Page 1

VOLUME 8 | ISSUE 1 | Januar y - Febr uar y 2014


Is the future of online retailing up in the air? Or will it remain grounded?

INSIDE 2014: Looking ahead The consumerisation of IT

VitAL Security The hard truth about DNS attacks


Contents 8 NEWS Two out of three people will be too

embarrassed to wear Google Glass

Coming April 2014…

12 VitAL NEWS FEATURE Twice in one week… 30. The perfect marriage: Mobile and enterprise social networks

Sophie-Marie Odum reports on the major banking glitches that took place during the busiest shopping time of the year…


20 VIEWPOINTS Christmas 2013 – a cracker or ghosts in the machine?

Cyber security trends for 2014 Ron Gula looks at the top cyber security trends for 2014…

16 The consumeration of IT Bob Janssen shares his 2014 business IT predictions with Sophie-Marie Odum…


If it’s broke, fix it… If it’s not broke, break it!

 BUSINESS TRENDS / 24 SOCIAL TECHNOLOGIES Bring your own cloud As we begin to enter a new phase of bring your own cloud, Ron Faith believes that this will be met with some reluctance from apprehensive CIOs and IT managers…

16. The consumeration of IT

30 The perfect marriage: Mobile and enterprise social networks BYOD is here and it needs your enterprise social network to thrive: Are you ready? Asks Elizabeth Brigham…

24. Bring your own cloud | January-February 2014



Contents 32


38. Is the future of online delivery up in the air? Or will it remain grounded?

The hard truth about DNS attacks Sophie-Marie Odum speaks to Chris Marrison about the rise in DNS attacks and how can companies protect themselves against such attacks…

36 Will a move to “the cloud” help SMEs fight cyber-crime? Small businesses may be sceptical about adopting cloud computing by David Sturges explains how doing so can help address some security issues…


COVER STORY Is the future of online delivery up in the air? Or will it remain grounded? Sophie-Marie Odum looks at how Amazon’s Prime Air service will affect the future of online retailing and talks to Mark Brill about future technologies that could help businesses ensure customers receive efficient and convenient delivery services…

 T SERVICE 42 IMANAGEMENT PITFALLS Mr SPOCK’s views on ITSM Consultant and trainer in project management and IT service management, Vladimir Ivanov AKA Mr SPOCK shares the common ITIL failures and offers some helpful advice…


The five top pitfalls of ITSM software TOPdesk looks at the top five pitfalls of IT service management software that can have a negative impact on your organisation …

50  VitAL PROCESSES A new balancing act Growth in virtualisation is driving the migration of IT budgets and changing the market landscape, says Peter Melerud… | January-February 2014

 VitAL 52 MANAGEMENT The dangers of shadow IT: known unknowns Richard Acreman looks at how the standard IT function works within a business, and what happens when non-IT workers take on responsibilities that should be handled within the IT department…

58 The intelligent approach to the service supply chain VitAL Magazine looks at the intelligent approach to the service supply chain, which is moving to ensure the highest level of customer service can be offered at all times...

 REAKTHROUGH 60 BTECHNOLOGY Whirling mobile phones and hovering champagne bottles Sophie-Marie Odum investigates a new product that allows companies to reinvent their products and excite their customers...


Leader EDITOR Sophie-Marie Odum Tel: +44 (0)203 056 4599 TO ADVERTISE CONTACT: Sarah Walsh Tel: +44(0)203 668 6945 DESIGN & PRODUCTION Tina Harris EDITORIAL & ADVERTISING ENQUIRIES 31 Media Ltd 41-42 Daisy Business Park, 19-35 Sylvan Grove, London, SE15 1PD Tel: +44 (0) 870 863 6930 Email: Web: PRINTED BY Pensord, Tram Road, Pontllanfraith, Blackwood, NP12 2YA © 2013, 31 Media Limited. All rights reserved. VitAL Magazine is edited, designed, and published by 31 Media Limited. No part of VitAL Magazine may be reproduced, transmitted, stored electronically, distributed, or copied, in whole or part without the prior written consent of the publisher. A reprint service is available. Opinions expressed in this journal do not necessarily reflect those of the editor or VitAL Magazine or its publisher, 31 Media Limited. ISSN 1755-6465 PUBLISHED BY: T H I R T YO N E

VitAL Magazine, proud to be the UKCMG’s Official publication. ITIL ® is a Registered Trademark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the US Patent and Trade Mark Office. PRINCE2 ® is the Registered Trade Mark of the Office of Government Commerce. MSP ® is the Registered Trade Mark of the Office of Government Commerce.

Happy New Year! How are the New Year resolutions coming along? Personal resolutions can fall by the wayside very quickly, but when it comes to setting goals for the business, these are not taken as lightly. What are your resolutions for the business? What technology and software do you hope to implement this year to help drive forward your organisation and increase market share? Have you considered how big data can help? Rather than just defining big data, it’s hoped that 2014 will see businesses shift to talking about how big data can actually be integrated into processes and begin to see real commercial value from it. 2014 will also see businesses who are already utilising advanced technology – such as wearable technology and the cloud – use this to drive new software development, processes and tools to benefit customers. And as customers become more reliant on their mobile and expect information to be instantly accessible, how can your company ensure consumers receive a consistent, cross-device experience? If you are not doing so already that is. Providing the ability to move quickly from one device to another and continue an activity, or multi-task with numerous devices, will become a brand differentiator in 2014. And not forgetting security, how will your business prevent sophisticated malware attacks? The countdown is on to April 8th when support for six of the most popular Microsoft products is set to end. Back in September, we reported that 52% of CIOs and IT leaders did not have formal plans in place for how to deal with the fast approaching end of Windows XP. Whilst it’s hoped that this percentage has decreased, come Wednesday 9 th April, millions of workers could still be faced with a big issue. Whether it’s deemed a lengthy, complicated or costly project, not investigating how you will migrate could carry huge potential risks. There are steps that can be taken to streamline, accelerate and reduce the cost of migration. The start of a new year brings excitement and reservations about what the next 12 months has in store. But with forward thinking, careful planning and innovative ideas, it can be welcomed and seen as the perfect opportunity to develop concepts and try new approaches and processes. All the best for 2014!

Sophie-Marie Odum Editor | January-February 2014



Two out of three people will be too embarrassed to wear Google Glass Google Glass is rumoured to be launching sometime around April 2014, but is this much talked about product set for failure before it even hits the shelf?, the UK discount code site, recently surveyed 1,132 people to find out whether or not they plan to embrace this new wearable tech, and the results have thrown up some very interesting findings. 68% of those asked said that they were unlikely to invest in Google’s latest

invention because they would feel too embarrassed to wear it in public. A similar number also said that they would not feel comfortable talking to somebody else who is wearing the device due to safety and privacy issues. It is thought that the state-of-theart glasses, which enable users to experience augmented reality, will start at around $600 USD when they eventually hit the shops, and according to the results of the survey, this will also put a lot of people off. 53% of the

people who participated said that the price was too high, while 61% stated that they had no need for another gadget of this kind. Is Google Glass set to join the list of inventions which have famously failed to catch the public’s imagination in the past, such as the Sinclair C5, Betamax or the Segway? With Apple also delving into the world of wearable technology in the form of their upcoming iWatch, only time will tell which company will come out on top in this developing market.

Facebook sued over alleged private message ‘scanning’

Survey reveals digital leaders views on 2014 and beyond

Facebook Inc. is being sued over allegations it systematically intercepts its users private messages on the social network and profits by sharing the data with advertisers and marketers.

Only 10% of digital leaders feel that their organisation has enough resources to address the management issues and IT trends that their company has prioritised, according to the annual digital leaders survey from BCS, The Chartered Institute for IT.

On December 31st 2013 attorneys for the two plaintiffs filed documents with the court alleging that Facebook violated two privacy laws, specifically the Electronics Communication Privacy Act and the California Invasion of Privacy Act. Campbell and Hurley cite August 2013 findings from Swiss information security firm, High-Tech Bridge that appeared to show that Facebook scanned through URLs in private messages without disclosing it to users. According to the study, High-Tech Bridge used a dedicated web server and generated a “secret URL” for 50 of the largest social networks, web services, and free email systems. The firm then used the private messaging feature in each of the services with a unique URL. It then monitored its web server to determine which of the web services would “click” on the test URL. When users compose messages that include links to a thirdparty website, Facebook scans the content of the message, follows the link and searches for information to profile the message-sender’s web activity, violating the Electronic Communications Privacy Act and California privacy and unfair competition laws, according to the suit.

In addition, more than half surveyed (57%) indicated that they need enhanced IT skills among their existing workforce; 48% require additional IT staff that are suitably qualified; and 37% would like a bigger budget. Adam Thilthorpe, director of professionalism for the Institute, said, “These results reinforce the impact IT has on business today. The digital leader or CIO needs the right people with the right skills to enable an organisation to improve productivity, increase efficiency and maximise competitive advantage in the marketplace.” Digital leaders were also asked what they considered to be their organisation’s top three management issues over the next 12 months: 64% said business transformation and organisational change; followed by strategy and planning (49%); and operational efficiencies (47%). When asked what they consider to be their organisation’s top three IT topics or trends for the next 12 months: 57% said mobile computing; followed closely by information security (53%); and cloud computing (49%).

Coming April 2014… Robert Rutherford, CEO of QuoStar, looks ahead at one of the biggest IT events of the coming year “The big red circle on IT managers’ calendar is around April. April will see the first major software expiry event of the decade as six of the most popular Microsoft products go end-of-life – including XP and Office 2003. Without updates, the software, and everything connected to it, will rapidly become vulnerable to outside dangers varying from viruses and malware through to hacking.


“It should also be noted that failure to upgrade will typically be recognised as a control failure by an internal or external audit entity, potentially leading to suspension of certificates, and possibly public notification of the organisation’s inability to maintain its systems and company information. “Businesses should be preparing for this already, or the sleepless nights will soon be getting more frequent for IT managers and business leaders who don’t have their budgets and system updates in place.” | January-February 2014


Smooth web experience is crucial to sales process With the high street reflecting on a festive period that failed to deliver on early promises, online retail continues to go from strength-tostrength. Figures from accountancy firm, BDO, showed December nonstore sales leaping 31.1%, rising to growth of 55.7% in the week before Christmas. High street sales dropped by 2.2% last month, meanwhile. As web commerce continues to eat into traditional sales, providing customers with a smooth online experience has never been more important. Adrian Butcher from OpenText, says basic errors can have big implications for retailers, “While shops have been furiously discounting prices in a bid to attract shoppers, it’s critical that their good deals aren’t overshadowed by simple mistakes,” he said. “Clunky websites, a lack of visual consistency between products viewed on different devices and poor online traffic management can be a deal breaker in the sales process. Retailers need to communicate clearly with the customer by ensuring they have a sound online infrastructure and automated processes in place to deliver an excellent customer experience.”

An official accreditor for the Global Best Practice portfolio From 1st January, AXELOS became the official accreditor for the Global Best Practice portfolio, which includes ITIL and PRINCE2. ITIL is the most recognised framework for IT service management in the world. Exams are available in 21 languages in more than 150 countries. Among the organisations to adopt ITIL best practice is Disney, which employs thousands of IT professionals worldwide. PRINCE2 is said to be one of the best known and most successful project management methods. To date, more than one million exams have been taken in more than 120 countries. The portfolio also includes Managing Successful Programmes (MSP), which was used by project managers at the Government Olympic Executive for the London 2012 Olympic and Paralympic Games.

Most hacked apps in 2013 Arxan Technologies has released research revealing that 100% of the Top 100 paid Android apps and 56% of the Top 100 paid Apple iOS apps have been hacked. As the growth in mobile innovation continues, payment use accelerates and transaction volumes increase – especially during seasonal shopping spikes – mobile app security remains a critical issue. In its second, annual, State of Security in the App Economy report, Arxan found “cracked” mobile apps to be widespread, highlighting the potential for massive revenue loss, unauthorised access to critical data, intellectual property (IP) theft, fraud, altered user experience and brand erosion as even more companies move toward App centric innovation and more employees leverage mobile technology. The report updates last year’s research into the pervasiveness of hacked apps across all industries from third-party sites outside of the Apple App Store and Google Play market places. Mobile applications are still subject to diverse hacking attacks that are launched via a three-step process – analysis of code, identifying software target and launching an app attack. The report also found that hackers continue to target free apps as 73% of free Android apps and 53% of free iOS apps were found to be hacked in 2013. In 2012, 80% of Android apps and 40% of iOS apps had been compromised.  Furthermore, 53% of the Android financial apps reviewed had been “cracked” while 23% of the iOS financial apps were hacked variants. Mobile banking and payment apps were included as part of this year’s research. | January-February 2014

“The widespread use of ‘cracked’ apps represents a real and present danger given the explosion of smartphone and tablet use in the workplace and home,” said Kevin Morgan, CTO, Arxan. “Not only is IP theft costing software stakeholders millions of dollars every year, but unprotected apps are vulnerable to tampering: either through installed malware or through decompiling and reverse engineering – enabling hackers to analyse code and target core security or business logic that is protecting or enabling access to sensitive corporate data. “Pirated versions of popular software are available on numerous unofficial app stores like Cydia, app distribution sites, hacker/cracker sites and file download and torrent sites. During our research we discovered that some of the hacked versions have been downloaded over half a million times which gives a sense of the magnitude of the problem especially as we embark upon a season of high consumer activity that will involve payment transactions, and consumption of products and services via the mobile endpoint. “The challenge for greater mobile application security remains significant and core recommendations for improving mobile application security need to be integrated early in the application development lifecycle and made a key component of any mobile first strategy”.



Are you ready for a DDoS attack? New research from Corero Network Security reveals that many businesses are failing to take adequate measures to protect themselves against the threat of a DDoS attack. A survey of 100 companies revealed that in spite of the reports about the cost of downtime and the potential for DDoS attacks to mask greater threats, businesses are failing to put in place effective defenses or plans to mitigate the impact of a DDoS attack against their organisation. More than half of companies lack adequate DDoS defense technology, and 44% of respondents have no formal DDoS attack response plan. The survey asked respondents about the effectiveness of their plans to prevent, detect and mitigate the damage of a cyber-attack, including examining their incident response plans from the standpoint of: infrastructure, roles and responsibilities, technology, maintenance and testing. The findings revealed a lack of planning on multiple levels, whilst nearly half of businesses lacked a formal DDoS response plan. The problem was compounded by out-of-date network visibility as more than 54% of respondents have outdated or nonexistent network maps. Furthermore,

approximately one in three businesses lacked any clear idea of their normal network traffic volume, making it more difficult to discern between routine traffic peaks or high traffic volumes that could signal a DDoS attack. Corero also found that many companies have under invested in their security infrastructures and have done little to verify that the solutions they have implemented will work when needed. Respondents are continuing to rely on firewalls to mitigate the impact of DDoS attacks, reaffirming the findings of previous surveys. Approximately 40% of respondents depend on firewalls, while 41% have a dedicated DDoS defense technology in place. However, even amongst those companies that had invested in DDoS defense technology, many are failing to optimise the systems with regular tuning and updating. Nearly 60% do not test their DDoS defenses regularly with network and application-layer tests. Beyond the technology implementations and planning, the survey also found that nearly half of the businesses surveyed do not have a dedicated DDoS response team. For the organisations

that do have a team in place, most of them do not have specifically defined roles and responsibilities for responding to DDoS attacks. This lack of preparation could lead to additional delays in initiating the appropriate response, leaving the corporate network in the hands of attackers until the response team coordinates its activities. Ashley Stephenson, CEO of Corero Network Security, said, “With an increase in malicious attacks on organisations from cyber criminals, ideological hacktivists, nation states and even competitors, there is no foreseeable end in sight to the use of DDoS as a common method of intentional disruption. It is concerning to see the lack of preparedness of some businesses to a type of attack which has the potential to cause significant lost revenues and serious brand damage.”

Tougher PCI DSS audits on the way January 1st signalled the beginning of audits conducted under version 3.0 of the Payments Cards Industry Data Security Standard (PCI DSS). A number of changes to the standard will shortly take effect with significant impact, driving processors to exclude as much as possible from the scope of the standard. Sam Maccherola, UK MD, Guidance Software, commented, “PCI DSS audits this year will be much tougher. The key change is the new requirement (2.4) to ‘inventory... system components that are in scope.’ This forces security specialists to focus more closely on what is in and out of scope, to identify and to provide a business justification for any endpoints. “This demands new approaches to compliance. We propose that best practice for scoping and segmentation is to start by carrying out a whole-network detection exercise for card


data and endpoints, rather than a traditional, time intensive engineering led analysis. Such an approach is, unlike more primitive approaches, readily repeatable for the purposes of maintaining the inventory, as now required by the standard. “Accurately identifying, and thereby minimising in-scope systems will make compliance with other new requirements more easily achievable. For example, requirement 5.2, on anti-malware measures demands that a more proactive stance be taken to look for anomalous behaviour before ‘evolving’ – live and zero-day – threats result in actual losses. On a smaller, more visible network, approaches needed to affect this are much easier to automate and manage. Similarly, pen testing, which will be conducted according to accepted commercial methodologies and assess the effectiveness of segmentation, is potentially less expensive and complex.” | January-February 2014


Salary hikes for IT professionals The biggest salary increases for IT professionals are for roles that demand specific experience in big data analytics; ecommerce and mobile; and IT security. Salaries for all those roles will rise by 4% or more between 2013 and 2014, – outpacing the average UK salary rise rate of 2.5%, according to the Robert Half Technology 2014 Salary Guide. The findings of the Salary Guide echo a report from the UK Commission for Employment and Skills (UKCES) that employment in the IT industry grew 5.5% between 2009 and 2012, more than three times faster than the UK average. Directors are already reporting IT skills shortages and challenges in finding IT professionals, particularly in software/ applications development, infrastructure, cloud technology and security.

The trend is being driven by the need for organisations to remain commercially focused, looking to enhance employee productivity by updating desktop and business applications while also investing in customer-facing initiatives to provide a dynamic online experience. According to e-skills, half of firms blame IT skills gaps for delays in developing new products or services, thereby hindering further plans for growth. The report also found that the best paid roles in IT are the chief information security officer (CISO), which will rise by 3.5%, followed by chief architect (2.4%) and then the chief information officer, which will rise by 2.3%. Attracting the right IT skills is only half the battle, says Robert Half. Retaining in-demand IT professionals for the long term is the other – and often more difficult – challenge. 

Best paid roles in information technology Role

UK 2014 salary range

London 2014 salary range

% rise over 2013

Chief Information Officer (CIO) Chief Technology Officer (CTO) Chief Information Security Officer (CISO) Chief Architect IT Director IT Manager/Head of IT

£120,500 - £230,000+ £79,750 - £150,250 £75,000 - £134,500

£155,500 - £297,000+ £103,000 - £193,750+ £96,750 - £173,500

2.3% 1.5% 3.5%

£78,750 - £143,500 £89,250 - £120,750 £77,000 - £108,500

£101,500 - £185,000 £115,250 - £115,750 £99,250 - ££140,000

2.4% 2.2% 1.9%

Big demand for big data specialists

Malvertising on Yahoo!

Britain’s biggest businesses are heading for a major skills gap. A new report is predicting there will be a 243% increase in demand for big data specialists by 2017– and over half (57%) of business leaders say they already have challenges hiring people with these skills.

A recent report published by Fox-IT, revealed that hackers are using Yahoo’s advertising servers to distribute malware to hundreds of thousands of users since late last month, affecting thousands of users in various countries. “Clients visiting received advertisements served by Some of the advertisements are malicious,” the firm reported.

The era of big data represents a major opportunity for the UK in the new information economy, where analytics can be used to give organisations the power to know much more about their business and customers. Big data could deliver revenue of more than £200 billion to the UK economy up to 2017. It’s been recognised by the UK government that it needs to work together with businesses and academia to tackle this problem. In an attempt to bridge the gap, business analytics firm, SAS is already partnering with universities to develop courses to produce graduates with the right mix of skills. And many believe, like IT, data-related subjects could soon be on the school curriculum in the near future. At the inaugural SAS Careers Fair at Brunel University, 10 businesses alone had more than 100 vacancies for data analysts, with starting salaries for graduates up to 25% more than the current average. The Fair also attracted over 250 students from 15 different universities. Speaking at the SAS Careers Fair, Dr Liam Fox MP said, “It’s quite clear that this incredible resource that is big data is such that if we can unlock its potential to lead to efficiency and, more importantly, innovation in business, then clearly that is going to create wealth. Data handling skills are important for all of us and increasingly so.” | January-February 2014

In response, Amichai Shulman, CTO Imperva, said, “Regardless of the specific ad platform, platforms that are used for targeted advertising are of course equally effective for targeted malvertising. They create an opportunity for an attacker to target specific geographies, specific crowds (programmers, travellers to specific destinations) and even specific people. For an ad platform it is virtually impossible to guarantee 100% malware free ads. “Ad platforms should keep doing what they do (guarantee 100% effort, not 100% results) as consumers can really do nothing but to keep their computers as patched as possible. Enterprises must accept infection of devices is inevitable. The outcome of such an infection with respect to enterprise data can be mitigated through close monitoring and protection of the data sources.”


VitAL News Feature

Twice in one week… Sophie-Marie Odum reports on the major banking glitches that took place during the busiest shopping time of the year… Monday is dubbed the busiest shopping day of the C yber year, so obviously not the most ideal day for a major

banking system to go down… but it did, and then again three days later. An estimated 750,000 RBS, NatWest and Ulster Bank customers were unable to use their credit and debit cards for three hours on Monday 3rd December. Then on Friday 6th, RBS was hit by a distributed denial of service (DDoS) attack, which took down its online services. In regards to Cyber Monday’s outage, RBS chief executive, Ross McEwan said in a statement: “Last night’s systems failure was unacceptable.Yesterday was a busy shopping day and far too many of our customers were let down, unable to make purchases and withdraw cash. “For decades, RBS failed to invest properly in its systems.We need to put our customers’ needs at the centre of all we do. It will take time, but we are investing heavily in building IT systems our customers can rely on. “I’m sorry for the inconvenience we caused our customers.We know we have to do better. I will be outlining plans in the New Year for making RBS the bank that our customers and the UK need it to be.This will include an outline of where we intend to invest for the future.” Customers reported long queues at cash machines, with many not working at all, and shopping being abandoned in supermarkets as customers were unable to pay.

A warning to businesses everywhere According to Pontus Noren, co-founder and director of Cloudreach, the statement from McEwan is a stark warning to businesses everywhere. McEwan has admitted that for decades RBS has failed to invest properly in its systems and it’s taken three major IT catastrophes with a huge negative effect on its customer base to force them to invest (In 2012, a major IT failure locked many RBS, NatWest and

With DDoS tools becoming more advanced and pervasive, all IT operations should work under the premise that they will be attacked and plan accordingly 12

Ulster Bank customers out of their accounts for several days). Noren believes that business leaders must urgently take warning from RBS’s poor example, and take a serious look at the future of their IT infrastructure. He said, “Business leaders must see the failures by RBS Group to invest in its IT systems as both a lesson and a warning. The costs to the bank both financially and to its reputation are significant and could have easily been mitigated if there had been the correct amount of planning at the boardroom level. Following this example, the strategic impact of IT needs to be at the top of the agenda for every business leader. “System hardware upgrades don’t always have to be costly. Services like cloud computing enable organisations to store all their data externally and scale up and down with demand when required. Outsourcing data storage means organisations will have access to the most up-to-date technology that’s constantly evolving. The RBS group should seriously consider outsourcing their IT services, to avoid situations like customers being unable to access their money on Cyber Monday, one of the busiest shopping days of the year.”

You will be attacked, so prepare Commenting on the DDoS attacks, Jag Bains, CTO of DOSarrest Internet Security, believes that no business is safe from a DDoS attack – no matter how big, or small, they are – and RBS should have therefore been prepared. “The transparency shown by RBS in admitting that they failed to invest properly in their IT systems, is a common refrain amongst many enterprises, large and small. While each organisation may have multiple reasons for failing to invest, they all share the same notion that they won’t be a target until they get attacked. “With DDoS tools becoming more advanced and pervasive, all IT operations should work under the premise that they will be attacked and plan accordingly. Every stack and layer within their purview should be reviewed and they should identify cost effective cloud solutions for their DDoS which provides much better performance and mitigation than expensive hardware.” | January-February 2014

2014: Looking Ahead

Cyber security trends for 2014 Ron Gula, CEO at Tenable Network Security, looks at the top cyber security trends for 2014…

• Increased use and sophistication of malware Although malware targeted towards mobile and OS X will continue to rise, it is unlikely that it will approach the levels we see targeted towards Windows desktops. OSX has become a larger target for malware writers, due to their newfound popularity, while smartphones continue to be targeted due to continued failure of users to secure and update their mobile software. Additionally, malware will become increasingly evasive and targeted, behaving much like a penetration tester, simulating attacks to analyse weaknesses in network security. Throughout 2014 we will also start to see an increase in malware that can evade the latest forms of malware defences. Over the past few years, the use of “sandboxes” which allows products and analysts to safely open up malware to observe its behaviour has grown very popular. Malware writers will leverage evasion techniques for this technology.

• Government/Compliance National cyber security will remain high on the agenda next year. Throughout 2014, the UK cabinet office will continue to invest £180 million in cyber security, increasing this amount to £210 million in 2014-2015. The US Department of Homeland Security’s $6 billion procurement of IT security tools, known as Continuous Diagnostic Monitoring, will be watched closely by other countries, causing more governments to invest in similar monitoring strategies. Furthermore, while 2013 saw the height of investment in threat solutions, 2014 will see this start to swing back to a more balanced spend between threat and compliance software, with the development of new sets of real-time and scalable technology. It’s no surprise that PCI regulations will continue to dominate any type of online commerce or credit card transactions. PCI 3.0 was recently released and what’s remarkable is how little was actually modified, especially in the face of heightened malware activity. 

Organisations will start to realise that there is very little difference between phones, tablets, laptops and desktops. If a device is mobile, it needs to be encrypted, secured and audited demand that “local” copies of cloud providers be offered. A benefit of cloud services is centralised, common resources. When countries start to demand data centres, support centres, etc, in their own country this will drive up the costs of the cloud. Additionally, the mobile device management market will continue to stay vibrant, as more and more organisations start to tackle the BYOD problem. There will also be an increase in acquisitions and consolidation of MDM vendors throughout 2014, leading to a continuously changing market landscape.  And lastly, organisations will start to realise that there is very little difference between phones, tablets, laptops and desktops. If a device is mobile, it needs to be encrypted, secured and audited. If a device is owned by the user and not the company, the proper policy and controls need to be in place to ensure the employee’s privacy, and the company’s privacy, are protected. 


Another new trend in 2014 will be the increased adoption of the Common Controls. This effort, original from the SANS training organisation, focuses on 20 controls that organisations can employ to increase their security profile and make demonstrating compliance easier. I’ve spoken with many CIOs across the globe and most are aware of this standard and are actively implementing it in their organisation. 

The MSS market will continue to stay strong. There will be two types of MSS offerings – those that offer basic security services, such as a managed firewall, and those that offer extremely high-end capabilities such as incident response and APT detection. In 2014, the MSS market will expand into all traditional security areas. Today, there are plenty of firms that offer managed firewall, IDS, spam filtering, vulnerability scanning and PCI auditing.

• Cloud

In 2014 we will see more complex solutions offered by MSS providers, including operating SIMs, cloud-based log collection, and advanced threat protection. Given the rise in malware incidents, there will also be a rise in malware incident response services and MSS firms offering them.

The backlash against the security of cloud-based providers who are suspected to be in partnerships with government intelligence and law enforcement agencies will continue to rise. This will cause an increase in cost to organisations which | January-February 2014


2014: Looking Ahead

2014 = Nomophobia, device debutantes and a user-driven mobile world At the end of 2013, Netbiscuits released its 2014 Mobile Web Predictions, which suggests that brands will have to over deliver on their promises from last year and rethink how they interact with their customers due to the explosion of new devices and multiple device engagement. VitAL Magazine investigates... etbiscuits’ 2014 Mobile Web Predictions revealed rising levels of nomophobia, rapidly changing expectations and increased user demand for device experiences everywhere.These predictions are based on trends across the Netbiscuits Cloud Platform, which also highlights the importance of cross-device experiences, as consumers look to engage with brands across different devices to build their own customised online experiences. As individuals want access to the web anytime, anywhere, and expect the right experience based on exact user context, one of the biggest challenges in 2014 will be whether or not brands can deliver on this promise. This will fundamentally shake-up how organisations need to interact with their customers. Enterprises will have to be ready for a bigger shift than has ever been seen before. Brands no longer


belong just to a company. They co-habit with the people who choose to interact with it and, by the end of 2014, this will resonate more than ever. Daniel Weisbeck, COO and CMO, Netbiscuits, said, “2013 saw many brands really shift focus and place mobility at the heart of their web strategy for the first time – but this really is just the beginning. We are now starting to understand the reliance consumers have on the mobile web, and the importance of both the device and the context it is used in when delivering mobile experiences. “2014 will see a further explosion of new devices, with many users now owning multiple devices, often engaging with different devices at the same time. They expect brands will serve up an optimal version of their website, delivering the perfect experience based on the device they are using, location and other elements, such as bandwidth and internet speed.” | January-February 2014

2014: Looking Ahead

The predictions “Customers’ lives will be run on mobile” Nomophobia is the fear of not being mobile connected due to a lack of battery power, no signal or loss of one’s mobile phone. Individuals find themselves unable to function normally without the presence of their mobile phone. Is this due to unequivocal reliance or the increasingly high expectations they have from their devices to help manage the day-to-day? People expect information to be accessible when they need it. People expect to be able to pay for things like parking meters or groceries with their mobile. And with the introduction of smartwatches and wearables, people who love their devices can never be without them. • This trend will be driven by new device categories such as smartwatches and wearable gadgets, but less so by innovations such as Google Glass. • Considerable growth is expected in the wearable tech space. For instance, many are predicting as many as 20 million smartwatches to be sold in 2014. • Exetech is developing the XS-3, a touch-screen Android smart watch. With both Wi-Fi and mobile connectivity, plus GPS, it allows wearers to call directly from their wrist. • Wearable tech brings the Internet closer to the user than ever before. Sensors can provide information for things such as health monitoring, while the use of location data becomes absolutely vital. This is the first step towards consumer acceptance of connecting everyday objects to the web.

“Device landscape changes as emerging markets fuel growth” In 2014, an increasing number of individuals will be in a position to acquire their first-ever mobile device, especially in emerging markets. Here, mobile devices will often be used as the primary or only connection to the Internet. It will be more likely than ever that a customer’s first interaction with a brand will be on a mobile device. • More low-cost devices will be available through more outlets. For example, supermarkets around the world will stock cheaper alternatives to leading device brands. If established vendors do not respond with increased innovation and more choice for consumers, they will lose share. • 2014 will be the year of the continuum of screen sizes. As more devices are released in the five to seven inch range, traditional device classifications without more information become less useful. This time next year, we may start hearing users referring to their “screens” rather than specific devices like a phone or tablet. • There is lots of room for growth. Smartphone penetration in countries such as Brazil (26%) and India (13%) remains low. In many of these countries, consumers often opt for local vendor handsets and more frequently in the five to seven inch range. • As of July 2013, there were 26 different screen sizes among the top 100 most used devices on the Netbiscuits Cloud Platform. By the end of 2014, this could easily exceed 30.

Organisations that correctly understand “customisation for the masses” will be the biggest winners in 2014 “Poor experiences will be punished by customers”

Netbiscuits believes that 2014 is set to be the year of frustration for consumers who expect consistent cross-device experiences. Providing the ability to move quickly from one device to another and continue an activity or multi-task with numerous devices will become a brand differentiator in 2014. Organisations that fail to identify where the cross-screen or multi-screen experience is broken will find themselves at an increasing competitive disadvantage. • More enterprises are thinking about how cross-screen experiences can be built into design considerations, while technology such as HTML5 is rising to the challenge. • A large majority of C-level executives in the USA, state that multi-screen is critical or very important to their strategy (80%). The USA is far ahead of the UK, where 51% have stated the same. It is still early stages for multi-screen, but market leaders will start setting the pace in 2014. • We should be aiming towards being able to swipe an experience from one device to another, although “search” is likely to remain the most common way of picking up an activity on another device in 2014.

“Customised experiences will win customers” Individuals want devices, and experiences on those devices, that match their lifestyle and the context that surrounds them. Organisations that correctly understand “customisation for the masses” will be the biggest winners in 2014. The key is identifying the right ingredients that can each be individually tweaked to give the user the sense of something that is highly personalised and designed for them. The customisable components can be identified by analytics. Analytics that provide actionable insights will be a key 2014 theme.   • Combining behaviour on the web with mobile analytics unlocks an unmatched opportunity for marketers. Marketers will play a central role in defining product roadmaps based on actual customer requirements, and have the ability to adjust the brand to be exactly what the customer wants.  • 86% of marketers believe Big Data will change the function of marketing, and a further 62% say that it has already fundamentally changed their role. • Vendors are already trying to be all things to all people; from mobile devices that run Windows and Android, through to Google’s Project Ara, which enables users to add their own modules to mobiles, such as keyboards and sensors. • The desire for customisation will drive new technologies, such as 3D printing. Imagine printing your own device accessories! 2014 will be the first foray into an exploding world of customisation.

References available on request | January-February 2014


2014: Looking Ahead

Imagine what the success of Apple would be if a download from the App Store would take weeks because there was a lot of manual stuff involved to ensure the app was being delivered on your end-point?

The consumeration of IT Bob Janssen, founder and CTO of RES Software, shares his 2014 business IT predictions with Sophie-Marie Odum… were many new technology talking points last T here year, which we will now see come to fruition. However, what was most evident was the consumerisation of IT. Using the mobile market as a prime example, 2013 saw the release of many different phones, tablets, phablets, etc, all ranging in size and price. But, what was most surprising was that tech giants, Apple didn’t fare in this war as well as most people thought and instead it was rivals, Microsoft and Samsung who came out on top. At the time of going to press, the recent deliveries from Apple, namely the iPhone 5s and iOS 7, fell short of expectations for personal and business use alike, and the backlash from customers and the industry clearly shows that Apple technology isn’t leading the pack as it once was.


Bob Janssen, founder and CTO of RES Software, commented, “The halo effect of Apple is increasingly shrinking, and we see that Microsoft and Samsung are catching up fast in regards to market share. In fact, in certain countries, Microsoft phones have a larger share than Apple. “In addition, when we look at the newest releases of Apple devices, I would say that the expectations for Apple followers were very high and Apple did not deliver on that.” So, what does the future hold for Apple? Have they left the door open for Microsoft and Samsung to triumph? “It’s already starting as we speak,” said Bob. “If you look at the footprint Android already has on the mobile platform – more than 75% of mobile devices are running on Android – it’s clear that Apple is beginning to lose the race. “In regards to the enterprise space, I believe we’ll see more and more Android devices, specifically from Samsung. These | January-February 2014

2014: Looking Ahead

We think that in the consumerisation space, a lot of corporate IT departments will need to offer more self-servicing capabilities. Self-servicing and self-service portals are not new, but what is new is to have a consumerlike experience in those offerings will be adopted by enterprises because Samsung has a focus on enterprise and offers manageability. And Microsoft will completely replace the Blackberry market in enterprise and mobility in the next couple of years. “However, Apple doesn’t have an enterprise DNA, and instead it’s very consumer focused, which has an impact on the enterprise. Therefore, we don’t expect Apple to be able to compete with Microsoft and Samsung in the long run.”

Another acronym for the tech alphabet Talking of IT mobility in the workplace, Bob believes that the use of Corporate Owned Personally Enabled devices (COPE) will rise in 2014, soon replacing BYOD. With COPE devices, organisations will have greater control and security over the devices used by employees. Bob explained, “One of the symptoms of consumerisation is the fact that we can choose from a huge range of great devices, and that’s why BYOD was such a popular trend for 2013. It is being used by corporate IT to keep employees happy and allow them to bring in their devices to the workplace. “But, we think that, in the long run, BYOD is not fit for every organisation. Instead we are seeing a move towards COPE, allowing users to select the type of device they would like from a standard list and it’s bought by the company. “We see COPE as a much more sensible way of offering freedom of choice to internal users whilst still retaining ownership and control of the end-points. On top of that, companies can personally enable those devices, but still retain ownership, solving a lot of legal, as well as logistical, challenges. “With BYOD, the ownership and initiative is totally with the user. So the idea itself is great, but in practise it’s not something that will work for a lot of organisations. To offer that same type of flexibility, freedom and user experience, COPE offers the ideal alternative going forward for many organisations. I believe COPE will adopted more in 2014 and will gradually replace BYOD.” 2013 heard whispers of CYOD (choose your own device), which sounds very similar to COPE. CYOD allows organisations to retain control of the network environment whilst employees choose the device, and was adopted by many organisations but didn’t receive as much attention as BYOD. “It is similar,” said Bob. “What’s important is that with COPE you allow for personal things to be used on certain devices. There is specific management software available to support that and there will be more and more options available here. “In short, CYOD is better than BYOD, and COPE is the logical successor to CYOD – I would say COPE is the practical implementation to CYOD.” | January-February 2014

An enterprise store? As more corporations are starting to deploy app/IT store models in enterprise settings, 2014 will mark a major milestone in the viability of successful and pragmatic chargeback systems, believes Bob. Full service IT stores go beyond a corporate app store and provide organisations with the visibility needed to decipher the most cost-efficient consumption of IT (not just applications), and the most appropriate matching of IT services with employees.  By using enterprise IT stores, organisations will establish the framework for implementing previously illusive chargeback models and control over technology costs based on business lines.   Bob explained, “The best way to support consumerisation is to offer a consumer-like experience when dealing with your internal IT department – so that means requesting access to services and getting applications delivered on your end-point, in the same way tablets are used in the consumer setting. “For example, Apple’s iPad is very successful not only because it’s a great device, but also because it offers great content through the App Store. Imagine what the success of Apple would be if a download from the App Store would take weeks because there was a lot of manual stuff involved to ensure the app was being delivered on your end-point? “That would be unthinkable. In IT, it’s exactly that scenario. In corporate IT when I request something, first I have to go through a service desk or send emails and fill out forms to get access to a new application, or get a new application installed, and it will take weeks before I get it delivered on my endpoint. To me that is highly unacceptable as an end-user. “We think that in the consumerisation space, a lot of corporate IT departments will need to offer more selfservicing capabilities. Self-servicing and self-service portals are not new, but what is new is to have a consumer-like experience in those offerings. “Automation is the key behind self-service initiatives. If you don’t automate it, you can’t deliver something within minutes. So we strongly believe that the whole app/ enterprise IT store model in an enterprise setting will be a huge success going forward. It will give a consumer-like user experience that everyone is looking for; it will encourage employees to be more productive; it will free up IT teams and allow them to focus on more innovative projects; and organisations can re-adopt chargeback models as it makes sense to include how much it costs to use the service. “The IT store model is a very pragmatic way to successfully endorse consumerisation and provide a fantastic user experience to employees while retaining cost control and reducing security risks.” So how can companies start to deploy app/IT store models for employees, and start the New Year on the right foot? “Road maps” are the first step, advised Bob. “A key to any successful change in business starts with road maps. Having an idea of where you want to be in the future, turns dreams in to reality!” he said.


2014: Looking Ahead

Top 10 field service predictions for 2014 Mark Forrest, manager of Trimble Field Service Management (FSM) discusses his top 10 field service predictions for 2014‌ to advanced analytics and management tools A ccess promises to make 2014 a productive year for field service organisations. Companies that understand how to strategically leverage new and existing technologies stand to drive efficiencies, improve customer service and boost profits. Here are 10 important developments to look for this year:

1. Profit-driven analytics Companies will increasingly rely on data collected through fleet and workforce management solutions to drive operational intelligence, improve customer service and efficiencies and boost profits. By leveraging analytics tools, companies can better enforce worker accountability and optimise planning. Analytics helps identify top performers, determine which schedules and routes produce the best results, and compare


results from single workers and teams against the entire fleet. Aberdeen says best-in-class organisations leveraging analytics see profits increased by nearly 20%; customer retention by 42%; and SLA performance by 44%. In an increasingly competitive market, this translates to higher efficiency, increased customer satisfaction and an optimised bottom line.

2. Knowledge management shapes strategy Information gathered from the array of technology tools and systems used by field service organisations is often used separately for specific tasks, and in some cases forgotten in databases and unused files. But if aggregated in a digestible form, the information can drive innovation and stimulate change. This is called knowledge management, which is typically tied to specific goals, such as increasing competiveness, enhancing staff expertise and improving communication between different departments. | January-February 2014

2014: Looking Ahead

In 2014, more organisations will grasp the importance of knowledge management as a cross-discipline in shaping strategy and direction across the enterprise.

3. Increased integration of M2M Machine-to-machine communication is transforming how companies do business. Data transmitted from devices in the field to applications in the office can lead to decisions that significantly improve the business.

The recession left a gap in the employment sector and now demand for field service workers is growing as the aging workforce retires. In 2014 a new generation of technicians will start to emerge

In field services, that data flows in from GPS and in-vehicle data-capturing devices, as well as ruggedised handheld computers used for invoicing and confirmation of deliveries and task completion. In addition, sensors and monitoring devices on everything from household appliances to utility meters to complex machinery in oil fields transmits data on diagnostics, measurements, temperature and overall conditions. This is all instrumental in preventing equipment failure, scheduling maintenance, and improving safety and energy consumption.

translates to higher customer loyalty. Delivering excellence is tightly linked to the quality of work performed and information communicated by field technicians to customers, who use it to measure integrity, credibility, effectiveness and overall brand perception.

Organisations with customer satisfaction rates of 90% or more see service revenue increases of 6.1% and overall revenue growth of 3.7%, according to Aberdeen. Companies that track whether service commitments are met; tasks are completed on time; and scheduling is efficient, are better positioned to deliver excellent service.

8. Cloud-driven transformations

4. Leverage of mobile apps

The benefits of cloud-based software will continue to give businesses significant advantages. KPMG’s Technology Innovation Survey 2013 ranked the cloud as “the biggest driver of business transformation for enterprises in the next three years,” citing real-time information and productivity as key derivatives.

As mobile apps flood the marketplace, field workers will use them more and more to share data and ease their workloads. Mobile apps help field workers become more productive by leveraging the cloud to access customer files, calendars, routing information and even social media. This allows workers to instantly access information on customers, invoicing, inventory and job locations instead of having to return to the office to get it. Information is backed up and then compiled into reports for analysis and future planning.

9. Data-driven productivity

5. Emergence of a new worker The recession left a gap in the employment sector and now demand for field service workers is growing as the aging workforce retires. In 2014, a new generation of technicians will start to emerge, and it will have much more proficiency in mobile tools and apps, in addition to a strong grasp of the importance of the cloud and other next-generation solutions in driving success. This new breed of worker will be quick to adapt to change and embrace technology to resolve issues, increase efficiency and collaborate with co-workers.

6. Growth of rugged mobility Ruggedised handheld devices in recent years have become essential to field workers to complete their tasks. Workers use the devices for scanning packages, diagnostics, checking customer records, invoicing and delivery confirmation, among other tasks. In 2014, we will see a continuation of the trend to equip field workers with rugged devices. Companies that have used non-rugged tablets and smartphones for field work will be replacing them with rugged handhelds as they realise breakage rates cost them more than deploying rugged devices in the first place.

7. Enhanced service excellence Revenue growth will continue to depend on superb service as field service executives realise a positive customer experience | January-February 2014

Best-in-class field service organisations know the cloud makes them more flexible in meeting customer demands, so the question is no longer whether you should deploy cloud solutions but when. Organisations must evaluate and implement cloud services as methodically as with onpremises applications to remain agile and effectively meet customer needs. Big data flows into organisations in various formats from a vast array of sources, including company systems, websites and social media. Collecting, organising and drawing insights from these massive volumes of data will help field service organisations improve services and operations, and stand out from competitors. Companies will need to review historical data, identify patterns and compile metrics for predictive analysis and strategic business planning. By leveraging data from multiple systems, including content management, data warehouses and specialised file systems, companies can better understand their operations and customer needs, and make decisions that drive customer satisfaction and increase profits.

10. Performance as a priority An under-trained, under-qualified workforce can hurt a company. How field workers perform is critical to customer relationships, which in turn is a key factor to profitability. Just one underperforming worker can affect a brand’s perception, and potentially costs thousands of pounds a month by failing to complete work or delivering shoddy service. Workers need to resolve customer issues the first time, every time. To ensure that happens, companies should leverage workforce management and analytics tools to identify which workers are underperforming and need training. They should then implement effective training programmes to get workers up to speed and deliver service excellence.



Christmas 2013 – a cracker or ghosts in the machine? By Jonathan Westlake Christmas time has always been an interesting barometer of consumer spending; customer service and IT systems at full tilt. Statistics from late November and early December 2013 give some food for thought (excuse the pun). No doubt the Black Friday heavy discounting in the UK did not escape your attention. American shops have traditionally offered big discounts on the Friday after their Thanksgiving holiday, and this trend seems to have spread to the UK. Looking beyond some of the reported shopping frenzy that ensued, we can reflect on the impact of another related trend, the year-on-year growth in online (ecommerce) in the UK and also reflected in the USA where online sales were up by 20%. Since 2001, online sales have seen a step change in growth each year, but 2013 seemed to be fuelled by the connection with Black Friday. The Sunday after became “sofa Sunday” and the Monday has been dubbed Cyber Monday as companies heavily discounted goods to boost pre-Christmas sales. Figures seem to indicate that this was one of biggest ever online shopping days. At the time of going to press, December takings for online retailers were set to top £10bn for the first time ever, according to industry group IMRG and consultants Capgemini. We can look at the impact of this in a number of ways. Firstly: IT technology. Companies have improved communication between themselves and their customers and can therefore enable the mass mobilisation witnessed during Black Friday and online. Secondly, we are seeing a cultural change in how devices are used. Online shoppers now shop from the comfort of their sofas via smartphones/tablets and laptops. This is coupled with the massive growth in sales for tablets of all shapes and sizes... Aldi’s new budget tablet, which sold out with 24hrs, is the prime example. As we begin 2014, we can suggest that all the evidence points to an increasingly self-service society enabled by always being connected. Online shopping abounds, but has the service improved? The utopia of online service in the private and public sector has many benefits to both the customer and to the firm providing the service, but also needs to be balanced with checkpoints and human intervention when necessary to prevent the technology from becoming disruptive rather than helpful. One quick example from my scrapbook of online stories: Reporting potholes via the web with a local authority can be somewhat frustrating. Typically, there is the usual contact form, but this process is devalued if there is no confirmation or follow-up either online or by confirmation phone call. How does the customer know that a problem has been logged and how to check on the state of the problem resolution?

As we enter 2014, we can suggest that all the evidence points to an increasingly self-service society enabled by always being connected. Online shopping abounds, but has the service improved? Compare this service with a well-known pizza chain where you can select and pay for your pizza online, but also track its progress from being made to ready for delivery… Online shopping and services continues to grow particularly in the UK (up 16% in 2012)1 but for this to mature, this must be coupled with investment infrastructure for dealing with customer service. Customer service also includes bricks and mortar customer service. Black Friday generated huge interest and sales, but some cases of poor shopper conduct and one could argue poor customer service overall. But there could be light at the end of the tunnel. With online purchases predicted to rise sharply, and those buying online after browsing reaching a five-year high of 5%, many retailers are trying a new multi-channel approach to increase their level of consumer engagement and improve the customer shopping experience, according to recent news. CEO of Powa Technologies, Dan Wagner, commented, “It’s all about offering the consumer something extra. Geolocation is clearly part of that picture and something that a physical retailer can leverage that an online retailer can’t. If a customer transmits their location to a retailer, the retailer could let them know that they have a shop 300 yards away for example. The store could then send a message telling the customer to drop by in half an hour when their goods will be ready to collect. “It is now up to the shops themselves to seek out and create innovative ways through which they can engage with their customers. Geolocation, mobile payment and tailoring the experience to the consumer represent some of the ways retail is changing for the better.” Strategy needs planning and customer services, just like investment in IT technology, needs planning ahead to avoid ghosts in the machine and to achieve a Christmas cracker economically for 2013.

References available on request

20 | January-February 2014


Subscribe FREE! News, views, strategy, management, case studies and opinion pieces Title

Scientist explains how new software mimics the way the brain processes images

Can you envisage all the possibilities?



Published by


VitAL Report Are online IT training 2014:the Lookin answer? g ahead courses The consumerisation of IT

2014 VitAL’s VitAL Securi Predictions: ty

Breakthrough Technology Advertising industry detects a change


An “augmented” future for wearable computing

Do you know your worth? | May-June 2013


The brains behind the software


VitAL Report

VOLUME 8 | ISSUE 1 | Januar y - Febr uar y 2014




VOLUME 7 | ISSUE 6 | November-December 2013






The hard truth about DNS attacks Looking back on 2013

Is the future of online retailing up in the air? Or will it remain grounded?


If it’s broke, fix it… If it’s not broke, break it! By Steve White Notice who we are not talking about in the news? Of course not – companies who operate their IT with the reliability of a utility company are just known for their products and reputation. “For decades, RBS failed to invest properly in its systems” said Ross McEwan, CEO of RBS, following the outage on Tuesday 3rd December. Over-investment in IT is certainly a poor strategy, when that investment could be used elsewhere. Under-investment is also clearly a major issue, in that it can affect customers and the smooth running of the operation. Businesses where the customer deliverable is not completely reliant on IT systems can silently get away with a major outage without anyone noticing. If most staff were unable to log into their accounts for two consecutive days, and nobody outside of the company noticed – that would be a wake-up call, but not in the public eye. Several times in my career I’ve been witness to company “near-death” experiences, where the customer was completely unaware of any disturbance in the force.

High availability systems I am beginning to see a pattern in these issues (and in full declaration I have no insight into the RBS issues). The overreliance on so-called “high-availability” systems is at the core of the issues I’ve witnessed, plus a creeping death. How many high availability systems does it take to maintain a service? Mathematically it’s possible to conclude that if you have two copies of your data, you have a reasonable chance of maintaining availability. Move to three and the chances of all three becoming unavailable is remote. However, there are things that can affect both sides of a HA pair, including (for instance) the patching of both sides (perhaps instructed by the supplier as a mandatory patch). A creeping death seems to be ever present in the maiming of an HA system. A catastrophic failure is easy to detect by the system, and are tested for and comprehensively recovered from. Death by little cuts, or errors, or incorrect things happening over time is chronic and very hard to detect. I have seen more weeks of creeping death gone by than the number of weeks in the backup cycle – so that there was no longer a valid, guaranteed copy of the data.

Avoiding near-death experiences How then to avoid near-death experiences? It seems to me that creeping death can happen to anyone, and that creeping death is the risk to mitigate against. One HA cluster is simply not enough. Frankly, two nodes of a cluster on separate infrastructure are simply not enough. In order to have security in availability you need more…


Over-investment in IT is certainly a poor strategy, when that investment could be used elsewhere. Under-investment is also clearly a major issue, in that it can affect customers and the smooth running of the operation HA clustered nodes mirrored on a site and then a completely separate HA cluster to mirror that one somewhere else – on separate grids with separate connections to the network might do, and is still not enough. Add processes and procedures surrounding the infrastructure that look and feel military grade; processes mirrored two by two in identical halls, one treated as production and the other as standbyproduction to ensure that any changes made to the nodes work fully before being put into production. Mathematically and procedurally this seems overkill – some might say an over-investment. And yet someone I know has more than 75 months of continuous customer availability, and the investment in infrastructure to deliver stability means that we’re not talking about that brand negatively in the news. They are only in our consciousness for the out-of-sight work that they do every day to keep their service running on extremely resilient infrastructure. Nevertheless, with the increasing complexity of systems, and the rationalisation of staff to support them, creeping death is mathematically inevitable somewhere, on someone’s infrastructure. There will always be the need for major incident managers, and, in order to stay sharp, they must be drilled and procedures rehearsed so that when the moment comes they are ready for action. | January-February 2014

HP Service Manager HP’s next generation IT service management solution Proven ITSM software, that works harder than the competition at an affordable price

For a free ROI report, contact us now on 0845 619 3111 – ask to speak with John Brookes or email us:

w w w. w m p r o m u s . c o m

Business trends / Social technologies

Bring your own cloud Companies have had to learn to incorporate BYOD into their organisation and IT departments. However, as we begin to enter a new phase of bring your own cloud, Ron Faith, CEO of Datacastle, believes that this will be met with some reluctance from apprehensive CIOs and IT managers…

was once the hot topic of discussion; with B YOD IT departments continuously debating its reliability,

functionality and, of course, its security implications. Initially companies were unwilling to embrace non-company owned devices but it soon became apparent that employees wanted to use their own devices in the workplace. As a result, nowadays, almost all organisations have some kind of BYOD, or even CYOD (choose your own device), policy in place. As the need to use new technologies in the workplace increases, there has been an emerging trend of employees using public cloud services, such as Dropbox and Google Drive, to get everyday work done. However, similar to the way many IT departments tried to ban mobile devices, for example iPads, in the workplace, some organisations are trying to prohibit public cloud services. In hindsight, trying to ban iPads in the workplace seems like a foolish and outdated notion and IT departments have now developed ways to cope with this influx of non-standard IT equipment – whether it’s at the board level or lower. The same now has to be done with these commercial cloud services such as Skydrive, Google Drive and Amazon Cloud Drive.

Shift your focus Rather than forbid these kinds of services, CIOs should focus more on the data that their staff are uploading to them and its security. One way to approach this problem is to buy in a bespoke system that has security features built in. However, trying to get your staff to use these tools can be difficult when they are accustomed to services like Dropbox and Skydrive. CIOs and IT managers need to concentrate on mitigating the risk in terms of data governance that comes with staff using these cloud services. Some CIOs are preventing employees from using them altogether but is this really the best way of approaching this new trend? In the same way that with BYOD the hardware belongs to the individual, in many cases with these sync and share services, the account is in the employee’s name and not that of the company. However, it is the company’s data that is being uploaded to the account. The most effective way to deal with these services is to extend them with data governance capabilities with features such as backup, data protection, encryption, remote deletion and other security features. The alternative is to adopt a “rip and replace” strategy in which companies can implement a proprietary sync and share


In hindsight, trying to ban iPads in the workplace seems like a foolish and outdated notion and IT departments have now developed ways to cope with this influx of non-standard IT equipment –whether it’s at the board level or lower

service. Although these tools do have their benefits, they don’t have the wide network effects of user adoption of tools like Dropbox and Google Drive.

Security issues resolved There are tools available to the CIO that enable the IT department to extend into the employee’s public cloud service to backup and protect the data that’s in those services and have the data encrypted at rest on whatever device that employee is using. This also means that if that person decided to leave the business, the data that was in the account can be recovered and if the device gets lost or stolen then the IT department can then send a command to not only wipe the data on the device but also on the endpoint. Just as companies have learned to embrace the BYOD culture in the workplace, they now have to deal with this second phase of employees bringing their own cloud. This is not a time for CIOs to bury their heads in the sand and pretend it’s not happening in their organisation. If the problem is ignored altogether and there is no policy in place to deal with this emerging trend, organisations are at risk of employees unwittingly using these cloud services without the right protocols and education. It’s also not a time to try and completely forbid these services in the workplace as this has proved to be ineffective in the past with employees finding loopholes and using them without permission. Instead CIOs need to embrace this new trend and secure the endpoint and cloud services before it’s too late. This way they can ensure that employees know the correct procedures and methods of protecting their devices and data whilst using commercial clouds. | January-February 2014

National Software Testing Conference


Coming May 2014. . .

• Two-day event • UK-based with a European reach • Speakers include winners and finalists from The European Software Testing Awards (TESTA) • High profile round-table debate sessions • A leading exhibition showcasing the latest products and services • Supported by the industry leading journal, TEST Magazine • Taking place in May 2014 • Multiple streams covering an array of testing subjects

w w w . s oft w a re t es t i ng c o nfe re n c e . c o m

Headline Sponsor Sponsor

Business trends / Social technologies

Organisations must engage in strategic process improvements that go beyond selective samplings of recorded communications

How analytics can put you back in control Sean Murphy, director of product marketing at Genesys, looks at how analytics can enable companies to accurately and efficiently identify customer issues and take immediate action to resolve them, retaining customers and pinpointing new business opportunities…

are under increasing pressure to deliver C ompanies the highest quality customer experience. Competition for customer mind-share is fierce, while at the same time loyalty is more elusive than ever – one poor customer experience will have the consumer switching to the competition without a second thought. We’re now in a 24/7 world where one negative tweet or blog post can go viral in a matter of hours. Content like this gets picked up by websites, read by thousands, re-tweeted and commented on. For this very reason, the customer experience has become a major concern for organisations. It is essential that operations have the means to detect potentially unsatisfactory situations and have the facilities


to act on this information immediately. An organisation can then respond in the right way to strengthen the customer relationship and brand – and limit the damage. Once the correct action is taken, it is also important to measure the effectiveness of that action – with the help of sophisticated analytics. Quality monitoring in the contact centre is nothing new. The vast majority of companies have been using call recording and monitoring systems for some time, but those systems and processes usually only provide a partial picture of what is happening by manually reviewing only small, randomly selected samplings of calls. Having quality analysts manually listen to calls is labour intensive, and therefore it’s a very expensive process, which | January-February 2014

Business trends / Social technologies limits the number of calls that can be monitored. Hence, most organisations only review a small fraction of the calls handled by their organisation, with the industry average being to review around 1% or 2% of calls. If other types of interactions such as email, chat and/or social media are included, the fraction of the organisation’s conversations with customers or prospects that are reviewed becomes even smaller. At the same time, enormous business opportunities are hidden within those conversations. The information that can be extracted from conversations with customers and prospects is invaluable in understanding the customer service experience. Organisations must engage in strategic process improvements that go beyond selective samplings of recorded communications.

Analytics in a customer-centric organisation Rather than a lack of data, the challenge lies in the ability to extract the “nuggets of gold” from within that wealth of information efficiently and effectively, and make those insights actionable to deliver meaningful results. New innovations in analytics, such as speech analytics and text analytics, can transform customer service by analysing all conversations with customers or prospects over all channels, including calls, emails, chats and social media. Web-based dashboards enable ongoing visibility across all conversations and agents, giving today’s contact centre manager new levels of insight to optimise their workforce; identifying those interactions that need immediate action; and then routing the customer to the optimal agent, back office worker or manager for resolution.

The benefits of conversation analytics • Understanding why customers have got in contact Speech analytics and text analytics can comprehensively categorise all interactions to identify the reasons why the customer has got in contact with the organisation and the processes in place that drive those interactions. Analytics allow contact centres to determine the appropriate action and measure its effectiveness as well as identify contacts that might be better handled using cheaper self-service options. • I mprove agent work quality more efficiently and effectively Speech analytics overcomes the challenges inherent in traditional quality management systems and processes by automatically monitoring 100% of calls, as opposed to the small fraction that can be reviewed with traditional manual methods. In addition, because evaluation criteria must be objectively defined according to phrases used within conversations, human subjectivity is eliminated from the process. When text analytics is unified with speech analytics, all conversations across all channels of contact can be evaluated in exactly the same way. • Understand the root causes of customer dissatisfaction Analytics can help identify the underlying causes of customer frustration by identifying the specific business | January-February 2014

New innovations in analytics, such as speech analytics and text analytics, can transform customer service by analysing all conversations with customers or prospects over all channels, including calls, e-mails, chats and social media processes, products, services or agents which are producing customer dissatisfaction. • Improve the effectiveness of sales, up-selling and cross-selling Organisations are increasingly encouraging their agents to use up-selling and cross-selling techniques. However, the sales techniques which are most effective can differ markedly depending on the product or service being sold. The techniques which are most effective for each specific situation can be identified by analytics, then agents can be trained when to use each technique within conversations. These conversations can then be continuously monitored to ensure that agents are properly using the techniques they’ve learned. • Proactively discover emerging trends within the “voice of the customer” Most organisations are already aware of the most important key performance indicators and agent and customer behaviours that are important to measure and monitor on an ongoing basis. However, even the most technologically advanced analytical systems usually need to be told by humans what to analyse, so if the organisation doesn’t already know that they need to be on the lookout for a particular issue, most analytical systems are equally unaware of such “unknown” issues. Speech analytics and text analytics can automatically discover emerging trends or issues within the voice of the customer by analysing all conversations and uncovering relevant topics that customers are suddenly talking more frequently about. These “automatic discovery analytics” can then proactively alert organisations about issues with their products or services which the organisation may not have been previously aware of.

So, what’s the conclusion? Customer service operations need to start moving to more holistic measurement programmes for communication channels and touch points, to understand the customer journey end-to-end and completely understand all conversations the organisation is having with customer and prospects. By analysing all conversations and capturing the “voice of the customer” across all channels, organisations can begin to accurately measure customer loyalty, understand and validate what is driving customer satisfaction, whilst identifying areas of improvement. As new business challenges emerge, analytics play a vital role in helping organisations identify and address problems with customer experience before it significantly impacts customer retention.


Business trends / social technologies

IT operations analytics – a saviour for the IT service desk? As ITOA provides IT operations teams with full visibility into performance across an organisation’s IT infrastructure, Poul Nielsen, director of strategy, Nexthink, discusses why such analytics are crucial to improving operations – particularly from an end-user perspective… today are facing greater challenges than I Teveroperations before.

able to scale to monitor whatever number of applications are running in a given production environment.

As business processes become more reliant on an organisation’s IT infrastructure which, in turn, continues to grow in size and complexity, new tools are required to help deal with the resulting increase in operations, in particular the huge volumes of data flowing through a business.

Additionally, and importantly, the insights granted by ITOA will also allow those CIOs on a limited budget to make quicker, more informed decisions. They will be able to plan more effectively in order to ensure consistent and efficient service delivery in increasingly more complex environments.

At the same time, an ever-growing satisfaction gap between end-users and IT departments signals an urgent need for an improvement in operations, and a shift in focus maintenance to innovation. And of course, all of this is happening in a time of economic uncertainty. Budgets are becoming ever tighter and CIOs are being tasked with finding more efficient and cost-effective methods of working.

From a certain point-of-view

But, with all of these issues playing on the minds of CIOs, there’s now a growing awareness that using real-time analytics may prove to be a solution. Combining analytics with cognitive computing, for example, will offer the ability to analyse the vast amounts of operations data in real-time, using that data to identify trends that may prove critical to the health and performance of a company’s IT network.

The emergence of ITOA IT Operations Analytics (ITOA) was recently identified by analyst firm, Gartner, as an emerging sector set to affect the IT industry as it continues to take shape. Analysts suggest that, in time, CIOs and senior IT operations managers using ITOA tools will be provided with a source of operational and business data, the importance of which will significantly increase over the next five years. As more of a business’ processes become entwined with its IT network, the data that they generate will be directly captured, aggregated and analysed by the ITOA solutions in place. The Big Data analytics used by ITOA provide IT operations teams with full visibility into performance across an organisation’s IT infrastructure, automatically identifying and isolating inefficiencies, disruptions and failures across the Internet, applications or servers. They provide an immediate awareness of potential issues and a rapid understanding of these issues – both from a technical point-of-view, as well as of any potential business impact. In addition, these analytics offer easy access to the knowledge required by users to help restore or preserve the level of service that they expect. However, rather than monitoring an organisation’s IT infrastructure, as would a traditional network performance or application performance monitoring solution, ITOA tools are


While IT teams may appreciate the benefits of employing an ITOA solution, enjoying a substantially clearer and more insightful view of their network and all the endpoints and applications connected to it, it’s still a fact that the majority of issues are reported by the end-user. Despite the clarity of vision provided by ITOA, there will still be a lack of visibility into how a business’ IT services are being consumed, and how an IT infrastructure is operating from the point-of-view of the end-user. By using an end-user perspective, a member of the IT team service desk could see the state of the network at any given point, as well as focusing on individual PCs. Once an issue had been identified and isolated by ITOA tools, they would then be able to see who else on the network was using a similar configuration and, knowing this, identify the likelihood of similar issues occurring elsewhere.

Migration and transformation As well as a current and ongoing view of a business’s network, ITOA can also be used for planning migration and transformation projects which, according to leading analysts, either get delayed or don’t deliver the expected benefits in the majority of cases. By employing an ITOA solution with an end-user perspective, project planners and implementers will be better armed with the information they require to avoid making costly mistakes and assumptions, and to identify and resolve potential issues early enough to prevent their IT projects from becoming derailed. These possible cost savings alone may be enough to justify the use of ITOA. In summary, not only can ITOA enable IT teams to quickly and efficiently identify and isolate the root cause of problems within a company’s network, they can also help to anticipate these problems – even down to individual user level – so that they can be dealt with before they happen. In an industry that is facing increasingly greater challenges – in terms of technology, resources and budgets – the arrival of ITOA should be seen as a welcome relief. | January-February 2014

Business trends / Social technologies

The perfect marriage: Mobile and enterprise social networks BYOD is here and it needs your enterprise social network to thrive: Are you ready? Asks Elizabeth Brigham, product marketing manager at Jive Software‌

30 | January-February 2014

Business trends / Social technologies her article, Mobile I nKilled the Enterprise

Developing a divergent experience just because “it’s for work” won’t drive adoption or usability successfully

Social Network Star: The Unintended Consequence of Stronger Employee Connections, Carrie Young posits enterprise social networks will die quickly as mobile interactions (texts and informal chats) amongst colleagues render the enterprise social network obsolete. However,Young’s argument assumes employee networks are static and employees will have “less of a reliance on the network for communication since they have already developed relationships outside of this community.” We know this isn’t true.

As companies grow and shift, employees join and leave teams daily; companies expand into new markets and colleagues develop more skills and subject matter expertise crucial to getting work done. If the network isn’t there, employees have no way of discovering this evolution. Indeed, the fluidity of the enterprise, coupled with the growing trend in BYOD heightens the need to have an enterprise social network at your fingertips – wherever you are, at any time.

BYOD and workplace mobility According to Forrester, 29% of the global workforce has become anytime/anywhere information workers – that is, those who use three or more devices, work from multiple locations and use a variety of apps. With that growing number, it’s no surprise issues related to BYOD are top of mind for companies. One issue is how to best to use social technology to create innovative mobile experiences. Certainly, social technology has permeated the enterprise, leading to significant productivity gains across all sizes of businesses (I agree whole-heartedly with Young’s points here). With the powerful collaboration and communication opportunities social tools provide – in finding experts quickly, moving from talk to action and fundamentally changing the way works gets done – designing these types of experiences on mobile are critical to moving business forward. Given employees are bringing their own devices, replete with consumer apps they use daily, enterprise mobile app development should take a page from what’s worked in the consumer space in terms of design and user experience. Developing a divergent experience just because “it’s for work” won’t drive adoption or usability successfully. Furthermore, consumer and business lines will continue to converge as mobile becomes the dominant platform for the way we interact with colleagues, friends and broader networks because each of those “worlds” are now only an app away.

The enterprise social network app “light” won’t cut it At the same time, cramming your enterprise social network into a native smartphone app isn’t going to work. It’s not about “web app light”; we need to be building apps designed with the mobile, smartphone and tablet experience in mind first and design to that paradigm. By being cognizant of | January-February 2014

what each mobile platform has to offer (Android and iPhone are different beasts!), and the experience a user expects, we can successfully deliver the opportunity to find people virtual work places and content efficiently and effectively while on the go.

That doesn’t mean multi-purpose apps are going away. I believe broad options remain essential in order for employees to have ubiquitous access to everyone and everything in their work network, as well as to have the functionality they need to go beyond just reading posts and syncing email. Once employees have that – and they expect it – they’ll be loath to let it go. So will companies who have seen productivity and efficiencyboosting results from these mobiles experiences. Mobile experiences should allow users to get work done (not just talk about what they’re going to do) wherever they are, be it the airport, coffee shop, waiting in line at the dentist, etc. To that end, not everyone is going to need a robust experience on mobile all the time. There may be situations when all you need to do is find someone in the corporate directory ASAP and give them a call to let them know you’re running late to your next meeting. Or, you might need an app that helps you present materials to your client from your iPad when you don’t have an internet connection, take notes and sync back up with your CRM when you get back to the hotel. Bottom line: before you start developing a mobile app, make sure you know your audience and what they expect from a device that is with them all the time.

The importance of security A key item that can’t be forgotten is security. As employees enjoy the rise in BYOD phones and tablets and apps permeate corporate firewalls, security remains an essential concern for companies and a top priority for IT and those helping support enterprise apps. Questions like: what happens when an employee leaves a mobile device in a cab? How can we remotely wipe content when an employee leaves the company? What if sensitive topics are being discussed on the app?  The good thing is that these are not new issues and many IT organisations have already built policies to address these concerns. Indeed, people have been having “sensitive” conversations via email on mobile for over a decade at this point. Nonetheless, mobile security should remain a top priority as BYOD organisations continue to proliferate. While security should be a priority, app developers need to work closely with IT to ensure user experience isn’t compromised due to fear of “what if ” scenarios. The fact is BYOD isn’t going away and if IT won’t provide sanctioned apps for employees to get work done on mobile, employees will seek apps themselves, further exposing the company to risk.  It’s imperative developer teams partner with IT to find a happy balance between user experience, productivity and security risk.  We already see the fruits of mobile innovation in the social business sphere and expect it to continue. With the number of mobile workers rising and the trend towards BYOD fairly unstoppable, we believe greater demand will spark even more ideas and possibilities over the next 12 months.


VitAL Security

Too many companies still wrongly believe that DNS is secure, but as this attack shows, the hard truth is that organisations need to be paying much more attention to DNS security

The hard truth about DNS attacks Sophie-Marie Odum speaks to Chris Marrison, EMEA technical director at Infoblox about the rise in DNS attacks and how can companies protect themselves against such attacks… Malaysia became victim to an attack on its G oogle domain name registrar in October 2013.The site was hacked by a Pakistani group, called “Team Madleets”, who replaced the search service with a splash screen crediting the group. The group hacked into the Malaysia Network Information Centre (MYNIC), an agency under the Malaysian ministry of communications and multimedia, and conducted a DNS (Domain Name System) redirect attack altering Google’s Malaysian DNS records to redirect visitors to hackercontrolled servers. The site was later taken completely offline. DNS is absolutely crucial to the whole infrastructure – without DNS, the Internet does not work – and, once upon


a time, attackers were scared to attack it because if they took it out completely, they removed their own ability away to utilise the Internet. However, DNS attacks are becoming more prevalent – the New York Times website was also taken offline in 2013 in a similar incident – but why? Is DNS a soft target, and if so, why? And how can companies protect themselves against these attacks? Chris Marrison, EMEA technical director at Infoblox, thinks it’s because companies are not paying enough attention to DNS security. He said, “The DNS has been continually evolving since its invention 30 years ago to become the core component of the Internet today, and one of the most attractive targets for hackers and malware criminals. “Too many companies still wrongly believe that DNS is secure, | January-February 2014

VitAL Security

With DNS attacks increasing exponentially, organisations must implement a multi-pronged strategy as a means of combating these modern threats, and the malware that use DNS to evade existing defence systems. but as this attack shows, the hard truth is that organisations need to be paying much more attention to DNS security. The New York Times was another recent, high-profile victim of an attack on its domain name registrar.

who manage DNS on a daily basis; and then there’s the interaction with the registrars, which may be down to the purchasing department because they are buying domain names on the Internet.

“As a result of this inattention, these types of DNS attacks are becoming more prevalent. DNS is one of very few services to be almost universally allowed through firewalls, and DNS traffic also tends to be filtered less vigorously than web or email traffic.

“It’s a combination of those three teams ensuring that the right infrastructure, processes, authorisation mechanisms and security checks are in place with the registrars that they choose.

“In contrast to web traffic passed through perimeter proxies, the majority of network operators do not inspect DNS traffic or keep detailed audit trails for DNS lookups. The stateless nature of the protocol also enables attackers to hide their identity.” Chris continued, “I find it interesting that all these attacks have not been particularly malicious attacks, they’ve really been used as a simple way of defacing a website. I think that has become an easier mechanism in certain circumstances than actually attacking the web server itself.”

What’s at stake? If a website is attacked this can negatively affect a company’s brand and reputation. “I think it does come down to trust and reputation,” said Chris. “It’s also about preventing being used in a third-party attack where, again, reputation is important. It’s not about protecting your own infrastructure but also protecting yourself against being used against thirdparties as well. “This attack re-highlights how important DNS is to organisations and to their reputations. They not only have to examine their own infrastructure but also effectively audit the registrars and their security processes and every element within that chain. “DNS security should be a high priority for organisations, because the risks are real – as shown by the recent attack on Google Malaysia. DNS servers are often neglected, leaving organisations open to attacks.”

Ensuring protection To ensure a company’s website remains secure, it is the responsibility of the operations team, the security team and also the purchasing department. However, with increasing workloads, this vital aspect can sometimes get forgotten, believes Chris. “At a resourcing level, DNS security can sometimes fall through the cracks because it is often unclear who owns the responsibility. The challenge is that it’s a mixture of at least two parts of the organisation: The security department to implement a secure and reliable service that is protected as part of their own infrastructure; the operations team | January-February 2014

“However there is a little disconnection in many organisations and it’s usually one or two people that take this on. Workloads can sometimes mean that things get forgotten, and interactions with the registrar do not happen as often as they should, forgetting they’re a crucial element in ensuring that your service is being maintained.”

Implementing strategies “We have seen a meteoric rise in DNS-based attacks over the past 12 months or so, which suggests that intrusion detection/prevention systems and next-generation firewalls are insufficient,” said Chris. “With DNS attacks increasing exponentially, organisations must implement a multi-pronged strategy as a means of combating these modern threats, and the malware that use DNS to evade existing defence systems. “There’s the infrastructure and the process element. It’s a case of ensuring that the infrastructure is secure, reliable and easily managed, and organisations should consider technology such as DNS Security Extensions (DNSSEC) which will help protect companies and reputations. “It’s also examining some of the processes around delivering these services and ensuring the processes that are implemented by the registrars are sufficient, which is harder. Yes, companies can buy technology off the shelf to help manage the infrastructure, but the processes around this are more difficult. DNS is such a crucial piece of the puzzle – whether that’s internal or external – and it can have such a drastic effect on your organisation. “Luckily these attacks have been to deface websites and not for something more dangerous, like taking complete control in a transparent way of data flow in and out of organisations. Therefore the importance must not be forgotten at the CTO level that thinking of web servers and firewalls is not enough. They should also look at their whole infrastructure and remember that all of that is reliant on DNS.” DNS is what makes the Internet tick and if there is a security failure associated, the risks are so high that it mustn’t be forgotten. It’s safe to say that hackers will always try to attack your infrastructure, however it’s how you manage it when it does happen, or better still, prevent it in the first place, that’s very important. Protect your infrastructure and encourage effective interaction with third parties such as registrars to ensure that you are not the next victim.


VitAL Security

Protecting our critical infrastructure Brian Foster, chief technology officer at Damballa, addresses the specific challenges that can arise when protecting critical infrastructures from advanced threats… typically think of “critical infrastructure” as the W ebackbone to our economy, health and safety, and national security. From nuclear power stations to the electricity grid, these are the systems that keep us safe, move us around and provide us with our standard of living, be it safe water in the sink or power in our homes. However, there’s a wider context that we can also term as “critical”; in our interconnected world. There is barely a single organisation that doesn’t have its own critical infrastructure, and, significantly, an infrastructure that is globally connected via operations and IT networks. In a business context, the systems controlling output, such as computer-controlled furnaces at a steel plant, would be considered mission critical and any downtime to these would have a significant impact on company success. Theft, corruption, or destruction of these systems can have a crippling effect on human safety, financial stability and our standard of living.

Exploiting the weaknesses All of these various types of critical infrastructure have unique requirements for both functionality and uptime, but


share a common characteristic, in that they were not built from the ground up to be secure. At the time that many of these systems were built, threats such as cyber terrorism, corporate cyber espionage and the risks associated with global interconnectivity simply weren’t issues. Today’s cyber attackers take advantage of vulnerabilities within these systems to exploit weaknesses. The result is that advanced malware regularly finds its way through security defences and these compromises remain hidden from detection, while the malware owners are able to steal information or disrupt systems. Attacks on these systems are performed with varying sophistication and goals. These attacks could be sponsored by nations for the purpose of espionage, by organised crime for information resale, or even by competitive enterprises in order to gain advantage. Moreover, the attacks don’t always start as

The reality is that, despite the best prevention tools, attackers will have the advantage of the first move and we can’t fully protect against malware getting in | January-February 2014

VitAL Security

direct hacking or penetration into critical systems; early stages of the attack can frequently use commodity malware to gain access to the business network.  The attackers will then use that access as a pivot point into the critical sections of the network, eventually gaining access to critical systems.  Whilst the severity and sophistication of these attacks is advancing, however, there are steps that can be taken to prevent a breach even when the initial prevention has failed.

Co-ordinated detection and response The challenge with the protection of critical infrastructure is that there is no complete and perfectly effective prevention of compromise to the business network, which is connected to the supervisory networks (supervisory control and data acquisition or SCADA) and consequently the control network. This means that, by nature, a successful attack on the business network can result in compromise to the critical infrastructure. In order to improve security it is paramount that information security teams and SCADA teams integrate controls, policy and process. An effective way to reduce exposure of industrial networks to advanced attacks is to integrate the tools used to secure each of the layers; business, supervisory, and control. Best practices exist but are rarely explored, usually because of the lack of visibility across these layers. For example, when an IPS (Intrusion Prevention System) detects traffic from a device in the supervisory network that is directed at a host on the business network, an alert should be sent to the SIEM so that security operations can validate this is a valid user performing a valid action. In the meantime, packet capture can be initiated for Internet-bound activity from the potentially nefarious user. Network admission control could even quarantine this device for a short period to avoid attack progression. This precautionary response could assist in detecting and thwarting data exfiltration. | January-February 2014

A co-ordinated detection and response effort between information security teams, and the team that manages the SCADA network, is essential to help mitigate the threat risk. Most importantly, this requires a willingness of both teams to cross train and learn about the capabilities of both systems. Establishing a rotational cross-training program between these teams is important as it’s likely that the SCADA team has had limited cross-training in information security and those in security may not have insight into the SCADA network.

Identify vulnerabilities An attacker will typically take the path of least resistance to achieve the necessary goal and one of the simplest ways to compromise a business network is to look for mistakes. These mistakes could be holes in the firewall, misconfigured VLANs or routing, or Internet-facing servers that have yet to be hardened. All of these kinds of vulnerabilities exist in the SCADA and control networks and one of the best tools to combat this is a vulnerability scanner which will identify weaknesses in computer systems, networks or applications.

Early detection The reality is that, despite the best prevention tools, attackers will have the advantage of the first move and we can’t fully protect against malware getting in. Threats are now designed to bypass even the most secure networks; be it the business network or the critical infrastructure. The focus for organisations, therefore, needs to be on detection methods that can respond to the ever-evolving threat landscape and which can reduce the time between a compromise and remediation. In our interconnected world, disruption or destruction of our critical infrastructure can have a debilitating impact. A proactive stance and integrated approach to threat detection and discovery is essential in ensuring that the worst breaches can be avoided or their impact minimised.


VitAL Security

Whilst it is impossible to prevent all forms of cyber-crime, there are ways to minimise the risks

Will a move to “the cloud” help SMEs fight cyber-crime? Small businesses may be sceptical about adopting cloud computing by David Sturges, chief commercial officer,WorkPlaceLive, explains how doing so can help address some security issues… is as much a concern for small business C yber-crime owners and entrepreneurs, as for large corporations. The Federation of Small Businesses (FSB) reported earlier this year that 41% of its members have been a victim of cyber-crime in the past 12 months, putting the average cost at around £4,000 per business. For the first time, the FSB looked at the impact that online crime has on a business and found the most common threat to businesses is virus infections, which 20% of respondents said they have fallen victim to; 8% have been a victim of hacking and 5% suffering security breaches.


In July, the ‘E-crime’ Home Affairs Report claimed that Britain’s struggle in the fight against cyber-crime is now considered a bigger threat to the nation than nuclear war. The report revealed that the cost to the UK of e-crime is estimated at £27 billion. With 77% of the population owning a computer and the growth of the Internet, this is a threat that is no longer confined to science-fiction, and businesses, as well as individuals, need to take precautions. Small businesses are particularly vulnerable to computer security threats. They often lack time, expertise and technical resources to install software updates and patches to fix software and security bugs or to address wireless network | January-February 2014

VitAL Security

One solution being adopted by many SMEs is “cloud computing”. Moving into the cloud can help address some security issues, and ensure the business is afforded greater protection than if they were to continue with their server-based in-house technology security, rendering their technology networks more vulnerable and exposed.

Preventing cyber crime Many are unprepared for this threat. Lifeline IT conducts an annual IT Trends’ survey and its findings revealed that 60% of companies admitted they felt unprepared to tackle cyber-crime, with those most at risk being SMEs. Whilst it is impossible to prevent all forms of cyber-crime, there are ways to minimise the risks. One solution being adopted by many SMEs is “cloud computing”. Moving into the cloud can help address some security issues, and ensure the business is afforded greater protection than if they were to continue with their serverbased in-house technology. With cloud computing, the user’s physical device – whether it is a desktop PC, laptop, tablet or smartphone – loses its importance. Data is no longer stored on the local device, it is all held in the data centre, protecting it against accidental loss or being stolen along with the device. Equally, the system is controlled by the provider making sure that only approved applications are installed on the system rather than it being open for anybody to install any application. This prevents anyone from erroneously downloading destructive software or installing applications which could lead to information being leaked. It also minimises the risks of data loss if there are disgruntled employees or incidences of cyber leaks that can occur with insider knowledge. When a company adopts cloud computing, its data and IT is managed by professional cloud computing providers who will secure it in a reputable UK data centre behind corporate grade firewalls. They will ensure audit trails are provided and perform regular data and security backups using the latest anti-virus and spam filters – all measures that will help to protect the businesses from attacks. There are other benefits for SMEs too, including cost savings, reduced administrative and personnel overheads and a more efficient setup. Opting for a managed cloud computing service completely removes the need for a business to perform any software installation and updates, which can lead to downtime.

Ensuring protected and secure data However, outsourcing confidential data to a third party is perceived to be a big step, particularly when IT has always been managed in-house. Here are a few tips on what to look for when moving to cloud computing to ensure your data is protected and secure. •  Work with an accredited and trusted cloud computing service provider with a good reputation. Check they have relevant accreditations such as ISO 9001 and ISO 27001, and can provide references. Accreditations are important as it shows the provider can demonstrate the highest levels of security. •  Opt for a privately-managed cloud computing service, such as a Desktop as a Service (DaaS), where all data is professionally managed and stored in a secure UK datacentre behind corporate grade firewalls. •  Make sure you differentiate between public cloud services like Gmail, iCloud and Dropbox, and privately managed services. While such public cloud services are popular with many users, some customers may require more from their cloud service provider, such as knowing where exactly their data is actually stored. •  Companies using public cloud services often won’t know where their data is held and so will be moving from their secure desktop environment to a potentially less secure one. The Information Commissioner’s Office stresses that companies are responsible for where their data are held, even when using third party vendors. Organisations must know where their data are held and to take responsibility for its security. •  Fully understand how cloud computing works and the value it could bring to your business so you can weigh up the benefits and costs.

Prevention is better than cure The growing trend of employees bringing different gadgets into the workplace has made it even more challenging for companies to manage how employees access company data and move between their personal and corporate devices without compromising data security. However, if a company adopts a hosted desktop service, based on cloud computing, these issues are solved as data can’t be stored on any devices. SMEs will never by truly sure they can prevent a cyberattack, but by being aware of the risks and putting your IT into the hands of trusted professionals is one of the best ways of safeguarding your business and ensuring your exposure is minimal.

References available on request | January-February 2014


Cover Story

Is the future of online delivery up in the air? Or will it remain grounded? Sophie-Marie Odum looks at how Amazon’s Prime Air service will affect the future of online retailing and talks to Mark Brill, senior lecturer in Future Media at BCU, about future technologies that could help businesses ensure customers receive efficient and convenient delivery services‌

Although technology has had a significant impact both online and in-store retail, the delivery element has remained a highcost bottleneck in the process. Applying automated technologies such as drones or robots are a necessary next step in order to offer a more efficient service 38 | January-February 2014

Cover Story excited to share Prime Air – something the “W e’re team has been working on in our next generation

technology and amend legislation in order to do this, but it looks like it could become a real possibility.

“The goal of this new delivery system is to get packages into customers’ hands in 30 minutes or less using unmanned aerial vehicles.

“Although technology has had a significant impact both online and in-store retail, the delivery element has remained a high-cost bottleneck in the process. Applying automated technologies such as drones or robots are a necessary next step in order to offer a more efficient service.”

R&D lab.

“Putting Prime Air into commercial use will take some number of years as we advance the technology and wait for the necessary FAA rules and regulations.” This was a recent announcement from Amazon as they announce the imminent arrival of Prime Air. Once the Federal Aviation Administration (FAA) amends rules for unmanned aerial vehicles, Amazon hopes that we could see its drones taking flight as early as 2015. The drones, called Octocopters, could deliver packages weighing up to 2.3kg to customers within half an hour of them placing the order and Amazon hopes that, “one day, Prime Air vehicles will be as normal as seeing mail trucks on the road today”. However, there have been talks that this idea will not work in theory as it’s a trend that has been considered before but has not yet come to fruition. Mark Brill, senior lecturer in Future Media at BCU, commented, “It’s a trend that has been building for the last year or so. Many brands have been considering how they might use drones. First there was the beer delivered by drone at a festival in South Africa, and then there was Domino’s who showed how they could use quadracopters to deliver hot pizzas.The German Post Office has also carried out tests of parcel deliveries by drone. Perhaps the most useful example came from Australia, where it has been shown how drones can be used to deliver defibrillators to remote places. “Delivery is one of the key factors to Amazon’s service, but it is a channel that is often outside their control. It therefore makes sense to consider new methods of delivery. However, there is generally a feeling that drone delivery is not workable on any real scale, and Amazon’s announcement is simply a well-timed PR stunt.” Not only has it been questioned as a “well-timed PR stunt” but security, as well as public safety concerns have arisen as the drones will be unmanned. “New technology applications will always create security issues,” said Mark. “For example, one programmer has shown how it’s possible to use one drone to capture and control many others. Brands such as Amazon will need to make sure that they implement the right level of security to reassure customers.”

The future of online delivery Google recently suggested that it is currently developing robots for delivery purposes. Over the past year, Google took over eight separate robotics companies and has formed a new robotics division currently led by one of the creators of Android software, Andy Rubin. However, Google has remained quiet about its robotic intentions, leading to an array of speculation, such as will it be for delivery purposes, similar to Amazon’s Prime Air Service? If so what does this mean for the future of online retailing and delivery services? Brill said, “Google has been working on driverless vehicles for some time, so it would make complete sense that they would consider robotic deliveries. It will take some time to develop the | January-February 2014

But, there is a possible downside that needs to be addressed. As robots take over offering a more efficient service, will this result in job losses as less (if any) manpower will be needed? “The impact on employment is largely an economic or business issue rather than the technology itself,” replied Brill. “Amazon’s concept is focussed around faster, more convenient deliveries rather than reducing staff. For such a service-focussed business it would make more sense to not make redundancies, and instead retain jobs and improve the customer offering.” So as Google and Amazon set trends in the online retailing and delivery space, what other types of technology can we expect to see in the coming years that will help companies deliver a faster and more efficient service to customers? “Besides delivery to the door, we will see an increase in pick-up points around cities near work or homes,” said Mark. “Smartphones will help support a more context-based service and provide better security. Alongside more automation will be the use of APIs, big data and crowdsourcing, such as Waze to considerably improve the efficiency of those deliveries.”

Trends for 2014 Looking at technology in a broader sense and its rapid development, what can we expect to see this year, and more importantly how can companies use such technology to their advantage? Mark shared his expert knowledge, he said, “All the talk in 2013 was around wearable and connected devices.That trend is look set to continue in 2014. Look out for wearables not just from major companies such as Google, Samsung, Nike, Apple and Microsoft, but also from start-ups such as Fitbit, and especially crowd-funded businesses such as Pebble. With the growth of wearables the relationship with fashion will become more important.There will be an increasing collaboration between fashion designers and tech developers. “The other area that will have an impact in 2014 is in home automation and management.This will cover everything from heating, lighting, plant watering or even pets.The cost will come down considerably and will be driven by cheap computing, such as the Raspberry Pi to deliver simple modular.These developments will lead to a new iteration of mobile phones. Smartphones will move beyond communication and information devices, to become control hubs for wearables and homes. “Many brands will have to reassess their consumer engagement. Service-based brands will be able to easily innovate and deliver products to support their offering. For example, insurers could offer cheap telematics products to encourage safer driving or better security. On the flipside, product businesses, especially those in areas such as consumer electronics, will have to use technology to deliver a better service, especially as more startups enter the market.” So whilst drones and robots may not be taking to our skies and roads for the moment, it’s important that businesses still look for innovative ways to deliver a consistently better and more efficient service to ensure customer satisfaction and retain loyalty.


National Software Testing Conference

Announcing the first ever National Software Testing Conference May 2014 welcomes the launch of the first ever National Software Testing Conference. VitAL Magazine explains more about the conference and what you/or your team could gain from attending...

Borland, a Micro Focus company, is delighted to be headline sponsor of the first ever National Software Testing Conference.This conference fits perfectly with our ethos to help organisations optimise their software delivery Simon Teager, general manager, Borland, UK/Ireland/South Africa Software Testing Conference is a UKT hebasedNational conference that provides the software testing community, at home and abroad, with invaluable content from revered industry speakers; practical presentations from the winners of The European Software Testing Awards; round-table discussion forums facilitated and lead by key figures; as well as a market leading exhibition, which will enable you to view the latest products and services available to them. Over two packed days, the National Software Testing Conference is a vehicle for any professional aligned with software testing to network, learn, swap and share advice and keep up-to- date with the latest industry trends. Sponsored by Microfocus and Sogeti, some of the big names confirmed so far include: •  Rod Armstrong, senior director of QA at Expedia. •  SEGA, one of the leading interactive entertainment companies. •  Systems manager for Waitrose, Joanne Hopkins. •  Senior practice manager for Barclaycard, Karen Thomas. •  TESTA Lifetime Achievement award winner, Paul Gerrard. •  Chris Ambler, quality assurance director at TCSJOHNHUXLEY, a leading global innovator of live gaming solutions and services.


•  Test analysts, Chris Gollop and Beyza Sazir, from LMAX, winners of the TESTA Best Overall Testing Project in the Finance Sector category. •  Test leads for Microsoft, Bethan Lindly, and Paul Twidell. Sophie-Marie Odum, editor of the industry-leading journal, TEST Magazine, said, “We are really excited about our line-up so far. They each respectively have a wealth of experience that I’m sure many delegates can gain from, allowing them to head back to the office and implement change with immediate effect. “We are selecting speakers based on their exceptional levels of knowledge, which includes finalists and winners from The European Software Testing Awards, who have and fought their way through literally dozens and dozens of like-minded professionals and come out on top.” Commenting on his appointment, Rod said, “When Sophie approached me to speak at National Software Testing Conference, I jumped at the opportunity to both spend time with my fellow test/QA professionals and to share, as best I can, my experiences gained over 15 plus years in this industry. “ It’s not often so many like-minded people are brought together to share insights and learn from each other. I’m looking forward to spending time with as many of you as possible, together we can drive our competency forward to ensure it gets the recognition it deserves in the wider software development community. See you in May.” | January-February 2014

National Software Testing Conference

Headline Sponsor


Sogeti is delighted to build on our relationship with TEST Magazine and be a part of their inaugural National Software Testing Conference.We believe that the Conference will provide a great forum for learning for testers at all levels and we really look forward to taking part in 2014 Lara Irwin, Head of UK Marketing & Alliances, Sogeti When and where? The National Software Testing Conferences will take place in May each year, with the inaugural event taking place in 2014. Allowing you to plan your trip in advance and remove any feelings of unrest caused by consistent location change, The National Software Testing Conference will serve the software testing community from the UK every year.

Who should attend? The National Software Testing Conference is open to any business or professional that operates within – or takes an interest, or would like to be aligned with – software testing and quality assurance. The programme has been designed to cover core areas of software testing, including strategy, management, process and tools, and therefore the National Software Testing Conference would specifically suit: CIO’s CTO’s Directors of IT Heads of testing Directors of QA Testing managers Testing team leaders Directors of testing Chief architects Project managers Testing managers QA managers Chief engineers Practice heads of test

Why should I attend? All our speakers have been carefully appointed based on recent successes and projects. They have all have demonstrated beyond doubt that they possess the knowledge and experience to assist others.

The majority of our speakers have delivered or implemented projects, strategies, methodologies, management styles, innovations, ground-breaking uses of technologies, or best practice approaches in the last 12 months, and have won a prestigious European Software Testing Award (TESTA) as a result. Speakers at the National Software Testing Conference are not just testing heads, managers, directors, or individuals that have been hand-picked due to their exceptional levels of knowledge. The speakers are active testing professionals that have and fought their way through literally dozens and dozens of likeminded professionals and come out on top. You can rest assured that the conference programme will deliver up-to-date and cutting-edge content.You will receive pragmatic advice to current issues that will allow you to head back to the office and implement change with immediate effect.

Key information • Speakers include the winners from The European Software Testing Awards (TESTA) • Two-day event • Round-table debate sessions • An exhibition showcasing the latest products and services • Supported by the industry leading journal, TEST magazine • Taking place in May 2014 • Multiple streams covering an array of testing subjects • All refreshments included • Attendance for one day is £399.00 Attendance for two days is £449.00

To register your interest, or for more information, please visit | January-February 2014


IT Service Management Pitfalls

Mr SPOCK’s views on ITSM Consultant and trainer in project management and IT service management, Vladimir Ivanov AKA Mr SPOCK shares the common ITIL failures and offers some helpful advice… my presentation at TFT12, I am S ince known as Mr SPOCK in the ITSM sphere.This is because I described an association of ITIL Experts as being Mr Spocks from Star Trek - They are not from this planet! They are half-humans and half-vulcans; logical beings with no emotions! Also because it represents a clever acronym to help organisations employ best practice. SPOCK reminds me about the gap between ITIL best-practice books and real-life challenges in organisations that practitioners have to cope with. Coincidentally, my favourite quote is by Yogi Berra, that: “In theory there’s no difference between theory and practice. In practice there is.” Below, using the SPOCK acronym, I share five shades of ITIL failures I’ve seen often in the ITSM area along with my two cents of advice:

Start with people Don’t start with the process or tool. Switching to an ITSM mindset does not happen overnight and it’s never driven by the tool implementation. The “fool with the tool is still a fool” saying does apply to many cases where the tool is put in the cornerstone of the ITSM project. Kotter has given a handy 8-Step Process for Leading Change guide, which starts with: •  Step 1: Establishing a Sense of Urgency, followed by; •  Step 2: Creating the Guiding Coalition. The “why” and “who” will be clear then. •  Step 3: Developing a Change Vision and Step 4: Communicating the Vision for Buy-in will ensure people know what to do. • S tep 5: Empowering Broad-based Action and Step 6: Generating Short-term Wins


Ask consultants to teach you fishing, instead of just showing-off their fishing skills to you or feeding you | January-February 2014

IT Service Management Pitfalls

will answer an important, selfish question, “What’s in it for me?” •  Finally, Step 7: Never Letting Up and Step 8: Incorporating Changes into the Culture will make your change stick and will bring the laggards on-board.

Try drawing an organisational chart with the customer in the centre and see what happens when you discuss the ways of meeting business needs through service management core values

This MIT guy is a genius, let’s use his well-formulated advice.

Pragmatic approach: “adopt and adapt”, never do a “big bang” I recall a case in a top 10 insurance company, in Russia, where, instead of forming a big ITSM implementation project, I installed a Kanban board as a tool for managing their ITSM improvement programme. I had trained the IT management team to use a selection of Lean principles to make one improvement per week in the ITSM area. The biggest challenge for them was to learn dividing ideas into chunks of work that each functional manager would be capable of delivering within a week. Using this approach, they started to adopt only those parts of best-practice that were priority for their specific business at a particular moment. So, instead of “selling fish”, I gave a fishing pole and shared this case at TFT12. Ask consultants to teach you fishing, instead of just showing-off their fishing skills to you or feeding you.

Organise, don’t agonise The one person responsible for process improvements in large, multi-national banks are often told that there are just two groups of best-practices to work with – one helps with “Doing right things” and another with “Doing things right”. But the biggest challenge is to balance these from the organisational culture, practice and experience aspects. The usual process maturity journey starts with the process being a tool, which later grows into a “process as a defence weapon”; from initially dominated by functional structures into process-focused. Don’t allow the process to rule your organisation. Organise the processes instead, balancing between centralised and distributed process ownerships. Strive for an equilibrium; a balanced matrix. | January-February 2014

Customer focus shall be in focus

At the recent itSMF Estonia conference, everyone brought a customer focus to light, but from slightly different perspectives. Aale Roos’ point was that “ITIL Service Desk and the relevant processes are an obsolete model from 1980’s, and that we really have to understand that customer support needs to change”. Kaimar Karu’s trendy DevOps topic had it too: “A team for DevOps is one more silo, bad idea”. Patrick Bolger talked about the SM Congress and need to start bringing actual value to customers. SM Congress’ core values are inspired by the Agile Manifesto: Individuals and community over institutions and business; trust over control; sharing and knowledge over ownership and content; ingenuity over process; and outcomes over services. Try drawing an organisational chart with the customer in the centre and see what happens, when you discuss the ways of meeting business needs through service management core values.

Knowledge combined with problem management

ITSM consultant, Barclay Rae also shared ITSM Goodness, as always, but this time focussed more about problem and knowledge management. He said that processes, like incident and change management, provides a minimum base level of expectation for service quality and integrity, whereas problem and knowledge (particularly combined) actually make a difference, add quality and deliver improvement and innovation. Problem management provides an approach to long-term issue resolution – often this is only seen as technical, but this should also include sorting out organisational, procedural and commercial issues. Knowledge can improve efficiency and provide visibility of issues, as well as speeding up delivery. Both of these processes are fundamental to successful service delivery, yet both are largely implemented poorly, ignored or paid “lip service” in many organisations. Use your statistics to create meaningful reporting and keep in mind that 100,000 lemmings can be wrong!


IT Service Management pitfalls

The five top pitfalls of ITSM software Charlie Palmer, research analyst for TOPdesk, looks at the top five pitfalls of IT service management software that can have a negative impact on your organisation, by increasing your help desk’s workload, lowering your service levels and decreasing customer satisfaction…

management software lets you manage workflows S ervice efficiently, handle calls, and streamline a huge amount of

your IT department’s processes. So it’s the one-stop, sureshot solution to all your problems, yes? Well – possibly not entirely. Here are some of the most pervasive problems and pitfalls that we’ve seen hinder operations pertaining to service management tools.

1. Installation Unfortunately this stage is commonly overlooked or underestimated during the purchasing process. The pitfall to this is quite steep; it could mean that strenuous efforts invested could be wasted on a tool that isn’t actually configurable to an organisation’s needs. Different solutions come with varying degrees of immediate functionality (ranging from hours to days, or even months), and implementation can look like an easy area to cut costs and make the finance department happy. Possible end result: nobody else is. But speaking of other departments…

Another really useful feature for operators can be a conversation widget, letting your operators keep in touch with each other, easily sharing knowledge or tips. But what about those outside your department?

2. Coping with more than one system

4. Justify IT investments

It can be interesting to look at whether different parts of the company are actually communicating or cooperating to their best potential. If not, it might be as profound as literally using a different language – does the facilities department know what you mean when you mention ITIL? Can you easily co-ordinate your databases in line with your other current applications?

Is your hard-working, all-star team actually being appreciated as it should be? It’s quite possible users have little idea how your helpdesk works behind the scenes (or perhaps, don’t even realise there is one until they need it).

It takes twice as much effort to run two different systems – and how about three? A system that runs across the company departments save manpower, effort and (of course) license and maintenance costs.

Overviews and reporting functionality is your friend here: not only can you build plans around everyone’s workflow, but you have solid evidence to show the number of tickets being dealt with and man-hours being used – rather than having to anecdotally pass it up the chain that you’re all really busy. This helps you justify the need for more staff or more equipment.

3. Keeping your operators happy

5. Don’t make it complex

Does your system let your operators get the most out of their day – making their work more rewarding? We’ve had IT managers tell us that before they started evaluating a new solution, they’d been manually copying incoming emails into their service desk, which would turn out to be a full-time job for one of their employees. A service desk tool should be genuinely helpful at both ends. Is it user-friendly? Can you customise the dashboard? And if it’s web-based, it’ll let you stay mobile too. Seemingly small things such as standard solutions, forms and autoresponses to requests free up an operator’s day while raising customer satisfaction.


Service management software comes with many ways to empower end-users to deal with incidents or problems, such as a knowledge base. But paying attention to training the users (whether internal or external) how to operate the software will really pay off. If the system is hard to use or you’re devolving too much responsibility to the end-user, then it might not be saving your team as much time as it could be. If users spend too much time on the phone to the IT department, or your team have to backtrack on solution processes due to inaccurate categorisation, then you’re possibly just blocking up the workflow unnecessarily. | January-February 2014

V ITAL focus groups

Helping you overcome obstacles

2014 • One-day event • Over 100 decision makers • 12 thought-leading debate sessions • Peer-to-peer networking • Exhibition • Cutting-edge content For more information, please contact Swati Bali on +44 (0) 203 668 6946 or email her at: Organised by: T H I R T YO N E Publishers of VitAL Magazine

IT Service Management

What does the future hold for ITSM? Which trends and developments will be important for service management organisations this year? Hardeep Singh Garewal, President, Europe at IT infrastructure services specialist, ITC Infotech takes a look ahead‌ service management is evolving. It is developing from I Tusing a pure play services framework into adopting a more outcome-based agile model. As more companies, operating across a variety of sectors, become increasingly reliant on their IT systems, applications and networks, the key IT performance indicators of yesteryear are being replaced by an all-encompassing service availability that adds more value to the business. In the new ITSM paradigm, agility and a light service framework are what the CIO is gravitating towards.


While it is very much up to the service management team to get the message across at the highest level about the value they create in the organisation, there will be a number of opportunities for the service organisation to make its mark in the coming months and years. As part of this process, IT service management is gradually moving from being recognised as part of IT infrastructure management, towards an all-encompassing metric for the CIO. ITSM is transforming into an independent entity that manages the infrastructure, operations and applications in organisations with a complete focus on customers and the business. | January-February 2014

IT Service Management

SaaS and the cloud


There are now many enterprises that have seriously started assessing the Software-as-a-Service (SaaS) model for ITSM applications. The arguments for doing this are becoming ever more compelling: quicker time to market at optimised cost with the dynamic ability to ramp capacity up or down as the business dictates.

Gartner suggests that from now through to 2018, a variety of devices, user contexts, and interaction paradigms will make “everything everywhere” strategies unachievable. The unintended consequence of bring your own device (BYOD) programmes has been to hugely increase the size and complexity of the mobile, IT-enabled workforce (two or three times more complex, according to Gartner estimates), straining both the information technology and the finance organisations. The ITSM framework will have to extend support to consumers far outside the comfort of the enterprise domain.

The push for more personal cloud technologies is already leading to a shift toward services and away from devices. The type of device one has will be less important as the personal cloud takes over some of the roles that the device has traditionally taken care of. ITSM thus far has been a device-dependent service framework. The emergence of cloud computing in general, and the growth of the personal cloud as an extension of this trend, will demand a significant transformation of ITSM processes. The focus will shift to the service rather than the device. At the same time, the demand for computing and storage horsepower is increasing exponentially. Gartner suggests that bringing together personal clouds and external private cloud services is becoming essential. With increasing utilisation of the cloud, the way ITSM tools and applications are implemented is also evolving. The traditional approach has been programme or project-based, and, in organisations with specialised requirements, these implementations can take months or even years. When this happens, the tool is often tweaked so much that the initial ITIL idea of following best practice gets completely lost. Best practice must be kept front and centre whether the implementation is on-premise or cloud. Pre-implementation studies and implementation strategies enable organisations to focus more on adopting best practice and ensuring that things like ITSM process automation can be implemented in a much shorter time frame.

Orchestration Over the last couple of years, IT departments have attempted to automate routine IT tasks but with limited success due to the use of disparate products or scripts that operate in silos.

These changes can help the IT support staff too. They don’t need to be at their desks accessing tickets or updating them. IT managers or approvers no longer need to use traditional approval methods. Going forward, ITSM applications will sit on any mobile device as apps so that approvals can be given, tickets worked upon, and reports and performance/KPI dashboards can be accessed from anywhere, anytime on any device. The traditional ways of requesting services from the IT department are also changing, moving to a self-service, “App Store”-type model. Combining cloud computing with an accessible, online Service Catalogue massively improves the user experience.

The future’s agile IT departments have to get more agile in order to

respond better to the business’s needs. Alongside this there has to be a shift in the IT support mind-set to a focus on improving the customer experience. Part of this process is allowing users to use their own devices. Over the next few years, different iterations of BYOD will be in demand, and the IT service management processes around this mobility will have to mature. The flip side of this is that there will have to be improved compliance awareness to reduce the business risks associated with this increased mobility.

The need of the hour is to build “intelligent” automation that can move across the boundaries of the IT Infrastructure and applications, perform required actions and provide intended outcomes. Orchestration describes this automated arrangement, coordination, and management of complex computer systems, middleware, and services.

There will be a significant move in how IT departments service their customers. The focus will be on increasing the end user’s self-help/self-service capabilities using the cloud. There will also be a very high degree of automation implemented to perform routine tasks, reducing human intervention and errors, but this all has to be achieved with a high degree of customer satisfaction in mind.

In future, agility and orchestration processes will mature significantly. “‘ITSM standards”, which had constituted a single framework across the enterprise, may see varying levels of service by enterprise function. IT departments will see their focus gradually shift from providing technology to supplying solutions that are required by the business, and Business Service Management (BSM) will become an integral part of ITSM.

IT departments will see their focus gradually shift from technology to providing solutions that are required by the business. | January-February 2014

On the wider stage, the service management process is starting to involve brokering and integration management, amalgamating capacity from various providers and presenting these solutions to the organisation as a seamless service.


IT Service Management

A Co-operative approach to business growth Sheridan Hindle, Head of IT at The Midcounties Co-operative, discusses how the company’s significant growth and expansion into new business areas called for the introduction of self-service capabilities and automated compliance reporting… Midcounties Co-operative is the largest T heindependent co-operative in the UK, with sales of £1 billion. Headquartered in Warwickshire, it covers a broad swathe of England; with trading outlets in Oxfordshire, Gloucestershire,Wiltshire, Shropshire,West Midlands, Worcestershire and the surrounding counties. Owned by 439,000 members, it employs over 10,000 people across a variety of businesses including retail, travel, pharmacy, energy, funeral care, post offices and childcare.


According to Sheridan Hindle, the Co-op’s head of IT, this combination of natural growth and entering new areas of business, such as childcare and energy made the Co-op’s reach more than double its previous size. Due to these new markets, the number of employees relying on IT for their jobs grew by a much larger proportion, and a 2004 review of the Co-op’s ITIL processes led the organisation to deploy new service desk software. Hindle explained, “The growth of our organisation has been enormous since 2004, not just in simply increasing our staff | January-February 2014

IT Service Management

Despite the number of IT support calls a week rising by over 700, the IT service desk has only had to increase its own staff from 55 to 70 over the last three years, while at the same time growing its turnover from £750m to £1billion but moving into new areas that require much more IT activity. From 2009 to 2012 alone, our number of IT users grew from 7,000 to 10,000 while in the same period of time the number of IT support calls grew from under 600 a week to 1,300. Additionally, our expansion into heavily regulated areas, including childcare and energy meant that there was an increasing need for IT governance. “Simply growing the ITSM team without limits would be a prohibitively expensive way to ensure IT services continue to deliver on business needs. By helping us do more for less, Hornbill’s Supportworks ITSM Enterprise service desk software has ensured that we can cope with more users, more support calls and tighter and more varied regulations without having to accept spiralling staff numbers and costs.”

Self-service support The Co-op attributes much of this time and resource saving to new self-service capabilities, saying they have helped reduce the time that the IT services team spend on IT support calls by 30%. Hindle continued, “We’ve been able to support these new users with fewer resources. Despite the number of IT support calls a week rising by over 700, the IT service desk has only had to increase its own staff from 55 to 70 over the last three years, while at the same time growing its turnover from £750m to £1billion. “The number of workers using IT has increased to over 10,000, but through using automation and self-service capabilities we’ve been able to ensure that the support and provision of IT services remains as efficient as possible.”

Supporting different levels of expertise Of course, not all IT users are created equal. With over 10,000 staff, the Co-op contained a range of IT users with differing skill levels. “We wanted to make sure that all our staff could resolve issues quickly and without needing to call the IT team,” said Hindle. “With the Supportworks self-service portal, workers that are competent with technology can self-diagnose and fix simple issues; while at the same time, those that are less confident can be directed to first-line support for help. “The simplicity of the upgrade process has meant that we’ve been able to keep pace with ITIL development. It is built on the best practice ITIL framework, so ensures we consistently | January-February 2014

follow the guidance of established best practice as technology and the ways in which it is used evolve.”

New challenges The Co-op’s rapid expansion into new business areas includes sensitive industries that require close regulation, such as energy and childcare. Indeed, the Co-op is now the fifth largest childcare provider in the UK; which brings a new set of challenges for the organisation. Hindle commented, “The childcare and energy sectors are heavily dependent on technology and compliance, and come with stringent regulations. Being a childcare provider means that all our actions must be compliant with Ofsted regulations and that compliance must be easy to maintain and record. In many cases, this would require high growth of IT resources to meet the demands of effective IT governance. “However, we’ve been able to meet regulatory requirements with ease. Supportworks automatically records all transactions, providing us with an audit trail of IT activity which helps us ensure and prove compliance. Because of this, the IT services team have more time to concentrate on maintaining and improving the quality of IT services as we continue to grow.”

Planning for tomorrow The Co-op does not expect IT to stand still and the IT services team is already planning for a growth of workers using personal devices in the workplace. “We will continue to grow as a business and more and more IT workers will need our support to ensure their work is unimpeded,” said Hindle. “As social media and personal devices become the norm in business, we are adapting to new technologies through integrating Supportworks with Twitter and smartphones. “We’re already considering the potential benefits that these new technologies can bring, and planning for their use. At the same time, the abilities and best practices associated with technology itself will continue to evolve. From more new employees to expanding into new areas to adapting to the evolution of IT, we are confident that we can suppor t any growth or technology evolution that appears,” concluded Hindle.


VitAL Processes

A new balancing act Growth in virtualisation is driving the migration of IT budgets and changing the market landscape, says Peter Melerud, EVP of product management at KEMP Technologies…

is a quiet revolution going on in enterprise IT. In T here many organisations, the domination of the centralised IT department is coming to an end, with the migration from large, fixed capacity, computer and storage hardware systems, to virtualised and cloud delivery models.This shift is putting Line of Business (LOB) managers in closer control of the computing environment, driven by dynamic market and operational needs and a more agile, pay-as-you go approach to deploying applications. For the first time, they can buy what they want, when they need it and scale up and down as required. Today’s corporate infrastructures include a dynamic mix of physical, virtual and cloud deployments. Server virtualisation has rapidly become the default platform for modern datacenters with some 50% of all new workloads deployed in a virtual machine (VM). This trend also means that central IT purchasing has been replaced, at least in part, with LOB responsibility, spurred on by C-level initiatives to drive greater departmental accountability without the problems of amortising centralised IT overheads.

The benefits of virtualisation and LOB separation Three key attributes of server virtualisation have accelerated this trend to LOB independence: • First, excellent server-to-server and resource-to-resource isolation facilitate dynamic sharing of core data center hardware, ensuring that peak demand from one LOB does not affect the service quality for other


workloads. Even though they draw from a common pool of shared hardware infrastructure, there is no need for separate LOB IT projects to be coordinated if they all run in their own well-isolated virtual environments. • Second, the self-service provisioning features offered in modern server virtualisation platforms has ensured that LOB projects can proceed at a business-dictated tempo, unaffected by the too-often opaque workings of the central IT priority queue. • And third, granular visibility of resource utilisation has enabled a metered “utility” chargeback model, allowing for LOB budgetary autonomy and accountability. As a result, many organisations are rethinking their approaches to up-front purchasing and on-going IT management costs, switching from the traditional centralised systems cost model to a more agile and flexible application-based financing model. This shift from physical to virtual also means that big ticket items such as large hardware servers and storage devices are now being replaced with virtual alternatives. IT departments no longer need to invest up-front in future-proofed solutions that will accommodate applications rolled out years ahead. From an Oracle ecommerce solution or CRM system, to migrating to the latest version of Microsoft Exchange or implementing unified messaging, it is now very quick and simple to “spin up” a new virtual server to deploy a new application.

Virtualisation and the cloud are changing the face of enterprise IT for the long term. Forrester believes that 77% of organisations will be using virtualisation by the end of this year | January-February 2014

VitAL Processes

ADCs and the new agile enterprise Traditionally, one of the high cost items for large enterprise IT systems has been the load balancer or application delivery controller (ADC). But until recently, ADC technology has largely been delivered with fixed-capacity, dedicated devices; anomalous “mainframes” in an otherwise agile enterprise. With big iron ADCs located in the heart of the data center, it is difficult to deliver on-demand, right-sized capacity to multiple LOBs and virtually impossible to implement meaningful non-contentious chargeback. An ADC directly assists in the management of client connections to enterprise and web-based applications. ADCs are normally deployed behind firewalls and in front of the application servers and make networks and applications more efficient by managing the processing of traffic shaping and distribution. A bit like traffic police, the ADC directs client access requests to the best performing servers based on factors such as concurrent connections, CPU load and memory utilisation. This makes sure that bottlenecks do not occur to reduce performance; and if a server or application fails, the user is automatically re-routed to another functioning server. This process is seamless to the user and critical to delivering an optimised and reliable experience. “With a forecast expected to approach $2.3 billion in 2017, virtualisation, cloud and data centre consolidation are all key signs driving growth in the application delivery controller market,” said Casey Quillin, senior analyst of | January-February 2014

Today’s corporate infrastructures include a dynamic mix of physical, virtual and cloud deployments. Server virtualisation has rapidly become the default platform for modern datacenters with some 50% of all new workloads deployed in a virtual machine (VM) Data Center Appliance Market Research, Dell’Oro Group. “The core market drivers, however, remain sound and we are only just beginning to see the positive impact of the public cloud on virtual ADCs.”

No turning back Vir tualisation and the cloud are changing the face of enterprise IT for the long term. Forrester believes that 77% of organisations will be using vir tualisation by the end of this year. But what is more impor tant is how businesses will harness this new flexible and scaleable enterprise environment to become more dynamic, productive and competitive. It appears that, for the first time, the business man is in charge of the “IT machine” – albeit a vir tual one. It is the oppor tunity for companies to seize the moment, demystify complex technologies such as load balancing and make them accessible, affordable and quick and easy to deploy and manage.


VitAL Management

The dangers of shadow IT: known unknowns Richard Acreman, CEO of WM360, looks at how the standard IT function works within a business, and what happens when non-IT workers take on responsibilities that should be handled within the IT department… a typical company, large or small, there will be a I ndedicated IT function, whether it’s a lone IT manager, a

whole IT department, or something in between. In any case, it will be their responsibility to buy, build and manage the entire IT infrastructure of the company, and to take full control over everything from design and security to permissions and more. More and more, we are seeing non-IT workers taking these things into their own hands. This has developed over recent years with the BYOD phenomenon in particular. This not only raised security concerns in terms of workers taking confidential material out of the workplace, but also because of the possibility of bringing viruses and similar threats into the workplace through unsecured devices. We are now seeing this being taken one step further by employees creating their own systems on corporate servers, typically bypassing the IT department altogether in order to use their preferred applications and programs on their work computers. This phenomenon, known as “shadow IT”, is something that needs to be high on many businesses’ agendas.

What is shadow IT? And where is it happening? Shadow IT describes the practise of non-IT workers and departments either building or installing their preferred applications and programs onto corporate devices and systems – without the permission or the awareness of the IT department. Thanks to BYOD and the increased flexibility provided by the cloud, it is now easier than ever for employees to install and run their chosen applications on both their personal and corporate devices. Shadow IT is not limited to any particular type of company; it is most likely occurring in some form or other at most corporate organisations these days. This can be in the form of simply downloading instant messaging apps – such as BBM or Whatsapp – onto corporate mobile phones and tablets, or can go as far as employees setting up their own internal collaboration systems to store documents and communicate with each other.

Pros and cons of shadow IT Shadow IT causes many concerns for both the IT department and the business as a whole, especially when it comes to the security of company data. The most popular technologies being implemented through shadow IT tend to be consumer-grade technologies – both because of the ease of implementation and the already ingrained popularity with employees. However, applications like these bring with them very loose security measures which can jeopardise a company’s overall data security programme. In addition, by allowing employees to choose their own technology to use in the workplace, a company risks creating siloes between different departments, since different


collaboration systems are often incompatible and thus unable to communicate with one another. However, there are some short-term positives that can be brought about by shadow IT, such as improved employee engagement with the technology tools they’re using, as well as greater innovation and fresh ways of thinking about corporate technology.

What can businesses do to prevent shadow IT in the workplace? In order to prevent shadow IT from becoming a problem, or even occurring full stop, businesses need to consider ways to make corporate IT systems not only flexible and easy for staff to use, but also visually appealing and fun:


Amazingly, many large enterprises are still using siloed legacy systems that hamper communication across the business and restrict employees in what they can do with the technology available to them. Instead, all businesses need to pay attention to social functionality when reviewing their IT systems. Innovation in this area can be used to create user interfaces that are similar to employees’ favourite consumer websites, along with new ways of communicating across the business. Breaking down barriers between different areas of a business in this way can have a positive impact on performance, not only for individual employees but also for the business as a whole.


Whilst many businesses now have mobile-friendly, consumerfacing websites, internal communications often lack this same mobile capability. Forward-thinking businesses that make investments in improving the internal mobile experience and invest in business-to-employee tools can make aspects of their employees’ jobs much easier, faster and more enjoyable. In turn, employees will not need to resort to using their own devices or their preferred programs and applications.


Another way to engage employees and increase their satisfaction with corporate technology is to “gamify” certain elements of applications and programmes. Gamification can be integrated with a company’s social and mobile strategies to encourage participation from all areas of the business and can help support key business objectives and metrics. When used correctly, gamification can animate even the most tedious of tasks, and can be extremely effective in motivating employees. A lot can be learnt here from consumer websites and programmes, and elements from these can certainly be adapted for corporate use. With attractive, engaging and easy-to-use technology options, there will be less likelihood of employees using shadow IT in the workplace. | January-February 2014


Print | Digital | Online For exclusive news, features, opinion, comment, directory, digital archive and much more visit

Published by T H I R T YO N E

VitAL Management

Gamification – how your business can reap rewards too Mindtree consultant, Chandan Kumar Jilukara, discusses the idea of gamification and how it could be beneficial to your organisation, your brand, and, more importantly, your customers…

Brands can now leverage gamification to get customer insights. Brands can incentivise customers for providing feedback and they can make boring surveys interesting and engaging by using play-like element is one of the emerging technology trends G amification that needs to be on the watch of every business. It is about improving engagement and motivation by taking the elements of games and applying them to real-world, non-game situations. Game elements can include virtual rewards and status indicators like achievements, badges, challenges, collections, leaderboards, levels, and points. Gamification is fuelled by the human desire to be rewarded for work – as it is recognised that people perform their usual tasks even better if they are motivated.

Mobile apps Gamification as a concept can be applied anywhere. But, brands can reap enormous benefits if elements of gamification are applied at customer touch points and, in today’s world, this


means going mobile. According to a report by Flurry Analytics, significantly more time is spent using mobile apps compared to using the mobile web with research in the US showing customers spend 80% of time within mobile apps and just 20% using mobile web. Marketers have also made the transition from TVs and radios to websites, communities and social media to mobile. So, in order to get more traction for their mobile marketing initiatives, marketers can leverage gamification in their efforts. This gives birth to the phenomenon of the application of gamification in mobile apps. When applied to mobile apps, gamification will help brands garner huge customer loyalty and advocacy. Brands can use gamification techniques and design thinking while building mobile apps to shape intended customer experiences. | January-February 2014

VitAL Management

Brand apps Mindtree undertook research to find out more about the phenomenon of mobile app gamification. We chose mobile apps from brands across industries to study the application of gamification concepts in their mobile apps. Mobile game apps from brands were not included in the study, and, in total, we studied over 30 mobile apps from various brands and observed various gamification concepts put to use. The findings were: •  Around 68% of the brand apps are gamified with the mobile app having gamification concepts built into the app. •  Gamification in mobile apps is used for two major purposes – to motivate use of brand products and to encourage social media activity. •  Challenges, badges, leaderboards and points are the four top gamification elements used in brand apps.

The era of gamification The digital space is becoming a more challenging territory resulting in marketing clutter. And, as marketers strive to become increasingly more relevant to their customer’s context and needs, they are employing gamification concepts to cut across the clutter. With traditional and digital marketing, marketers are thinking how best to differentiate themselves and gamification is one route of motivating customers to work closely in promoting the brand. Some brands are just getting started with gamification of mobile apps and there is a growing trend of brands using gamification to motivate customers and other stakeholders. Indeed, mobile app gamification is on the rise and its use is focused in six key areas: 1. Product learning: When customers understand a product completely, they are more inclined to use it effectively. Brands can use gamification to excite customers to learn about its products and can create fun tutorials for customers. This can mean rewards for completing tutorials with the tutorials focusing on product benefits and product differentiation points. Microsoft came up with the game Ribbon Hero to make learning about features of their new MS Office fun and engaging. Users are motivated to explore features of new MS office through small challenges and were rewarded through points and levels. 2. Product usage/support: Brands can use gamification to motivate customers to use their products more often. Brands can build challenges and competitions into brand apps which engage customers and allow users to share their product experiences within communities. Customers sharing their experiences can be rewarded through points or badges. This type of product usage also helps in building brand identity around the products. Nike has built fitness apps which challenge and motivate the user to keep using Nike products. Users can create challenges for themselves to stay fit and also keep track of their progress and can move up levels and share their achievements on social media. | January-February 2014

3. Product co-creation/innovation: Innovation is important for a brand’s survival and brands can now drive innovation externally through crowdsourcing and gamification. Brands can call for innovative ideas across areas and can reward the best. For example with the winner’s name and photo being printed on products to denote co-innovation. Cosmetics company, Bobbi Brown used crowdsourcing to select the shade of a new lip colour. Bobbi Brown invited customers to vote for their favorite shade from the list of 10 most frequently requested colours. 4. Social and community engagement: Brands can use social media and other communities to spread the word, drive sales and provide customer service. Conversations on social media are driven by customers and a monologue from brands is not going to help. Brands can, however, use gamification to foster social and community interactions among customers by incentivising them to reiterate conversations. Brands can also incentivise customers with high social activity through product coupons, badges and points. Without rewards, social media activity by customers will be just a fad. Levi’s ran a social media marketing campaign using Instagram. The company asked its customers to upload images of themselves onto the social media network with tag #iamlevis. The winner was rewarded by taking center stage in Levi’s “Go Forth” advertisement. 5. Customer segmentation Brands can deliver compelling experiences by segmenting and targeting customers based on their context. Mobile devices with location and other sensor data offer contextual information on the customer and brands can target customers in a better way by providing them with relevant information about products, retailers, offers and discounts. Foursquare, the location-based social networking player, used gamification to get contextual information of customers by incentivising them to share their location data. Customers are rewarded through coupons, freebies and discounts when they check-in at a location frequently. 6. Customer insights Customer insights are very important for brands. Whenever brands want to check the customer pulse, they often float surveys only to find that they don’t get the response they expect. Perhaps this is because customers didn’t have an incentive to answer the survey and many customers only answer surveys when they have had bad experience with the brands. Brands can now leverage gamification to get customer insights. Brands can incentivise customers for providing feedback and they can make boring surveys interesting and engaging by using play-like elements. Marriott, the multinational hospitality company, initiated a survey to understand their target customers better and to improve the response rate, the first 1,000 respondents were rewarded with 2,000 Marriott Reward points. The future of mobile gamification seems certain. Many expert commentators believe that gamification will gain huge adoption to radically improve customer experiences.


VitAL Management

Five myths about outsourcing customer service VitAL Magazine looks at the five myths that hold back many businesses from outsourcing their customer service, despite its many benefits‌ ago outsourcing was a new concept; now, A decade in many industries, it is the norm. Indeed it is a significant part of the global economy: in August 2013, Gartner predicted that the global outsourcing market will grow by 5.4% a year for the next four years, reaching a total value of $288 billion.


Yet, despite this, many corporate executives remain sceptical of the benefits of outsourcing. In fact, it is hard to think of an industry that has grown so large so rapidly whilst at the same time attracting such widespread opprobrium. Here, we debunk the five myths that hold back far too many businesses from realising the benefits of outsourcing. | January-February 2014

VitAL Management

1. “Language will be a hurdle” Perhaps the most common complaint about outsourcing to an overseas firm is that they will not have the language skills required. We have all suffered through conversations with unfortunate agents who are bravely trying to comprehend unfamiliar words, make themselves understood through thick accents, and compete with a crackly line. It is little wonder that many senior executives are reluctant to entrust their customer service to an outsourcer which might present similar problems. Yet, in new outsourcing locations like Bulgaria, language skills are a selling-point rather than a problem. What’s more, the standard of those languages is very high. It is not enough for someone to speak the language well, or even be merely technically fluent – they must be a native speaker. For example, to speak to Brazilian consumers Portuguese is not enough; it must be Brazilian Portuguese.

2. “It might save us money, but it will compromise quality” There are few aspects more critical to the success of a business than the relationship it has with its customers. Therefore, it is unsurprising that so many companies are reluctant to entrust these relationships to a third party. Because much of the early enthusiasm for outsourcing was driven by the opportunity to cut costs, and because there are still significant savings to be had, the entire outsourcing industry has in many minds become synonymous with cost savings. Yet, recent research from business advisory firm, KPMG, among 490 outsourcing contracts worth a total of £10 billion, found that for many companies the primary driver for outsourcing is no longer cost reduction – in fact, it’s enhanced quality of customer service. KPMG stated that 48% of respondents based decisions to outsource on a desire to improve service levels. That was up from 28% in 2009. 56% cite “the need to access skills” as an influential factor behind their decision to outsource.

3. “We will need to spend all our time training the outsourcer’s agents” An outsourcing firm may hold generic skills and knowledge, but it may lack specific knowledge about a company, its products, services and customers. For this reason, many executives fear that entering an outsourcing arrangement will result in them running endless training sessions for the outsourcer’s agents. Yet, in most cases, it is only the initial training that needs to be delivered by the client company. For example, back in | January-February 2014

For many companies the primary driver for outsourcing is no longer cost reduction – in fact, it’s enhanced quality of customer service 2010, Seatwave, the ticket reseller needed to be certain an outsourcing firm would answer at least 80% of queries in real-time, answer emails within 48 hours, and maintain the reputation for high quality customer service that it had built. It brought the first batch of 60K agents to its London head office and ran a detailed training programme for them. According to outsouring company, 60K, three years later, the firm now answers 97% of queries in real-time, respond to emails within 24 hours, and achieve all targets for quality of customer interactions.

4. “I will have no control over an outsourcer” It is easy to feel confident about the quality of customer service you are delivering when you can wander over to your customer service department, walk among the agents and listen to the conversations they are having. But, how do you know what an outsourcer is doing? However, some companies who have outsourced can monitor webchats in real-time, and look at a dashboard showing response and resolution rates. In fact, many companies can have a clearer view than gained from in-house departments, and can become more relaxed and confident in the service provided to its customers.

5. “We will have to pay six-figure setup fees” For organisations that have spent years building an in-house customer service function it has always been a major step to outsource it, not only for all the concerns above, but also because outsourcers have traditionally charged significant setup fees. An understandable reluctance to pay six-figure set-up fees has deterred many executives from outsourcing, yet the rise of cloud technology solutions, and a more flexible workforce in many countries, is enabling a growing number of outsourcers to do away with set-up fees. Of course outsourcing a customer service department is not for every company. However, with the numerous benefits it offers, it’s worthwhile investigating whether it will work for your business, your team and, more importantly, your customers.


VitAL Management

The intelligent approach to the service supply chain VitAL Magazine looks at the intelligent approach to the service supply chain, which is moving to ensure the highest level of customer service can be offered at all times... all industries, guaranteeing the highest possible A cross customer satisfaction levels is at the forefront of business thinking, playing an increasingly large role in decisions consumers make regarding which companies they use. The first port of contact for customers requiring after sales service is of course a contact centre. The initial call is logged and whenever possible, resolved. But are customers really


satisfied with service calls? What’s the impact if the problem is not rectified within the agreed time, or if the service supply chain is too disjointed to efficiently resolve the problem?

Successful customer interaction is vital Carolyn Wilson, services director of technology support specialist Centrex Services, believes the contact centre process is outdated and ineffective for today’s technology support. | January-February 2014

VitAL Management

She said, “It is clear that the role of the contact centre within the service supply chain has evolved rapidly; moving from simply offering support to becoming the driving force behind customer satisfaction. There must be control over the entire journey of the repair, not just an automated process to raise a service ticket. Service companies are now at the forefront of customer service; this unrequited lip-service is no longer just an afterthought.” This view is shared by businesses across numerous industries, as highlighted in a recent study by the Aberdeen Group, which showed 96% of businesses viewed improving customer service results as their primary goal. Wilson explained, “There are two major factors which directly affect the success of customer interactions, namely triage (problem identification) and the ability of the control team to resolve any issues as efficiently as possible. “Equipping the staff to intelligently diagnose hardware problems over the phone and enabling them to take responsibility for the entire service process results in a huge increase in satisfaction levels, as invariably customers are contacting businesses to gain resolution as quickly as possible.” This starts with the control representative ascertaining not only the nature of the call, but where the part is located and when the correctly skilled engineer can be scheduled to visit the customer. Inefficient control results in dissatisfied customers, and, worryingly, a recent report by The Service Council found only 9% of engineers dispatched had the part required to fix the hardware. Instead, businesses favoured a system where engineers operate in territories and will therefore immediately be called out if the customer’s address falls within their patch; regardless of the parts they have to hand. “If a customer’s problem revolves around a part being sourced and fitted by an engineer, for the traditional contact centre to dispatch an engineer closer to the customer because it is more convenient, is unacceptable,” said Wilson. “This just shows it’s vital that changes are made to the way businesses view their own contact centres and move to adopt better control throughout the process.”

Why accept failure? With technological development accelerating every year, it is surprising that the vast majority of companies have failed to apply additional layers of intelligence and responsibility to their contact centres. Instead, outsourcing this is still a popular choice, although as Carolyn points out, this is not an effective method and is often cited as poor customer service. “When contact centres are outsourced, businesses always run the risk of providing a service where staff processing customer calls have little knowledge related to the logistics of the service supply chain. Unsurprisingly, triage is inefficient

The current approach to after sales is a siloed one, contact centres often pass the customer onto the next silo if they are unable to resolve the problem themselves; washing their hands of the problem at the first opportunity and service level agreements (SLA) are often missed,” said Wilson. “I remain astonished that businesses continue to offer contracts which allow for a certain level of failure when it comes to meeting SLA’s, which is often the bar used to measure customer satisfaction. “The current systems in place across the after sales service supply chain are not fit-for-purpose and the time for change is upon us. There will of course be resistance from those who believe the traditionalist approach works, but accepting failure is intolerable and should not be accepted by business leaders or their customers.”

Applying intelligence Wilson believes offering a customer support service hosted under the same roof as the other elements of the after sales service supply chain must become the norm across all industries to drive brand loyalty. “The current approach to after sales is a siloed one, contact centres often pass the customer onto the next silo if they are unable to resolve the problem themselves; washing their hands of the problem at the first opportunity. “A control centre provides true added value to the customer, utilising a legitimate knowledge-base to not only resolve a high quantity of issues during triage, but controlling each step of the process from opening the call to booking the correct engineer, with the right part or loan product. The result; the SLA failure is eradicated.”

The customer must come first Thinking outside the box, offering a loan service combined with the control centre representative, demonstrates a new way of thinking and approach to service delivery. By asking the right questions, the control centre is able to give the customer realistic expectations while guaranteeing whatever the problem is the consumer will not be left without a vital piece of hardware overnight. It is clear that by creating a system where the customer’s needs are viewed as the most important element of after sales support, control centres can offer continuously high customer service levels. Ensuring triage is effective and efficient so issue resolution is reached as promptly as possible, while offering short-term hardware loans when required, creates a supply chain in which customer satisfaction is guaranteed and brand loyalty continues to grow.

References available on request | January-February 2014


VitAL Management

CFOs and CIOs need to collaborate better to get to the cloud “UK C-level executives understand the benefits of the cloud, so what’s holding them back?” Asks Bob Welton, regional director northern Europe, NTT Communications in Europe… easy to feel safe with what you know, and when it I t’scomes to enterprise technology, that often means your

current setup, no matter how antiquated it is. Even though today’s boards understand the cloud’s potential for their organisation, many are still not using it at a strategic level. And just as often, the financial team are finding it hard to justify without having the right insights presented to them.

ICT to drive business innovation…

Forbes recently cited that businesses are now facing an 80/20 budget split, meaning 80% of ICT budgets are devoted to run and maintain incumbent systems, leaving just 20% for innovation run and maintain incumbent systems, leaving just 20% for innovation. It is clear that executives recognise the importance of cloud computing, which is genuinely dominating boardroom planning, according to a KPMG report.

For the CFO, the challenge is to think of new ways to use technology in the business that helps deliver the strategic objective of the company, but at an acceptable cost. And this often means grappling with existing legacy ICT estates and not putting forward the funding needed to mature ICT services to the business. CIOs recognise that cloud computing could provide some of the answers.

However, there is still a lack of understanding around the complexity of legacy ICT estates and how this is hindering wider business innovation. CFOs and boards need to look for ways to step forward and address this imbalance. By implementing the right ICT solutions, this will support expansion into new markets, offer advanced security and provide intelligent data to help business growth.

Recently, the UK Government announced plans for its Information Economy Strategy and its desire for the “UK to be a global leader, excelling in cutting-edge technologies like Big Data, cloud computing and cyber security”. This, along with the G-Cloud programme, and its recent investment of £440 million through the Technology Strategy Board (TSB), is intended to help drive business innovation and the importance of commercial growth to the wider political and business agenda.

CFOs and CIOs must work together

Findings from a new independent report, commissioned by NTT Europe, suggest that these investments may be significantly held up unless some basic issues are tackled first. The report, “Growing pains in the cloud”, found that four in five (81%) CIOs said that the complexities of their existing ICT infrastructure were holding them from adopting cloud computing solutions.

…Or is the complexity of legacy ICT estates hindering this? Forbes recently cited that businesses are now facing an 80/20 budget split, meaning 80% of ICT budgets are devoted to


Resolving legacy ICT issues is an understandably daunting task, but businesses need to stop thinking about whether they should address these issues and instead decide how and when. Moving infrastructure and applications to the cloud is clearly not going to happen in one easy step and can differ greatly depending on the size of a business, but some providers are ready and want to help. It’s easy to underestimate the essential role the CFO plays in this process too. When it comes to the bottom line, the smart CIO will work closely with their counterpart and the board to prove the financial argument for these developments. With the right background knowledge, it’s easy to work toward a position of confidence in such discussions. Ultimately, it comes down to the business case fitting the requirements of the organisation and understanding that moving to the cloud is not a slap-dash job. However, once the business case has been accepted by the organisation’s executives, the move to cloud is a much more compelling proposition. The stage is set and the ease with which companies can embrace the opportunity is greater than ever. | January-February 2014

Show Preview

The next level of cloud exploitation Whatever your level of cloud expertise, take it to the next level at Cloud Expo Europe…

need us to tell you that wherever you are on Y outhedon’t cloud learning curve – an early adopter, already

reaping the multiple benefits, or a smaller business just beginning the journey now – it always feels like there is so much more to do and so many more opportunities to exploit. But how do you sort the grand promises from the practical realities? And where can you find inside advice on what to do, how to do it and who to do it with?

Welcome to Cloud Expo Europe taking place on the 26th & 27th February 2014 at ExCeL London. Delegates are offered: • 300 speakers in a massive, multi-streamed, free conference programme. • Learn from dozens of real-life case studies, including the biggest of blue chips, the public sector and the smartest SME’s. • Cutting-edge and innovate technologies from a record number of international suppliers, including NetApp, Amazon Web Services, Digital Realty, NaviSite, HP, Interxion, Interoute, Rackspace, Dell, SSE Telecoms, Telstra Global, Savvis and Vodafone to name a few. • Depth and breadth – covering everything from hybrid cloud to software defined networks and data centres, from open source cloud to IaaS, from security and governance to cloud applications and from complex hosting to development platforms.

• Network with thousands of your peers; industry visionaries and leaders; and people who have faced – and overcome – the same challenges as you. An enviable line-up of the cloud’s biggest names and brightest brains; speakers include: • Adrian Cockcroft, cloud architect, Netflix Inc. • James Stewart, head of technology, Government Digital Services, Cabinet Office. • Jonathan Galore, CTO and VP Technology, • Joan Miller, director of Parliamentary ICT, Houses of Parliament. • Peter Ransom, chief information officer, Oxfam GB. • James Thomas, ICT director, University College London Hospitals NHS Trust. • Stavros Isaiadis, Assistant VP of Electronic Trading Technology, Bank of America Merrill Lynch. • Cameron Craig, partner, Co-chair EU Data Protection and Privacy Team, DLA Piper. • David Bulman, director of information technology, Virgin Atlantic Airways Ltd. • Chris Kemp, CEO, Nebula. • Stavros Isaiadis, Assistant VP of Electronic Trading Technology, Bank of America Merrill Lynch.

For the full, free programme and to book free tickets for you and your colleagues go to

You and your colleagues can register now for free entry at: Your ticket allows you free entry into Data Centre World, which is co-located with CEE, see for more information.

62 | January-February 2014

Service Management excellence in The Cloud Compelling cost model Full system management, high availability and support all included No infrastructure or maintenance overheads

Any device, any location Accessible via your favourite device Contemporary Web 2.0 responsive user interface Available wherever there’s an internet connection

Gamify your Service Desk Compete in gamification challenges and improve team performance Gain experience and “Level Up” Show off your support prowess with badges and rewards

Wallboards, Dashboards and Wizards Service Desk Institute approved reporting suite for key performance management View trends and compare progress over time Improve decision making and efficiency

Service and Process Management beyond the IT department Think, create and extend beyond the IT Service Desk Automate and manage business processes and tasks across the organisation No need to be a coder to personalise and extend your solution

Telephone: Email:

020 8391 9000

Follow us on Twitter – @SunriseSoftware Find us on Facebook – Sunrise Software

Breakthrough Technology

Whirling mobile phones and hovering champagne bottles Sophie-Marie Odum investigates a new product that allows companies to reinvent their products and excite their customers...

Many companies have products that are similar to their competitors so they need to introduce a new edge to get people interested – or maintain interest – to entertain them and to entice them, and that is what the Gravity Lifter does. It changes customers’ perception as it makes a traditional, everyday product more interesting and delivers a whole new range of opportunities for retailers Objects weighing up to 2kg can hover and rotate on a new rotating column, wowing and entertaining customers. Watches, cameras and tablets can be presented rotating in the air on the Gravity Lifter at fair stands and in the retail space; the clearance between the plate carrying the object and the column is up to 45mm. Usables, the Düsseldorf design article producer, is launching four new columns of the Gravity Lifter series. Oliver Plantenberg, managing director of Usables, said, “The sight is so surprising that you can see the fascination in people’s faces. It’s a wonderful eye-catcher and great fun.” Explaining the idea behind the Gravity Lifter, Plantenberg said, “I came across a magnet toy that spins around in the air. We looked at the bigger picture as to how this could help our business and display our own products, which includes tea-figures and candles. We then spoke to an electronics company who helped us develop the electronics side to keep the items floating. It worked so well that we wanted to market and sell this product.” According to Earnshaw’s theorem, permanent magnets should not usually be able to hover one above the other. On the Gravity Lifter, a little electronic assistance is provided so that the upper of the two permanent magnets maintains a stable hovering position and also rotates slowly at the same time. This is where three hall sensors are employed to measure the


magnetic field and the position. The control electronics manage four electromagnets that keep the object plate airborne. “We have a wide range of customers,” said Plantenberg. “Including cosmetic companies, private buyers who have purchased it for their homes; dentists for their waiting rooms; and solicitors, but our biggest clientele is in the retail space.” According to Plantenberg, the Gravity Lifter allows companies to reinvent traditional products. He said, “Many companies have products that are similar to their competitors so they need to introduce a new edge to get people interested – or maintain interest – to entertain them and to entice them, and that is what the Gravity Lifter does. It changes customers’ perception as it makes a traditional, everyday product more interesting and delivers a whole new range of opportunities for retailers. “It can take a very boring product and make it more interesting and that is the feedback we get. It gets people talking.” The small Micro model has a hovering height of 18mm, whereas the biggest version, known as the XXL, can carry up to 2kg and comes with a Plexiglas hoodle. All the products consume little power, make do with low wattages and are designed for continuous operation, 24/7, 365 days-a-year, according to the company. The new model, Ultra Crystal is equipped with 600 LEDs and controllable colour flows. | January-February 2014


Hornbill Systems



Ares, Odyssey Business Park,West End Road, Ruislip, HA4 6QD T: +44 (0)208 582 8282 W: E:

60 Lombard Street, London, EC3V 9EA T: +44 (0)207 464 8414 W: E:

Hornbill develops and markets ‘supportworks’, applications for IT service Management (ITsM) and business helpdesks. Hornbill’s ITsM & service desk software with a ‘Human Touch’, enables its customers to provide excellent service while benefiting from consolidation on a single technology platform..

iCore is the largest specialist IT service Management Consultancy in the UK. ICore has a long and impressive track record in delivering and embedding pragmatic IT service management, solutions, relying on the deep, real world experience of our mature and determined consultancy team.

17 High Street, Henley-in-Arden, Warwickshire, B95 5AA T: +44 (0)156 433 0680 W: E:

Kepner Tregoe

Netsupport Software

Moorbridge Court, Moorbridge Road, Maidenhead, SL6 8LT T: +44 (0)162 877 8776 W:

Towngate East, Market Deeping, Peterborough, PE6 8NE T: +44 (0)177 838 2270 W:

Kepner-Tregoe provides consulting and training services to organisations worldwide. We collaborate with clients to implement their strategies by embedding problemsolving, decision-making, and project execution methods through individual and team skill development and process improvement. Clients build competitive advantage by using our systematic processes to achieve rapid, targeted results and create

NetSupport provides a range of complementary Remote Support and Service Management solutions that help organisations deliver a productive and cost effective IT support service. Products include multi-platform Remote Control solution NetSupport Manager, IT Asset Management suite NetSupport DnA and web based ITIL Service Management tool NetSupport ServiceDesk.



DLF IT Park, Block 7, Ground floor, No. 1/124, Shivaji Garden, Nandambakkam Post, Mount PH Road, Ramapuram, Chennai 600 089, India T: 91-44-22707070 / 66997070 W: E: ManageEngine ServiceDesk Plus is highly customizable, smart and flexible Help Desk Software used by more than 10,000 IT managers worldwide in 23 different languages. It helps you to implement ITIL best practices on the go and restore your IT services on-time. | January-February 2014

Riverside Business Village, Swindon Road, Malmesbury,Wiltshire, SN16 9RS T: +44 (0)166 682 8600 W: E: OpenText Service Management solutions are used by 2 of the 5 largest IT Service Desks in the world. Our clients include BBC Worldwide, British Transport Police, Qualcomm, Telenor and Tesco. OpenText will support you on a journey to Extraordinary Service Management. OpenText announced the acquisition of ICCM, a leading vendor of Service Management solutions, in July 2013.

BMC software’s #1 partner for service Desk express and the Alignability Process Model, delivering rapid implementation of proven ITIL aligned processes, procedures, work instructions and tool settings, and transformation to service-led approach in only 12 weeks!

Monitor 24-7

PO Box 4530, Maidenhead, Sl60 1GG T: +44 (0)208 123 3126 W: E: Over 13 years of customer experience bundled in one solution to help centralise information, prioritise issues aimed to increase control, productivity and improve communication and service excellence. 100% focus on support and development of IncidentMonitor Service Management software, Pinkverified for 10 ITIL processes

Sunrise Software

50 Barwell Business Park, Leatherhead Road, Chessington, Surrey KT9 2NY T: +44 (0)208 391 9000 W: E: Sunrise Software provides applications which underpin business processes across its customers’ organisations. Sunrise has a highly successful track record in IT service management, customer service management and business process management with fully configured applications designed around best practice guidelines.





61 Southwark Street, London, SE1 0HL T: +44 (0)207 803 4200 W: E:

Eagle House, Lynchborough Road, Passfields, Hants GU30 7SB T: +44 (0)207 419 5174 W: E:

Sword House,Totteridge Road, High Wycombe, Buckinghamshire T: +44 (0)149 445 2450 W: will take you to the forefront of service delivery with a suite of products designed to provide you with low cost web browser based action tracking and self-help, making your services instantly available 24 by 7.

As an accredited ITIL® Examination Institute, APMG offers our training organisations a range of benefits to help them demonstrate the quality and professionalism of their services. Call us to find out how your business could benefit from our accreditation services.

TOPdesk Service Management software seamlessly integrates Facilities, HR and IT processes in a single 100% webbased tool. TOPdesk’s affordable and ITILcompliant software has won several awards for user-friendliness. Secure more time for your colleagues and customers with TOPdesk.

Cherwell Software

Lime Kiln House, Lime Kiln,Wooton Bassett, Wiltshire, SN4 7HF T: + 44 (0)179 385 8181 W: Cherwell Service Management delivers ITIL v3 best practice ‘out-of-the-box’ including: Incident, Problem, Change, CMDB, SLA, Knowledge, Self-Service and is PinkVERIFY certified. Our unique CBAT development platform empowers users to fully customise screens, workflow processes and develop additional business applications.The Cherwell solution is available via a standard license model or ‘On Demand’ SaaS service.



T: +61 3 9999 8240 W: E:

Stone Lodge, Rothwell Grange, Rothwell Road, Kettering, NN16 8XF T: +44 (0)153 671 1999 W: E:

Service Improvement Made Simple! Solisma is a leading global provider of ITIL and ISO/IEC 20000 courseware, training, consulting and assessment services, with a global partner network to help you quickly and cost-effectively improve your ITSM capability like never before. To learn more, contact us today or visit

Marval is a major practitioner, innovator, thought leader and contributor to Best Practice and standards in ITSM and is co-author of ITIL and ISO/IEC 20000. Marval is an ISO/IEC 20000 registered company supporting internal and external customers to international standards.

Axios Systems



Axios House, 60 Melville Street, Edinburgh, EH3 7HF T: +44 (0)131 220 4748 W: E:

150 Wharfedale Road,Winnersh,Triangle, Wokingham, Berkshire, RG41 5RG T: +44 (0)118 918 6500 W:

Kilnbrook House, Rose Kiln Lane, Reading, Berkshire, RG2 0BY T: +44 (0)845 634 5170 W: E:

Axios Systems delivers on-premise and SaaS Service Desk and IT Service Management (ITSM) software to customers across the globe. We combine software, consulting and training to implement ITSM strategies tailored to meet the needs of our customers.


The itSMF is the only internationally recognised and independent organisation whose sole focus is on the on-going development and promotion of IT Service Management ’best practice‘, standards and qualifications. The forum has 14,000 UK members and official itSMF chapters in 44 countries

Oxygen Service Desk is a process automation engine that simply interprets your pre-defined business processes and then mobilises the actual process, pushing work tasks to people and to systems, streamlining how the processes run across your entire department or organisation. | January-February 2014

V ITAL executive debates

Offering you the key to successful solutions

• One-day event • Monthly • Lunch & refreshments provided • Central London venue • Network with like-minded individuals • Cutting edge content

For more information, contact Swati Bali on +44 (0) 203 668 6946 or email: swati. bali@31media.

Organised by 31 Media, Publishers of VitAL Magazine


VitAL Magazine - January-February 2014  
VitAL Magazine - January-February 2014  

The January-February 2014 issue of VitAL Magazine