mobile technologies to get their jobs done, but they often act on their technology needs without involving the IT department or using tradition-al procurement methods.

By 2020, the number of empow-ered employees will rise as younger, more tech-savvy workers comprise 45% of your business’ workforce de-mographic. Needless to say, support-ing employees is a challenge for IT professionals, who now must keep up with workers’ expectations and PC architectures, mobile devices and applications (eg, laptops, thin clients, tablets, enterprise-ready smartphones and mobile apps), while continuing to manage and secure corporate data across all devices, regardless of who owns the hardware.

What should you do about it? To support the mobile nature of empow-ered employees and the new types of PCs, mobile devices and applications required, IT professionals are turning to client virtualisation and unified communications (UC). Desktop and application virtualisation technolo-gies enable “bring your own compu-ter” (BYOC) programmes that allow employees to select and use the de-vices they want to get their jobs done in a secure fashion.

To amplify employee productivity and collaboration, revisit UC priori-ties with an emphasis on unified messaging, presence, integration with collaboration software and integrat-ing business telephone features on mobile devices. But before making technology decisions, determine em-ployee needs, business objectives and strategy.

Deliver cloud-like economicsAs the public cloud matures, IT professionals are focusing efforts on building internal or private cloud environments to achieve cloud eco-nomics in their datacentres today. However, Forrester believes most IT organisations lack the maturity to succeed at private cloud.

Of the 716 inquiries Forrester re-ceived on delivering cloud econom-ics in the datacentre, 83% focused on converged infrastructure and IaaS. For example, a director of storage for

“I would like to better understand client virtualisation: What are the benefits to IT and end users alike?”

a mobile carrier asked Forrester the following question when developing strategy to deliver cloud economics in the datacentre:

“I’m evaluating converged server, storage and network infrastructure solutions like HP’s Blade matrix, Cis-co’s Unified Communications Sys-tem and IBM’s CloudBurst: Who are the target customers for converged in-frastructure solutions? How do these solutions enable a private cloud? And how will these solutions evolve over the next three years?”

Split in public and privateThe speed to market, cost savings, on-demand capacity and disaster recovery benefits of cloud comput-ing are not up for debate - they’re real. But when it comes to how cloud should be consumed, public or private, there’s a clear split in prefer-ences. Informal buyers, typically developers and tech-savvy business-people, favour the public cloud to meet computer-intensive or short-

term needs. Formal buyers, the IT and infrastructure professionals who manage their enterprise’s datacentre infrastructure, prefer the private cloud. They’re building private cloud solutions based on virtualisation, au-tomation and converged infrastruc-ture that is preconfigured to operate as a cloud-like environment.

However, Forrester believes that only 5% of IT organisations have enough virtualisation, standardisa-tion, automation and self-service ma-turity to pull off private cloud. Never-theless, in 2011, we expect IT and infrastructure teams to start building them regardless.

These efforts will most likely fail, but through this failure will come valuable experience and knowledge about what it really takes to create and operate a cloud environment.

Use public and private cloudIT leaders should develop a portfo-lio that includes public and private cloud resources. Select two to three public cloud providers that you’ve thoroughly vetted, along with some standard ground rules on appropriate use cases and security restrictions. In the short term, this allows you to em-power your informal buyers taking advantage of the public cloud, while addressing legitimate security, data protection, disaster recovery, recover-

ability and compliance risks. Over the medium and long term, continue to build out your private cloud by improving virtualisation, standardi-sation, automation and self-service maturity. Forrester’s market overview of private cloud solutions evaluates the leading vendors and their offer-ings that you should consider.

Into the future, IT professionals can direct their users toward the appropriate solution, whether it be public, private cloud, or a dedicat-ed infrastructure. ■

This is an extract from Forrester’s report Rebooting Your IT Infrastructure And Operations In 2011 by Forrester principal analyst and research director Doug Washburn

more onlineNews: West Notts College halves IT spend with desktop virtualisationcomputerweekly.com/246171.htm

Whitepaper: Maximise VDI ROI without risking service levelscomputerweekly.com/246549.htm

Analysis: Fundamentals of preparing for virtual desktop infrastructurecomputerweekly.com/246173.htm

outsourcing

12 | 5-11 July 2011 Daily news for IT professionals at ComputerWeekly.com

Low-cost, highly skilled IT labour and a relatively close proximity to the UK is mak-ing Eastern Europe an in-

creasingly attractive destination to UK businesses for offshoring IT services.

The legacy of the former Soviet Union countries’ engineering-based education system has fuelled a rapid increase in the number of compa-nies providing IT outsourcing and software development services in the region, according to the Central and Eastern Europe Outsourcing Re-view 2010.

Technical talentThe high level of technical skills in the former Soviet region attracted minicab company Addison Lee to Samara, home to the university which built the launch vehicle of the

things in this way. They really chal-lenged us and had much better en-gagement,” he adds.

Ingram picked Russia as the coun-try of choice to offshore IT work to, and since moving there in 2004, the company has increased develop-ment work and added new projects.

“Now the Russian team also sup-ports the products they have written – for example, a CRM solution they have written, deployed and now support. The time zone is also better for us than somewhere such as India as they are only four hours ahead, and the culture is similar, which helps,” he says.

Ingram says collaboration is key to making it work. “We spend a lot of time in Russia and the developers also come over here. If you are not close to the coal face things fall apart

Is nearshoring the new offshoring?An increasing number of UK businesses are choosing IT outsourcers in Eastern Europe over India. Kathleen Hall reports

as the employee does not necessarily know the whole picture. We have a good pool of talent. The guys are graduates, they are keen to work and show a lot of willing,” he says.

Choosing the best skillsDaniel Marowitz, head of global transaction banking at Deutsche Bank, works with Russian outsourc-ing company Luxsoft. He agrees there are unique skill sets in the region. “There is a lot of talent in Russia and the Ukraine in particular,” he says.

Although the company still has more developers based in India than Russia, both regions are well suited to different purposes, he says.

“If I were to make a very broad gen-eralisation, I would say India is good at processing in a factory model, doing things quickly and being cost-

first man in space, Yury Gagarin.Peter Ingram, IT director at Addi-

son Lee, says he first considered moving IT work to the region when the company needed to rewrite its main booking platform. “It was some-thing we could do in the UK our-selves, but the daily rates of program-mers meant that was quite expensive. So we picked a team in Russia and a team in India and sent each a week’s worth of source code that needed to be written in a new language as a test,” he says.

“The guys in India said yes to eve-rything, copied the mistakes we had deliberately put in there, and didn’t ask us anything about the business – it was all very systematic. The team in Russia looked at our proposition, asked if it was functional, noticed the mistakes and asked us why we did

outsourcing

5-11 July 2011 | 13Daily news for IT professionals at ComputerWeekly.com

High skilled labour The former Soviet Union had a strong educational emphasis on engineering and the sciences. As a consequence, many of the countries in this region today have a highly skilled workforce in areas such as computer science, but at much lower labour costs than the UK.

Time zonesEastern Europe covers a vast region, but most of the countries within it are just a few hours away from the UK in terms of time difference, making it easier to communi-cate within working hours.

Cultural similarities Some companies believe that Eastern Europe has a distinct advantage over places such as India when it

comes to outsourcing because employees tend to take a more collaborative and less process-driven approach to projects.

Data protectionEastern European countries within the EU could be a good choice for work which requires adherence to the Data Protection Act.

Growing labour marketWhile skills shortages remain a problem in the UK, growth in IT outsourcing in Eastern Europe continues to increase. In 2009, Romania was found to be the country with the highest growth of IT specialists, increasing by about 12% compared with 2008. Ukraine followed with over 9% growth.

Five reasons to outsource to Eastern Europeefficient, and Eastern Europe is a bet-ter destination for more experimental tasks,” he says.

Marowitz says a large global com-pany such as Deutsche Bank cannot limit itself to using the talent from just one particular region. “The as-pect of wanting more for less money is only part of the story. It is more im-portant that we are getting the talent that is the best in the world,” he says.

Increasing competitionIn an increasingly globally connected world, that is a sentiment Indian out-sourcing providers are also starting to share. Many large players have now established bases for themselves in Eastern Europe.

Indian outsourcing company MphasiS recently expanded into Po-land for a nearshore presence. The company has been publicly listed in India for the past 14 years, and deals with infrastructure, applications and business process outsourcing (BPO). Around 90% of MphasiS’s services are delivered in India.

Ganesh Pai, senior vice-president at MphasiS, says the company want-ed a presence in Poland because of the cultural similarities the area shared with some of its European cli-ents, a more convenient time zone for them, and a better range of language skills to allow MphasiS to leverage more business across Europe.

“I think India is fending off in-creasing competition. Many of our peers are already [in Eastern Europe], we don’t claim to be the first. Poland came out top as an area for us be-cause of its high technical and lan-guage skills. There also seemed to be a sense that doing business there would be easier [than some other countries in the region],” says Pai.

The company currently has around 10 people based in Poland, but in the next two years Pai would like to see this grow to 200.

As Poland’s economy continues to grow apace, the country could also become a new market for MphasiS, rather than just a supplier to the com-pany, he says. “Indian pure players have traditionally been dependent on mature economies for growth, but Po-land’s GDP rate has performed very well in recent years. We are not nec-essarily looking at Poland as a new market right now, but I think with the country’s global aspirations it may become one as its companies grow. Having a base there already should help us take advantage of that.”

Data security considerationsCharles Parks, a partner and out-sourcing specialist at law firm Pin-sent Masons, says UK companies looking to nearshore should consider

As you get further east, there are increased cultural and language differences. Ukrainian providers are making a pitch for international business

issues around data protection before overhauling all their services to the region. For areas concerning cus-tomer records or invoice details, they would be advised to choose countries within the EU – such as Romania, Hungary or Poland – which abide by the same data protection legislation, he says.

“Certainly in Poland there is a high proportion of education. As you get further east, there are increased cul-tural and language differences. Ukrainian providers, for example, are making a pitch for international busi-ness, but they have less of a track record [of outsourcing than some other countries],” Parks adds.

Software testing and development is more straightforward, he says. “If a company is looking at development work and applications, they are ap-plying a different set of criteria. So when looking for a supplier in this area, it is best to approach it in the same way as any other supplier mak-ing a pitch by doing site visits and risk assessments.” he says.

Indian advantageBut Parks points out there are still advantages in opting for mainstream Indian outsourcing suppliers. “A lot of these Indian companies are very international and sophisticated, whereas outsourcing in many Eastern

Near and far: Indian outsourcers are facing increasing competition from outsourcing operations in Eastern Europe

»

outsourcing

14 | 5-11 July 2011 Daily news for IT professionals at ComputerWeekly.com

more onlineWhitepaper: Cloud computing: The next generation of outsourcingcomputerweekly.com/246844.htm

Analysis: Outsourcing in Ukraine: benefits and drawbackscomputerweekly.com/246883.htm

News: Swiss bank axes 500 IT jobs in outsourcing drive to cut costscomputerweekly.com/247094.htm

European countries is more like India was 10 to 15 years ago. The level of contractual sophistication of Eastern European suppliers can sometimes amount to ‘take it or leave it’ terms, which pushes the onus back to the customer,” he says.

“You need to be sure the substance is there to get the return on invest-ment. Companies must clearly articu-late required specifications. There are no prizes for over-contracting in a sit-uation where the price is a strong driver,” he adds.

Parks says nearshoring tends to be a more popular option with his smaller clients. Boris Kontsevoi, CEO of Intetics, a global outsourcing com-pany with some operations based in Eastern Europe, agrees.

“As new stratums of businesses, especially mid-size businesses, are turning to outsourcing, they feel more comfortable to work with near-shore providers,” says Kontsevoi.

Torben Majgaard, CEO of Danish outsourcing company Ciklum, which is based in Ukraine, has also noticed a strong take-up with SMEs. “The ma-jority of our clients are small business-es because they are able to do innova-tive development at low cost,” he says.

Majgaard chose Ukraine and later Belarus because they are not in the EU, which means prices are comparatively lower than Poland, with the costs of living lower than places such as Mos-cow and St. Petersburg. “Our business is focused very much on the close rela-tionships of working between Eastern and Western Europe,” he says.

Promoting Eastern EuropeGrowth in IT outsourcing in Eastern Europe continues to increase. In 2009, the number of IT specialists employed in companies providing IT outsourcing and software develop-ment in the region (not including Russia) reached 95,000, according to the Central and Eastern Europe Out-sourcing Review 2010 report. Roma-nia was found to be the country with the highest growth of IT specialists,

increasing by about 12% compared with 2008. Ukraine followed with over 9% growth.

But the biggest problem Eastern European outsourcers face is the strong perception, especially in the US, that outsourcing is an “Indian business”, says Kontsevoi.

“In many cases business execu-tives simply don’t take Eastern Eu-rope into consideration at all. I be-lieve that various Eastern European industry and business associations must play a greater role in promotion of the region as outsourcing destina-

London minicab firm Addison Lee is on target to take £20m in bookings through its iPhone app in 2011, having received £1.4m through the app in June.

While the front end to the system was developed in-house, Addison Lee used Russia-based outsourcer Haulmont Technology, which has 50 developers in Samara, Russia, to write the back-end iPhone system.

Bookings via its iPhone app now account for around 11% of Addison Lee’s bookings, with more than 47,000 people having used it. Since its launch in January 2010, the app has achieved more than 70,000 downloads and brought in £10m worth of bookings, said the company.

The firm’s turnover is £80m, which means the iPhone app has added 20% to the bottom line in just six months.

A rising trendPeter Ingram, Addison Lee’s IT director, said: “Most customers now use smartphones with GPS and we have seen a huge surge in demand for mobile app bookings. We have recently been testing our Blackberry and Android apps and getting very positive feedback from customers via Twitter, so we are confident that both new versions of the iPhone app will be a big success.”

The app allows users to enter their address via the phone’s GPS, which integrates with Google Maps and the taxi firm’s booking and dispatch system to provide address verification, instant pricing quotes and allocate jobs to drivers.

“Around 99% of our iPhone bookings go through the system in an entirely automated process. The first human contact we have with the customer is when the driver says ‘Hello’ and opens the door for the passenger,” said Ingram.

Call centre functionsAddison Lee’s proprietary enter-prise IT system, Shamrock, manages the whole booking, alloca-tion and payment process. Development on the system began in 2003. Significantly, all iPhone bookings go through Shamrock in the same way as a call centre system booking.

Shamrock uses a computerised allocator, which looks at the most efficient car to send out. A spokes-person for Addison Lee said: “We use computers to do the work of human controllers. The human

controllers work by exceptions. The computer system is driving the business.”

Shamrock comprises multiple databases, a separate application layer and a separate presentation layer. The system publishes the internal components as an application programming interface which enables the iPhone app to communicate with the various Addison Lee databases and applications.

Addison Lee says the iPhone app interacts with the system in the way a call centre agent would process a booking by phone, since the call centre application and the iPhone app use the same application programming interface (API). The iPhone is just a presentation layer offering the same functionality as the call centre.

The Addison Lee iPhone app business process 1. Customer is identified according to booking type. For account customers, the iPhone app checks the API and relevant ID information (account number, PIN, etc).2. Address is typed or found via GPS. This address is then verified with Addison Lee’s back-end Shamrock system through an API, to verify the address and corresponding latitude/longitude. The same process is used for the drop-off location.3. Once the journey is verified, the iPhone app calls an API to obtain a quote from Shamrock, which gives a fixed price for area to area.4. Once the user confirms the job, the phone calls the Shamrock API to create a job on the system. SMS and e-mail notifications are then sent direct by Shamrock.

iPhone app boosts Addison Lee business

tion. Unfortunately, there is nothing similar to Nasscom [The National As-sociation of Software and Services Companies, which represents Indian IT outsourcers],” he says.

Choosing an offshore destination will always depend on the type of IT work involved. But as long as India re-mains the default country of choice for companies seeking to take advan-tage of large pools of low-cost skilled labour, the Eastern European region will have to work hard to further change perceptions, which by all ac-counts already appear to be shifting. ■

The biggest problem Eastern European outsourcers face is the strong perception that outsourcing is an “indian business”

»

community

5-11 July 2011 | 15Daily news for IT professionals at ComputerWeekly.com

Long-range radio could make the need for universal broadband to all homes and services redundant

E-mail your letters and comments tocw-comfeedback@computerweekly.com

Long-range radio could help smart meter project succeedAndy Slater, director, SensusThe article Smart meter project lacks public support due to concerns about rising energy costs provided some interesting consumer insight and considerations and highlights the need for a comprehensive consumer communications programme, similar perhaps to the digital switchover for TV, as the project progresses.

However, currently a range of com-munication solutions are being inves-tigated for the UK smart meter roll-out, not just universal broadband, to improve energy efficiency and re-duce the country’s carbon footprint. These include long-range radio,

rEadErs’ lEttErs

which could make the need for uni-versal broadband to all homes and services redundant.

Long-range radio has a proven track record in North America but is a fairly new technology for smart meter and grid networks in Europe. It is, however, currently in trial in Reading with a number of utilities. It offers universal coverage and a first-time connection rate of greater than 95% – meeting all the necessary cri-teria for a UK roll-out.

Whichever communication net-work is selected by the government for the UK roll-out, it must be the one that offers the best quality of service, is cost-efficient to deploy, is secure, is utility grade, and is effective in help-

Co

mS

toC

k Im

Ag

eS

Computer Weekly/ComputerWeekly.comMarble Arch Tower, 55 Bryanston Street, London W1H 7AA

GEnEral EnquiriEs 020 7868 4282

Editorial

Editor in chief: Bryan Glick 020 7868 4256 bglick@techtarget.com

Managing editor (technology): Cliff Saran 020 7868 4283 csaran@techtarget.com

Services editor: Karl Flinders 020 7868 4281 kflinders@techtarget.com

Head of premium content: Bill Goodwin 020 7868 4279 wgoodwin@techtarget.com

Group technical manager: Rebecca Froley 020 7868 4269 rfroley@techtarget.com

Content editor: Faisal Alani 020 7868 4257 falani@techtarget.com

Chief reporter: Warwick Ashford 020 7868 4287 washford@techtarget.com

Correspondent: Kathleen Hall 020 7868 4258 khall@techtarget.com

Correspondent: Jenny Williams 020 7868 4288 jwilliams@techtarget.com

Production editor: Claire Cormack 020 7868 4264 ccormack@techtarget.com

Senior sub-editor: Jason Foster 020 7868 4263 jfoster@techtarget.com

disPlaY adVErtisinG

Sales director Brent Boswell 07584 311889 bboswell@techtarget.com

contacts

IT and learning make a good team

Brian Durrant, chief executive, the london grid for learningI was very interested by Rupert Murdoch’s comments at the CEO Summit last month. While I agree with his view that the education sector should take advantage of more digital learning tools, I am surprised by his comment that education has not changed in the past 30 years. It is simply not true; a quiet digital revolution has been sweeping the nation’s schools for many years.

There have been countless terrific developments in recent years, with advances in technology at the heart of this. The work that we are doing with Virgin Media Business through our capital-wide network, LondonPSN, is testament to that.

The pan-London framework is giving one million children in 2,500 schools access to the latest in e-learning technologies. Teachers now have access to virtual learning platforms, interactive podcasts and a wide array of e-learning resources at their fingertips. Much more than just a blackboard and chalk.

Not only is this investment continuing to transform the way that teachers teach and children learn, it is giving young people across the capital the very best start in life.

ing reduce the UK’s carbon footprint. If the network selected does not per-form, any environmental or financial savings could be lost, customer confi-dence undermined, and additional costs experienced.

Use SSL certification to reduce the threat of cybersquattingChristian Brindley, principal systems engineer, SymantecIn response to your article Icann ex-pands scope of web domain suffixes to include all languages and scripts, I agree that “cybersquatting” is a very real threat for UK businesses.

To mitigate against this threat, something that should be at the fore-front of every organisation’s online strategy is ensuring that they have se-cure sockets layer (SSL) certification, trustmarks as the single point of trust for online communication, to foster and maintain consumer confidence. With 15.3 million new domain names registered in 2010, a 7.9% in-crease from 2009, a dramatic surge in web domains will leave consumers confused if the real ones are not properly authenticated.

Websites today are often a signifi-cant part of the public face of a brand – so it is essential they remain pro-tected. The opportunity to expand online presence can be easily realised if businesses start to communicate the importance of trustmarks to their web audiences straight away. That way, threats can be easily negated so that businesses can focus on the new opportunity that this internet evolu-tion will enable.

G-Cloud a waste of government time and taxpayers’ moneyDavid moss, online commentIn response to your article Govern-ment to create market for personal identity data, the Identity Assurance service (IDA), which is the subject of Mark Ballard’s article, is required to support the Cabinet Office’s G-Digital project.

The idea of G-Digital is to deliver all public services over the web. The services will be delivered to all the people who are entitled to them. Government will be assured of the identity of those people largely by the private sector, through IDA.

G-Digital, in turn, is part of the Cabinet Office’s G-Cloud programme.

The idea of G-Cloud is to replace the myriad datacentres currently op-erated by the various departments of state – in their silos, under their sepa-rate control, in their own empires – with just a few datacentres offering shared services to which the depart-ments will subscribe.

The Cabinet Office claims that this

consolidation, centralisation and standardisation will save money, pro-mote trust, improve service quality and be good for the environment.

The G-Cloud overview estimates that it would take at least four years to execute this plan. There is no known estimate of the costs involved. Estimates of the savings to be gained vary. The private sector has been told that it will be paid nothing for its work on IDA.

This is an ambitious plan. Trans-formational, even. The nature of pub-lic administration would be radically changed by it – if it ever happened. But it won’t.

The Cabinet Office is wasting eve-ryone’s time on this plan. And the politicians who have been prevailed upon to back this plan are destroying their credibility. The longer this plan is allowed to survive, the more likely the country is to waste tens of bil-lions of pounds.

“Fail early and cheaply” is, appar-ently, one of Ian Watmore’s dictats. Watmore is chief information officer at the Cabinet Office. He should take his own advice. The sooner this plan is put down/put out of its misery, the better. ■

16 | 5-11 july 2011 Daily news for IT professionals at ComputerWeekly.com

Twitpic founder uses Twitpic to make himself look like a TwitprickYou’ve been arrested by the police. You’ve done something quite embar-rassing. Things aren’t looking good for you, so what do you do?

Tweet the incident and Twitpic the cop car? Really? Well yeah that’s exactly what Noah Everett, Twitpic founder, did.

Noah Everett tweeted to his 2.8 million followers that he was “Get-ting arrested...in the back of a cop car now,” one morning last month.

He then followed that up by tweet-ing “Proof” with a Twitpic of a photo of the inside of a police car.

Now, Downtime thinks it very commendable that Noah decided to stay true to his beliefs and his prod-uct by ‘twitpic-ing’ the event.

It shows real belief in the product no matter the circumstances. Similar to the Marlboro man smoking until he died of cancer.

If you’re wondering why Noah, biblical name you know, was arrested in the first place, he clarified the mat-ter with a couple more tweets.

“I guess you can’t walk down your own street half naked...who knew - I got a free ride home by the nice po-lice officer,” following up with “...by half naked, I mean naked.”

Justin, Rupert Murdoch will break your heart just as Britney didThe news that Justin Timberlake is providing backing to the dying social media site Myspace may come as a surprise to some. Particularly for those who have long admired JT’s talents of hip-shaking alacrity and ability to hit choir boy falsettos, but less familiar with his credentials as Silicon Valley nerd.

Indeed, you can’t help wonder

what his business meeting with Rupert Murdoch consisted of. Pre-sumably wooing the octogenarian media emperor to the site’s fire-sale price, singing:I’m bringing sexy backThem other boys don’t know how to actI think you’re special, what’s behind your back?So turn around and I’ll pick up the slack.

To which no doubt Rupert gave the choreographed reply of agreement:Dirty babeYou see the shackles?Baby I’m your slave I’ll let you whip me if I misbehave

But once the live-in’s over, Down-time worries there could be tears for JT worse than the Britney break-up. Although the $38m acquisition was a fraction of the $580m Rupert paid in 2005, News Corp has been desperate to rid itself of Myspace for some time. And whether the site can be resur-rected to compete with Facebook remains highly questionable.

The Microsoft guide to how to stage a product launchMicrosoft has launched its latest and greatest product - Office 365. So what’s the best way to launch a new thing these days?

You need a spokesperson who can say great things about a great product, some early adopters who have been gagged from saying anything remote-ly controversial and who wax lyri-cally on how great the great product REALLY IS, a business partner who is just a bit too happy that Microsoft is releasing a great product and thinks: “Phew, I can sell something again..”

Finally you need a stupid name -

who thought of Office 365? Do they want you work in the office every single day, apart from when it’s a leap year? If Downtime were to launch a new product it would be the best product in the world... probably. ■

Read more on the Downtime blogcomputerweekly.com/downtime

Heard something amusing or exasperating on the industry grapevine? E-mail cw-downtime@computerweekly.com

Pope acknowledges infallibility of Steve Jobs’s Apple of KnowledgeIt has finally dawned on the Catholic Church that it needs to acquire customers from somewhere. So why not do what every other big business does? A bit of M&A activity is called for.

Pope Benedict XVI looks to have made his choice, if his blatant product placing is anything to go by. He was spotted tweeting on an iPad. Well actually doing it for the cameras.

What else could this mean but that the Catholic Church and the Church of Apple are coming together.

It all makes sense now. The Pope is tempted by an apple and he sells the company to a bigger religion.

Apparently Moses is a bit upset about Apple’s tablet computer overheat-ing in hot and dusty weather. He said he will be forced to break company rules and stick with his legacy stone tablets.

downtime

contacts

Computer Weekly/ComputerWeekly.comMarble Arch Tower, 55 Bryanston Street, London W1H 7AA

GeneRal enquiRies 020 7868 4282

eDitoRial

Editor in chief: Bryan Glick 020 7868 4256 bglick@techtarget.com

Managing editor (technology): Cliff Saran 020 7868 4283 csaran@techtarget.com

Services editor: Karl Flinders 020 7868 4281 kflinders@techtarget.com

Head of premium content: Bill Goodwin 020 7868 4279 wgoodwin@techtarget.com

Group technical manager: Rebecca Froley 020 7868 4269 rfroley@techtarget.com

Content editor: Faisal Alani 020 7868 4257 falani@techtarget.com

Chief reporter: Warwick Ashford 020 7868 4287 washford@techtarget.com

Correspondent: Kathleen Hall 020 7868 4258 khall@techtarget.com

Correspondent: Jenny Williams 020 7868 4288 jwilliams@techtarget.com

Production editor: Claire Cormack 020 7868 4264 ccormack@techtarget.com

Senior sub-editor: Jason Foster 020 7868 4263 jfoster@techtarget.com

DisPlaY aDVeRtisinG

Sales director Brent Boswell 07584 311889 bboswell@techtarget.com