computerweekly.com 4-10 August 2015 1

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

computerweekly.com

XX-XX MONTH 20154-10 AUGUST 2015

FIAT

CH

RYSL

ER A

UTO

MO

BILE

S

Cyber risks hit the roadAfter hackers took remote control of a

Jeep Cherokee, the responsibility for security of internet-connected cars has become a major concern

computerweekly.com 4-10 August 2015 2

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Google pledges security training for 10,000 UK internet usersGoogle has announced a country-wide roadshow in the UK to train more than 10,000 British inter-net users in how to stay safe and secure online. The company’s security experts will host free work-shops in five cities and 30 schools where Google search insights show a higher proportion of internet users are searching for security related questions such as: “How secure is my password?”

Technology experts warn of dangers of AI arms raceMore than 12,000 technology experts, scientists and researchers have signed or endorsed an open letter warning of the dangers of autonomous weapons. “The key question for humanity today is whether to start a global AI [artificial intelligence] arms race or to prevent it from starting,” said the letter signed by 2,051 AI and robotics researchers.

EE rated as best mobile network, with O2 the worst, study revealsEE has been rated as the best per-forming UK mobile network, with O2 the worst, in a study conducted across the country. EE – formed by the merger of Orange and T-Mobile in 2010 – came top in every cat-egory assessed by mobile analytics firm RootMetrics. The company said it drove 24,000 miles in the first six months of the year to collect 1.1 million samples of net-work performance.

3D XPoint memory chips ‘1,000 times faster than NAND’Intel and Micron have created a non-volatile memory that they say is 1,000 times faster than the NAND flash technology currently used in many mobile devices. The two companies unveiled the 3D XPoint technology during a global webcast on 28 July, hailing it as the biggest breakthrough in memory since the introduction of NAND flash in 1989.

Welcome to Windows 10

Microsoft has released Windows 10. The new operating system brings back the Start menu for desktop and laptop users, adds Cortana as a digital personal assistant and ramps up security. The software represents a departure from the previous, Windows-centric view of the world often associated with Microsoft. Now the emphasis is on portability of experience, manageability and security.

❯Catch up with the latest IT news online

THE WEEK IN IT

MIC

ROSO

FT

computerweekly.com 4-10 August 2015 3

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

THE WEEK IN IT

BT refunds £129m public funding on reaching broadband targetsBT is to pay back £129m of the money it received from local authorities to roll out superfast broadband, as a result of exceeding targets for take-up of the services. The cash will be returned to coun-cils for re-investment into further roll-out of fibre-based connectivity.

WTO strikes $1.3tn deal to wipe out IT trade tariffsThe World Trade Organisation (WTO) has agreed to eliminate trade tariffs on more than 200 technology products, paving the way for price cuts across a range of IT offerings from 2016.

Parliamentary committee launches big data inquiryThe House of Commons select committee on Science and Technology has announced an inquiry into big data. The commit-tee is soliciting written submissions until Thursday 3 September 2015.

Samsung suffers as smartphone sales drop in second quarterElectronics giant Samsung has reported net profit of £2.9bn for the second quarter of 2015, £0.5bn less than the £3.41bn it reported for the same period last year. Sales in its mobile division for the quarter reached £1.4bn, which is £100m less than in 2014.

Local government cyber security awareness low, study showsA poll of local government employ-ees revealed that almost half do not know if their current IT security practices would offer suitable pro-tection against the growing threat of cyber crime.

UK consumers do not trust organisations with dataMost British consumers do not trust organisations with their data, according to a survey by Digital Catapult. The public sector is the most trusted with personal data, the study revealed. n

.❯ BT results buoyed by superfast broadband demand.

❯ MPs to investigate superfast broadband roll-out.

❯ A third of employees will sell company data if price is right.

❯ Facebook confirms mobile ad success.

❯Catch up with the latest IT news online

Lenovo targets technology leadershipEuropean PC market share

Source: Gartner

Other 30.2%

HP 21.2%

Lenovo 19.7%

Dell 9.9%Acer Group

9.9%

Asus 9.5%

computerweekly.com 4-10 August 2015 4

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Jeep hack raises questions over responsibility for securityResearchers’ hack of a car prompts the question of whether users or car manufacturers should be responsible for protecting vehicles against cyber attackers, writes Warwick Ashford

The reported hack of a Jeep Cherokee has sparked fears that more than a million cars made by Fiat Chrysler could be at risk – and raised questions about who is responsible

for the vehicles’ security.Security researchers Charlie Miller and Chris Valasek demon-

strated how they could take control of a Jeep Cherokee and crash it by remotely hacking into the vehicle’s computer systems from 10 miles away.

Miller and Valasek developed software that could enable hackers to send commands through the Jeep’s in-car enter-tainment system to its dashboard functions, steering, brakes and transmission.

Miller and Valasek used the software they developed to control the vehicle’s air vents, windscreen wipers, apply the brakes – and then disable the brakes, sending it crashing into a ditch.

The pair are perfecting their ability to take control of the vehi-cle’s steering, but can already track a compromised vehicle’s GPS co-ordinates, plot its route and measure its speed.

The hack was enabled by exploiting vulnerabilities in the Uconnect software used by Fiat Chrysler vehicles to control the entertainment system and enable features such as remote lock-ing and starting, using a smartphone app.

The researchers said the biggest vulnerability is the vehicles’ ability to connect with the internet, as anyone who knows the internet protocol (IP) address can access its computer systems. They previously demonstrated their ability to hack into and con-trol other cars, including the Toyota Prius and Ford Escape.

Security experts are urging owners of affected vehicles to install the security update released for vehicles fitted with a model RA3 or model RA4 radio/navigation system. Miller and Valasek collaborated with Fiat Chrysler to enable the manufacturer to release a patch before they made the hack public.

Independent security consultant Graham Cluley pointed out that Miller and Valasek believe that – although they have only tested it out on Jeeps – the attack could be tweaked to work on any Fiat Chrysler car with a vulnerable Uconnect head unit.

ANALYSIS

computerweekly.com 4-10 August 2015 5

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Responsibility for securityThis latest hack into a car control system has raised the ques-tion of whether security should rest with users or the providers of IP-connected goods and services.

WhiteHat Security founder and chief technology officer Jeremiah Grossman questioned whether users should be respon-sible for ensuring the security of their vehicles.

“With car hacking – and cars being little more than rolling com-puters nowadays – are we expected to install security software there, as well as PCs and servers, or are manufacturers respon-sible for protecting their cars’ occupants against a digital adver-sary?” he asked.

Cloudmark research analyst Andrew Conway said he was shocked to discover that major car manufacturers think it accept-able to have the brakes, steering and transmission of an automo-bile controlled by a network connected to the internet.

“There are lots of good reasons to connect a car to the internet – navigation, entertainment, phone calls, weather forecasts and so on – but none to have it connected to the drive systems, except to save a buck or two in the manufacturing process,” he said.

According to Conway, the controls needed to drive the car should be completely isolated from any external-facing system without any Bluetooth, Wi-Fi, 3G or 4G connections.

“Miller and Valasek took two years to completely compromise the systems of a popular car model. What if the resources of a nation state security service had been directed at the same task to cause road accidents involving targeted individuals?” he said.

ANALYSIS

Fiat Chrysler recalled 1.4 million vehicles after

security researchers disable the brakes of a

Jeep Cherokee, sending it crashing into a ditchContinued on page 7 FI

AT C

HRY

SLER

AU

TOM

OBI

LES

computerweekly.com 4-10 August 2015 6

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

ANALYSIS

❯How to ethically hack into your systems to expose security vulnerabilities

Vehicle recall highlights importance of security by design

Fiat Chrysler’s recall of 1.4 million vehicles in the US for a computer system security update highlights the cost and risk of failing to ensure security by design.

Initially, only 470,000 vehicles were thought to be affected and Fiat Chrysler appeared content to rely on vehicle owners to download security updates. But the company ordered a recall as the number of affected vehicles grew by a million.

Other affected vehicles include some Dodge Viper sports cars, the 2015 Dodge Charger and Challenger, the 2014 and 2015 Dodge Durango and the 2015 Chrysler 200 and 300.

The US National Highway Traffic Safety Administration opened an investigation to check the effectiveness of the Fiat Chrysler recall and encouraged vehicle owners to get the security update as soon as possible.

Fiat Chrysler and Land Rover both recalled vehicles to fix vulnerabilities in the same month, illustrating the direct cost and reputation damage as a result of a failure to ensure that computer systems used in cars are secure by design.

“The good news is that secure software development isn’t a novel concept,” said Tim Erlin, director of IT security and risk strategy at Tripwire. “There are known best practices that can be applied to automotive software as well. Fiat Chrysler has an opportunity to use this incident to pioneer software security for the automotive industry.”

Erlin said the recall is likely to drive changes around how software is updated for all manufacturers.

“While new update methods can be built into new vehicles, there are millions of cars already on the road to consider and, with security of vehicle software now a safety issue, manufac-turers will need to adapt,” he said.

Ken Westin, senior security analyst for Tripwire said that, although the actual possibility of the Fiat Chrysler vulnerabil-ity being used in a real attack is slim, vehicle cyber security is still a relatively new area of research.

“We will begin to see more vulnerabilities in vehicle sys-tems, which means car manufacturers will need to develop safe and secure methods of updating software in these systems, either through dealerships or possibly even remotely – but that could introduce more vulnerabilities,” he said.

With car manufacturers increasingly adding connected and high-tech components to vehicles, Westin said they will need to need to add security to their safety and reliability quality assurance processes to retain their brand integrity.

“You can develop the most advanced vehicle that has all of the latest safety features and high-tech gadgets in it, but if it can be tricked by remote exploits, you are going to have wary consumers who may choose another brand of vehicle, because they put more emphasis on security,” he said.

computerweekly.com 4-10 August 2015 7

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

ANALYSIS

Reconsidering the internet of thingsKaspersky Lab security researcher Marta Janus said everything connected to the internet is prone to attacks.

“When it comes to transportation – such as cars, trains and aeroplanes – the consequences of a successful breach can be infi-nitely more serious than a computer or mobile device hack, as people’s lives are directly at stake,” she said.

Janus said there is a need to reconsider the concept of the internet of things and which devices should be connected to each other: “For navigation and remote door opening, a centralised online system isn’t necessary – and the few convenience features that would be impossible without an internet connection are not really worth the dire risk of being hacked,” said Janus.

“Transportation – together with industrial systems and other critical infrastructure – should not make use of public internet at all. They should build separate networks, featuring unique and custom-made secure protocols to reduce the risk of fatal hacking.”

Land Rover was praised recently for recalling more than 65,000 vehicles with a software flaw that could be exploited to unlock vehicles. The recall of Range Rover vehicles sold in the past two years followed reports that car thieves were target-ing the vehicles because of the ease of opening their electronic locking systems.

News of the Jeep hack came just days after the UK govern-ment announced a £20m fund to research and develop driverless car technology in the UK. The move will be accompanied by the establishment of a non-statutory code of practice to help ensure public safety – which hopefully includes cyber security. n

Land Rover recalled 65,000 Range Rovers sold in the

past two years after it was discovered that car thieves were using a software flaw

to unlock the model

computerweekly.com 4-10 August 2015 8

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Do we need high street bank branches?As the digital revolution gathers pace, customers are making much less use of bank premises – but that doesn’t mean they are getting a less personal service, writes Karl Flinders

Acultural revolution is shaking up the banking sector and, despite bank branches hanging on for dear life, digital technologies offering personalised customer service will

make the branch network a thing of the past.Digital lifestyles mean consumers want everything in one place.

Not only do consumers want to access everything from their smartphone, they want to access it from a single platform on their smartphone. The use of data, online communities and app stores could make a digital-only bank a more personal experience than face-to-face service in a bank.

Traditional banks are eager to talk about the importance of a branch network. And why not? It is one of their major advantages over the challenger banks. But others are making swingeing cuts to their branch networks to reduce costs and encourage custom-ers to use their digital services.

The argument for continuing branch operations focuses on the need for personal face-to-face services for some products and services. Yet this type of interaction is often less personal than the interaction customers receive online with digital banks, according to one digital bank entrepreneur.

Speaking at an SAP financial services event, Matthias Kroener, CEO at Fidor Bank, said: “To all you branch bankers that say, ‘Yes, but there is nothing like personal contact,’ queuing up to speak to a salesperson in a bank branch is not a personal service.”

Building trust with bank customersFidor Bank – which currently operates in Germany and Russia – is expecting to be awarded a UK banking licence soon, and plans to launch in the US in 2016.

The bank uses social media to overcome the cost and complex-ity of traditional banking, while increasing customer trust through an online community. The company uses an open technology platform, which can be plugged into through application pro-gramming interfaces (APIs).

Digital banks such as Fidor use social media, communities, data and APIs to better understand and support their customers in an arguably more personal way than branch staff, who might only see customers once a month. Fidor Bank’s customers can access services from one place using its app store, which is accessible from a single account.

ANALYSIS

computerweekly.com 4-10 August 2015 9

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

“The Fidor account has around 25 functionalities. You can trade foreign exchange, have your precious metals, participate in peer-to-peer lending and get involved in crowd financing in the same account. It is a multi-asset account and open to outside services of partners,” said Kroener.

Technology enables new ways of bankingA Computer Weekly survey of IT industry professionals found the main reason customers go to a branch is to pay in cheques. But this might not be the case for much longer, as banks such as Barclays and Lloyds launch apps that enable customers to pay in cheques using a smartphone.

On average, survey respondents said they visited a branch once every six months. Almost all of those polled believed branches would never disappear completely – but this attitude could see banks share branches. In the same way consumers can withdraw money from any cash machine, a banking service – for example at the Post Office – could attend to the customers of any bank.

The Royal Bank of Scotland (RBS) and the Co-operative Bank are leading the vanguard of branch closures. The Co-operative Bank will close 57 branches as part of cost-cutting plans, leaving it with around 165 – about one per 8,500 customers. The bank said it was responding to changes in the way customers bank.

Moray McDonald, a senior executive at RBS, told a House of Commons committee that hundreds of millions of transactions, previously completed in branches, have moved online. “We are seeing a revolution in the way our customers want to bank,” he told the committee.

ANALYSIS

SCA

NRA

IL/I

STO

CKRecent developments in

online banking – including banking services delivered

through smartphones – have lent momentum to the surge

in branch closures

computerweekly.com 4-10 August 2015 10

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Bank branches still have a futureSome banks see their branch networks as an advantage in fight-ing off competition from the new players. In February 2015, Santander chairman Ana Botín said bank branches still have value, even if far fewer people visit them.

“Even young people like to go to a branch at least twice a year. That means you need quite a significant retail presence,” she said.

“At important times in your life, you want to see a person. You are not going to get married through technology. You are not going to buy a house through technology. I think that is where we are going to compete very effectively – if we can find a model that combines the personal side with the technology.”

TSB Bank published research in February 2015 that found the bank’s branch was its most-used channel, with 36% of customers only using branches of the bank, 22% only banking online and 2% only using telephone banking. Some 24% used a combination of branches and online, while 7% used all three channels.

The study also found 88% of personal banking accounts were agreed, 85% of mortgages were applied for and 71% of personal loans were taken out in branches.

Some challenger banks also see the branch as vital. For example, Lintel Bank – which is currently applying for a UK banking licence – plans to have branches and telephone services.

“We are as much digital as the other challenger banks, but also provide a branch and telephone service to provide a quick and easy method of resolution of customer concerns,” said the bank’s creator, Nazzim Ishaque. Lintel Bank is expected to open its head-quarters in London, with branches in the city. n

ANALYSIS

❯

❯Digital cheque processing could prove a fatal blow to hundreds of bank branches

PRZ

EMEK

JAH

R/W

IKIM

EDIA

Some banks use branches to fight off competition from digital challengers: “Even

young people like to go to a branch twice a year,“ says

Santander’s Ana Botín

computerweekly.com 4-10 August 2015 11

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

City & Guilds adopts Microsoft cloud to build a coherent global workforceThe training charity uses collaboration tools to connect its employees worldwide, writes Caroline Donnelly

Fostering a sense of community among employees spread across 80 countries, while providing them with a fast and efficient way to share documents, was the challenge facing

vocational training charity City & Guilds in 2011. The organisa-tion wanted to make it easier for staff to work from home, which raised the prospect of a radical overhaul for its IT infrastructure, processes and systems, said Ian Turfrey, City & Guilds IT director.

From a local perspective, the size of its operations in each of the organisation’s territories posed its own challenges. For example, there are 12 regional City & Guilds offices in the UK alone.

“The challenge for us was, we’re all part of a team and passion-ate about helping our learners – but how can we get a sense of togetherness when we’re so geographically dispersed? And how do we make it really easy for people to access all their information and systems, wherever they are in the world?” he said.

“It’s no longer the case that everyone needs to come into the office, so how can we enable our systems so people can work from home? I can’t be in control of every piece of IT infrastructure globally, so we needed to enable local flexibility.”

Unifying global communicationsTo counter some of these challenges, several years ago the organ-isation moved to help its staff adopt a more flexible approach to working, by deploying Citrix’s remote desktop offering – but the technology had its limitations.

“We used this so people could start accessing their desktop and documents from wherever they were but, if they were trying to access their desktop via Chicago, for instance, the connection was still going via central London. It wasn’t a great experience, but for the UK it worked very well,” Turfrey said.

The Citrix deployment introduced video conferencing technol-ogy to City & Guilds, as a means of opening up lines of commu-nication between workers in different locations. The organisation has since been built on this with Microsoft Lync – or Skype for Business, as it is now known.

City & Guilds’ move to Citrix coincided with the deployment of Microsoft Exchange 2010, which allowed the organisation to start moving more of its IT estate to the cloud two years ago, with the help of Office 365 and third-party IT contractors.

CASE STUDY

computerweekly.com 4-10 August 2015 12

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

“Because we were already on the latest technology stack, we didn’t have that legacy upgrade burden, as we’d already done that when we did the Citrix implementation,” Turfrey said.

“We started small, with SharePoint Online and email, and it’ll take around another 18 months to move everyone off a shared network drive and onto SharePoint completely.

“Because we’d already been working a lot in Microsoft technol-ogies, it felt like a natural progression for us to go with them – and we also get good discounts from them as a charity.”

The organisation uses SharePoint Online to share files between teams in different locations around the world. Turfrey claims its introduction has markedly cut the turnaround time on some doc-uments, while reducing the number of off-site meetings its pro-ject teams have to attend.

“We use Indian outsourcers to build some of our qualifications and assessments, and they share that work with our UK team to make sure it is of the right quality and standard,” he said.

“By collaborating online, the turnaround on these assessments has gone from weeks to days.”

The decision to migrate the company’s email system off-prem-ise has freed Turfrey’s IT team from spending large amounts of time patching servers, which means they can concentrate on launching services instead.

“We still had outages with Exchange when it was on-premise but, whereas that may have taken us four hours to fix, if we have a problem with Microsoft, it’s usually fixed in 20 minutes now. The security around email is also a hell of a lot better than the security that we could provide here,” he said.

CASE STUDY

CIT

Y &

GU

ILD

S

Acquiring skills with City & Guilds: The vocational

training charity wanted to ease collaboration between

centres spread across 80 countries

computerweekly.com 4-10 August 2015 13

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Overcoming the business technology challengeGetting the board to buy in and appreciate the wider benefits of cloud computing wasn’t easy, Turfrey admits, because it was difficult to come up with prospective financial figures around the benefits the shift in strategy could bring ahead of time.

“Our CEO is quite visionary and could see the benefit of what we were doing, but I also pushed some things through on my own profit and loss,” he explains.

“So, as we started moving and reducing legacy apps, I was able to use that money to re-invest in the new world of cloud. So it wasn’t just a case of saying, ‘Hey, we need a million pounds to do this,’ because I was actually managing to do that within the profit and loss.”

On top of this, Turfrey had to win over some sceptics in the IT department who weren’t convinced that cloud was the right way for the organisation to go.

“At first, all our infrastructure technologists were pushing back against it, and we had to do a bit of myth-busting with them. As we started to transfer and move more services, there was a degree of resistance – as some thought their jobs might be under threat,” he said.

To get across the benefits of using cloud, he also embarked on a series of smaller projects along the way using Microsoft Azure. As an example, this has seen the company draw on the sharing capabilities of the public cloud platform to share sound files.

To solidify the cloud plans, the next item on Turfrey’s agenda is securing a faster, more secure and private connection to the Microsoft cloud, through Azure ExpressRoute.

This would allow City & Guilds to access Office 365, for exam-ple, without having to rely on a public internet connection.

The organisation is currently in discussions with several would-be providers – including Claranet, Azurri and Attenda – to see who can get it connected fastest.

“It really will become my third datacentre and provide a gate-way for me to move more services to the cloud,” he said.

Leading the changeFor other organisations considering a similar move to the cloud, Turfrey said investing in a third-party team of supplier-agnostic professional services experts is a good idea, as they should be able to advise them on how to go about it.

“Sometimes you have to spend to save money, so if you don’t have the internal capacity, I’d suggest contacting an agnostic pro-vider who can look across the whole market of providers,” he said.

“Explain to them some of the challenges and they should be able to come back and explain what the right approach will be for your business.”

He said charities may feel pressure to go for the cheapest avail-able option, but that’s not always a strategy that works.

“That technology may not integrate well, and – in terms of what you want to achieve from an end-user perspective – it often makes sense to standardise your operations on one technology stack. That’s why we chose Microsoft,” he said.

“The key thing is to get some advice and not to be scared – lots of other companies have done it and lots of other IT directors are embarking on their journey to the cloud now.” n

CASE STUDY

❯General Electric is moving 300,000 of its employees onto Microsoft Office 365

computerweekly.com 4-10 August 2015 14

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Police service moves to digital for collaboration and information sharingThe CIO of Cambridgeshire Police Service talks to Clare McDonald about the constabulary’s use of mobile devices and a custom-built app to increase efficiency and collaboration across the force

The majority of a police officer’s time is spent in the field dealing with crimes, and as much as films like to joke about it, this does incur a tremendous amount of paperwork.

To reduce the amount of time officers are required to be in the station and cut down on the number of paper forms that need filing, Cambridgeshire Constabulary embarked on an 18-month digitisation project.

Cambridgeshire Constabulary CIO Ian Bell, alongside head of service delivery Jonathan Black and business lead Andy Gipp, spoke to Computer Weekly about how it is using Microsoft Windows Phones, Lenovo Thinkpads and a custom-built app to increase efficiency and collaboration across the force.

The constabulary created Programme Metis to act as a trans-formational scheme to help the force do things differently, enabling collaboration across Cambridgeshire, Hertfordshire and Bedfordshire.

“This has been a learning curve for everyone,” says Bell. “Metis was born out of re-envisioning the whole of our organisation.”

INTERVIEW

QUOTE QUOTE QUOTE

/ISTOCK

Bell: “The transformation programme was born out of re-envisioning the whole of

our organisation”

GA

RYO

KA

NE/

ISTO

CK

computerweekly.com 4-10 August 2015 15

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Chief constable Simon Parr went to Bell with ideas of how to adapt the business to help officers engage with each other and the public more effectively.

It became clear users wanted the same technology at work as they had at home. The team at the police force used Microsoft to deploy a consistent experience, regardless of whether an officer was using a phone or tablet out and about, or a laptop in the office.

“We need to become an IT-enabled organisation, but if we don’t provide what’s appropriate it’s never going to change,” says Bell.

Throughout the enterprise, Windows 8.1 is used on Lenovo ThinkPad Yoga laptops and on around 7,500 Nokia Lumia smart-phones, through a corporate-owned and personally enabled (Cope) strategy to make the most of the money already invested in Microsoft licences across the organisation.

Bell says sticking with Microsoft was great from a familiarity per-spective. “We understand people have consumer products, such

as those by Apple, at home, but most people have a Windows desktop at some point as well,” he says.

Enabling remote workingMany organisations, especially in the public sector, are strug-gling with costs due to austerity. As discussed at the Government Digital Service (GDS) Sprint 2015 event, technology should be an enabler as well as a cost cutter.

The increased flexibility provided by the Cope scheme has allowed for efficiency savings, with hundreds and thousands of pounds previously spent on buildings reduced as a result of hot desking and flexible working.

Although there has been some resistance, as there is with any major IT overhaul, staff on the whole feel more valued, as they are given the flexibility and opportunity to work from wherever they want – be it at home, in a station more local to them or on the beat.

“What we get is greater visibility of frontline cops. Every one of them out there has a Lenovo T10 in their hands, which gives them the capability to work on the street like they would work in the office. The feedback we’re getting from the public is posi-tive,” says Bell.

This means there is no requirement for an officer to come back to the station during their shift because they can perform admin tasks on the go, allowing them to spend more time in the community.

The police force has also already begun to change its traditional “command and control” model by pushing relevant data from 999

INTERVIEW

“We need to become an It-enabled organIsatIon,

but If We don’t provIde What’s approprIate It’s never goIng to change”

Ian Bell, CamBrIdgeshIre PolICe servICe

computerweekly.com 4-10 August 2015 16

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

and 101 calls to officers based in the vicinity on location services. The data also helps them prioritise tasks based on importance.

“We’re starting to get to the point where we can pinpoint effi-ciency on a time basis,” says Bell.

The tuServ applicationPart of enabling police officers to work from anywhere meant developing an application with the functionality needed for officers’ day-to-day tasks.

A majority of the applications used by the force were 10 or more years old, and were not designed to work on a mobile platform.

Described by Black, head of service delivery, as a “one-stop shop” for officers, the tuServ application was built to allow users to complete their common tasks while they are out of the office.

As a lot of the processes performed by officers on the street are form-based, the application provides digital versions of these forms. It also replaces officers’ paper notepads, and records infor-mation from crime scenes using text, audio and video.

This makes it easier for those not at the crime scene to under-stand what was investigated. It also gives greater ability for shar-ing and data capture.

“Text is very one-dimensional – you can read a statement and form a conclusion as you’re reading it, much like reading a book. But if you sit and watch someone give their version of an account like you would do in a court room, you’re going to get facial expres-sions and emotions – that’s three-dimensional,” says Gipp.

TuServ can also be used offline, syncing the next time the device is in a networked area.

Once the requirements had been decided on, the constabulary outsourced development of the app to Black Marble. The soft-ware developer used an agile development approach.

The first iteration of the application was launched in January 2015, with regular updates to be applied throughout the year.

The force has more than 300 types of software, and although the application does not replicate all of them, it does allow offic-ers to perform key functions.

The main advantage of the application is that all recorded doc-umentation is searchable, allowing quicker access across the organisation to data captured over various cases.

INTERVIEW

A real-world example

Officers are often required to work with other public sector bodies as part of a case. One example is when officers are required to interview individuals held in custody. Officers were previously required to conduct these interviews on-site in prisons, and then return to the police station to write up the file to send to the Crown Prosecution Service (CPS).

Due to increased mobility and mobile security, the submis-sion to CPS can now be prepared on the go rather than in the office, reducing the amount of time and travel needed to perform that particular task, which would previously have taken all day.

computerweekly.com 4-10 August 2015 17

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

INTERVIEW

❯Cumbria Constabulary issues Samsung Galaxy Note smartphones to officers

Victims also feel more secure and confident in data being shared through the application as it is encrypted, whereas before officers may have shared data through email.

“Replacing notebooks alone creates half an hour difference [in efficiency] for an officer, but when you tie in mobility, it increases to an hour and a half of efficiency per cop per day,” says Bell.

“This is true digitisation from end to end. It’s not just about tak-ing an old, normal paper-based form and making it into an elec-tronic form that’s used in the same way,” he adds.

Moving forward across the boardIn the future, Cambridgeshire Constabulary hopes text will no longer be the main option for data sharing. The force highlights there is a need for open data standards and sharing between other organisations, such as the Crown Prosecution Service, courts, solicitors and the Probation Service.

Currently, all of these services have their own processes. This results in duplicated data, which further complicates handing over cases.

“The efficiency programmes are in place across those partner agencies, it is just a matter of time,” says Bell.

More emphasis has also been put on self-service, allowing vic-tims and members of the public to better interact with the force and allow them to contact the police in the correct way for a particular problem.

Members of the public can visit the constabulary website, where they are given information about who to phone or which department or service they need to contact.

“Channel shift is massive for us, and it’s about how we open up our organisation to the public,” says Bell. “From an engagement perspective, the public become more information-aware really quickly because we have that information online.”

This will be developed further in the future through webchat and other means to divert interactions to the correct channels.

The force also pinpoints the GDS government-as-a-platform model as a step forward in the development of information-sharing platforms across public-sector departments.

Bell says the common applications being developed across government will facilitate the sharing of information where it can really make a difference, such as in social services, child welfare, vulnerable adults or immigration.

“The outcome we’re looking for is better intelligence and how we make the best use of information. Without the information, we’re nothing as an organisation,” he adds.” n

“the outcome We’re lookIng for Is better IntellIgence and hoW We make the best use of InformatIon. WIthout the InformatIon, We’re

nothIng as an organIsatIon”Ian Bell, CamBrIdgeshIre PolICe servICe

computerweekly.com 4-10 August 2015 18

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Computer Weekly, 2nd Floor, 3-4a Little Portland Street, London W1W 7JB

General enquiries 020 7186 1400

Editor in chief: Bryan Glick 020 7186 1424 | bglick@techtarget.com

Managing editor (technology): Cliff Saran 020 7186 1421 | csaran@techtarget.com

Head of premium content: Bill Goodwin 020 7186 1418 | wgoodwin@techtarget.com

Services editor: Karl Flinders 020 7186 1423 | kflinders@techtarget.com

Security editor: Warwick Ashford 020 7186 1419 | washford@techtarget.com

Networking editor: Alex Scroxton 020 7186 1413 | ascroxton@techtarget.com

Special projects editor: Kayleigh Bateman 020 7186 1415 | kbateman@techtarget.com

Datacentre editor: Caroline Donnelly 020 7186 1411 | cdonnelly@techtarget.com

Storage editor: Antony Adshead 07779 038528 | aadshead@techtarget.com

Business applications editor: Brian McKenna 020 7186 1414 | bmckenna@techtarget.com

Business editor: Clare McDonald 020 7186 1426 | cmcdonald@techtarget.com

Production editor: Claire Cormack 020 7186 1417 | ccormack@techtarget.com

Senior sub-editor: Jason Foster 020 7186 1420 | jfoster@techtarget.com

Sub-editor: Ben Whisson 020 7186 1478 | bwhisson@techtarget.com

Sub-editor: Jaime Lee Daniels 020 7186 1417 | jdaniels@techtarget.com

Sales director: Brent Boswell 07584 311889 | bboswell@techtarget.com

Group events manager: Tom Walker 0207 186 1430 | twalker@techtarget.com

Microsoft must build again in enterprise IT

With Windows 10, Microsoft has built a fine sail, but has the ship already left harbour?If anything encapsulates the change in the technology world in the last 20 years, it’s the relative reactions to the latest

versions of Windows. Two decades ago, Windows 95 was unveiled to an enormous hoopla, with The Times newspaper sponsored by Microsoft and the Rolling Stones brought in to sing Start Me Up as the theme tune.

When Windows 10 came out last week, the response was a general “Meh. So what?” And this was despite the operating system receiving far better reviews than its recent predecessors, especially the awkward, clumsy, uncomfortable hybrid of desktop and mobile that was the unlamented Windows 8.

On the positive side, Windows 10 shows us a Microsoft willing to learn and admit its mistakes for the first time in a while. Gone is the bluster and arrogance of the Steve Ballmer era, replaced with a thoughtfulness and humility under new CEO Satya Nadella.

But none of this takes away the fact that in the space of 10 years, Microsoft has seen Windows go from running 95% of all the world’s computers, to just 14% now.

The chances of Windows disrupting the dominance of Apple and Android in the consumer mobile market are slim to non-existent. Microsoft has lost the developer community targeting that sector. So have we reached a point where Windows is now all about pro-tecting Microsoft’s corporate base?

The integration of software across mobile, tablet and desktop is clearly designed to appeal to IT managers looking to offer users a greater choice of devices. And appeal to them it will – many big Microsoft shops will push users down the all-Windows route.

During working hours, PCs remain the primary device – this is reflected in web analytics for sites such as Gov.uk and FT.com, as well as ComputerWeekly.com. But that dominance is declining.

Nadella is clearly preparing for a time 10 years away when Windows is no longer the company’s most significant product – perhaps even no longer a significant source of revenue. A multi-platform Office 365 and Azure cloud services are the future.

Corporate IT was the making of Microsoft and the base from which Windows went on to dominate the world. Now the company has come full circle, and has to build again from its heartland in the enterprise. n

Bryan Glick, editor in chief

❯Read the latest Computer Weekly blogs

EDITOR’S COMMENTHOME

computerweekly.com 4-10 August 2015 19

Recent research shows that 75% of organisations are using software-as-a-service (SaaS) applications. The use of SaaS is growing and looks set to surpass the use of on-premise licences. This raises two compliance

challenges for IT managers:n Ensuring the use of services remains within the terms agreed

with the SaaS provider;n Making sure the data associated with SaaS use is transmitted,

used and stored in accordance to regulations.With data security, some responsibility is outsourced with SaaS. Businesses need to know what SaaS applications are in use, what data they are using and how that data is handled. Of course, due diligence should ensure SaaS provider service lev-els are sufficient to meet regulatory requirements – but this can only be achieved with insight into how employees use SaaS.

For many firms, the problems SaaS brings are worth overcoming to enjoy its benefits: It dispenses with the need to own and man-age server infrastructure; the platform security and software updates are managed by providers; the immediate access to more (or less) capacity; the ease of sharing applications with outside users (remote employees, contractors, partners, suppliers and so on); and – depending on how you calculate the sums – the lower cost of ownership.

Tackling compliance issues in software as a service

While software as a service (SaaS) brings manifold benefits for users and organisations, there remain a number of compliance issues –

none of which have a common, single fix, says Bob Tarzey

BUYER’S GUIDE TO SAAS MANAGEMENT | PART 2 OF 3

KEN

TOH

/IST

OC

K

HOME

computerweekly.com 4-10 August 2015 20

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

The old days of on-premise software Before SaaS, making sure that agreed usage of software was not exceeded meant counting the number of actual or concurrent users accessing server-based applications or keeping count of the deployment of applications on user devices. Software was paid for through buying licences which stipulated usage terms.

One of the main areas of licence abuse was the intentional or accidental copying of software to more servers or user end points than were covered by the licence. This happened when new devices were procured and/or users joined or left an organisation.

The answer was software asset management (SAM), enabled by products such as BMC’s Numara, Flexera, License Dashboard and Verafirm from the Business Software Alliance (BSA). Some are starting to adapt – for example the BSA says it is extending Verafirm support for the IS0 19770 SAM standard to cover software as a service.

Another approach is to work with specialist partners in licence man-agement such as Trustmarque, which has adapted its asset management strategy to work with SaaS products such as Microsoft Office 365, helping customers plan the licence and finan-cial transition from the on-premise to the SaaS model.

The problem of measuring SaaS usageSaaS applications are generally paid for by sub-scription. Anyone with valid access credentials can gain access anywhere.

Unauthorised use does not require an instal-lation, often just shared, misplaced or stolen usernames and passwords. Use does not auto-matically stop when a user’s association with a

given organisation ends, as those access credentials can easily leave with them.

The problem is exacerbated by another big change in IT usage – the trend for users to use their own devices and multiple devices. This means the number of devices being used to access a given SaaS application may not even closely match the num-ber of users any more (for example, Microsoft Office 365 allows for up to fivedevices per single user account).

It is in the interests of SaaS providers to help control usage and maximise the collection of subscriptions. Salesforce has a package for monitoring sub-scription use, providing a dashboard that will alert administrators based on various thresholds. Google provides controls for access to its applications at both account and document level, for example requiring strong authenti-cation and enforcing bring-your-own-device (BYOD) policies.

BUYER’S GUIDE

❯The majority of organisations are running applications in the cloud, but IT managers

are concerned they are losing control of the SaaS budget.

one of the maIn areas of lIcence abuse Was the

IntentIonal or accIdental copyIng of softWare to more

servers or user endpoInts than Were covered by the lIcence

computerweekly.com 4-10 August 2015 21

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

However, there are two problems with these approaches. The first is that they only enable IT managers to manage what they know about; the problem is that many IT manag-ers now recognise and accept that their users will subscribe to their own software services (“shadow IT”) and that they must accommodate this. Secondly, the grow-ing use of SaaS – through formal and shadow adoption – means a supplier-by-supplier approach is impractical as there may be many tens or, at the extreme, hundreds of different subscriptions to manage per-user.

Understanding shadow ITAlex Hilton, CEO of the Federation against Software Theft (Fast) summarises the problem: “SaaS has brought previously unseen flexibility to businesses’ IT estates, but we are now seeing the emergence of so-called shadow IT. This development in working practices can present huge challenges for organisations wishing to demonstrate that they are on the right side of the law when it comes to software licence compliance.”

Some basics can be achieved by checking firewall logs to see frequently used SaaS applications, especially if next-generation firewalls are in place that operate at the application rather than network level. Generic communications with lines of business managers also have a role to play, but these ad hoc approaches do not get to the core of the problem.

As well as ensuring compliance in how licences are used and how data is handled, there is a need to check subscriptions are cost-efficient across the whole organi-sation. Merging the needs of two departments into a single sub-scription agreement may lead to

better volume discounts. The challenge is to know what products are in use, the extent of their use and to check how this fits with an organisation’s policies – especially with regard to data security.

This need has led to the rise of cloud access security brokers (CASBs), which include Skyhigh Networks, CipherCloud, Elastica and Netskope. The capabilities of CASB products vary: In gen-eral terms they enable reporting about the SaaS applications that are in use and the enforcement of policy regarding their use. For example, some applications may be blocked outright, because they threaten the security of data; and usage rules may be applied to others such as enforced encryption. In some cases, a more granular approach is offered; for example, Skyhigh supports dif-ferent encryption schemas for different data types, depending on compliance requirements. Elastica provides what it calls “busi-ness readiness rating” for SaaS applications.

The insight provided by CASBs also allows for subscription con-solidation. However, there is a remaining overarching problem – how do you quickly and securely bar access to multiple author-ised SaaS subscriptions when an employee leaves an organisa-tion? That is the role of single sign-on.

BUYER’S GUIDE

hoW do you quIckly and securely bar access to multIple authorIsed

saas subscrIptIons When an employee leaves an organIsatIon?

computerweekly.com 4-10 August 2015 22

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Single-sign-on There is nothing new about single sign-on (SSO) and a number of suppliers have emerged in the last decade. Recent research shows that around three-quarters of European enterprises now use some form of SSO. One aim is to help customers improve compliance by providing a single point of access for users to multiple cloud-based and on-premise resources.

SSO makes it possible to rapidly provide or take away a wide range of services in one easy step. Users are no longer given direct access to SaaS applications man-aged by an SSO. Applications that are subscribed to by users them-selves (perhaps discovered using a CASB) can be brought within the remit of SSO. Such systems repli-cate the capability of some CASB products in enforcing policy about how SaaS applications are accessed and used. Audit reports can be generated, giving snapshots of who has access to what at a given time; and a de-provisioning report created showing all the access rights that have been taken away from a former user.

Many SSO products are themselves cloud-based. Some are purpose-built for the cloud, such as Intermedia’s AppID, Okta and OneLogin; or adapted for it, such as CA Single Sign-On SaaS, Symantec Access Manager, Dell Cloud Access Manager and Centrify. Others, such as Ping Identity, integrate products for both on-premise and cloud-based use (Ping Federate and PingOne).

CASB and SSO products may overlap in their policy and secu-rity functionality but, in reality, are sufficiently complimentary to stimulate opportunities for partnering. Skyhigh integrates with Ping Identity, Okta and some other SSO systems. OneLogin says it is working with Skyhigh and Netskope. Elastica has teamed up with Centrify, Okta, CA and OneLogin among others.

Some of the SSO products take things to a whole different level. For example, Intermedia’s AppID can shape the way SaaS

applications are used, providing fine-grained access controls to indi-vidual features and functions (but-tons, menu options, links, tabs) in web pages, and redacting data and removing high-risk features (share, download, upload, save, export, file attach and so on) that would other-wise cause an application to fail a risk assessment. It can also attach

screen shots to audit trails and make applications read-only, for example to limit the use of social media sites.

IT leaders must realise there is no single answer to the chal-lenge of SaaS compliance. But there are a number of approaches that solve different aspects of the problem. Using these in con-junction with each other enables businesses to get the problem under control and enjoy the benefits of SaaS with more peace of mind when it comes to compliance. n

Bob Tarzey is service director at analyst organisation Quocirca.

BUYER’S GUIDE

there Is no sIngle ansWer to saas complIance. but there are

a number of approaches that address dIfferent aspects

computerweekly.com 4-10 August 2015 23

We’ve all been there. You get back to work after a relaxing holiday – only to find your inbox inun-dated with hundreds, if not thousands, of emails. The first day back is spent browsing every email

to see if any are relevant, responding to those that are and delet-ing the rest – regardless of the projects left outstanding during your absence.

Likewise, with a deadline looming, you’re saturated with emails distracting you from the project at hand.

These are all symptoms of a much greater problem that needs addressing.

Society is becoming increasingly digitally connected – not just with computers and laptops, but phones and watches too. We are electronically overloaded because we are not managing email properly and businesses are not providing employees with adequate guidelines.

Psychologist and professor of organisational psychology and health at Lancaster University Management School, Cary Cooper, gave a keynote speech at the recent annual conference of the British Psychological Society entitled Wellbeing in the workplace, in which he revealed how an “email epidemic” was damaging UK productivity.

“Emails and social media are very useful and important for busi-ness,” he explains. “I think the difficulty is we are not managing it, it is managing us.”

Despite the economy slowly recovering, the UK’s productivity is one of the lowest in the G7 countries. Cooper suggests this is due in part to email overload – people are writing emails and believing

Email overload is killing the UK’s economic productivity

Mounting evidence suggests email is a blight on the UK’s economic productivity – but services outsourcing firm Atos has found a way to stem the tide. Peter Ray Allison reports

COLLABORATION

LIG

HTC

OM

E/IS

TOC

K

HOME

computerweekly.com 4-10 August 2015 24

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

it to be work. “We are getting into this thinking that emails are an end unto themselves,” says Cooper. “They are not; they are a means to an end.” The time spent reviewing and composing emails is time taken away from creating products.

We are also increasing digitally accessible, and hence rarely switched-off in taking a break from work. “The leading cause of sickness in most developed countries is now stress and mental ill-health,” says Cooper. This lack of disconnect from our work after we have finished for the day is contributing to the rising cost affecting UK productivity. “It is costing the UK economy £27bn a year, which is very costly for business – we need to look at the sources of this,” he adds.

Minimise staff email overloadCooper recommends businesses introduce the following guide-lines to minimise email overload for their employees:n Do not send emails to people in the same building as you

Emails are reducing face-to-face contact, which is important for team-building. Misunderstandings frequently arise with emails.

n Do not CC anybody unless they are absolutely vitalThis creates all sorts of problems, as everybody is getting everybody else’s email.

n Add a priority to an emailThis is easy to implement – Outlook, for example, allows emails to be tagged “low importance” or “high importance” – yet few choose to use this functionality.

n Do not check work emails at night, on holiday or at the weekendUnless it is absolutely critical, employees should not check emails outside office hours.

n Use a notification system that informs employees when they are checking emails outside office hoursThis is not to prevent emails, but to raise awareness of how often emails are being checked. This can enable discussion of whether it is really necessary.

Banning emails is not the answer, as email is the most appropri-ate method for communicating certain types of information. But a cultural change is needed for information to be distributed in the most efficient manner – and that will not always be email.

Cooper’s observations are not new. Last year French employers’ federations signed an agreement with unions that requires employers to ensure staff “disconnect” outside of working

COLLABORATION

YUOAK/ISTOCK

computerweekly.com 4-10 August 2015 25

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

hours. While the European Union Working Time Directive sets a limit of 48 hours per week, it comes with some exceptions and was devised before the proliferation of smartphones.

Alternatives to emailSome companies in the UK are already taking steps to address this problem. Asda, for example, has for many years hosted standard documentation on an extranet. This is a gated online network, which allows employees and external contractors to access, search and download documents whenever they want, reducing emails and waiting time.

Collaborative software tools that provide document management systems, such as Oracle WebCenter, allow users not only to host, but also to track, manage and store documents collaboratively. Used properly, these tools can form part of an effective workflow programme to reduce email traffic.

One of the reasons email has become the default choice for communicating is that the sender does not wish to disturb their colleagues if they are in a meeting. Organisations can use chat clients such as Microsoft Lync as an alternative messaging system. By highlighting whether someone is available or not, telephone and face-to-face conversations are encouraged.

However, the informal nature of instant messaging means some users adopt a more casual approach in their use, without realising it may be inappropriate. This can be mitigated by

transcripts of chat conversations being archived as part the user’s email account.

The easy dissemination of information is only a small step towards addressing the email epidemic. The answer, ultimately, requires a cultural shift – users

need not just access to these systems, but a desire to use them as well.

Atos goes for zero emailAtos, an IT services company, launched a zero-email programme in 2011. “It is a cultural change, where we change people’s approach in how they communicate,” explains Marc Mosthav, CIO for Atos UK & Ireland. “Sending internal emails is seen as not the ‘done’ thing.”

Following the acquisition of enterprise social software provider BlueKiwi, Atos began using its enterprise social networking platform internally as an alternative to email. While sharing some similarities with Wikipedia – users can post and edit pages – the platform allows employees to pose questions to a large community.

Enterprise social networking focuses on the use of online social networks and social relations among employees to disseminate information and share knowledge.

Atos’s announcement was initially met with scepticism, both internally and externally, as it amounted to much more than a

COLLABORATION

“It Is a cultural change, Where We change people’s approach In

hoW they communIcate”marC mosthav, atos

computerweekly.com 4-10 August 2015 26

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

technology roll-out, but a cultural shift. “Unless we tackle the culture, we are not going to succeed. We needed to ensure it was led from the top,” says Mosthav.

The key element to BlueKiwi’s enterprise social networking is the creation of “spaces”. These spaces are much like online communities, in that they comprise a series of users linked by a common purpose. These spaces can be dedicated to sharing information pertaining to functions, service lines, projects or customers.

The success of these spaces depends on the strength of purpose for the space and how relevant it remains. Those that are vibrant and continue to be successful have a purpose. “What we found, particularly in the beginning of the programme, is that people were creating communities without thinking about why people would want to actively participate in it,” cautions Mosthav.

Email drops as productivity risesIt is important to recognise that people need to witness the benefits and want to use enterprise social networking systems.

“Enterprise social networking is a pull, rather than a push, communication,” explains Mosthav. “Unless you give people a reason to pull, they are not going to. We have found that communities which do think about the purpose at the beginning, as well as the role of the purpose, seem to progress.”

Alongside this adoption of enterprise social networking, Atos developed an internal training programme focused on using different technologies to support cultural change. More than 5,000 Atos managers have completed the programme, which they then disseminate to their employees.

The success of this can be witnessed in the 90% of Atos’s 85,000 employees actively using the social enterprise platforms to communicate with each other. This has led to a significant drop in internal mails – and increased productivity.

Employees’ process cycles have been faster since email was taken out of their business procedures. Likewise, since the progress reports for the bi-weekly change advisory board of the chief information officers are began to be published on BlueKiwi, the number of participants has dropped by 30% and it takes 25% less time.

This saving in human resources and time adds to Atos’s overall productivity.

Despite these systems addressing the email epidemic, it is ultimately a technological symptom of a much greater cultural problem. Our increasing digital connectivity has led us to the point where we struggle to disconnect from work while at home.

The methods outlined by Cooper and Mosthav address the symptom of email saturation – but they also highlight a greater need to address the cause of this cultural issue. n

COLLABORATION

“enterprIse socIal netWorkIng Is a pull, rather than a push,

communIcatIon. you have to gIve people a reason to pull”

marC mosthav, atos

computerweekly.com 4-10 August 2015 27

Home

News

Fiat Chrysler hack raises questions over responsibility for vehicle security

Is there still a need for high street bank branches?

City & Guilds adopts Microsoft cloud to build a coherent global workforce

Police service moves to digital for collaboration and information sharing

Editor’s comment

Buyer’s guide to SaaS management

Email overload is killing the UK’s economic productivity

Downtime

Uber users haunted by ‘ghost cars’In Downtime’s experience, Uber users tend to be a smug bunch who love boring on about how much cheaper their cab journeys home have become since downloading the taxi-booking app.

No longer do they have to deal with the indignity of having to run for the last train home or using the night bus like some kind of loser, because there’s always a cab somewhere waiting for them. Or so they think.

Research funded by Microsoft Fuse Labs claims when users log into the app, it’s not uncommon for them to be told there are sev-eral or more Uber drivers in the vicinity – even if there aren’t.

The so-called “ghost cars” are used as a “visual effect” to assure users there are drivers out there looking for fares, explained Uber, rather than relied on to provide “accurate location” details.

“It would be better for you to think of this as a screensaver on a computer,” it added. Bet the night bus isn’t sounding like such a bad idea to Uber users any more. n

DOWNTIME

❯Read more on the Downtime blog

UBE

RU

BER