vital magazine - july-august 2011

VitAL Digest 2011, ArticLes to ponDer AnD thAt wiLL mAke you think: p49-61

VitA

L : In

sp

iratio

n fo

r the

mo

de

rn b

usin

ess

Vo

lum

e 4

: Issu

e 6

: Ju

ly/A

ug

ust 2

01

1

Inspiration for the modern businessVolume 4 : Issue 6 : July / August 2011

vital

social mediaIt’s a business tool also

enterprise mobility

To take-off, it needs a platform

5 Golden Rules for OutsourcingHow to avoid disaster

Inside:

12-page VitAL Digest

The complete Service Management solution from Cherwell gives you the choiceCherwell offers a single ITSM solution with 11 ITIL v3 processes delivered out-of-the box and you choose how you want our software to be deployed, On Premise or On Demand, it’s your choice! Utilising true 3 tier client architecture, built on the .NET platform, using Web 2.0 technology, with rich client and browser interfaces, Cherwell Service Management is more powerful and more cost effective than comparable

solutions. Whether deployed on your servers or in the cloud, our unique CBAT platform empowers you to configure, customise and develop the system and be more responsive to the ever changing needs of your customers and business.

Powerful, flexible, scalable and easy to manage, Cherwell believes that true ‘Software as a Service’ is about CHOICE.

Call us on 01793 858181 to discuss your requirements and the Cherwell choices available or visit www.cherwellsoftware.com

You choose the direction

Innovative Technology Built on Yesterday’s Values

ON PREMISE ITSM

ClOud ITSM

Cherwell will get you there

O N D E MAND

ON PREMISE

It ’s your choice

July / August 2011 : VitAL 1

LeAder

Opening new possibilities

Leader

John hancock, editor

Hello again: after just a month back in the editor’s chair, at times it feels as if I never went away; but I did and a great deal has grown in that

time for which much credit has to go to my immediate predecessor. So a heartfelt thanks to Matt Bailey for a great job and very well done these past years. I say ‘grown’ rather than changed because the media usually has to reflect what is going on in the wider world rather than drive change itself. Indeed, the foundation of journalism is reportage, the process of gathering elements of life together and presenting them in a way that enables readers, listeners and viewers to experience vicariously parts of the greater scheme that they might not otherwise do.

But technology has impacted massively on that process as it has on life in general; so it’s difficult not to hold an opinion on anything these days, especially technology. VitAL sets out to meet both the need for news and the place for a forum in which people can express their views. We may lack the immediacy of twitter but we deploy the enormous and enduring strength of considered thought.

In that vein, several contributors to this issue point up the importance of getting business fundamentals right before applying the pressure of a new technology solution to old infrastructure: plus we report on the benefits for businesses of buying in to the latest social media. There is, of course, much more besides, including some very strong views on topics of interest to you; plus the digest.

Just before writing this, I was listening to a radio piece about advances to date in neurological research and, more importantly, what paths had been opened up for further exploration and what opportunities had been revealed. In many ways, that has so much to do with IT and not only inasmuch as the researchers who were talking and predicting were dealing with what is still the most powerful computer on the planet. But reading VitAL magazine over the years and reading this issue’s contributions with my editor’s eye, I know that we are progressing in a similar way in this field. It isn’t only about progress made to date but also it’s about new paths that this progress has opened.

Like mountaineers, each foothill that we conquer further improves our view of and understanding of the real challenge ahead. Not so much the Hitch-hiker’s guide to the Galaxy as the information addict’s guide to climbing their digital everest.

And on that thought, cheerio until next time.

www.vital-mag.net

if you have any thoughts, feedback, or suggestions on how we can improve VitAL magazine, please feel free to

email me [email protected]

The complete Service Management solution from Cherwell gives you the choiceCherwell offers a single ITSM solution with 11 ITIL v3 processes delivered out-of-the box and you choose how you want our software to be deployed, On Premise or On Demand, it’s your choice! Utilising true 3 tier client architecture, built on the .NET platform, using Web 2.0 technology, with rich client and browser interfaces, Cherwell Service Management is more powerful and more cost effective than comparable

solutions. Whether deployed on your servers or in the cloud, our unique CBAT platform empowers you to configure, customise and develop the system and be more responsive to the ever changing needs of your customers and business.

Powerful, flexible, scalable and easy to manage, Cherwell believes that true ‘Software as a Service’ is about CHOICE.

Call us on 01793 858181 to discuss your requirements and the Cherwell choices available or visit www.cherwellsoftware.com

You choose the direction

Innovative Technology Built on Yesterday’s Values

ON PREMISE ITSM

ClOud ITSM

Cherwell will get you there

O N D E MAND

ON PREMISE

It ’s your choice

VITAL DIGEST 2011, ARTICLES TO PONDER AND THAT WILL MAKE YOU THINK: P49-61

VitA

L : In

sp

iratio

n fo

r the

mo

de

rn b

usin

ess

Vo

lum

e 4

: Issu

e 6

: Ju

ly/Au

gu

st 2

01

1

Inspiration for the modern businessVolume 4 : Issue 6 : July / August 2011

vital

Social MediaIt’s a business tool also

Enterprise mobilityTo take-off, it needs a platform

5 Golden Rules for OutsourcingHow to avoid disaster

Inside:

12-page VitAL Digest

coNTeNTs

Contents6 news

the VitAL coVer story10 The 5 Golden Rules for success in Outsourcing

phiLip LiebermAn Outsourcing IT should not mean letting go of control; Philip Lieberman offers some rules that will help outsource clients stay on top of the arrangement.

VitAL signs – Life in A worLD with it

13 Regulatory RamificationssteVe whiteConflating food & drugs with financial services, Steve White sees portents (and innovative ways to fail) for IT in the difference between user error and use error.

VitAL mAnAgement

14 Businesses need to take social media more seriously DAVe pAuLDingSocial Media has not been seen as a business tool but, says Dave Paulding, that could all be changed as key market groups share their experiences about everything.

16 The power of strategyprAsAnnA rAJAnnA

If an organisation is to grow, Prasanna Rajanna identifies three levels of corporate activity (vision, strategy and transaction) where progress must be made

VitAL suppport

20 How many people? noeL brutonWith two lines for response, an wide range of issues and the need for support across numerous skill sets, says Noel Bruton, staffing levels might be hard to calculate.

editor John [email protected] Tel: +44 (0)203 056 4599

To advertise contact:Grant [email protected] Tel: +44 (0)203 056 4598

Production & designToni [email protected] cook [email protected]

editorial & Advertising enquiries Tel: +44 (0) 870 863 6930Fax: +44 (0) 870 085 8837email: [email protected] Web: www.vital-mag.net

Printed by Pensord, Tram road, Pontllanfraith, Blackwood. NP12 2YA

© 2010 31 Media Limited. All rights reserved.

VitAL Magazine is edited, designed, and published by 31 Media Limited. No part of VitAL Magazine may be reproduced, transmitted, stored electronically, distributed, or copied, in whole or part without the prior written consent of the publisher. A reprint service is available.

opinions expressed in this journal do not necessarily reflect those of the editor or VitAL Magazine or its publisher, 31 Media Limited.

IssN 1755-6465

Published by:

VitAL Magazine, Proud to be the UKcMG’s official Publication

ITIL® is a registered Trade Mark, and a registered community Trade Mark of the office of Government commerce, and is registered in the U.s. Patent and Trademark office.

subscribing to VitAL mAgAzineVitAL Magazine is published six times per year for directors, department heads, and managers who are looking to improve the impact that IT implementation has on their customers and business.For a FREE annual subscription to VitAL Magazine please visit: www.vital-mag.net/subscribe

Inspiration for the modern business

vital


An Agile approach to Service Management drives continual improvements prioritised to the business needs and ensures optimum performance in your service operation

Use iCore to get more Agile in all aspects of your service operations:

iCore Interim Managers to lead by example•

iCore Process Framework maps ‘ITIL v3 for Agility’•

iCore Agility Review to assess your current operations•

Get started with Agile Service Management by contacting iCore about our

Agile Service Improvement WorkshopPlease contact: [email protected] or telephone 020 7464 8883

Take a more Agile approach to IT Service Management

service management at its best

ContentsCOntents

July / August 2011 : VitAL 5www.vital-mag.net

24 2011: The year Enterprise Mobility takes offDAViD mcLemAn

Consumer devices are already used throughout the corporate world but, David McLeman explains, the platform used to offer mobility is the key to enterprise mobility and competitive advantage.

28 Ethernet: The Next Generation simon pAmpLinThe Ethernet has served us well for decades but, says Simon Pamplin, new IT challenges require greater flexibility and responsiveness to change.

32 App versus Web: choosing the right one matters LAurA hAmptonThese days, Laura Hampton explains, a good mobile presence will help your business to grow, whilst no website is complete without some level of mobile compatibility.

VitAL pLAnet

34 Empowering greener home working practices frAnk griffiths

People are increasingly working from home but Frank Griffiths asks how will that operate with power management and the greener office?

VitAL processes

38 When change is constantkeVin pArkerITSM is not static but rather, as Kevin Parker shows, a world of constant change which will always be a challenge to the ITSM business process.

VitAL eyes on

40 ”s” is for Security for SMEsJonAthAn westLAkeIT security is a big enough headache for large firms with considerable resources; how then can SMEs cope? Jonathan Westlake offers valuable guidance.

42 Ensuring infrastructure resilience in an online worldsteVe Durbin

Putting your business’s fortunes in the hands of an outside organisation such as using the cloud requires, says Steve Durbin, some care about security.

44 Is corporate espionage undermining your business?giri siVAnesAnCommercial espionage is now carried out by businesses or states or state-sponsored businesses; Giri Sivanesan suggests that businesses with secrets open their eyes.

46 Standing on a platform in the Cloud DAViD AkkA

Taking the need for platform hardware and management away from the intellectual process of development frees developers, says David Akka, to be creative.

VitAL Digest 2011

49 Articles to ponder at this quieter time of year and that will make you think again, perhaps critically, certainly constructively, about the way things are done, how they might be improved and what will be the best tools for the job.

64 Secret of my successNoel Bruton, consultant, trainer and author shares some life milestones.

www.vital-mag.net6 VitAL : July / August 2011

NeWs

FOllOWIng A recent nHS security leak in Birmingham, Data destruction experts are warning public sector

institutions to thoroughly destroy confidential information.The Information commissioner’s office (Ico) reported that NHs

Birmingham east and North breached the data Protection Act by failing to restrict access to files on their IT network. This latest case follows 2,565 data breaches recorded since April 2010, when the Ico first had the power to implement fines of up to £500,000.

Anthony Pearlgood, commercial director of PHs datashred, said: “Public sector identity fraud is on the rise; the yearly cost of fraud to the UK has leapt to £38.4 billion. This is a question of national security, public institutions are now legally bound to protect our records and permanently destroy data when no longer needed. confidential information is not just limited to physical copies of documents and data on laptops, memory sticks and disks must also be treated in a secure and confidential manner.”

tips to prevent public sector data leaks:1. create a confidential data policy – if you don’t have one already

you are already in the high risk category for being a victim of data theft.

2. store & dispose of data safely – don’t assume that binning it is the end of the matter. criminals often rifle through bins in car parks where confidential data has been poorly disposed.

3. Destroy data properly – Arrange for a properly accredited company to help store, collect and securely destroy information. ensure you know where your data is heading. even better, have your data destroyed on site, using a mobile shredding vehicle and watch the destruction.

4. check identities – use credit reference agencies to verify the identity of your preferred suppliers.

5. secure your accounts – don’t allow bank details to escape into the public domain. Thieves are adept at falsifying signatures.

6. inform staff – train staff on how to deal with confidential data properly and monitor their behaviour. remember, most fraud is committed by people who work within the organisation.

7. beware of carrying large amounts of confidential data on unencrypted laptops, data sticks or mobile devices; magnets for thieves who can exploit your confidential information.

STARk SECuRITy WARNING FOR THE puBlIC SECTOR

Survey finds 40% of IT staff could wreak havoc to your network —even after they’ve left43% OF management claim to have been

denied access to information because they can’t find their encryption keys. In May 2011, Venafi announced the findings of a survey which showed that 40% of IT staff admit that they could hold their employers hostage – even after they’ve left – by making it difficult or impossible for their bosses to access vital data through withholding or hiding encryption keys.

A THIrd of survey respondents said that their knowledge of and access to

encryption keys and certificates, used for both system authentication and data protection, means they could bring the company to a grinding halt with minimal effort. Astonishingly 40% of respondents admitted that they would still have access to vital information and could manipulate it to their own ends—both to their company’s financial and reputational detriment. A further 31% of respondents said that they could still access organisational data because they could easily retain the encryption keys when they left and access the information remotely. Finally, 24% of respondents to the survey admitted that their fear of losing encryption keys is what is deterring them from investing in

encryption key and certificate solutions to protect digital assets and secure sensitive system communications.

The survey shows that 82% of companies now use digital certificates and encryption keys, however, 43% admit to being locked out from their own information – because people have left the organization or keys are lost – and 76% would use automation if they knew it existed.

Jeff Hudson, Venafi ceo, said: “once the data’s protected with encryption, the key becomes the data and the thing that must be managed and protected. Key encryption is only half the solution. IT departments must track where the keys are and monitor and manage who has access to them. What this survey reveals is that organisations need to quickly come to terms with how crucial encryption keys are to safeguarding the entire enterprise as well as the heightened need for automated key and certificate management with access controls, separation of duties and improved polices. It’s no longer rocket science. recent, costly breaches at sony, epsilon and elsewhere reinforce the need for both more encryption and effective management.”

This data is based on a survey sample of 500 IT security specialists taken at the Infosecurity 2011 event in April this year. The full survey results set and executive summary can be viewed at: www.venafi.com/InfoSecurity-data.


NeWs

www.vital-mag.net

Data hungry mobiles lead to rocketing company phone bills

RESEARCH unDERTAKEn by Efftel and published in May 2011, has

revealed the serious cost implications for companies that provide their staff with iPhones and other ‘smartphones’. Efftel analysed usage among 1800 uK corporate users, of which 1430 were on Blackberry and 370 on iPhone or other data-driven mobile devices. The average data use over a month of each Blackberry user was 15 Mb, while for the iPhone (and the like) it was 96 Mb. The average data ‘call’ was only 0.38 Mb for Blackberries against 5.5 Mb for iPhones.

The lower Blackberry usage is because they are more efficient in the way they compress and

transfer data, and partly because the iPhone makes it easier to use data ‘apps’ and other forms of data transfer.

commenting on the research david rosenthal, Managing director of efftel, said, “With employers encouraging staff to always be in touch whether travelling or working from home, the number of company mobile phones in use has seen a huge rise in recent years – increasingly staff are now being supplied with Blackberries, iPhones and other ‘smartphones’ but what most employers perhaps don’t realise is that whilst national traffic is generally included within the fixed cost of the contract, roamed usage is not, and the average iPhone user is likely

to cost significantly more than a Blackberry user when roaming, leading to substantial additional charges.

“While our research shows that the Blackberry still dominates the corporate sector we are seeing a rapid expansion in iPhones, iPads and other smart devices, as the latest executive ‘must-have’. The downside of this is that these devices are much more data hungry than the Blackberry”.

rosenthal concludes, “What this trend means is that companies need to be fully aware that the more they equip staff with data hungry smartphones the more likely it is they will incur soaring mobile phone bills, so it is important to have adequate controls in place to monitor this”.

LocaL governmenT, heaLTh, poLIce & educaTIon In gwenT adopT pSBaIn MAy 2011, eight organisations across councils, health

services, police forces and further education colleges in gwent chose PSBA (Public Sector Broadband Aggregation) as their secure, shared service public sector communications network. This will bring together the largest multi-agency multi-sector group onto a next generation public sector network (PSn) in the united Kingdom.

Led by the Welsh Assembly Government, PsBA is the UK’s first public cross-sector shared services network, and is managed and funded by the user organisations. PsBA is delivered as a managed service by Logicalis UK as part of a seven year contract with the Welsh Assembly Government. The PsBA provides GNNd members with high-capacity secure and scalable network connections across a range of connectivity options and is capable of delivering a full suite of voice, video and data services.

The use of PsBA by the GNNd group brings together the most diverse range of organisations in a single region, onto PsBA, with each benefiting from access to their own secure service environment. PsBA is designed to offer accredited secure communications services to public service organisations in Wales, with multiple security levels applied to meet individual needs. It demonstrates the suitability of public sector network services to drive collaboration between services and ultimately deliver efficiency savings across IcT and service delivery.

Public sector employees at more than 2000 public service sites across Wales are already connected to PsBA and the figure is expected to rise to over 10,000 over the next few years as more organisations join. eventually all 350,000 public sector workers in Wales – including home-based staff – will be able to access the network.

Tenable network Security unveils new release of unified Security monitoring platform

TEnABlE nETWORK Security, Inc., announced in June 2011 the availability of SecurityCentre 4.2, the latest release

of the company’s flagship solution for enterprise grade information protection and compliance. SecurityCentre 4.2 makes it faster and easier for enterprise users to visualise, understand and communicate the security and compliance status of their networks, including:• More than 100 available dashboards that reveal mobile device

vulnerabilities and usage trends, social networking data exposure, PcI assets out of compliance, patch management effectiveness and inappropriate ‘horizontal’ systems access.

• 3D Visualisation that makes it easy to see security risk and compliance status of assets across private and public networks and geographies.

• New dashboard development and sharing capabilities, giving enterprises an opportunity to custom design their own dashboards for network security monitoring and reporting and collaborate with other businesses by sharing new dashboards across the community.“every enterprise has a bulls-eye on its back,” said ron Gula,

ceo and cTo of Tenable Network security. “It is critical for businesses to deploy security and compliance technology that offers 24/7 assessment, monitoring and threat correlation to stay ahead of emerging threats and network vulnerabilities.”


NeWs

www.vital-mag.net

Collaboration & social tools drain business productivityTHE PROlIFERATIOn of collaboration

and social tools designed to increase productivity is actually costing businesses 57.8 Billion pounds per year in lost productivity, according to a May 2011 survey of more than 500 international organisations of all sizes conducted by online market research firm uSamp (united Sample) and commissioned by social email software provider harmon.ie.

Nearly 60% of work interruptions now involve either using tools like email, social networks, text messaging and IM, or switching windows among disparate standalone tools and applications. In

fact, 45% of employees work only 15 minutes or less without getting interrupted, and 53% waste at least one hour a day due to all types of distractions.

That hour per day translates into £3,277.50 of wasted productivity per person annually, assuming an average salary of £14.25/hour. For businesses with 1,000 employees, the cost of employee interruptions exceeds £3.2 million per year and total cost to UK PLc is £57.8 billion.

“This survey paints a picture of a highly distracted workplace with a particular irony: information technology that was designed at least in part to save time is actually

doing precisely the opposite. The very tools we rely on to do our jobs are also interfering with that mission. We’re clearly seeing what psychologists call ‘online compulsive disorder’ spill over from our personal lives to the work environment,” said Yaacov cohen, co-founder and ceo of harmon.ie.

Findings are based on a March 2011 usamp survey of 515 email users working in sales, marketing, human resources or legal departments for companies of all sizes. A complete list of findings can be found at http://harmon.ie/news/i-cant-get-my-work-done-enormous-impact-distractions-workplace.

ouTSourcery LauncheS own cLoud pLaTform wITh o-cLoud

ClOuD SERVICE Provider Outsourcery, announced in June 2011 the launch of its cloud platform. Called the

‘O-Cloud’, it has been built using the latest technologies from world leading partners HP and Microsoft and is a result of two years planning; 2,000 hours of engineering and testing; and a multi-million pound investment.

dAN GerMAIN, director of hosting infrastructure for outsourcery said, “on current evidence it is clear that cloud has matured and

according to recent research from the cloud Industry Forum (cIF), companies are looking to cloud to increase business agility, as well as reduce IT costs, but are not always certain of the best way forward. To facilitate customer migration we have built this platform from the ground up and use our Transformational services to work closely with the customer at all stages.”

James Griffin, director of Product strategy, said “By engineering our platform to include enterprise grade security and dr features as standard, we are re-defining the acceptable standards for true business-grade cloud. By providing professional transformation services we are able to help our customers plan, migrate and deploy services onto the o-cloud and minimise any risks - perceived or otherwise.”

asda reveals insights into online marketing strategy

AT THE Chartered Institute of Marketing’s (CIM) annual northern Conference (16 June, norcroft Centre - university

of Bradford), Dominic Burch, Asda’s head of corporate communications and social media gave delegates an insight into Asda’s digital strategy. The event explored the theme of ‘The Power of Marketing’ and, in the CIM’s centenary year, reflected on 100 years of marketing and predicted what the next century may hold.

Mr Burch looked at how businesses can exploit the online space to improve customer experience, connect with consumers, and ultimately bring them closer to the brand. He observed that the ‘listening’ element of digital communications is the most crucial. Whether this is replying to customer’s tweets or featuring customers on the Asda website, bringing customers closer to the Asda brand has been at the heart of the company’s digital strategy. By improving transparency, flexibility and engagement, Mr Burch is certain that the company’s work online has contributed to the bottom line.

Mr Burch explained, “The aim of our digital journey was to tell our story to customers and lift the lid on how we do things at Asda. We wanted to insert ourselves into our customers’ conversations by bringing our personality alive online. The old rules no longer apply – we have succeeded in the digital space by being a connector, not a collector. It’s about conversation, not broadcast.”

He continued to offer marketers top tips for success in the online space. He highlighted how Asda is using customer views to bring its chosen by You range to life; seeing other customers that they can relate to getting excited about the products online has helped to drive sales. He also stressed the importance of creating communities, whether this is using social media or other channels. Passing control of social media to local teams, rather than having a static, centralised approach helped to develop real, local communities online.


NeWs

www.vital-mag.net

SHAREPOInT AnD Facebook top the list of most relevant sources of electronic evidence in each medium, commanding

61 percent and 79 percent of responses, respectivelyclearwell systems, a leader in intelligent e-disclosure, announced

in June 2011 findings from a survey conducted in conjunction with analyst firm enterprise strategy Group (esG). The survey, titled “Trends in e-discovery: cloud and collection,” highlights the rise of litigation, the enterprise trend toward bringing e-disclosure in-house, and, in particular, the growing impact of cloud computing and social media on electronic disclosure. These mediums will double in importance and scope for e-disclosure this year, according to respondents. The survey results were based upon responses gathered from more than a hundred Fortune 2000 enterprises and government agencies.

According to the results, 30 per cent of respondents reported cloud-based applications as in-scope for e-disclosure in 2010. In 2011, that number is expected to jump to 60 per cent, illustrating the pervasiveness of cloud computing as part of corporate IT infrastructure and the need for companies to be in control of their data both inside and outside of their firewalls. Yet despite the rising importance of cloud based applications in e-disclosure, only one quarter of respondents deemed their organisation truly prepared to handle e-disclosure requests involving the cloud. When

asked why they were unprepared to respond to the necessary cloud-related requests, 39 per cent stated they had no prior need, while an alarming 37 per cent reported their organisation had simply no defined policy for discovery of cloud-based applications.

“The recent Texas court ruling allowing Facebook accounts to be screened as part of the jury selection process is just one example of the increasing importance of social media in the legal industry,” said Brian Babineau, vice president, research and Analyst service, enterprise strategy Group. “In addition, our research indicates that 34 per cent of companies are currently using cloud based applications and another 21 per cent plan to, which means that e-disclosure activities will have to incorporate these new enterprise data sources. These two market trends exacerbate the urgency for enterprises to take the necessary precautions and implement the proper processes to meet the ever changing demands of rising litigation requests. organisations must proactively address cloud computing and social media as part of their overall e-disclosure strategies, or otherwise expose themselves to magnified risk and added expense.”ESG’s full report and analysis of the survey findings can be downloaded from Clearwell’s website at http://info.clearwellsystems.com/wp-esg-research-survey.html

ClOuD AND SOCIAl MEDIA ApplICATIONS WIll BE TWICE AS RElEvANT IN E-DISClOSuRE By END OF 2011

cyber crime just got smarter

DOn SMITH, VP of Engineering and Technology, Dell SecureWorks,

EMEA posted a note in mid June 2011 to say…

“In January 2010, an individual announced the development and sale of a new toolkit known as spyeye. It was heavily targeted in online criminal web forums as a low-cost, ‘Zeus Killer’ alternative and aimed to combine the best features of Zeus and spyeye into a ‘best-of-breed’ crimeware toolkit. While, it’s a relative newcomer to the marketplace, the spyeye Trojan, has quickly grown into one of the most popular toolkits available. since then there have been various developments including rumours of the sale of Zeus source code

to the author of spyeye; possibly of more interest is that there has been a significant uptick in the use of spyeye for online banking fraud.

“spyeye provides a standard set of capabilities that have been commonly found in malware over the past few years and it is able to:• Modify web content (on-the-fly) without

user knowledge;• Steal data entered into HTML forms, such

as online banking account credentials, ebay login details – in fact any user submitted information;

• Takes screenshots of the web browser when a user navigates to a targeted website;

• Instrument additional processes to attempt to steal additional account credentials (e.g. FTP (File Transfer Protocol) and PoP3 (Post office Protocol 3)) from network communications.“current versions of spyeye contain

rootkit capabilities that attempt to hide the presence of its files from casual examination of an infected system. In addition, the trojan attempts to make several registry additions and modifications to Internet explorer settings in an attempt to lower the security posture of the infected computer.

“The spyeye trojan continues to become an increasingly popular choice as a toolkit for criminals looking to profit from online financial fraud. This continuous evolution necessitates monitoring new versions of spyeye, spyeye configurations, and any new plugins that are incorporated by individual customers to obtain a full view of the threat landscape posed by spyeye. As a result, comprehensive monitoring of networks 24-7 in real-time, across multiple levels of security is vital so that organisations have a clear picture of what’s going on both in and outside their networks. Having a true 360 degree view of your network increases the chances of combating sophisticated and targeted attacks at any security layer.”

The 5 Golden Rules for success in Outsourcing

The outsourcing model now embraces all industries. Philip Lieberman President and CEO of lieberman Software points out that, if you intend to join the risk-takers there are a few things you need to do to avoid disaster.

THE RuSH to embrace the outsourcing model started in the uSA with the

Insurance Industry’s decision to promote commodity pricing and as everyone knows, when your core product becomes a commodity you have to slash costs. The industry then moved to reduce expenses by outsourcing their IT operations and the trickle soon became a flood that embraced all industries.

outsourcing has worked well for some companies, but it can also lead to business damaging disasters. The problem is, if outsourcers fail, you’re left holding the

baby without the resources to care for it. There is little margin for error in choosing an outsourcer as we found in a recent survey at Infosecurity 2011. LINK. We discovered that 77% of IT professionals surveyed said that their outsourcers had made up work to earn extra money.

This was echoed in a news article about the survey by Lance Whitney, Techzone360.com which reinforced the survey findings. Whitney wrote: “external consultants often don’t have the vested interest in a company that an internal staffer may have. I recall one particular project at my former IT job where we hired an

coVer sTorY


coVer sTorY


You should expect IT

outsourcing to disrupt

your entire organisation

in ways you may not

expect. Your plan

should include a

change management

module, a detailed and

well-argued case to

your staff outlining how

you intend to make a

smooth transition.

external contracting company to help us with a long term Windows migration project. The people brought in to assist us were paid by the day. There were sometimes days where their contributions were lacking or they performed simple, almost meaningless tasks that were not at all critical to the project.”

There are clearly some rules needed here to help avoid the type of situation highlighted by Lance Whitney. Here are my five golden rules to ensure your outsourcing lifeboat doesn’t sink mid-stream.

1. make a transition plan and stick to it You should expect IT outsourcing to disrupt your entire organisation in ways you may not expect. Your plan should include a change management module, a detailed and well-argued case to your staff outlining how you intend to make a smooth transition and a well-documented process to let your customers know that you have the outsourcing process well under control.

2. get your outsourcing plan in writingLarry Harding, founder and president of High street Partners, a global consultancy that advises companies on how to expand overseas, has seen many outsourcing horror stories, from corrupt general managers “with all sorts of conflicts of interest” (such as service providers getting kickbacks from landlords on the leased space) to projects torn apart by huge turnover rates. “You end up with project teams that are hugely inconsistent. You might have a good team in place, but a month later, three quarters of the team has ‘transitioned’ to another project,” he said.

You need to see the outsourcers’ plan in writing, particularly their crisis management plan. In the written report make sure you add capital asset budgets for the acquisition of software to improve operational efficiency and provide better coverage of security. Make sure that there are disincentives for contractors to avoid using or impairing the usage of software tools to improve things even if they reduce billable hours. Also make sure you allow for

the embrace of better tools for labour saving. do not allow the fox to guard the henhouse.

3. transparency with respect to security practices.According to ephraim schwartz of Infoworld Magazine, outsourcing is not for the faint of heart because when things go wrong, they tend to do so rather dramatically. “The companies who’ve lived through outsourcing horrors have two things in common,” schwartz said: “lack of preparedness going into a new relationship and lack of communication once the project gets under way.”

You will have to place special emphasis on choosing an outsourcer that has a proven track record for delivering quality security services to a similar range of industry sectors over a long period of time. They will need the ability to accurately correlate, analyse, and interpret large volumes of network security inputs in real time and be able to separate legitimate threats from a welter of false starts. An outsourcer should have multiple security operations centres that run 24x7x365. Having two or more data centres allows for redundancy and may ensure constant compliance with security standards. Your outsourcer should have security experts in place to monitor and analyse data from customers on a global basis. This level of intelligence will help your outsourcer issue real time alerts and recommend fast reactions to unforeseen events.

Anticipate security breaches, you will have to plan for emerging threats and the need to purchase both software and hardware to respond to threats as well to improve compliance and security. don’t allow the outsourcer to select their own tools as they will pick those that maximize their revenue, not your security. You cannot predict the future: provide slack to change your contractor’s mission as business and the security landscape change.

4. know their financial status, compliance standards, history, and audit points.What is your future security partner’s financial status? For publicly traded companies, Gartner

12 VitAL : July / August 2011 www.vital-mag.net

estimates that annual run rates of more than $40 million per year in managed security services contracts indicate a sufficient base of revenue to support growth and enhancement of services. For the biggest outsourcers management experience should include defence, government, and a range of industrial sectors. This is an important consideration because it indicates an outsourcer’s ability to meet wide security management needs, including the monitoring of all industry standard security products.

An outsourcer should be able to provide documented standards and policies for handling typical and atypical operations and threats. They must be able to show that they employ security specialists with certified expertise across a broad range of security products from a variety of vendors. This allows a company the freedom to select best of breed solutions.

The outsourcer must also have facilities, processes, and procedures in place that are validated and certified by a third party auditor. compliance can be a side effect of good security, or a gigantic make work scheme for the outsourcer. Put yourself in the outsourcer’s position – why fix the problem on thousands of machines in an hour using a security management tool, when they could bill for months reimaging systems? The organisation should take ownership of its own security and not outsource its direction. Pick the best of breed security solutions, do not use checkboxes to select

solutions, nor should you allow purchasing to select your security solutions. You don’t pick a doctor by the lowest price, you find the one with most expertise and history of success. You should do the same for your security: don’t allow it to be selected by your contractor or low level employees.

5. find experts in the areas you need.In the role of subject matter expert and experienced implementer of systems, the right outsourcer can be a godsend if you can find them. The key is to know how much specialised value your outsourcer can add to your organisation and how quickly they can do it.

so those are my five golden rules. But remember – my position is that outsourcing as a means solely to reduce costs is a fraud since these cost reductions are achieved by gutting the organization of its talent and providing its customers with the poorest possible support at the lowest cost. Ultimately outsourcing for cost savings alone leaves a company weak and ill prepared to respond to emerging threats and opportunities. on the other hand, outsourcing to provide unique talent that is otherwise unavailable or impossible to train can provide your company with distinct competitive advantages. outsource when there’s expertise to be gained (through contracting of specialists), not lost (through abandonment of loyal staff). Happy outsourcing. VitALwww.liebsoft.com

coVer sTorY

coVer sTorY

www.vital-mag.net

Make sure that there

are disincentives for

contractors to avoid

using or impairing the

usage of software tools

to improve things even

if they reduce billable

hours. Also make

sure you allow for the

embrace of better tools

for labour saving.

IT’S DARK, the engineer has been at work for hours longer than the shift

pattern should allow, the pressure to restore service has been laid on thick and he edits a configuration file on the currently live leg of a deprecated HA service; and breaks it. Compensation claims loom. What’s the root cause? user error or use error?

There are lessons that can be learned in IT support from the Medical devices industry who have had the Food & drug Administration watching their every move for decades, and given that there is a higher regulatory scrutiny coming to financial services IT services – down to the deployment of new services, and how the new products build in resilience and disaster recovery features, there is a fundamental attention shift coming.

If you are satisfied with your ‘root cause analysis’ of major issues being down to ‘human error’, and that’s where your rcA stops, you may be missing out on critical improvement information. For years the FdA has accepted that humans make errors, but the FdA themselves are defining more clearly the acceptable level of root cause analysis.

In April this year, edmond Israelski, Phd, human factors program manager at Abbott (Abbott Park, Illinois), warned “there are some changes coming from FdA regarding” HFe, including a guidance the agency will release in draft form later this year, which will embody a requirement to perform clinical tests of some devices to ensure that their interfaces are as close to fault free as is possible.(1)

enormous effort is made to ensure the usability of software products for end users, but in the IT world there are other ‘users’ of the software - what of the back room serviceability?

Use error, [Israelski] reminded “is predicted. You can see a pattern, something you can design out of a system,” he said, but use error is different from human error or user error, which are terms he said are no longer officially used by many regulatory bodies. “Use error is blame free,” at least for the user, although it is anything but for the manufacturer.(1)

This regulation has implications for the teams designing financial services software, and for the Incident Management and Problem Management (IT stability Assurance) groups as well. If a software product is designed with serviceability in mind, then it should be easier to restore service. This then leads to an interesting place for manufacturers as well. I worked many years for sun Microsystems in operating system support, and I was proud that every bug which allowed a user to damage the integrity of the operating system was taken very seriously, and fixed. The integrity of the core operating system was paramount. However, using regulatory framework thinking, we should also have been taking all instances of ‘Use error’ from system administrators as bugs for eliminating at source. The only way of knowing Use error bugs would be to track them from the customer experience, and that means gathering all the root causes of outages caused by poor choice or design of the back-end systems too.

This implies that greater reliance by the regulators on the outcomes of the Problem Management process may be coming.

Furthermore, we could learn more from the current experience of the Medical devices industry: “With the increased focus on HFe in medical device development, there has been an alarming increase in the number of design and development firms inaccurately marketing their competence in this area. To prevent choosing the wrong partner, cross functional teams representing marketing, r&d, and regulatory must be involved in the review process, as outputs of the new HFe activity will impact all of these disciplines.”(1)

Let us learn these lessons well, because regulation of the financial services industry will have a knock-on effect beyond the financial services industry. VitAL

(1)Updated human factors guidance requires

further clinical data Medical Device Daily/ 26Apr2011

Regulatory Ramifications

Steve White looks at food & drugs and sees lessons for IT

vitAl SIGNS: LIFe IN THe WorLd WITH IT



Businesses need to take social media more seriously

To an increasing degree, people put their thoughts onto social media where the world can see them. If it’s you they’re thinking about, says Dave Paulding, Regional Sales Director uK, Middle East & Africa, of Interactive Intelligence, what are they saying?

BElIEVE IT or not, approximately half the country, that’s around 30 million

people, has a presence on the leading social media site, Facebook. And while for some, the perception is that these sites are lightweight platforms, in truth they are excellent business tools. If used well, social media can also help businesses stay close to their customers. There is a famous anecdote about an American business traveller stranded by the cancellation of his flight. Frustrated that the airline’s service desk could not help him get home he tweeted about the experience. A rival airline picked

up the message, offered a seat on its next flight, and won a new loyal customer.

With this in mind we, along with the leading research body YouGov, recently carried out some research into UK attitudes towards social media in a business environment. It used a relatively large sample size of 4,080 people, and the findings were most illuminating.

In the first place, the study revealed that a third of social media users are likely or very likely to post their opinions about a brand or company online. 31% said they would post positive comments, 32% said they would use Facebook for negative thoughts on a business.

VitAL MANAGeMeNT

VitAL MANAGeMeNT


This means there could be 10 million people ready to tell their peers something about your company, something good or bad.

That is a critical message for businesses everywhere and organisations really need to take social media more seriously. After all, it’s a direct line to what your customers are thinking and because friends and followers pick up on what is said, you can see, instantly, how the market is responding. Is the compliment or complaint a trend or a one-off? social media can tell you, very quickly and at low cost.

Going back to the very carefully validated sample in the YouGov study; 61% of respondents said that, if they were guaranteed a quick response, they would consider communicating with a brand or company using social media instead of other, more traditional methods.

However, despite this, the study also suggests that this desire is not yet being supported by businesses. of the respondents who had complained to a company using social media, half had either never received a response or had to wait more than 48 hours for a reply. In social networking two days is an eternity. so, is your business set up to monitor and respond to social media? There is no reason why it should not be. The IT investment is small and, provided you have a flexible, unified communications platform, you should be able to respond on Facebook or Twitter with exactly the same degree of accuracy, authority and control as answering a call or an email.

one final fact from the YouGov study: in the key 25 to 34 year old demographic, 60% of social media users said they are influenced by online comments about a brand or company, both positive and negative comments. In other words, a large proportion of the customers deemed most valuable by the majority of brands will be swayed, one way or the other, by what their friends and peers are saying online.

In a sense this is not new. since the dawn of the market era people have been having conversations with their friends, in the pub or on the phone, in which they say, “I bought an Acme Widgets gizmo and it’s broken down every time I try to use it”, to which someone responds, “I’ve never had a day’s trouble out of my trusty old Paragon Products tool”. The difference is that, until now, these conversations were ephemera. What social media does is make them tangible: they exist online, and smart companies can ‘listen in’ to these conversations, learn from them and react to them.

These are stark statistics: almost a third will comment on products, and almost two-thirds will take note of those comments. companies and brands that are not monitoring the online chatter on social media sites are not only missing good market feedback, but they could also be overlooking potentially critical threats to brand values.

It is not just a matter of monitoring the sites. The company needs to have a strategy for intervention, too. sorting out individual issues on Facebook or Twitter is rarely going to be practical, although remember that the study suggested two-thirds of respondents would consider it rather than phoning or emailing a contact centre, if they thought it would work. But it is certainly the place to spot trends, and to get really early intelligence on an issue before it becomes a crisis.

of course, it’s not all plain sailing; you do have to be committed to it. While the technology may not require much in the way of investment, you may have to dedicate your best staff to it. The unpredictability of social media means that any comment you post could be read by one person or by millions, so the integrity of your corporate identity is captured in every tweet or status update.

It is a demanding role, certainly, but the benefits in customer satisfaction and brand loyalty can be considerable. VitALww.inin.com

companies and brands

that are not monitoring

the online chatter on

social media sites are

not only missing good

market feedback,

but they could also

be overlooking

potentially critical threats

to brand values.


Why it is the power of strategy so important and how we should apply it to a growing organisation? With nearly two decades of organisational change in the IT industry under his belt, Prasanna Rajanna, principal consultant at MindTree helps you to attain the next level.

The power of strategy


VitAL MANAGeMeNT

VitAL MANAGeMeNT


ORgAnISATIOnAl gROWTH or transformation needs a scientific

approach. It is important that the right steps be taken at the right time to stay ahead of the competition whilst also infusing innovation along the growth path. Success along this path does need to be measurable so that there is always a reference point on how to get to get to the next level.I envision three distinct layers for any organisation to progress. To put in simple words:• Vision• strategy• transaction

Visionaries are dreamers and thinkers who are aware of market constraints and growth patterns – they make up the core strength of the organisation. ‘organisation strength’ should not be perceived as a static parameter as it is a parameter at a given point of time and will need to constantly evolve to overcome the constraints. The best part of the visionary layer is the clarity of the roadmap in front of them.

The strategy layer is an interface between Vision and Transaction and I would suggest that this is the most important layer amongst the three. The reason being is that this layer has to have a pretty large bandwidth to oscillate between the vision and transaction. And, in reality, these are the people who transform the dream into visible results. I will expand upon this layer later.

The transactional layer comprises of ‘the doers’ in an organisation. The end results are directly proportional to the ability with which they have been instructed by the strategy layer. They are like soldiers on the battle field. They really have no time to ask why or how, they just need to act to produce results. However, over a period of time, with experience and introspection, they will need to scale up to the strategy layer.

Organisation transformation – version 0.1Without exception, I strongly feel that this is common across organisations – be it – IT or non-IT. However, what changes is the proportion of exchange between the three layers. In other words, the boundary between the three layers keeps changing depending upon the organisational position on the transformational path.

I have attempted to depict version 0.1 of the organisation below. This is right at the inception of the company.

The reason for the circular representation is that the Vision forms the core around which strategy and Transaction revolve, so that they remain in the orbital path and do not take any tangential route. At the inception of an organisation, the boundaries are large enough and there is enough transparency and it is easy to transact as per the vision. every brick is consciously laid.

Organisation transformation – version 1.0As the organisation grows to version 1.0, the boundaries are more distinct and it needs so much more effort to produce the results. However, there still exists the thread of thought amongst every stakeholder (including employees) that the organisation is still in the transformational path. There are many more miles to go.

Organisation transformation – version 2.0 As the organisation continues on its transformational path, while the vision still remains core and intact, the most important strategy layer loses focus. There are many reasons for this. The danger in the beginning of version 2.0 is the fact that complacency creeps in and the Transactional layer keeps hanging for want of support from strategy. However, the strategy layer keeps getting thinner. Meanwhile, the Vision is still strong and expects the same results from the transactional layer. This has

VERSIOn 0.1

VERSIOn 1.0

VitAL MANAGeMeNT


been the pattern right from inception and this is the reason that, as I mentioned earlier, why the strategy layer is the most important of all the three layers right through the organisational life cycle.

While boundaries are inevitable, from version 0.1 to version 1.0 to version 2.0, the bond between the three layers needs to be inseparable for visible results to happen. The success of the organisation lies in the interface between the three layers. This is more like an absolute statement. skills do matter. However, more important is – whether every stakeholder is consciously aware of the three layers and, if so, is there a continuous exchange happening through the interfaces? The absence of interface stops the vision flow to transaction. While the momentum will carry the organisation forward, it may not be too long a time before the wheel stops to rotate. even more dangerous is the fact that while a stakeholder might believe that the organisation has grown well now and stabilised, the reality is just the opposite.

Organisation transformation – ChallengesChallenges: 1. How do we ensure that the energy is

self-sustainable?2. How do we ensure that the wheel

keeps rotating progressively faster and stabilise at a balanced speed?

We need to focus on the interfaces between the organisational layers.

Firstly, we need to have a well defined strategy and transactional layers. The Visionary layer is well understood hence, I’m not touching on this too much. every strategy layer member needs to have a direct interface with the Visionary layer as this is where the energy originates. The flow of energy is always from higher to lower potential. Vision needs to be emphasised again and again so that it spreads through to all stake holders.

My view is that every strategy member should

captain one or more clearly defined projects. His / her key result area is clearly the success of the project. For example, let us say that in the next 18 months we should win a $100m order. This is a great project and target and time frames are defined. However, is a captain or team in place? do they have defined periodical milestones to achieve for the 18 month period?

every project success creates that much more energy within and, along the path, many hurdles have been crossed. It’s a clear learning curve for every project team member and we will need to create as many projects to achieve the vision. It could be acquisitions, branding, social responsibility, co-innovation with partners, patents etc. However, every project must have a clear quantifiable end result, time frame and periodical milestones. Again, my view is that we need to be more of a project-based organisation than a pyramid based one and we may not be able to define a vertical structure before we have covered the ground

extremely well. strategy and transactions need to revolve around the vision.

The ideal would be to try this out with one or two critical projects with the learning from these applied to other future projects.

lessons and challengessix sigma quality initiatives are a clear example. some of the key lessons / steps that I have listed in this feature will:1. Make all stake holders (especially employees) more participative in the organisation growth rather than be just spectators;

2. Keep the organisation very transparent and energetic;

3. Leave less room for complacency;4. Identify next generation leaders for

growth;5. Provide constant learning for captains of

individual projects that can be applied in the later projects.

The key challenges I foresee are in making sure you:

• Define projects in line with the vision;• Tie the results of individual projects

to the overall vision;• Reward the captains and teams

for energy sustainability;• Plan for unforeseen market conditions

if possible;• Assign the right team members

to the project.We should initially take up short term projects,

measure the success and apply the learning.To conclude, I would say that energy

sustainability in the organisation is the key to be on a winning and growth path and attention is not usually paid to this. This can happen only when organisations take risks and challenging projects. This is the only way to build energy within and this is true at an individual level also. After all, organisations are made up of people and the sum total of their energy is the organisation energy. VitALwww.mindtree.com

VERSIOn 2.0

CHAllEngES

stepupto a new level

of Service Management

FrontRange Solutions, Benyon House, Newbury Business Park, Newbury, Berkshire RG14 2PZTel: 01635 516700. Twitter: frontrangesols

step up to…

Don’t get left behind. Built on 20 years experience, FrontRange offers next generation service management

solutions, available however you need it - on-premise or SaaS.

FrontRange ITSM SaaS2 offers the same advanced workfl ow and business rules automation as our

highly successful on-premise solution, ITSM Enterprise, with the most friendly and intelligent user interface to date.

Call us now on 01635 516700 and see them for your own eyes or visit www.frontrange.com

It’s time to...


How Many People?It’s not about just numbers but about what they are doing says noel Bruton, uK based IT consultant and trainer

VitAL sUPPorT

VitAL sUPPorT


Stand out from the crowd with ICTTechAre you supporting users of ICT hardware and applications?

Do you want to prove you are worth more than just your vendor qualifi cations?

If the answer is yes then ICTTech could be what you are looking for.

As an ICTTech you will enjoy a huge range of benefi ts, including:

■ recognition of your expertise and hard work

■ globally established professional qualifi cation

■ improved career prospects

Simply submit your CV to fi nd out more: [email protected]

The Institution of Engineering and Technology is registered as a Charity in England & Wales (no 211014) and Scotland (no SCO38698). The Institution of Engineering and Technology, Michael Faraday House, Six Hills Way, Stevenage, SG1 2AY

www.theiet.org /icttech

HOW MAny staff do I need in my IT support function? In terms of questions

landing in my mailbox, this ranks a close second behind ‘which ITSM software should I use?’ Both questions suggest a false starting point. By illustration – you can’t choose an enquiry management system based on features alone, despite what some of the vendors would have you believe. Much more important is the software’s match to predefined processes. If you know what your processes are, or you’ve simply imported the superficial suggestions made by ITIl, then pretty much any mainstream helpdesk package these days will do the job, because they’re all ‘Pink Verified’ to match ITIl. But you still have to be prepared to customise, because what makes your support work for your user permutation in your industry will probably not match the generic design in the software as it comes out of the box.

similarly, you can’t define your staffing levels on incoming workload alone, but on support staff productivity, skills mix, skills redundancy, geographical location, centralisation policy, service scope and priorities as dictated by business criticality. of those, staff productivity is The Big one: get that wrong and your estimates could be out by staff costs in the hundreds of thousands. Nevertheless, astonishingly few IT services departments measure their staff’s productivity. And what’s more, the most critical service – second line support – is invariably the least measured. Worryingly, some organisations, notably those in the public sector, seem to have a difficulty measuring staff productivity, or at least selling the idea where the workforce is unionised. It is important to get across to those with misgivings, that without measurement of input versus output, we managers cannot know whether staff are under or overworked, whether there are time opportunities to train

Worryingly, some

organisations, notably

those in the public

sector, seem to have a

difficulty measuring

staff productivity, or at

least selling the idea

where the workforce

is unionised.


them and so on. Productivity measurement is, or should be in their interests too – it is not simply an evil control mechanism, but part of our ‘duty of care’.

key Statisticsso where to start? The simplest place is the numbers. some years ago, I ran an extensive benchmark of IT user support key statistics, not just to feed them back into the industry, but to arrive at an algorithmic means of informing important decisions like staffing quantities. This summer, that benchmark will run again. In the meantime, this is what the last one produced. If you want to benefit from the new benchmark, contact me via my website, www.noelbruton.com.

We’ll assume your support desk is averagish, supporting between 800 and 1,500 users. We’ll go with 1,000 for the purpose of calculation. If you add together the number of heads in the first and second lines, the benchmark said you’d have one support head to ever 129 users. But how did you get there?

The users will each call you 26 times a year (up to 50 for smaller populations). Yep,

that means they stop working because of a computer or usage problem or a change request roughly once a fortnight. Hmm. If the kettle or your car or your telly bade you to seek outside technical help once a fortnight, there’d be rioting in the streets, but with computers, that seems to be acceptable. Nevertheless, over the 250 working days of the year, your 1,000 users will make 104 calls to the helpdesk every day.

lost Timedivide that by the average of 32 calls per first liner per day to get a first line headcount of just over three. And you get your first insight into productivity. I’ve been working with a wonderful first line at the moment, which takes over 70 calls per head per day. Like many service desks, their call time is a shade under three minutes. so the average desk is taking enquiries for 1.6 of the 7.5 working hours of the day. But if that’s so, where did the other six hours go? Never mind, you get my drift – the performance of the average helpdesk is an awfully long way from what can be achieved (and how much money can be saved) by a good one.

If somebody doesn’t

turn up for work, there

will be somebody else

with the skills to take

on his/her workload.

None of this, “oh I’m

sorry, the (insert name

of technology here)

expert is sick /on a

course today”

VitAL sUPPorT

VitAL sUPPorT


Your first line will fix 59% of their calls immediately, thus sending 43 enquiries to the second line. Now productivity becomes really important. The average second liner will close eight of those assignments per day (known as the FrA, the ‘Fixes per resolver Average’), so there will be between five and 6 second line heads. The last time I measured it, the average work time in a second line fix was around 37 minutes. so five hours of productive time per day. You may be wondering where the other two and a half hours a day went. But wait, it gets worse. I know of a second line with FrA of 1.3 – nice work if you can get it.

so add your three first line to your six second line heads and divide that by the industry average staff to manager ratio of 9.5 to give you the number of managers. Hey presto! There are ten people in the support department. There are probably another three looking after the network and email services. Thirteen in total who, on the basis of industry averages, could be a lot more productive than they typically are.

Skills RedundancyBut that’s just numerics. Now it starts to get complicated. For every major service you provide – installations, moves, incident resolutions, applications support and so on – you will need at least one redundant skillset. That’s another way of saying that if somebody doesn’t turn up for work, there will be somebody else with the skills to take on his/her workload. None of this, “oh I’m sorry, the (insert name of technology here) expert is sick /on a course today”

depending on the quantity of the calls on business critical services and applications, you may have to hire more staff just to create that skills redundancy. You can calculate how many by something I call the ‘Barber Pole’ – it’s a graph of skillsets by staff based on your most expert people, which is a benchmark for how many skills one person can theoretically be expert in. If there are more skills required than your people’s heads can hold, you’ll need more people to effect skills redundancy, regardless of how many enquiries you get.

Then there’s the question of location. The design purpose of service desk is to centralise call handling, but second line, principally desktop support may well need to be onsite. It may be a false economy to reduce headcount costs by choosing not to place support staff at remote sites with lesser user populations. of course, the IT staff budget may be lower, but that may be at the cost of user productivity. remote company employees may be idle, and thus not earning corporate revenue, because their computer problems take longer to solve in the absence of local support. don’t simply reduce your own budget at the cost of company profitability – get the financiers to see the bigger picture and hire the number of people you really need for the service to be effective.

Equilibriumdo you need more people to produce a faster service? received wisdom suggests yes – I don’t think it’s as simple as that. In my experience, the thing that most influences the speed of the support service is the current size of the backlog. The bigger the backlog, often the slower the service will be. Now I know that some may think that the backlog wouldn’t be that big if we had more staff, but that’s not necessarily so. If the backlog stays roughly the same size for weeks on end, that means there is present equilibrium between the work going into the second line and the resolutions coming out. so there must be enough people to handle the current workload.

If you have that issue – big backlog, workload equilibrium – what you need to be looking at is not the number of people, but the productivity of the people already in place. I bet that more often than not, you’ll find a low FrA. If you’re not on top of the FrA and you hire more second-liners, what will usually happen is the backlog will get smaller for a while and then the FrA will fall even further. seen it time and time again. Your problem is not a staffing one – it’s a cultural one with productivity management at its heart, and that’s something I can help with directly.

Meanwhile, please help me update those numbers by joining the IT support Benchmark this summer of 2011. VitALwww.noelbruton.com

2011: The year Enterprise Mobility takes off

Regardless of industry or size, mobilising the enterprise is imperative for businesses and, says David McLeman, managing director at Ancoris, can transform an organisation and offer competitive business advantage

VitAL sUPPorT


VitAL sUPPorT


After more than two-

years of organisational

cost cutting there is a

growing feeling that

spend on IT is beginning

to increase. As budgets

return, cIos are looking

at existing resources

and no longer wish

to use the majority of

IT resources just to

manage and maintain.

In 2011 enterprise mobility is truly taking off. Powerful smart phones are becoming

the norm, while more powerful tablet PC’s such as the Apple iPad, Android-based Samsung galaxy Tab and the Research In Motion (RIM) PlayBook are set to make major inroads into the corporate market over the next 12 months. Better, more powerful devices that allow mobility, plus increased bandwidth, have created a platform for mobile business applications.

The companies that will succeed in tomorrow’s economy will be the ones who embrace mobility. organisational leaders will be able to provide their employees with the resources to work at any time, from any location and from any device. enterprise mobility gives employees flexibility, which makes for a happier, more productive staff. However, devices such as smart phones, laptop’s and tablet Pc’s only allow mobility. effectively utilising this mobile capability relies upon there being a platform that allows employees to make the most of the virtual environment.

An Opportunity for Organisational TransformationAfter more than two-years of organisational cost cutting there is a growing feeling that spend on IT is beginning to increase. As budgets return, cIos are looking at existing resources and no longer wish to use the majority of IT resources just to manage and maintain a company’s infrastructure (business as usual). Instead, corporate cIo’s are increasingly looking to free up IT resources and refocus their efforts from maintenance and management to strategy and planning in order to use IT to create a competitive business advantage.

enterprise mobility is at the forefront of many cIo’s minds for several reasons, such as productivity and pressure from senior

executives and mobile workers to adopt new devices. A recent study by analyst house IdG showed that 65 per cent of employees, who use personal mobile devices for business, report greater productivity. employee collaboration is also a key driver of enterprise mobility due to the increasing internationalisation of the corporate workforce and the need for business travel and communication outside of UK office hours.

Device & Application Developmententerprise mobility and the growth of new devices go hand in hand. The only constant within the device market is change as new product development continues among the major manufacturers.

device trends continue to have a real effect on corporate IT due to the ‘consumerisation of IT’, the process of using consumer devices within the corporate market. This pattern continues to grow and as a result, affects enterprise IT business processes. Add to this the rise of new operating systems and the increase in new technologies such as tablet Pc’s and it is clear that mobility is here. The challenge is to provide a platform able to utilise this capability.

Whilst in previous years the choice of end user computing devices would have been restricted by the requirement to support the Windows operating systems, we have now had nearly a decade of application development targeting the browser rather than thick clients (full featured computers connected to a network). As such adopting a non-Windows device is no longer the barrier it once was to enterprise application deployments. Indeed many industry professionals are now predicting the end of the traditional 3 year desktop refresh cycle as the focus shifts to simpler, cheaper and lower maintenance browser capable devices.

Mobilising the Enterprise with Google Apps for BusinessGoogle Apps for Business increases corporate mobility through powerful communication and collaboration tools for businesses. The service allows employees to work together in real time on shared documents and sites regardless of location or device through Gmail, Google calendar and Google sites.

The service is cloud based and managed by Google, and it allows employees to access content anywhere, anytime, through cloud based communication and collaboration. According to Forrester research, Google Apps costs less than one third of competing solutions and significant adoption is being seen to replace traditional corporate messaging platforms and document management applications such as Ms exchange, sharepoint and Lotus domino with a platform which is both device agnostic and also supports real time collaboration.

Enterprise Mobility & SecurityAsk any company cIo about their concerns regarding enterprise mobility and the single word most will utter is: security. Mobile security fears plague cIos. A 2010 study by analyst firm ovum found that eight out of 10 cIo’s report that data breaches are their top security concern and say smart phones increase their organisational vulnerability.

recent high profile incidents of international data loss have done little for the reputation of IT security. However, the mismanagement of company data by some organisations should not deter others from mobilising their own workforce.

Google Apps for Business offers world class security and reliability and is designed around industry best practice concerning data centre management, network application security and data integrity. data storage and management facilities have a dedicated security operations team who focus specifically on maintaining the security of the environment. The platform supports enterprise security features such as

two factor authentication, integration with single sign-on solutions, device management and remote wipe. As the service is browser based with data held in the cloud rather than on the device itself there is a significant reduction in the potential for data loss if the end user devices themselves are lost or stolen.

reliability is another key issue and Google Apps comes with a 99.9% guaranteed uptime service level agreement that includes no planned downtime, so employees are more productive and there are no concerns regarding system downtime. Automatic disaster recovery means that you can be sure that your data is accessible when you need it. In practice Google are significantly exceeding their sLA and in 2010, Gmail recorded uptime was 99.984%.

Conclusionregardless of industry or size, mobilising the enterprise is imperative for businesses. organisations are considering mobile initiatives in order to increase employee productivity, help corporate innovation and aid employee collaboration.

early adopters in the UK and europe who have benefited from Google Apps for Business include specsavers, Jaguar Land rover, The Telegraph Group and Ahold; plus many other significant corporates from a variety of sectors are preparing to embrace enterprise mobility.

Innovative new cloud based technologies aren’t just a case of fascination with the latest technology. Instead these are powerful, game changing business drivers, inspiring enterprises around the globe to integrate enterprise mobility into their IT strategy and leverage IT to create a competitive business advantage. Although consumer devices are already used across the corporate world, they alone will not transform the business model; it is the platform used to support these devices and leverage their capabilities that is the key to unlock true enterprise mobility. VitALwww.ancoris.com

Whilst in previous

years the choice of

end user computing

devices would have

been restricted by the

requirement to support

the Windows operating

systems, we have now

had nearly a decade of

application development

targeting the browser

rather than thick clients.

VitAL sUPPorT


Ethernet: The Next Generation Evolution, as stated by Darwin, is based on the survival of the fittest. Simon Pamplin, uK & Ireland SE manager at Brocade explains that, with Ethernet Fabrics, we see the next stages of networking evolution

VitAL sUPPorT


VitAL sUPPorT


With the arrival of

the 90s and the

advances of the

Internet came new

challenges; challenges

in IT storage and

bandwidth arose with

the ever increasing

development and

consumption of

information at

both public and

corporate levels.

OVER THE decades, Ethernet has evolved as new types of networking

architectures have emerged. Today, data centre networks carry traffic for a diverse set of applications – each with different traffic patterns and service requirements. This diverse traffic places extraordinarily high demands on the network, which has driven the next evolutionary step in Ethernet networks – the Ethernet Fabric.

despite mainstream press claims that classical ethernet architecture was invented on 22 May, 1973, with robert Metcalfe’s memo stating the possibilities of its potential, it was in fact in 1976, when Metcalfe and david Boggs published their title paper ethernet – distributed Packet switching For Local computer Networks, that ethernet was born. during the 80s, ethernet’s popularity grew and its uptake mirrored the growth of the burgeoning global IT sector as a whole. ethernet helped to significantly revolutionise the network storage and management structures of the IT world. With the arrival of the 90s and the advances of the Internet came new challenges; challenges in IT storage and bandwidth arose with the ever increasing development and consumption of information at both public and corporate levels.

These issues remained well into the 21st century, and with the rapid expansion of the IT industry into new areas, such as virtual machines and cloud computing, traditional ethernet’s limitations (such as its lossy nature) proved problematic. In time, like the evolution of the Walkman to the iPod and Vcr to Blu-ray, the ethernet has, after more than three decades, evolved into ethernet Fabric. representing the next step in the evolution of ethernet solutions, ethernet Fabrics are purpose built for the new virtualised, cloud-optimised data centres.

This paper explores what ethernet Fabrics are and how they can drive cloud optimised networks and support 21st century business: how evolution in the network is taking place today.

For many years, data centre networks have relied on ethernet. over the decades, ethernet has evolved to match the new types of architecture that have emerged. Today, data centre networks carry traffic for a diverse set of applications including client/server, Web services, unified

www.vital-mag.net

communications, virtual machines, and storage; each with their different traffic patterns and network service requirements. For instance, when ethernet carries block storage traffic, it places stringent demands on the network including lossless packet delivery, deterministic latency and high bandwidth, creating the demand for an ethernet that could handle all kinds of network requirements.

In a 2010 Gartner survey of more than 1500 internationally based cIos, participants were asked to identify their top business priorities today and looking forward as far as 2015. The responses indicated today’s focus is on improving business processes and cost savings, whereas looking forward, the emphasis was on improving productivity, driving innovation, gaining competitive advantage, and acquiring new customers. These business priorities drive data centres to deploy new applications quickly and efficiently, provide fast and reliable ‘around-the-clock’ access to information, meet and exceed stringent service levels with zero downtime; all the while driving down costs by maximising investments. In short, IT must move at the speed of business to capitalise on new opportunities and respond to global competition.

High density, multi-core servers, as well as network, server, and storage virtualisation are the technology enablers that address these business needs. data centres can leverage this set of technologies to pool IT resources and implement cloud architectures that reduce capital and operational expenditures, and at the same time create an infrastructure that rapidly scales and responds to business needs. When data centres leverage these technologies, new networking challenges arise. This effectively means that the network must evolve. It must move from management of physical ports to flows (virtual server to virtual server, or virtual server to virtual storage communication). It must be become simpler to operate, more flexible, more resilient, and

much more scalable. These requirements are best met with scalable fabric architectures, while classic ethernet networks have traditionally required complex architectures and protocols adding higher levels of complexity to operational costs.

Traditional ethernet networks are hierarchical with three or more tiers. Traffic has to move up and down a logical tree to flow between server racks, adding latency and creating congestion on Inter-switch Links (IsL). spanning Tree Protocol (sTP) prevents loops by allowing only one active path, or IsL between any two switches. This means that IsL bandwidth is limited to a single connection, since multiple paths between switches are prohibited. Link Aggregation Groups (LAG) were designed so that multiple links between switches were treated as a single connection without forming loops. This means LAG must be manually configured on each port in the LAG and this leads to a lack of flexibility.

ethernet Fabric prevents loops without using sTP. Flatter networks include self-aggregating IsL connections between switches, eliminating manual configuration of LAG ports, while at the same time providing non-disruptive, scalable bandwidth within the fabric. As a result, ethernet Fabric supports any network topology (tree, ring, mesh, or core/edge), and helps avoid bottlenecks on IsLs as traffic volume grows, since all IsLs are active.

Traditional ethernet switches require the configuration of each switch port. This includes setting network policies such as Qos, security, VLAN traffic, etc. When only physical servers were connected to the network, this model was sufficient.

ethernet Fabric maintains distributed intelligence, which allows common configuration parameters to be shared by all switch ports in the fabric. In the case of virtual machine migration, the network policies for that virtual machine are known at every switch port so migration does not require any changes to network configuration.

Today, data centre

networks carry traffic

for a diverse set of

applications including

client/server, Web

services, unified

communications,

virtual machines, and

storage; each with

their different traffic

patterns and network

service requirements.

VitAL sUPPorT


VitAL sUPPorT


ethernet Fabric, switches are smart – they share configuration information, and also know about each other. When a device connects to an edge port of the fabric, all switches know about that device. As the device sends traffic to other devices, the fabric can identify the shortest loop free path through the fabric and forward frames at the lowest possible latency. New traffic types such as virtual machine migration and storage traffic are latency sensitive, so this ensures this traffic gets to its destination with minimal latency.

classic ethernet allows only one path between switches. Improvements such as link aggregation groups (LAG), allow several physical links to act as a single link. This is manually configured on every port in the LAG and is often inefficient limiting bandwidth. If a new switch is added for more connectivity, it becomes increasingly more complex to manually configure multiple LAG connections.

ethernet Fabric overcomes this. When a new switch connects to the fabric, no manual configuration is required for the IsL. The switch joins the fabric and learns about all the other switches in the fabric and the devices connected to the fabric. No manual configuration of policies or special LAG configuration is necessary.

If multiple inter-switch links are connected between two switches, a logical trunk automatically forms. Traffic is load balanced in hardware so that utilisation is near line rate on every link, keeping it highly efficient. should a link in a trunk go off line, traffic on the remaining links is not affected and incoming frames are automatically distributed on the remaining links without disruption to the devices sending them.

classic ethernet uses sTP to define a loop free path, forming a logical hierarchical switch tree. even when multiple links are connected for scalability and availability, only one link or LAG can be active. This decreases utilisation. When a new link is

added or removed, the entire network halts all traffic for seconds and even minutes while it configures a new loop free route – this can prove highly disruptive for storage traffic, virtual machine migration, and In the case of storage traffic, traffic disruption could cause a server crash.

ethernet Fabric does not use sTP to remove loops. They use link state routing with equal cost multipath routes, which always take the shortest path through the network. When a link is added or removed in the fabric, traffic on other links continues to flow without disruption. Link resilience is assured and full utilisation of all links between switches is automatic when the topology is changed, without the need for any manual configuration.

classic ethernet switches require management. each switch has to be configured and each port has to be configured for protocols (sTP, rsTP, MsTP, LAG, etc.). As more server racks are added, more switches are added at the top of rack, middle of row or end of row. each requires configuration and none can share common configuration parameters.

ethernet Fabric shares configuration information among all switches in the fabric; when a new switch joins the fabric, it automatically receives common information about devices, network policies, security, and Qos. This ultimately simplifies network configuration, reduces mistakes, and reduces operating cost, which as we mentioned at the start of the piece, is the main priority for cIos all over the world.

As virtualisation and the cloud become more and more popular in the market place, the need for simplicity in the data centre becomes ever more necessary. This is the next evolution for the cIo and in the near future ethernet Fabric will provide a great many benefits to companies and cIos worldwide. VitALwww.brocade.com

As virtualisation and the

cloud become more

and more popular in

the market place, the

need for simplicity in

the data centre

becomes ever more

necessary. This is

the next evolution

for the cIo.

32 VitAL : July / August 2011

VitAL sUPPorT

www.vital-mag.net

App versus Web: choosing the right one matters

What is the best and, more importantly, Laura Hampton, Head of Content Engagement, Zabisco asks, the most cost effective way of positioning yourself on the mobile internet?

BuSInESSES ARE facing a dilemma in answering this question; should

they choose mobile apps, which are downloaded by users and stored on their handsets, or mobile websites, which are mobile specific sites with all the functionality and display capabilities required to work well on a phone?

Like everything internet related, it really must come down to how well each meets the needs of both the audience and the company.

Mobile Websites: Is Cheaper Better?The creation of a mobile website is an evolving trend. No longer are users satisfied with a ‘desktop’ website which renders on their mobile phone in the same way; instead, users are looking for mobile specific functionality within the mobile internet.

For the main part, that means redesigning and restructuring the site so it works as one page that gives easy access to all relevant content. This can be done through an accordion navigation, where the navigation opens out to reveal more information as the user requires, or through a refocusing of content to show fewer pages and less text.

It is also important to consider the touch screen capability of your mobile website; how does the touch screen work and are your buttons big enough to accommodate even the biggest or least accurate finger? How will the pinch and zoom function cope? And will your website recognise the different handsets on the market and resize itself accordingly?

From a business point of view, none of this matters if, financially, it is unobtainable. equally, it must provide an adequate roI (return on investment) to be worthy of the time spent on it.

The Financial Benefits of Mobile WebsitesGenerally speaking, a mobile website is cheaper to produce and maintain than a mobile app. This is because, unlike an app, mobile websites will work on any platform, anywhere in the world that has internet access. When based on an existing website, your mobile site becomes a simply restructuring of current assets and can be handled by the majority of web developers worth their salt.

Mobile websites have the added advantage of being free from the technical constraints of apps too, where maintaining them becomes an issue due to the sign-offs and support required. Instead, mobile websites can continue to be maintained by the original development company independent of App stores or Markets.

Dawn of the App AgeBut wait. Is a mobile website the best way to engage your target audience? With hundreds of thousands of apps now available on mobile web, their popularity and inherent value cannot be ignored. As apps become increasingly mainstream, users are taking advantage of them for their speed of access and ease of use.

The main benefit for the user is that, because an app is downloaded rather than streamed online, access time can be much faster and the chance of crashing or pausing is reduced. consider, an app to a mobile user is like a game cd is to a gamer – put it in your machine and off you go.

Apps can also provide a personalised experience for the user, allowing far more customisation than a website and giving you the freedom to create something

VitAL sUPPorT


brand specific for your audience. The robust nature of the platform lends itself to practical applications – so can become something genuinely useful that people will want to download and share.

The Downside of Mobile AppsUnfortunately, apps require time and money to make them work. Producing even the initial idea will require user research to ensure you’re making something that people want, whilst the architecture and design of the app can’t just come from your website. The experience your user has on your app has got to be tailored to that platform because the way people use them differs from person to person, depending on their purpose.

even once you have your app idea and you’ve produced a finished product, the security that surrounds the App store in particular can cost you both time and money. Your app will need to be approved by Apple before it can go live and any subsequent changes or amends to the app will be subject to the same procedure.

Mobile Website or Mobile App?The decision between mobile website and mobile app is still very much an individual decision, with no definitive right or wrong answer. The only thing for certain is that every business should be thinking about mobile applications.

An understanding of your target audience, their needs and their motivations, should guide your decision; whatever is created, it must be right for them and provide something of real value whilst representing your business in the best manner possible. VitALwww.zabisco.com

With hundreds of thousands of apps now available on mobile web,

their popularity and inherent value cannot be ignored. As apps become

increasingly mainstream, users are taking advantage of them for their

speed of access and ease of use.

The direct comparison between mobile websites and mobile apps


Empowering greener home working practices

Overcoming incompatibility between home workers and power management can, explains Frank Griffiths, Vice President of Professional Services at Verismic Software pay dividends all round.

uK TRAnSPORT Secretary Philip Hammond recently called for

employees in london to work from home during the Olympics next year. He said some people might consider working away from their offices, or changing travel times to avoid busy periods. If his plan is supported, these london workers will join the 3.7m uK-wide employees who ‘sometimes work from home or use home as a base’ on a daily basis (June - September 2010, OnS).

A survey of firms by the confederation of British Industry (cBI) showed that the number offering at least some teleworking (home or mobile) rose from 14 per cent in 2006 to 46 per

cent in 2008. IBM currently employs 200,000 remote workers globally, BT 15,000 and HsBc 15,000. Figures later this month are expected to show the trend continuing.

If you’re running the IT for a knowledge business (Hr, Pr, marketing, finance, etc.) setting up employees to work from home is pretty simple. In basic terms, they just need a mobile phone, broadband and secure access to their usual Pc and software applications (GoToMyPc, Logmein, Laplink everywhere are just some of the proven remote access tools enabling home and mobile workers access to Pcs and applications). In setting up a home working policy and the

VitAL PLANeT

VitAL PLANeT


With good systems,

users can install an

application onto their

mobile device, which

will allow them to

execute Wake-on-Web

functionality to wake up

Pcs within their work

environment, which

have been turned off by

the Power Manager.

supporting IT infrastructure, you could argue that you have also created a green business – less employee related travel pollution would be the obvious point.

However, it is here, in IT support, that two of the most modern business policies – home working and green IT – are beginning to clash. If you’re one of the millions of IT directors or managers to have rolled out Pc power management software (from any vendor) in the last couple of years, you will have learnt quickly that it becomes necessary to exclude home or mobile workers’ work based desktop Pcs from Pc power management policies, because those workers need access to them from home.

For example, if an employee decides to work from home on Friday using his or her laptop, the work based desktop Pc will also need to remain ‘powered-on’ (and be excluded from Pc power management policies) to enable the home worker, using remote access tools, to access and use it. The work based Pc is also unusable by other members of staff during this process. The more encompassing the home working policy, the wider its adoption, the larger the list of excluded Pcs becomes.

According to south Lanarkshire council which recently deployed Pc power management software, the energy draw of a Pc is around £1 per Pc per month to operate, so leaving any number of Pcs powered-on during the day is not only carbon costly but financially costly.

Interestingly, according to Pike research, over the next five years public sector and financial services will be two of the largest growth areas for Pc power management (both knowledge based industries with large numbers of home workers). The Pc power management vs home worker debate could be about to explode.

What’s the solution?The largest complaint of any home worker is the isolation from colleagues and ‘the office’. companies will undertake all manner of Hr programmes to support and include home and mobile workers. Pc power management must be the same. Its benefits should not stop at the office doors and it shouldn’t be a reason for home and mobile workers to not leave the office. Pc power management must embrace the technology of home workers. • Firstly, choose PC power management

software which provides the ability for home workers to wake up their work based Pc from home. With good systems, users can install an application onto their mobile

device, which will allow them to execute Wake-on-Web functionality to wake up Pcs within their work environment, which have been turned off by the Power Manager. This will allow home workers to gain remote access and use that Pc productively at anytime from anywhere, whilst the company can take full advantage of power management policies. Pcs no longer needed to be excluded from policies.

• Second (and it may sound obvious) but add Pc power management software to notebook Pcs in use by home and mobile workers. They’re all part of the same Pc fleet. don’t create a ‘them and us’ culture between office workers and home workers – they should all feel like they’re making a contribution to ‘greening the business’. Also, consider using Pc power management software, which can also support Mac Pcs. 5,000 of IBM’s 200,000 remote workers use Macs. It is an increasingly popular device, even outside of its traditional design and creative users.

• Third, add PC power management policies that will throttle back the power draw from applications whilst the work based desktop Pc is powered on but not immediately in use. Intelligent ‘engine management’ can ‘throttle back’ to reduce power consumption when users or applications are idle, but immediately and automatically ‘throttling up’ when performance is required. This ensures that if home workers power on a work based Pc in the morning, those Pcs do not overly waste energy during the day.

• Finally, ensure home workers are kept informed of their personal contribution to Pc energy efficiency including visibility of how they compare to their office and home based peers, to fully involve users in increasing overall efficiencies.

What’s the future? Pc power management software will continue to evolve to support home and mobile workers, to ensure they’re fully integrated into the green business.

Look out for future Pc power management software versions with support for a broader range of mobile devices (to switch on work based Pcs), power management software for mobile devices themselves, enhanced power saving reporting for home workers, and perhaps even policies geared to home workers returning to the office (Pcs which power on as the employee passes through reception). VitALwww.verismic.com


When change is constant Kevin Parker, Chief Evangelist at Serena Software looks at the business process around ITSM

AROunD 500BC, the greek philosopher Heraclitus said that

“Everything flows, nothing remains the same”: which we paraphrase today as ‘the only constant is change.’ For those covering IT service management (ITSM), th is is espec ia l ly t rue of the processes they follow to run their enterprises. The constant change and evolution of business requirements and the pace of change in the IT world in general, means that a process that works today may not be suitable in six months’ time.

Gartner recognises this too, with their research showing that most organisations turn over their service desk solutions about every five years. There can be many drivers for this from the requirement to deliver results faster to the need for more management information and reporting or stricter audit

and compliance controls. other drivers can include new staff appointments or company mergers resulting in multiple systems being in place.

All these changes will ultimately have an impact on how the organisation approaches ITsM, and being able to respond to those changes quickly requires process and service agility. As many enterprise IT systems are complex, having built up over time, ripping and replacing applications can be too expensive to consider. Instead, looking at the business process around ITsM and how existing tools can be integrated into a more efficient workflow can offer a more effective route.

Are you talking to me?When considering the business process around something l ike IT service

VitAL Processes

VitAL Processes


management, the important consideration should be what strengths the individual parts of the solution can offer. For example, humans are great at problem solving and dealing with exceptional circumstances, while on the other hand, computers are great at repetitive tasks and moving big chunks of data around. Automating tasks that are repetitive or don’t require human interaction is therefore an essential step in looking to improve business process performance and effectiveness.

For human to human interactions, the issue is all about the interface. It needs to be personalised for each user so that the information they need is available in a form they can use immediately. This means user interfaces designed for each role in the organisation: one size does not fit all. In addition, the user should be able to create their own alerts as well as subscribe to published ones. This will help them manage their work and time by having the system alert them to bottlenecks or tasks coming due to become, essentially, each user’s own personal assistant.

The ITsM system should also be able to make decisions when humans cannot (or will not). examples here include letting the user know there is a task needing completion; also letting the user know that, if they don’t respond, default actions will occur. These can include to approve or disapprove requests, or to escalate to a higher level.

For IT systems to talk to one another, they have to be integrated. Too frequently these integrations become the weakest link in the automation as they can be quite brittle. Future IT Integrations have to be based on web services and anyone buying an automation

technology should mandate this support as one of their top priorities in the selection of a solution.

Modern technologies also need to be process centric in their design: it is no longer acceptable for a vendor to dictate the process. Tools which adopt a common open standard and which allow the integration to evolve over time are ideal. This ensures that organisations avoid the problem of having to rip out solutions that no longer meet their requirements and cannot be coerced to support the new ones.

When the ITsM system communicates with a human and needs a response, it should focus on delivering the information necessary packaged in a form that can be easily comprehended. There tends to be too much focus on the infrastructure that delivers the information and not enough on the information itself.

To solve this, do not organise the information based on where it comes from, or the format it’s stored in. Instead, think about how the data can become information with the addition of charts, maps, scales and any number of visual clues that make comprehension easier; and you must ensure that the data is actionable. of course all of this needs to be done so it complies with any relevant compliance and auditing requirements as well.

When humans have to direct their IT systems, they need to be able to do it from wherever they are: we all live a highly mobile lifestyle now so we each need to be able to use our mobile devices to interact with our corporate systems and processes. Modern automation tools must provide the same full experience on a mobile device as on a standard Pc or laptop.

Tools which adopt

a common open

standard and which

allow the integration to

evolve over time are

ideal. This ensures that

organisations avoid

the problem of having

to rip out solutions

that no longer meet

their requirements and

cannot be coerced to

support the new ones.


VitAL eYes oN

Bridging the gapsBeing able to bridge the gaps that exist between different business functions and sections of the enterprise is an important requirement for establishing these new business processes. For ITsM implementations, supporting this involves understanding where these gaps exist and how they can be overcome through automation.

This is achieved through having a completely configurable platform that allows for the integration of many disparate systems. This requires complete and transparent access to information irrespective of where the data source exists, in turn allowing different parts of the organisation to see value from the process. By linking together these applications and services at the workflow level, the organisation can derive greater value from its ITsM processes.

At its heart, ITsM is all about delivering better levels of service back to the organisation and helping the business to function more efficiently. By looking at integrating and orchestrating the business process around ITsM, organisations can see a faster return on their investment without having to go through full-scale replacement of their systems. Just as Heraclitus thought about change being constant, so ITsM and business processes have to re-evaluated on a regular basis. This ability to look deeper into the processes and workflows involved in supporting the organisation, and evolving with them, will be crucial for ITsM to continue delivering business value. VitALwww.serena.com

”s” is for Security for SMEs

IT security is a big enough headache for large firms with considerable resources; how then can SMEs cope? Jonathan Westlake offers valuable guidance.

IT IS an understatement to say security of IT systems whether private or in the

‘cloud’ has never been more in focus than at the current time. Recent news of hacking into large governmental and corporate systems has fanned concern. This begs the question. If large organisations with large budgets are victims of security breaches what hope is there for the smaller firm, the so called SME on which the uK relies heavily?

one answer is an interesting proposal for a standard (IssA 5173) from the Information systems security Association (IssA) published in April 2011. I have been reviewing the proposed standard and assessing it’s potential impact.

The standard can be downloaded from the reference below and is well worth a look. I highly recommend it as it gives practical advice in non-geek language because it is aimed at the sMe owners. IssA is looking for feedback and you can contribute to that.

so take a look. Information security, as a subject, can be improved by comparing what you have at the moment to the advice given in the standard. VitAL

http://www.issa-uk.org/issa5173

SSSS


”s” is for Security for SMEs

S Kepner-Tregoe’s Problem and Incident Management programme.

Think dynamically. Kepner-Tregoe’s Problem and Incident Management programme offers

unrivalled insight into how to align your organisation’s most powerful assets. We can reduce

time-to-close, increase first time fix-rate, reduce no fault found, increase customer satisfaction

and lower the operating costs of your customer support centre. The result? Service can now

be a direct driver of revenue and profit. Find out how Kepner-Tregoe’s knowledge could help

power your business by contacting our European Head Office on 01628 778776.

What tool do you use to turn traditional customer support into dynamic customer service?


Ensuring infrastructure resilience in an online world

The Internet is a wonderful tool when it works, but we are increasingly at a loss when it encounters problems. Steve Durbin, global VP at ISF (Information Security Forum) looks at what organisations should do to minimise the risks

SERVER OuTAgES at global ISPs may be an extreme case, but they illustrate

the challenge faced by businesses that are shifting a growing proportion of their information and transaction infrastructure online – often to cloud based computing. The growth in cloud computing is one example of the trend towards ever greater reliance on the Internet. Moving to the cloud and making use of virtualised servers makes sense financially, but organisations need to be aware of the inherent risks, and ensure

they are prepared for infrastructure failure when it comes.

Threat of infrastructure failureIsF’s Threat Horizon 2012 report highlighted infrastructure failure as one of its top 10 threat scenarios. The report highlights how companies have come to rely on Internet only sales channels and mechanisms, to the extent that most people only have one way to perform their day-to-day transactions. Poor Internet resilience, especially at pinch points

VitAL Processes

VitAL Processes


Moving to the cloud

and making use of

virtualised servers

makes sense financially,

but organisations

need to be aware

of the inherent risks,

and ensure they

are prepared for

infrastructure failure

when it comes.

in the network, results in frequent and sustained regional Internet outages and prolonged loss of service. The threats to business come from loss or damage to communications links or services – often as a result of under-investment in infrastructure – and from malfunctioning equipment, associated with a lack of resilience.

The impact of such outages is a direct loss of business, and increased costs to provide ‘work arounds’, potentially leading to reduced transaction integrity and associated fraud. In addition, there may be a loss of trust in the Internet, and customers moving to competitors able to offer an easy alternative. While the threat of infrastructure failure is a future scenario, there are very real issues confronting organisations that want to move to cloud and Internet-based sales channels today.

organisations that increasingly rely on the Internet to conduct business, or serve the public, will require some kind of quality of service (Qos) guarantees – which will add cost, as well as run into issues over net neutrality. Also, who is going to fund the necessary investment in Internet infrastructure to deliver the capacity and intelligence it needs, and what is the payback for anyone who does?

Another issue for Internet-based critical communications and online transactions is that networks are always susceptible to physical damage. Internet channels are only as resilient as their weakest link. Wireless Internet access has got people used to the idea of ‘always on’ connectivity. While this helps staff work more efficiently off-site, few consider how secure these connections are, so organisations need to ensure security is made easy for staff.

Finally, a vital element in the successful deployment of cloud computing and Internet based services is supplier trust. Buying cloud computing is just like buying any other service, and organisations must ensure they research and question potential suppliers thoroughly.

What can companies do?Having established where the critical

parts of IT infrastructure lie, and the risks associated with their loss or degradation, organisations should put in place a framework of controls for securing it, recognised at a senior level and based on the participation of critical infrastructure stakeholders – including information security practitioners. organisations should give special attention to the selection and application of a balanced set of controls to protect systems that support critical infrastructure. Where it is not possible to apply a balanced set of controls, alternative measures should be used.

In selecting controls, organisations should adopt security architecture principles, such as: defence in depth; least privilege (granting minimum possible privileges to users); and default deny (denying access to information systems by default to prevent unauthorised access).

Another important element for ensuring the resilience of critical infrastructure is to reduce single points of failure. To ensure that critical infrastructure is available when required, supporting information systems should run on robust, reliable hardware and software, and be supported by alternative or duplicate facilities.

When it comes to outsourced cloud computing services, it is crucial that third parties are well managed. Measures that help reduce the information risks associated with using third parties include reviewing and, where necessary, updating contracts and agreements to include statements regarding security requirements, roles and responsibilities, the right to audit and incident reporting.

organisations should consider the use of an internationally recognised information security standard, such as IsF’s standard of Good Practice for Information security.

While the Internet does have a high degree of resilience, experience shows that we cannot expect 100% uptime. overall, the Internet is only as good as its weakest link, and preparing contingency plans to operate businesses in the event of failed or reduced Internet service should be a priority. VitALwww.securityforum.org

VitAL Processes


Is corporate espionage undermining your business?

Giri Sivanesan, senior security consultant at Pentura, warns that with the emergence of global markets and global competition, espionage has evolved and taken on a new meaning.

ESPIOnAgE ATTACKS on private sector businesses are a dominant feature on

information security news wires. In 2010, the British press reported that a technology house had misplaced a prototype phone, prompting fears that the phone was the target of competitive espionage and an electronic espionage network dubbed ‘ghostnet’ was reported to have penetrated the networks of hundreds of organisations worldwide. The French newspaper la Tribune also reported that a major aircraft manufacturer had uncovered several attempts of espionage at its plant in France. By the end of 2010, both the uK and uS governments had voiced their plans to secure national infrastructure from electronic or ‘cyber’ espionage attacks with the creation of an Office of Cyber Security (OSC) in the uK and a Cyber Security Office in the White House.

The litany of espionage attacks affecting established commercial organisations over the past year has raised the profile of espionage to new heights. Many people assume the threat of espionage has disappeared. They associate it with the cold War. They think of novels by John Le carre and Len deighton. of course, the threat has not disappeared. The director General of MI5 said in a speech a couple of years ago that there were more foreign intelligence officers operating in London now than at any time since the end of the cold war. With the emergence of global markets and global competition, espionage has evolved and taken on a new meaning.

Businesses are now the target of espionage, carried out by businesses or states or state sponsored businesses. even so, businesses will assume that espionage is a threat that does not fit on their risk register. They believe that espionage is about stealing state secrets, information about foreign policy or defence or military research, however it is not just about this. For the private sector, the threat of espionage is about protecting intellectual

property, business proposals, evidence to support legal activities or other confidential information from competitors.

espionage might involve covert techniques and sophisticated types of technical and non-technical attacks. The abundance and availability of business and commercial information online or through commercial press sources means that espionage attackers can identify particular networks, computers or individuals on which to target their attacks, often through aggregating lots of disparate bits of information.

There are other challenges too. some businesses have become so complex that countering the threat of espionage is a challenge in itself or the gulf between decision makers and those responsible for looking after the information that their business depends on is too wide. These organisations seem to live in the hope that their business critical information is adequately protected even from sophisticated attackers.

Businesses can be forgiven for thinking they have enough risks to manage without adding another one to the list: flooding, flu, crime, hacking, employees who do not comply with the rules and accidental data loss. It might be right for a business to accept the risk of espionage but it cannot make that decision wisely unless it is aware of the potential threat it faces. As the number of organisations that have been financially impacted by espionage grows, the need to address this becomes ever more acute. Until recently, there has been very little in the way of professional services to help organisations looking to address espionage proactively with the majority of risk mitigating activities being reactive and always newsworthy.

counter-espionage is about identifying the vulnerabilities that might be exploited by a competitor and putting in place the controls to mitigate those risks. VitALwww.pentura.com

The director General

of MI5 said in a speech

a couple of years ago

that there were more

foreign intelligence

officers operating in

London now than at

any time since the end

of the cold war.

VitAL Processes


With Platform as a Service, says David Akka, uK MD of Magic Software, developers can leverage cloud advantages to make development more flexible and accessible.

Standing on a platform in the Cloud

THE ClOuD has promised much in terms of flexibility, agility, operational

and cost savings. However, effective development of cloud applications relies on the availability of sound underlying platforms; for development teams to be able to build cloud applications effectively, they need the right platform on which to create and deploy those applications. This needs to allow for scalability, for the multi-tenant architecture of cloud applications, where resources and costs are shared across a large pool of users.

This is where Platform as a service (Paas) comes into its own. This year, 2011 has, in fact, been identified by Gartner as the year

of Paas, offering increased flexibility for short term projects, and the ability to provision and scale up quickly for resource intensive projects. However, despite its predicted uptake there is still considerable discussion around the definition of Paas. This may be, in part, because the Paas market is still relatively immature and is still evolving, a fact that was highlighted in a recent report from Forrester. Also, the analyst John r rymer noted in his blog: “the Paas market is a sprawling, fast changing, and immature market.”*

so what is Paas and what does it provide for developers looking to capitalise on the cloud boom? In essence, Paas is a

VitAL Processes

BCS Specialist certifications in IT service managementOur series of certifications focus on specific IT service management job roles.

The six certifications:

• embrace best practice from COBIT®, ISO/IEC 20000, SFIA/SFIAplus and ITIL®• enable job specific skill development• are industry-relevant and internationally recognised• are endorsed as ITIL Complementary Products• attract credits towards ITIL Expert

Find out more at www.bcs.org/specialist

ITIL® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. COBIT® is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute.

© BCS, The Chartered Institute for IT, is the business name of The British Computer Society (Registered charity no. 292786) 2011MTG/AD/1020/0611

1020_specialist_ad_vital_fp_ma_brochure.qxd 20/06/2011 12:17 Page 1

VitAL Processes


loose term that occupies a huge space, between Infrastructure as a service (Iaas) and software as a service (saas), although even within this definition, different vendors have different propositions. In broad terms, it is the ‘application infrastructure’, that is, the technology stack and computing platform, delivered as a hosted service. elements such as the application servers, the customer portal, and the business process management (BPM) technology databases and file systems would all comprise this application infrastructure. It is everything that is required in the cloud application design process, development and lifecycle management.

For developers, it means that applications can be deployed without the cost of buying the hardware and software, freeing development teams from the headaches of managing this aspect of the business themselves. The advantages for developers are clear, particularly for those projects that need to be started quickly without the need to purchase, manage or configure the hardware and software in-house. It also means that wherever you are based you can make use of the computing services of the Paas provider. drilling down further, we have the application Platform as a service (aPaas), the Gartner defined term which refers to the development and

deployment environment for cloud based applications, or as Yefim Natis of Gartner calls it the ‘extended application server’.

eventually it is quite probable that everything we now term Paas will, in practice, move towards aPaas; however, setting semantics aside, it is all about enabling development to be the main focus of activity. What’s more, this new era of cloud development by its nature demands an approach that offers more flexibility and provides a development and deployment environment in which teams can re-use different types of their software, no matter in what language they have been written. This kind of application platform also means that, once written, applications can be taken to any new platform, be it cloud, or mobile, without having to re-write them.

In turn, this means that teams can focus on the development aspects that really matter for a project, delivering applications that bring business functionality and add value, reducing costs and time of development projects; rather than provisioning for and creating the environment on which they are built. VitALwww.magicsoftware.com

* THE Forrester Wave™: Platform-As-A-Service For

App Dev And Delivery Professionals, Q2 2011

For developers, it means

that applications can

be deployed without

the cost of buying the

hardware and software,

freeing development

teams from the

headaches of managing

this aspect of the

business themselves.

vitaldigestA vendor perspective of current IT management processes

31 Media will keep you up to date with our own products and offers including VitAL Magazine. If you do not wish to receive this information please write to the Circulation Manager at the address given.

Please tick here ■ if you do not wish to receive relevant business information from other carefully selected companies.

News, Views, Strategy, Management, Case Studies and Opinion Pieces

Subscribe FREE to the most VitAL source of information

www.vital-mag.net/subscribeInspiration for the modern business

vital

FEATURE FOCUS: CONTROLLING THE COMPLEXITY: 22-25

VitA

L : In

sp

iratio

n fo

r the

mo

de

rn b

usin

ess

Vo

lum

e 4

: Issu

e 3

: Ja

nu

ary

/Fe

bru

ary

20

11

Inspiration for the modern business

Volume 4 : Issue 3 : January / February 2011

vital

The human factor

Cyber-crime targets the individual

Striking a balance

Getting the work/life equation right

Entrepreneurial ITUnleashing your business potential

FEATURE FOCUS: CONTROLLING THE COMPLEXITY: 22-25

The human factor

Cyber-crime targets the individual

Striking a balance

Getting the work/life equation right

Entrepreneurial ITEntrepreneurial ITEntrepreneurial ITUnleashing your business potential

FEATURE FOCUS: TACKLING CHALLENGES OF THE MODERN IT WORLD: P32-35

VitA

L : In

sp

iratio

n fo

r the

mo

de

rn b

usin

ess

Vo

lum

e 4

: Issu

e 5

: Ma

y/J

un

e 2

01

1

Inspiration for the modern businessVolume 4 : Issue 5 : May / June 2011

vital

Moving to the cloudThe rise of Google Apps

Social networksA communications

revolution in the workplace

ITIL: What’s missing?Filling in the service management gaps

SERVICE DESK & IT

SUPPORT SHOW ISSUE

FEATURE FOCUS: TACKLING CHALLENGES OF THE MODERN IT WORLD: P32-35

Moving to the cloudThe rise of Google Apps

Social networksA communications

revolution in the workplace

ITIL: What’s missing?ITIL: What’s missing?ITIL: What’s missing?ITIL: What’s missing?ITIL: What’s missing?Filling in the service management gaps

SERVICE DESK & IT

SUPPORT SHOW ISSUE

VISIT VITAL ONLINE AT: WWW.VITAL-MAG.NET

VitA

L : In

sp

iratio

n fo

r the

mo

de

rn b

usin

ess

Vo

lum

e 4

: Issu

e 5

: Ma

y/J

un

e 2

01

1

Inspiration for the modern businessVolume 4 : Issue 5 : May / June 2011

vital

Shared servicesThe way forward?

Open sourceA panacea for

the public sector

Learning to leadGill Graves says it’s time for IT to take control

VitAL dIGesT


Contents52 Making the RITE Decisions

Technology cannot heal organisational maladies, as Tony Probert makes clear: but the right technology using the RITE information can help to build on success.

54 Thinking Correctly under pressureWhen things go wrong you can either waste time by shouting or, say Steve White and Andrew Vermes, you can create a culture in which the job gets done.

56 Agile meets ITIlSteve Connelly and Steve Ingall consider how ‘Agile’ relates to the well-established comfort zones of Service Management frameworks such as Six Sigma and ITIl.

58 Buying an ITSM software solutionIf you’re buying something as important as an ITSM tool, says Steve Lawless, don’t just ‘kick the tyres’; instead properly evaluate what your money will be buying.

60 The benefits of WAN optimization to businessapplications in the public cloud Whereas the Public Cloud once had performance problems, Nigel Hawthorn now

believes that technology advances have put those concerns in the past.

We’re approaching the ‘silly season’ when trivia rules. Or

is it simply that anticipating imminent holidays, enjoying the break and, on returning to work, falling into that post-holiday reverie, our minds take a well-earned break from serious stuff? Far be it for me to puncture that euphoric cloud of summer but if you want to gather information before and after the holiday – not ‘during’ – this year’s VitAl Digest is the place to start.

during the dog days of summer when, at any time, a quarter of your staff and a quarter of your customers’ people will be away, you’ll be able to step back and review the bigger picture. You might, as Tony Probert suggests, cast a constructively critical eye over your processes before you pile in more powerful technology. or, perhaps, as steve White suggests, you could wonder whether, without people barking in their ears, engineers will complete their job sooner and better. Join steve connelly and steve Ingall to look beyond ITIL and six sigma and wonder whether an Agile approach will bring out their best for you. or follow steve Lawless’s advice and think about what you really want from your next ITsM tool. And if cloud performance has been troubling you, Nigel Hawthorn has some words of comfort.

While you’ve got the time, we’ve got the information. enjoy your summer.

Leader

John hancock, editor

VitAL dIGesT


Making the RITE Decisions Tony Probert, European managing director at Cherwell Software cites the changes necessary before IT will be of use for survival in the new economy

WHAT WOulD be the ‘holy grail’ for real change in the realm of

Information Technology? It would be to enable management to harness the necessary information to proactively make the right business decisions – at any time, from anywhere – and thereby truly align IT with business objectives. Is there any hope of this? Are there any external factors today to give us optimism that real change, from an IT services and support context, is possible? yes there are, but of course it won’t be easy.

Too often, IT ‘change’ is defined as spending money on new technology and hoping it will solve organisational problems. It won’t. Before any technology is considered, the people of the organisation must understand and be passionate about its underlying corporate mission, strategy, and specific objectives. To attain that vision, you’ll need to understand and implement appropriate processes. Note that you do not need to invent entirely new processes, any more than you need to invent a different type of hammer to build a new piece of furniture. rather, you need to choose from the toolkit of tried and true business processes that already exist, selecting and customising them for your organisation. only then should you look at technology that facilitates your vision and your processes – and does not just collect data for data’s sake.

The required elements to drive change involve;people. As a first step it is necessary to change the culture; to remove people who are resigned to the status quo and replace them with people who have well defined roles, who are empowered to do their jobs and who are accountable for results. All effective change in any organisation starts with having the right people in place, both management and staff, who ‘buy-in’ to the mission.

The point here is not to suggest replacing all those who have not bought in to the company strategy. In fact, it is the job of management to inspire its team regarding

its mission, to build an environment of trust and mutual respect and to establish a clear set of reasonable objectives. However, change must start with people who truly believe they can make a difference. The correct people with the requisite competencies and passion must be identified and trained. If there is not buy-in from the people regarding the mission and goals, the best processes and technology in the world will not help.

processes. Utilise ‘outside eyes’ (internal or external) to evaluate every process in the organisation and provide an objective assessment as to what value any particular process brings to the stated end goals. such an external assessment will generate recommendations for improvement without prejudice. Without an objective, unbiased evaluation of which processes and systems were broken, no one will tell the emperor that he has no clothes.

since the arrival of the IT Infrastructure Library (ITIL®), there is no longer an excuse for IT management not to embrace and implement a set of processes that represent industry good practices. ITIL today is the most widely recognised and accepted IT process management framework in the world. These processes promote a quality approach to achieving business effectiveness and efficiency in IT. ITIL also focuses on aligning IT services to business requirements; a goal that will gain the needed respect from the business units.

technology. once people and processes are evaluated, only then should technology be deployed to complete the virtuous circle. The identification and removal of business silos with improved systems integration is critical to preventing key tasks, activities and data from falling into the proverbial black hole.

once you know what information needs to be tracked that is important to the overall business objectives, i.e. the key performance indicators, technology can make a difference and can enable real change. The next step is to make that information available to the right people at the right time.

VitAL dIGesT


With today’s technology, business unit managers can utilise smart phone or tablet technology to proactively receive, and then act upon, the right information; at any time, from anywhere. We are in the midst of a technological wireless and real time data revolution. This enables people with sound processes to make the right business decisions. organisations must no longer collect data for data’s sake, nor even for information’s sake. In order to make right, or ‘rITe’ decisions, management must have data and information that is:1. relevant to the mission, strategies, and

objectives of the organisation;2. Integrated across all department ‘silos’ and

geographic locations;3. Timely, so that the issues can be addressed

and resolved before they become crises; and

4. efficient, so that with the mounds of data, organisations can manage by exception

and the automated best business processes can be enforced.

Finally, data should be used to act, to analyse, and to continually improve. There should be relentless follow up and continual measurement. Measuring results based on clear goals and objectives, in real time, can be achieved with today’s technology. once clear objectives are established, the right technology can make the difference between limping along and accomplishing key business goals.

The implementation of proper people, processes, and technology to make the rITe decisions has always been important, but during the next decade it may be the mandatory holy grail of survival. change comes from within, and all the technology in the world will not help a dysfunctional organisation. Gandhi once said, “You must be the change you wish to see in the world. VitALwww.cherwellsoftware.com

once you know what

information needs to be

tracked that is important

to the overall business

objectives, i.e. the key

performance indicators,

technology can make

a difference and can

enable real change.

VitAL dIGesT


Thinking Correctly Under Pressure

new neuroscience research reveals, say Steve White and Andrew Vermes, Senior Consultants at Kepner-Tregoe, fresh wisdom for IT Support Functions

“WHEn WIll yOu gET SERVICE RESTORED?” shouts the Senior Vice President again, cutting across the technical discussions on the bridge call, for the second time in five minutes. “The service restart will take forty minutes” replies the senior Technical Lead.“yOu HAVE TO gET IT BACK In TEn!”When managing a business-damaging incident, it is clear why representatives from ‘the business’ behave the way they do – behaviour which (depending on the prevailing culture of the organisation) can range from reasonable to psychotic. When critical systems go down and affect the minute to minute revenue streams, even for a minute, financial losses can be huge. A strong IT tech support person will rightly say, “calm down and let us get on with our work”, but few will have the strength and experience to handle sustained aggression from the business side.

We know from analysis and experience that the normal response – jumping to cause – costs more money, reputation and time than calmly working through the evidence. But there are two other crucial factors interfering with good sense under pressure – biology and psychology.

Given the external pressures, there are four key drivers to effective performance that consultants at Kepner-Tregoe have defined and revised:• Predictable performance – how we

use our brain and skills to create the circumstances and environment that people need to handle complex problems under severe time pressure;

• Infrastructure – the tools and systems we use to enable exemplary support;

• Feedback – the learning and improvement loop;

• Right channels – making sure we have effective communications in major incidents.

Many people believe that coping with emergency situations is a matter of in-built character, somehow genetically determined. Use of advanced brain scanning techniques has in recent years allowed researchers to find out what‘s really happening in human brains when people are put into stressful situations, and what stresses trigger the strongest neural responses. Knowing these triggers and reducing them can have an immediate benefit to personal health and business performance.

Brain Hardware is wired for two kinds of response – Threat and Reward. Threat is an easily triggered response which takes resources from the prefrontal cortex; it inhibits complex problem solving and drives a survival instinct. Reward releases dopamine, improves collaboration and increases the quality of rational thinking.

The SCARF ModelThe triggers for the ‘Threat and reward’ response are based on a surprisingly small number of stress factors; these five (the scArF Model1) exert the strongest influences on individual performance:status is about relative importance to others. certainty concerns being able to predict the future. Autonomy provides a sense of control over events. relatedness is a sense of safety with others, of friend rather than foe.

fairness is a perception of fair exchanges between people.

five things to do that will help:1) For managing status anxiety: filter out threats: many companies now operate two simultaneous bridges; Technical and Management. The people fixing stuff should be protected from disturbance and left to get on with what they do best. Management need to handle the legal, political and reputational implications of the outage. The flow between the two channels has to be managed carefully, and that means keeping progress visible for all. Make the current status of the incident readable and distributed – so that someone can read the current status and not interrupt the bridge with ‘what’s going on?’2) Certainty through process: making your recovery and resolution process visible and in recognisable small steps is important. If senior people – and clients – can go and look and see that you’re making progress that will tend to ease the shrill demands.Practice on the easy: if your current case records look rather scruffy, how likely is it that crisp clear reporting will suddenly get done in an emergency? Get folks to use good quality consistent troubleshooting on everyday cases, and they’ll be better able to handle the tough ones.

The best people are often hidden away. some years ago a colleague in Kepner-Tregoe ran a project in a manufacturing plant. Tracing faults was often hard since operators tended to tweak their machines all the time, and figuring out what change related to what fault was nigh on impossible.

Steve White Andrew Vernes

VitAL dIGesT


except for colin. colin made constant little notes: “10:43: ring former out of alignment. Turned adjuster one quarter turn clockwise. Product all oK.” People with an eye for detail are safe hands in tough times.

If you are familiar with Kepner-Tregoe’s rational leadership processes you will know how useful it is to have a structured method for working through both complex and simple problems.

every incident has a natural process, and it isn’t trial and error. Keep the list of issues, impacts and consequences visible to all, as well as the investigation and resolution actions. When we read Major Incident process guides, we too often find them focused on who calls who, and not enough about how the incident needs to be progressed to ensure a quality outcome. creating this path is one of the key things we can do to use the scArF model, since having a recipe

for success is an important way of increasing certainty. This also allows the visibility that management and regulators expect.

When using a clearly described method, with visible stage gates, people apply their creativity when it matters most, and their analytical skills where they are needed, giving them the opportunity to make a contribution, visibly.3) Autonomy is cemented by making sure that the boundaries are there, and everyone knows what to do when they reach them. For example, in most incidents an accurate time for the start of the symptoms is important for diagnosis and decision making. You can leave engineers free to decide how they get this information (log files, user experience, downstream effects etc.), but get it they must, and at a gallop, if recovery is to be effected quickly. There are other steps, such as a careful risk assessment

prior to the recovery action which you may mandate, but leave the details up to the incident managers.

4) Relatedness helps the incident handling process, and not just in major incidents. This was recently illustrated by a change we made to case escalation in a client. Instead of just filling in the severity rating according to predefined criteria (Impact 1-4), Tier 1 engineers were instructed to describe in words what the problem was like for the users (all forty outbound mortgage staff unable to process applications). We found higher Tiers (2 and 3) much more responsive when the situation was clearly explained to them.5) Fairness can be lost if the ‘messenger is shot’. People shout at doctors treating their relatives, even though the doctor is not at all responsible for the disease in question, and are doing their best. expecting teams to perform well when the solution is outside their control is one of the biggest mistakes. Blaming folks for factors beyond their control doesn’t enhance performance, and loads unfairness. recognising teams appropriately for their contribution is important in building an environment that encourages predictable performance.

“I DEMAnD THAT SySTEM BACK In TEn!”I understand your concern, and I hear that you want it back in ten minutes, but that’s not how it works…” VitALwww.kepner-tregoe.com

1 david rock www.your-brain-at-work.com/files/NLJ_scArFUs.pdf

VitAL dIGesT


Agile meets ITIL ‘Agile’ methodology doesn’t replace but rather enhances the way that IT Services are managed say Steve Connelly, service Management Consultant and Steve Ingall Head of Consultancy at iCore

A COMMOn question in Service Management circles recently asks;

“How do we demonstrate the real value of Service Management without it just seeming like bureaucracy?” To address this challenge, iCore has been researching the use of ‘Agile’ methods to bring ‘stuffy’ ITIl processes to life for customers.

What is ‘Agile’?‘Agile’ is a methodology most likely to be employed in the strategy or higher level design phases during the lifecycle of a project. Although it is here that it is most highly visible and recognised in the industry with the associated project management exams, certifications, and professional bodies, it is also relevant further down from these strategic levels. It is important to recognise that ‘Agile’ techniques are not just reserved for use at a low level coding stage or as a project checkpoint method; as a methodology ‘Agile’ has grown well beyond its humble origins in the software development world. ‘Agile’ techniques and methods can and should be adopted at different levels of an IT operation, and at different stages of the service lifecycle to obtain maximum business benefit.

‘Agile’ Service ManagementAs already stated, many organisations are already using ‘Agile’ techniques and methods in day to day project management,

and icore’s research indicates that ‘Agile’ is also being utilised in operations; however, this is not branded as ‘Agile’ per se. Indeed, the phrase ‘Agile’ service Management is thought by many to be an oxymoron; however, if we think of real world examples, it becomes apparent they can co-exist. If your service managers, incident and problem teams meet up early every morning to discuss the previous day’s issues then they are conducting a ‘stand-Up’ meeting in ‘Agile’ parlance.

If we take the key service Management discipline of continual service improvement as an example, the benefits of the ‘Agile’ approach can be understood more clearly. Picture a service improvement or review meeting being held with ‘Agile’ in mind; the meetings will be short and regular, and business involvement is encouraged alongside the IT teams, which will of course ensure that any pain points will be brought to the table, and any limitations must be understood by both sides. The collaboration is regular and tends to be face to face; there is reduced need for ‘phone and email traffic exchanges and both sides are up to speed on the latest progress of service improvement activity. The improvements will be heavily prioritised according to business objectives, and accountability is assigned to action the improvement; little time is wasted on duplication of effort; and resource is not deployed on less business critical issues.

VitAL dIGesT


once a critical issue is identified and agreed, the next iteration or meeting will analyse the improvement options and identify the appropriate solutions. These can then be implemented and the overall time taken will be dramatically reduced compared to having less frequent, structured service reviews.

In a Major Incident review meeting, much time can be used up discussing technical issues and focusing on who was to blame. ‘Agile’ methodology removes this burden and focuses solely on how the team can quickly respond to the business requirements around restoration of normal service. The establishment of the root cause of outages in the organisation will be improved by establishing small, business focused, fast acting working groups to target areas causing most pain to the business. ‘Agile’ techniques also lend themselves to several of the common root-cause analysis methods, such as the Pareto (80/20) principle and the analysis of pain value experienced within the business. These tie in well with the ‘Agile’ ethos of tackling the most important issues in the quickest manner to derive maximum benefits.

Business processing requirements change quickly and how IT responds is an on-going challenge. rather than an ‘Agile’ approach clashing with service Management and Governance principles of control and risk mitigation, ‘Agile’ can be used in the change management process to ensure fast, reliable and appropriate assessment of change and implementation, making the process more efficient: also, an inefficient change process will very quickly be revealed if you apply ‘Agile’.

Now let’s turn to the cMdB dilemma; a tough nut to crack! Using an Agile project approach to defining, building and establishing the cMdB and the subsequent processes for introducing, updating and disposing of cIs, will make the impossible seem possible. The ultimate objective is broken down into more manageable pieces and value is derived from the delivery of a useful section of the cMdB in a realistic timescale.

Are you ready to be ‘Agile’?Indeed, icore believes any process in place in an organisation could be subject to adopting and adapting ‘Agile’ techniques. It is not about recreating processes, rather about making them work more efficiently on an operational level by changing behaviours and working practices of the people involved. service Management processes must be subject to continual improvement, and the ‘Agile’ approach to process development means that

processes would be kept up to date and fit for purpose by those involved. It seems a logical and sensible approach that the relevant core processes are identified in order of importance to the business and implemented within timescales that make a positive difference to the business as quickly as possible.

‘Agile’ methods may not work well within every organisation, and the suggestion would be that the techniques should be applied only where they are most relevant, just like other service Management frameworks. daily face to face meetings for example might not fit in with geographical limitations, or the structure and culture may not lend itself to this collaborative approach. Indeed many individuals and teams may not be able to dedicate the resource required for this approach. regular involvement with the business can often lead to a situation where no real end goal is achieved and those involved lose momentum. service Management frameworks are often seen as cumbersome or bureaucratic obstacles, and perhaps the development of more ‘Agile’ service Management is more in line with the current themes of running the organisation in a lean, efficient manner.

‘Agile’ principles applied to any service Management process can add value as they have a shared objective; to consistently deliver valuable service to the business. This is fundamental to ITIL, cMMI, six sigma and all other service Management frameworks. If this is kept in mind throughout the IT organisation, including senior management, day to day efficient operation and of course continual improvement of the service provided, then the resulting service will be much more closely aligned to the business and consistently deliver value.

Don’t ask ‘Why?’ ask ‘How?’icore take the principles of ‘Agile’ into all of our service Management engagements, whether those are process design, interim management or service improvement. We have also applied the principles to our standard ITIL v3 process models to indicate where ‘Agile’ methods will add value and demonstrate the benefits of a structured service management approach.

icore’s new Agile sIP Workshop will help you and your organisation rapidly identify the important issues that need to be addressed urgently. VitAL

for more information contact icore at [email protected] or call us on 0207 464 8883www.icore.co.uk

If your service

managers, incident and

problem teams meet

up early every morning

to discuss the previous

day’s issues then

they are conducting a

‘stand-Up’ meeting in

‘Agile’ parlance.

VitAL dIGesT


OVER MAny years training people in Service Management, I have

regularly been asked “Can you recommend a good IT Service Management tool?”, and my response has always been “What do you want it to do with it, and how much money have you got to spend?” That response is often greeted with a glazed expression. I suppose I could have just named half a dozen popular software tools, but would that really have helped them? I often explain that it’s like buying a car; you have a limited budget, and usually some very basic requirements like number of seats and engine size. The trick is then finding the right make and model at the right price. unless you are a seasoned purchaser of cars, the vast majority of people often only undertake a single 10 minute test drive, are easily influenced by a slick salesman’s patter and normally forget to ask about servicing costs and intervals and the cost of spares. unfortunately we don’t often make very good purchasing decisions.

Getting startedThere are now over 300 offerings on the ITsM tool market and you are certainly not going to look at all of them; so what do you do? You could ask for personal recommendations, you could search on the internet, you could attend an annual trade event like ‘The service desk show’, you could raise an Invitation to Tender (ITT), you could look at the Pink verify website or you could look at ads in popular service Management magazines like VITAL.okay let’s look at the options:personal recommendations, no two recommendations will be the same. You are looking at personal choice typically based on

experience of one or two tools, maybe clouded by personal experience of how well they were taught to use the system or a reflection of process issues. You could obviously ask a lot of people, but who’s judgement do you trust most and why?search on the internet, and you’ll find loads of vendors, that is if you can be bothered to look beyond the first page: why not try http://list.ly/list/cy-itil-tools for a more or less complete list based on popularity.Attend trade shows, and you’ll find lots of vendors, all spending lots of money trying to attract you to their stand. do you look at all the offerings on all the stands or just the biggest or busiest or the ones that give away freebees?Produce an invitation to tender (ITT). You may have to do this if you work in the public sector, but be prepared for a lengthy and expensive evaluation and selection process. The likelihood is that you’ll receive at least 20 to 30 submissions.Look at the pink Verify website, if you value functionality, then this is the place to start. It lists the tools in order of functionality, but not all tools are listed.Looking in magazines, this may be a good starting point, but at the end of the day and advert is an advert.By now if you are really serious about replacing your existing ITsM tool you should have initiated a project and have an agreed budget with some timescales and some resourced pencilled in.

Differentiating between the toolsBy following one of the methods above you probably now have a short list, or maybe

Buying an ITSM software solution

An ITSM tool can be a powerful business asset but Steve lawless, CEO of Wendia uK believes buyers should ensure that they get the right one

VitAL dIGesT


even a long list of tools in which you are interested. Now, how do you differentiate between them?• You could hold a ‘Beauty contest’ and

choose which looks the nicest, or you could look at what your business actually needs from an IT service Management toolset. I’m not talking about just technical functionality; I’m talking about true business requirements, the roI and Tco of the tool, long term supportability, scalability to grow as the business needs grow: and is the vendor committed to improve their offering?

• You could ask for a demonstration and a price quotation. In which case how are you going to evaluate the various demonstrations?

• You could ask to be allowed to play with it for a while or how about a free 28 day trial? In all honesty would a car dealer let you play with a Ferrari, when you’ve only just passed your driving test? could you really get the best out of a Ferrari or just scare yourself half to death?

• What level of functionality do you require? What is the scope now and in the future? Is it just Incident, service requests and change or do you need Financial and resource Management to allow you to cross charge and manage resources using the tool.

step 1) perform a requirements Analysis;step 2) Design the processes;step 3) toolset evaluation;step 4) toolset selection.

Requirements AnalysisIf you are looking to procure a tool that is ‘fit for purpose’ and ‘fit for use’ you should at the very least categorise your functional, technical and business requirements using the MoscoW method. categorise requirements into those you simply ‘Must’ have, those that it ‘should’ have, those that it ‘could’ have as long as it doesn’t preclude the Must have and should haves, and don’t forget those which it ‘Won’t’ have now but you ‘Would’ like some time in the future.

Is a saas option on your shopping list? If so you need to carefully consider the long

term cost of ownership versus a perpetual licence option.Typical advertised advantages of saas (from salesmen and marketing):• Good if you cannot afford to buy install and

maintain the software;• Don’t require specialised IT skills and

capabilities;• Rapid elasticity, add more capacity easily;• Reduce Total Cost of Server Infrastructure

ownership;• You can shift your spend from Capital

expenditure to operational expenditure.

some typical disadvantages of saas solutions (from techies and dissenters of saas solutions):• Security/Privacy/Data issues especially

if hosted abroad;• Regulatory compliance issues;• Off-line Connectivity issues;• Bandwidth issues;• Dependency on existing infrastructure;• Dependency of external consultants;• Vendor lock in;• Long term ownership costs;• Complex licensing can mean that TCO

can be difficult to validate.okay by now you have documented your

‘true’ requirements, now what are you going to do with this 100 page document? Use it as part of your evaluation...

Design the processesIf you recognise that all an ITsM tool does is automate what could otherwise be a manual process then you will understand that good efficient processes are a must. don’t rush this part of the project otherwise you will cause no end of problems, and additional reworking costs for yourself.

EvaluationBy now you should have a short list of vendors to approach, hopefully no more than five. You should also have a list of requirements, and some half decent processes against which to evaluate the tool.

How do you plan on carrying out an evaluation? Most organisations approach the evaluation phase based on either a day

long vendor presentation or by carrying out evaluation in a ‘sand pit’ area, or a combination of both. With a thorough evaluation process you stand a good chance of making the right selection decision, but you can improve your chances by talking to existing customers of the tool vendor, maybe a reference site visit and asking them some pointed questions like:• Why did you choose vendor X?• What other tools did you consider?• How easy was the implementation, and

were there any issues?• How easily did the vendor overcome

implementation issues?• How well do they support you after the

initial implementation was completed?• Do you think you are getting value

for money?• Would you buy from this vendor again?

SelectionAs part of your final decision making selection phase you should also consider the following points:• Can the vendor support your current

and future strategic, Tactical and operational requirements?

• How long will it take to implement and how quickly do you want results?

• How many resources will it take to make the tool work?

• How many tools and utilities do you want to integrate with or replace?

• How much do you want to fight with technology integration challenges?

• Do you want to fight with the tool to make it work, or deliver operational value to your company?

• How far can you configure the tool until you end up customising and then find out you can’t upgrade without costly rework or consultancy fees?

Ultimately the choice is yours, and hopefully you will end up with the right solution for you and your vendor. After all you will both be looking for a win-win relationship.

Good luck with your selection. VitALwww.wendia.com


VitAL dIGesT

WAn OPTIMIZATIOn is a solution that started to become widely adopted

when companies began centralising applications, pulling servers out of branch offices and running everything out of a large regional data centre or corporate headquarters, including file storage and email. Once this happened, the application response time for branch office employees became a big issue. In some cases, an enterprise application might take 45 seconds or more to respond every time the branch user pressed a key; in fact, it was not uncommon for a process that used to take five seconds take two to three minutes. This not only reduced employee productivity, but also undermined business operations. A branch office employee might require information to assist a customer immediately,

therefore a two to three minute delay could cause an order to drop or create a high level of customer frustration. WAn optimization addressed this problem by accelerating remote file and email access for users in branch offices and making enterprise applications run faster. In a sense, WAn optimization made data centre consolidation possible, because it solved the resulting problem of slow or broken applications in branch offices.

dATA ceNTre consolidation is now moving on to a new phase. companies

are increasingly looking to cloud-based applications and services in their efforts to drive down IT costs and add flexibility to the IT infrastructure. In particular, software-as-a-service (saas) is gaining popularity for a “pay-as-you-go” style of application cost and

The benefits of WAN optimization to business applications in the public cloud

By Nigel Hawthorn, Vice President EMEA Marketing, Blue Coat Systems

VitAL dIGesT


vastly simplified rollout and scale. A key issue to adopting this approach, however, is in how to ensure proper performance for business-critical applications.

Traditional WAN optimization is based on applying acceleration and optimization technologies between two points – a data centre where the application or data resides in a branch office where a user is located. This means that in the public cloud, it is not possible to deploy a WAN optimization solution, since your company does not control or manage the infrastructure. While this may be possible with a private cloud environment – perhaps cloud-based storage or backup – it is not with applications, such as salesforce.com.

In order to overcome these specific challenges and address the performance issues associated with public cloud-based applications, both internal and those beyond the IT department’s reach, WAN optimization is now able to accelerate applications and content from the public cloud with a single appliance in a branch office. rather than relying on a symmetric deployment of appliances between two points, the solution is asymmetric or “one-sided”. For businesses that adopt cloud-based applications and struggle with bandwidth and latency issues, this development is hugely advantageous, as users can access the applications they need to at optimum speed, and the corporate network can cope. With so many businesses moving to the cloud, performance is now a significant concern, and new devices that can enable them to drastically magnify the bandwidth for new web applications, large video file and dynamic Web 2.0 content, are increasingly necessary.

By addressing the issue of latency in the cloud and breaking down the barriers

to public cloud access, businesses can better understand and embrace cloud computing, along with the opportunities it presents. A one-sided WAN optimization device that functions in the public cloud essentially provides IT administrators with an element of control over the applications across the corporate network, as they do not need to worry about what is going on at the cloud provider’s end. This means that those companies that were previously nervous about taking the leap now have a clearer pathway to effectively and safely implement new architectures in the public cloud.

With the rise in online video streaming, advanced WAN optimization solutions can also prevent video floods from overtaking mission-critical applications while, at the same time, scaling the use of internal and web video across the distributed enterprise. WAN optimization solutions that include stream splitting for live streams and stream caching for on-demand content, can ensure users receive a high quality video experience without consuming WAN bandwidth beyond that required to serve the first viewer. This is available for Microsoft, real, Flash, silverlight and HTML5 content.

Whilst concerns in embracing the cloud were once centred on security, organisat ions should not forget the performance issues that could result from accessing public cloud applications. WAN optimization has moved with the times and evolved to meet these challenges, and one-sided asymmetric solutions now enable business applications accessed via the cloud to perform as they should. VitALwww.bluecoat.com

By addressing the issue

of latency in the cloud

and breaking down

the barriers to public

cloud access,

businesses can

better understand

and embrace cloud

computing, along

with the opportunities

it presents.

netsupport softwAre LtD

pink eLephAnt

kepner-tregoe

dIrecTorY


infrAVision

Delegate house, 30A hart street, henley-on-thames, oxon, rg9 2AL

t: +44 (0) 1491 635340 f: +44 (0) 1491 579835 w: www.infravision.com c: nigel todd e: [email protected]

BMc software’s #1 partner for service desk express and the Alignability Process Model, delivering rapid implementation of proven ITIL aligned processes, procedures, work instructions and tool settings, and transformation to service-led approach in only 12 weeks!

Quayside house, thames side, windsor, berkshire, sL4 1Qn t: +44 (0) 1753 856716 f: +44 (0) 1753 854929 w: www.kepner-tregoe.com c: steve white e: [email protected]

Kepner-Tregoe provides consulting and training services to organizations worldwide. We collaborate with clients to implement their strategies by embedding problem-solving, decision-making, and project execution methods through individual and team skill development and process improvement. clients build competitive advantage by using our systematic processes to achieve rapid, targeted results and create lasting value.

towngate east, market Deeping, peterborough, pe6 8ne t: +44 (0) 1778 382270 f: +44 (0) 1778 382280 w: www.netsupportsoftware.co.uk c: colette reed e: [email protected] provides a range of complementary remote support and service Management solutions that help organisations deliver a productive and cost effective IT support service. Products include multi-platform remote control solution Netsupport Manager, IT Asset Management suite Netsupport dNA and web based ITIL service Management tool Netsupport servicedesk.

Atlantic house, imperial way, reading. rg2 0tD

t: + 44 (0) 118 903 6824 f: + 44 (0) 118 903 6282 w: www.pinkelephant.com c: frances fenn e: [email protected]

Acknowledged worldwide as niche, independent, IT service Management education and consulting providers. Having trained more people than any other company in ITIL related subjects since 1987, we have contributed to all 3 versions of the ITIL books.

icore

60 Lombard street, London ec3V 9eA

t: +44 (0) 207 464 8883 f: +44 (0) 207 464 8888 w: www.icore-ltd.com e: [email protected] c: greg Lake

icore is the largest specialist IT service Management consultancy in the UK. Icore has a long & impressive track record in delivering & embedding pragmatic IT service management, solutions, relying on the deep, real world experience of our mature & determined consultancy team.

www.vital-mag.net

g2g3

panama house, 14 the high street, Lasswade, eh18 1nD

t: + 44 (0) 131 461 3333 f: + 44 (0) 131 663 8934 w: www.g2g3.comc: David Arrowsmith e: [email protected]

G2G3 is the leading provider of communication tools, gaming solutions and simulations that propel enterprise IT and business alignment. Headquartered in the UK, G2G3 has a strong global network of partners supporting the Americas, europe and Asia-Pacific.

hornbiLL systems

Ares, odyssey business park, west end road, ruislip, hA4 6QD

t: 020 8582 8282 f: 020 8582 8288 w: www.hornbill.com c: [email protected] e: [email protected]

Hornbill develops and markets ‘supportworks’, applications for IT service Management (ITsM) and business helpdesks. Hornbill’s ITsM & service desk software with a ‘Human Touch’, enables its customers to provide excellent service while benefiting from consolidation on a single technology platform.

iccm soLutions

cedar house, riverside business Village, swindon road, malmesbury, wiltshire, sn16 9rs

t: + 44 (0) 1666 828 600 f: + 44 (0) 1666 826 103 w: www.iccm.co.uk c: kate springer e: [email protected]

one of the overriding directives of IccM solutions is the simplification of complexity in service Management environments. IccM provides a global client base with sophisticated ITIL aligned service Management solutions built on Business Process Management (BPM) Architecture, from Metastorm BPM®.

mAnAgeengine

zoho corp, 4900 hopyard rd, suite 310, pleasanton, cA – 94588, usA t: 925-924-9500 f: 925-924-9600 w: www.manageengine.com e: [email protected] c: gerald A. raja Manageengine servicedesk Plus is highly customizable, smart and flexible Help desk software used by more than 10,000 IT managers worldwide in 23 different languages. It helps you to implement ITIL best practices on the go and restore your IT services on-time.Manageengine has a suite of software products in enterprise IT management space like Network monitoring, desktop Management, Applications, Logs, Ad management, et al.

test mAgAzine

dIrecTorY


.

it serVice mAnAgement forum e-wArehouse

Dennis ADAms AssociAtes

tel: +44 (0)845 055 8935www.dennisadams.co.uk [email protected]

dennis Adams Associates IT Management consultants enable clients to:l Build high performing IT Management

teamsl Implement effective IT strategyl create empowering IT Processes

and Proceduresl establish Production supportable

Technology roadmapsl Be visibly Accountable to the Business

AVocent LAnDesk

Dukes court, Duke street, woking, surrey gu22 7AD

t: +44 (0) 1483 744444 f: +44 (0) 1483 744401 w: www.landesk.com c: sarah Lewis e: [email protected] delivers IT operations management solutions that reduce operating costs, simplify management and increase the availability of critical IT environments 24/7 via integrated, centralized software. This includes systems Management, security Management, data centre Management and IT service Management.

three tuns house, 109 borough high street, London, se1 1nL

t: +44 (0) 870 863 6930 f: +44 (0) 870 085 8837 w: www.testmagazine.co.uk c: tim fleming e: [email protected]

TEST is a publication designed specifically for individuals and organisations aligned with software testing. With independent, practical, and insightful editorial TEST aims to inspire its readers and provide its advertisers with a clearly defined route to market.

150 wharfedale road, winnersh triangle, wokingham, berkshire. rg41 5rg

t: 0118 918 6503 f: 0118 969 9749 w: www.itsmf.co.uk c: ben clacy e: [email protected]

The itsMF is the only internationally recognised and independent organisation whose sole focus is on the on-going development and promotion of IT service Management ’best practice‘, standards and qualifications. The forum has 14,000 UK members and official itsMF chapters in 44 countries

e-warehouse Ltd, hampden house, hampden house, monument park, chalgrove,oxfordshire , oX44 7rw

t: 0845 299 7539f: 08717143802w: www.oxygenservicedesk.comc: Victoria eggletone: [email protected] Oxygen Service Desk is a process automation engine that simply interprets your pre-defined business processes and then mobilises the actual process, pushing work tasks to people and to systems, streamlining how the processes run across your entire department or organisation.

www.vital-mag.net

cherweLL softwAre

Lime kiln house, Lime kiln, wooton bassett, wiltshire, sn4 7hf

t: + 44 (0) 1793 858181 w: www.cherwellsoftware.com/contact

cherwell service Management delivers ITIL v3 best practice ‘out-of-the-box’ including: Incident, Problem, change, cMdB, sLA, Knowledge, self-service and is PinkVerIFY certified. our unique cBAT development platform empowers users to fully customise screens, workflow processes and develop additional business applications. The cherwell solution is available via a standard license model or ‘on demand’ saas service.

unipress softwAre

unipress software – London

unipress software Ltd

2 sheraton street

London, w1f 8bh

t: + 44 (0) 8450 646566 f: + 44 (0) 8450 636261 w: unipress.co.uk e: [email protected]

Web Help desk is a 100% web-based helpdesk solution which provides a low cost of ownership, ultimate portability and simple implementation. A totally cross-platform solution, Web Help desk has a diverse feature-set that will allow you to fulfil any submitted request more efficiently and effectively.

Apmg

sword house, totteridge road, high wycombe, buckinghamshire, uk

t: + 44 (0) 1494 452 450 f: + 44 (0) 1494 459559 w: www.apmg-uk.com c: nicola mckinney e: [email protected]

As an accredited ITIl® Examination Institute, APMg offers our training organizations a range of benefits to help them demonstrate the quality and professionalism of their services.Call us to find out how your business could benefit from our accreditation services.

siteheLpDesk.com LtD

eagle house, Lynchborough road, passfields , hants gu30 7sb

t: +44 (0) 207 419 5174 f: +44 (0) 870 138 3824 w: www.sitehelpdesk.com e: [email protected] c: bryan taylor

sitehelpdesk.com will take you to the forefront of service delivery with a suite of products designed to provide you with low cost web browser based action tracking and self-help, making your services instantly available 24 by 7.

innovat ion for software qual i ty

VitAL: Name, company and job title please? Married? Kids?noel bruton: Independent consultant, trainer and author in IT user support management. Married, one son, one stepdaughter, neither is a kid any more.

VitAL: What got you started in IT?nb: In 1979 when I graduated, it was the coolest industry on the planet and it too was only just getting started. It looked like a great place to build a career. It has proved to be that thus far.

VitAL: Was there any one person or organisation that was your inspiration?nb: Not one. IcL and Apricot excited me on the technology side. But P&P Micro showed me that even big corporates needed guidance on how to run IT user support better, which inspired me to start the consultancy and training business in 1991.

VitAL: What was your first IT job, what was your first major IT triumph?nb: First IT job was specifying mainframe terminal systems for IcL customers. Lots of minor triumphs like writing ‘The Apricot Guide to Mainframe communications’ in 1985. But first major triumph was writing ‘How to Manage the IT Helpdesk’, which has become an industry bestseller and used in professional qualifications. And I was also pretty flattered to see so many of the ideas from my book ‘Managing the IT services Process’ echoed a few years later in ITIL Version 3.

VitAL: did you ever make any embarrassing mistakes? What did you learn from them?nb: In the early 1980’s, I spent two years as a salesman of computer peripherals. I did it for the money rather than because it was what I wanted, and I was terrible at it. They fired me, thankfully. It was early enough in my career to bounce back and I realised that IT support was my true home.

VitAL: What do you like best about your job?nb: during a consultancy or training engagement, seeing a user support department suddenly blossom after they now understand how to improve. The manager starts managing rather than just presiding, the staff start enjoying their work and the services improve. It’s magical and I love it.

VitAL: What is your biggest ambition?nb: To create a practical, universal methodology for running IT support. ITIL promised it, and has never delivered and never will, because it’s departed user support – so somebody else is going to have to. I’m nearly there with the methods themselves. But the presentation of the documentation is a big effort and very time consuming.

VitAL: What are your hobbies or interests?nb: I’m a musician. I write and produce soundtracks for computer adventure games, which my wife Karen and I create and publish. I love cooking, as my waistline testifies. Also just moved house, and I’m keen to create a great kitchen garden here. And being Mancunian by birth – born in stretford – I am a legitimate follower of the fortunes of Manchester United Fc.

VitAL: What is the secret of your success?nb: Know who you are and what you want and follow it. Pursue what makes you happy. others will try to gain power from you by insisting that you do it their way – take from these only what is useful and discard what is mere manipulation and hyperbole. don’t ‘believe in’ anything – instead use only what you see. And if you get a good idea, write it down, no matter how irrelevant it may seem now, as it may serve you years later.

VitAL: Noel Bruton, thank you very much.

Noel BrutonConsultant, trainer and author


secreTs oF MY sUccess

Know who you are and

what you want and follow

it. Pursue what makes

you happy. Others will

try to gain power from

you by insisting that you

do it their way – take

from these only what is

useful and discard what

is mere manipulation

and hyperbole.

www.vital-mag.net

For exclusive news, features, opinion, comment, directory, digital archive and much more visit

www.vital-mag.net

www.31media.co.uk

vitalONLINE

Print Digital Online

vital magazine - july-august 2011

Documents

new technology solution

cherwell service management

directioninnovative

vital sets

cherwell choices available

business tool

modern businessvolume

business fundamentals