The 30 airlines will roll out OpenJaw’s t-Retailing technology to enable increased revenues and deeper customer relationships.

The airlines will be able to deliver seamless shopping of flights, hotel, car rental and destination activities on the airline’s own website.

OpenJaw’s CEO Kieron Branagan said the technology platform will enable the airlines to meet customers’ end-to-end travel needs without losing them to third-party websites.

He said the airlines will ultimately benefit from greater ownership of their customers’ travel experiences and booking data, leading to further insights and opportunities to better serve their customers.

Travel commerce and the art of the upsell

“It is widely acknowledged that the potential in online travel retailing in China is significant,” Branagan explained.

“The t-Retail Platform gives TravelSky customers a significant advantage to maximise the commercial opportunity presented by this predicted growth. It enables them to deliver the best user experiences to their customers, while accessing some of the most potent retailing techniques for conversion. Importantly, it also enables them the agility to operate successful online travel services in the fast-paced internet environment.

“We look forward to helping grow this opportunity alongside our TravelSky Technology partners,” said Branagan.

OpenJaw’s technology will enable the airlines to implement the latest online flight selling techniques, including upselling of tickets from economy to premium, dynamic packaging of flight packages and encouraging passengers to switch from a single product like a flight to include hotel stays and tours.

Currently US$11bn worth of travel is booked online in China but by 2016 the value of online travel sales in China is predicted to reach US$48bn per annum.

At the Open Innovation 2.0 conference at Dublin Castle this morning van Manen conveyed the essence of open innovation by encapsulating the sheer amount of technology involved in Formula 1 and how it is resulting in massive transformations in other sectors like transport and healthcare.

“Formula 1 is quite complicated and we start off with a car that in itself is quite complex – the chassis is made up of 11,000 components, there are 6,000 components in the engine and there are more than 8,000 electronics components. In every car there are 25,000 things that have to come together in order to be successful.”

Van Manen has been with McClaren for more than 20 years and he has been involved in every control unit they have ever deployed. A mechanical engineer he has also been involved in NASCAR racing and IndyCar.

Open Innovation 2.0 - Interview with Peter Van Manen of McLaren 

He said that Formula 1 is an increasingly data-driven industry. “It’s a matter of understanding what you have built and turning that data into stories from which you can take action.”

He revealed that the diagnostic systems developed by the McClaren team are now being used by Birmingham Children's Hospital in the UK to spot potential cardiac arrest in infants and also by the train system in San Francisco to create a Wi-Wi corridor to transmit diagnostic information and also provide Wi-Fi services to passengers.

More on Open Innovation 2.0:

Innovation Luminary Awards celebrate innovation leadership

Interview with Alexander Osterwalder of Business Model Canvas fame (video)

Interview with Mikko Huuskonen, Finnish government (video)

Interview with DG CONNECT's Bror Salmelin (video)

Intel’s Martin Curley: we will need two Earths to support human life (video)

SolarPrint and Intel demo energy harvesting device at innovation event

Innovation about execution, not just invention, says EIT’s Alexander von Gabain

Dr Stephen Hawking says world needs a more sustainable trajectory

Details of the follow-up review have been published in the Office of the Data Protection Commissioner’s annual report for 2012.  

The agency began a major audit of Facebook Ireland in 2011 after lobby group Europe Versus Facebook lodged 22 complaints. After the audit, Facebook Ireland agreed to a range of “best practice” improvements with a formal review to take place in July 2012.

The review found Facebook Ireland had implemented most of the agency’s recommendations to its satisfaction, particularly in the following areas:

• The provision of better transparency for the user in how their data is handled.
• The provision of increased user control over settings.
• The implementation of clear retention periods for the deletion of personal data or an enhanced ability for the user to delete items.
• The enhancement of the user’s right to have ready access to their personal data and the capacity of Facebook Ireland to ensure rigorous assessment of compliance with Irish and EU data protection requirements.

The Office of the Data Protection Commissioner had set a deadline of four weeks for Facebook Ireland to adopt recommendations not yet put into place, the agency revealed in its annual report for 2012.

“A deadline of four weeks for those matters to be brought to a satisfactory conclusion was set and FB-I (Facebook Ireland) progressed those matters to our satisfaction within the four-week period,” the annual report stated.

“The office continues to maintain an ongoing dialogue with FB-I on the data protection implications of all new services as these are rolled out.”

The office opened 1,349 complaints for investigation, surpassing last year’s record high number by 188. Data security breach notifications amounted to 1,666 notifications.

Complaints from individuals regarding difficulties gaining access to their personal data held by organisations accounted for just less than one-third of the overall complaints investigated during 2012. 

There has also been a marked increase in the number of complaints under the Privacy in Electronics Regulations during 2012 (up from 253 in 2011 to 606 during 2012).

The report includes details of the prosecution of three insurance companies for data protection registration offences after social welfare data, sourced via a private investigator, was found on insurance claim files held by those companies.

The agency also reported on a High Court ruling that Dublin Bus must supply copy of CCTV footage of an incident involving a member of the public who requested the video under the right of access.

The report also contains information on audits of the INFOSYS database administered by the Department of Social Protection; the start of the audit of An Garda Síochána; a summary of the outcome of the follow-up audit of Facebook Ireland; and a summary of the findings and recommendations of the audits of reporting processes within lenders to the Irish Credit Bureau.

As a percentage, how much of your annual IT budget goes on security?

That’s always a good question. To be honest, it’s nearly impossible to quantify as very often, security is taken out of several different budgets. For example, you could look at firewall admin, putting in new security rules – that would fall to the IT network guys rather than the information security team per se. Likewise, we have mainframe sec rules and that would come down to the mainframe team.

Indicative percentages would be between 4 and 8pc. That’s seen as a ballpark figure and, in my personal opinion, I’d say we’re within that threshold.

If you’re looking at security spend in the financial services sector, there’s been a number of high-profile incidents worldwide. I think that’s brought the focus back on security and that’s resulted in the purse strings being loosened.

You recently deployed mobile device management (MDM). Why did you do it, and how did you go about managing the project?

We recognised there was a requirement to facilitate these devices. As part of the bank’s digital strategy, we’re looking to become technology-driven to a large extent and to try and deliver as much value as we can to our customers and our users, and there’s no doubt that tablets and smartphones can drive productivity. But like all new business initiatives, they need to be reviewed and facilitated in a secure manner.

Once we identified mobile device management as a key issue, what we had to do was review the capability of these devices – then at that point you can develop a technical appendix and test the devices against this. We ran a proof of concept to validate that we can meet our security requirements. That enabled us to validate our security configuration so that it worked as expected ... It’s a cyclical process – you can go back and revise your policy based on what you’ve learned in the real world.

Obviously, mobile device management is a high-profile topic and there are a number of enterprise solutions. We reviewed three of the mainstream solutions and checked if they met our needs as a product. We don’t want to reinvent the wheel or increase our spending unnecessarily so we needed to see that the solutions were as close a fit with our existing technology. The easier it is to embed with your current systems, the better.

When we chose a vendor, we did a proof of concept: a pilot with a small subset of users. That was hugely valuable. Until you’ve released a solution in the wild – even in a controlled environment, you get a huge amount of valuable data – you can’t have a true understanding of what you’re dealing with.

When you put it in place, how did it change your security posture?

We implemented it in Q4 last year and it’s one of these issues I’m certain every organisation has seen it where you’ve got your smart device. They’re going to be out there anyway and used. Our attitude was, we’d rather facilitate users but do it in a secure manner rather than sticking our heads in the sand and say we don’t support it.

In terms of our security posture, we’re quite satisfied with our chosen solution. It wasn’t about product limitations so much as scenarios we didn’t consider, and you only become aware of potential issues when you see it in the wild.

How do you strike a balance between security and usability, when too much of the former is often a block to people being able to use it?

To give you an example, if a user is using a smartphone or a tablet for both business and personal purposes, there’s certainly a balance to be reached. Our attitude was: we’re going to segregate the corporate element and make sure all of our controls were in place over the corporate partition but have less stringent controls over the personal section, such as personal photos on their smartphones.

Basically, we created a clear segregation between business and personal use, and we put a complete block on exporting files outside the corporate element of the device. If you’ve got a corporate email or file, it sits within those rules.

We have a number of controls in place – the devices are configured to automatically check in to the MDM server on a regular basis. If they miss a check in, we initiate the corporate wipe. We also have a 24-hour support line, so if a user is away or travelling and a device is lost or stolen, they can call and get the device wiped then and there. They can choose if they want the device fully wiped or only a wipe of the corporate information.

Can you give an example of a security project that really worked, and what were the factors that made it a success?

What makes security a success is that there aren’t headline instances. An example ties in with the mobile device management: that gave us the platform to develop a new outlet, the Lab, or Learn About Banking, in Dundrum Town Centre in Dublin. It focuses on our self-service banking offerings, and future services we have, and how customers can use their smartphones or tablets.

We’re also using that as a learning environment so it’s two-way. We also want to let them tell us what their banking needs are. The Lab lets us showcase what we think is innovative and we’re also trying to learn from the customer. Coming back to the MDM, we can demo our services that are now available as mobile apps. We couldn’t have launched this project if we hadn’t a mobile device management solution in the first place.

What lessons have you learned over the years about security?

Certainly user buy-in is essential. If you don’t have that, not only are you going to suffer in terms of support, but if it’s a new system, you don’t see it used successfully. But it’s important the staff need to understand what’s expected of them. There’s no point in giving them an encyclopedia of security controls. We try and centralise our controls as much as possible, for example, centralised key management – saving people from having to remember individual passwords for specific items. 

Executive sponsorship is also hugely important. You need weight behind any project that involves significant change.

Another one would be around avoiding production pilots. If you are trialling a new system, there needs to be a test. What you can’t do is put something in a production environment [because then] you can’t amend it. I’d definitely advise people to try and avoid that.

Lastly, I know the terms ‘rogue user’ or ‘insider threat’ are bandied around, but I’m of the opinion the vast majority of incidents are related to users trying to do their jobs and making a genuine mistake. It’s our job in security to make it more straightforward for them.

After the ATM hack in New York, the likes of the PCI standard were criticised. How much of security involves ticking a compliance box when that might not be the most secure option?

The compliance box as such is a specific part of a more holistic approach to security. I don’t think you can be more secure by simply implementing PCI or ISO 27001, but what they can do is put you on the correct road. They get you thinking about the right procedures and potential issues. If you’re simply going to look at PCI or ISO on its own, it won’t make you more secure. You have to look at the wider picture.

The ATM hack is a perfect example of us moving away from what a crime is in the 21st century – it’s no longer about guys with guns robbing banks: that was a team of cyber-attackers running the whole thing. We have to be aware of that and build our security posture with that in mind.

How is security seen by senior management: is it essential to have, or just a cost to be managed or is there competitive advantage to be had by implementing new policies or systems?

To be honest, I think we’re moving away from the old perception of security as being an inhibitor to doing business. Nowadays it’s genuinely seen as a positive. One of our objectives is not to be seen as the ‘no’ men, but to help the business to innovate and to do what they have to do in a secure manner. And in terms of the Dundrum project, all our inputs were taken on board and we got the support on that.

In any project for any organisation, if you can get in early doors and you’re there through the lifecycle, that’s better than having to retrofit the security at the end, which will give you a serious headache.

David Cahill will be speaking at a morning seminar on Data Protection at the Aviva Stadium in Dublin next Wednesday, 22 May.

The new Spaces by Moxie system will in effect enable AIB online banking customers to connect directly and chat with customer service representatives at the click of a button.

“If there is one thing that frustrates customers more than anything, it’s not being able to get an answer to their questions quickly, accurately and consistently,” said Tom Kelly, president and CEO, Moxie Software.

“By enabling customers and employees to access relevant knowledge and offering new communication channels, AIB will transform its online customer experience.”

The system will also route and respond to banking customers’ email enquiries as well as provide 24 x 7 access to information through self-service.

“The retail banking landscape is changing – our customers lead busy lives and need to access and interact with the bank in a way that fits their lifestyle,” said Ann Boden, chief operating officer of AIB.

“The local branch, while still important, is now just one channel of many. In adopting a multi-channel strategy, we needed a technology that allowed for the delivery of personal service and replicated it consistently and effectively across channels.”

The launch of Tech Defenders is just one event on behalf of Irish-founded and Dublin-based international human rights organisation Front Line Defenders.

IBM is hosting the launch of Tech Defenders in front of a group of invited guests. Activist, blogger and technology specialist Ahmad Gharbeia, executive director of the Arab Digital Expression Foundation, will speak to attendees about the digital security challenges that bloggers, journalists and human rights defenders face throughout the Mideast and elsewhere.  

Front Line Defenders’ head of technology, Wojtek Bogusz, will also address the group. He will talk about the digital tactics that help human rights defenders avoid detection and stay safe, and will provide an inside look at Security in a Box, a digital toolkit for defenders of human rights.

In a statement, Chris Horn and Karlin Lillington, on behalf of Front Line Defenders, said the work of human rights defenders carries huge and often life-threatening risk.

“Advancements in digital communications are used by repressive governments more than ever before to limit access to digital information about human rights and human rights defenders,” they said.

“They also monitor and disrupt communications between activists, to track and capture not only individual activists, but their entire networks, through the confiscation of a single phone or laptop.”

Through Tech Defenders, Front Line Defenders aims to unite, as it says, Ireland’s respect for international human rights and advancement of digital technology to promote tangible and practical support for the digital security of human rights defenders. 

Digital support image via Shutterstock

Can you describe your own day-to-day role with Smyths Toys?

My position is to assist the business to transform its IT services from an SME mindset to an enterprise one. The business is growing and therefore the dependency on technology is more important to ensure that the growth is accounted for in the technology roadmap.

The role of IT is changing from pure technical focus to being more commercially savvy – in your own career, how have you found this working in practice?

IT is a very complex area and moving at an incredible pace of significant change, which puts huge pressures on IT to make the right decisions, as some of these changes could fail and expose companies who have been sold the future promise.

Traditional IT departments which are removed from the business are things of the past and now IT has to be aligned with the business to allow change to be implemented as the market demands dictate. 

Did you always see yourself as being business-aware rather than purely looking at IT as a silo?

My background has always been commercially focused and the move into IT occurred by accident. I was asked to implement a change and transformation programme in a traditional IT operation of a PLC and found that I understood IT from the business perspective rather than the technology one and enjoyed the programme, which was perceived as a success.

How would you describe your approach to IT: is it just a cost to be managed sensibly, or can it deliver real value and innovation to the business?

I will always believe that IT, if implemented in partnership with the business, is an enabler and can significantly provide a competitive advantage to any business that competes in today’s competitive environment. Of course, costs have to be managed and controlled as with every other part of a successful business.

What are the big challenges in the business and how can IT help: for example, competing in online retail against the likes of Amazon, or making sure POS systems stay up in the stores?

The biggest challenge for any fast-growing business is to implement processes and policies which allow flexibility to compete but discipline to ensure that the infrastructure and services are available on a 24/7 basis. Competition within business will always be there and emerging distribution channels, such as online, need to be embraced.

Take the music industry, for example. Online services completely changed the model and the companies which embraced the change or indeed, caused the change, are now the dominant players. IT services within the business are the enablers of change not the silver bullet and that’s the reason why IT and the business need to be more aligned.

You’ve talked about your IT strategy as co-sourcing rather than outsourcing: can you explain what this is and why you’ve taken this approach?

Outsourcing is a much-hyped silver bullet which some businesses see as a way to shift costs and responsibility away from the core business. My view of co-sourcing is that the business keeps a number of subject matter experts, or SMEs, within the business who both understand the business and its overall objectives and work with a service provider to provide infrastructural services and solutions to work alongside the SMEs.

In this model, we keep the internal IP resource and use the co-sourced partner to provide their business excellence, thought leadership and partnership. In effect, you get the best of both worlds and not have a complete department outsourced to become a number in a larger, process-driven organisation whose reason for existence is to reduce costs and deliver the same services to multiple organisations.

Who are some of the external partners you work with, and why did you pick those particular ones?

When we’re looking for external partners, we look for companies that can complement our skills. The key requirement on top of the partner’s key skills is that they provide the following: integrity, thought leadership and a shared ownership. If this occurs, then it’s a working relationship.

You’re already using cloud computing in your business: can you tell me what you’re using it for, what were the reasons for doing so, and what difference it has made?

Smyths is a seasonal business, which peaks in the weeks coming up to Christmas and our online business is successful and growing rapidly. If we had to make an investment in the infrastructure required to cater for the business growth, it would have been expensive and lying idle for nine months of the year. The cloud computing decision was made on the basis that we can flex the size as the demand increases.

Now that it’s bedded in successfully, would you consider using it for other parts of the business?

Of course, if the business case stacks up we would actively consider it.

There’s a view among some IT professionals that cloud threatens their jobs: what’s your view?

All indications are that the team within Smyths are both hungry to learn and more importantly, adapt. I personally feel that a well-structured IT department with clear objectives alleviates the concerns about new technologies. Also, providing training is a great incentive to the team, as they can learn to adapt to the emerging trends.

The re-emergence of hosted technologies, or what we now call cloud computing, is bringing an added flexibility to business and this has significant challenges as the more traditional IT operations seem to perceive this a threat rather than an opportunity.

Bringing internal IT teams along to a new way of doing business takes business and coaching skills rather than IT skills, so my position is to allow the change and transformation to occur without the IT teams perceiving this as a threat but an opportunity to upskill and realign their thinking with market developments.   

Smyths’ business is growing, and you have ambitious expansion plans. Will your IT budget increase in line with that, or are you still subject to the dreaded ‘do more with less’ mantra?

I am always trying to do more for less and ensure we get value for money but I have to be honest: too many mistakes are made in IT when costs are cut too far: a case of ‘we are too poor to buy cheap’. Retail is very competitive but the dependence on 24/7 uptime does not allow you to compromise quality for cost.

You’ve said you’re looking to make your IT more agile to respond quickly to business needs - how close do you think you are to that ideal state?

We are currently in a transition process with our transformation and change programme. I expect that we will be in a stronger position within the next six months but things are changing so fast within the IT arena I don’t think we will ever be in the ideal state as the competition is aggressive and we can’t be complacent.

Our customers are the reason why we have a job and we have to ensure that we deliver on their expectations in terms of availability, service, channel and of course keep delivering a quality product at a competitive price.

We often see very technically bright people who have no strategic or business focus: in your opinion, are computing courses in Ireland teaching enough about general business?

Look, I consider myself as someone who has a high-level understanding of technology and what it can deliver for the business. I believe by being on the other side and having frustrations with IT makes me more aware of what IT needs to do.

The question in relation about general business is a difficult one to answer. People who have a passionate interest in technology sometimes do not really want or need to understand the business drivers. Notwithstanding this, if the courses could explain the importance of IT to enable a business to grow and prosper, and the meaning of the cost of capital and its implications to the business, that could be beneficial.

For example, the difference between an OPEX/CAPEX operating model and how on-demand services are enabling smaller companies to scale faster without having the requirement for significant upfront capital costs. That might give people an understanding of the challenges which the finance director and shareholders face in growing a business.

Cisco country manager Adam Grennan said the award recognises exemplary business practices, technology and impact on overall revenue.

“BT Ireland has delivered exceptionally on its ability to succeed in the business market using the Cisco portfolio of solutions.

“Cisco has been a Gold partner of ours for 15 years and having achieved double-digit Cisco growth every year for the past three years, the company has proved itself as a high-performing, reliable partner that understands our solutions and uses its extensive experience and global reach to ensure continued success across all market segments,” said Grennan.

BT Ireland managing director Shay Walsh said the triple run of awards has been recognition for the ICT solutions team that had worked hard over the last 12 months.

“Being recognised by our key partners in the industry reflects our ability to consistently integrate our partners with world-class leading solutions that meet the needs and requirements of our growing customer base,” Walsh said.

Can you give me a sense of the scale of Henry J Lyons as an organisation?

We are probably one of the top 3 architecture firms in Ireland. Five years ago, that would have meant we were pushing towards 200 people. These days, a lot of our competitors have retrenched, and we are at about 50-plus people. Like everyone in the construction industry, we have dropped in scale a lot but we are growing again slightly.

How dependent on IT are you as a company, or could you – pun very much intended – go back to the drawing board?

No, we couldn’t. We have one drawing board. We have been more or less completely CAD-dependent, certainly since I’ve been here and probably about 10 years before that.

What are the main IT applications the company uses?

The main tools – AutoCAD is one. Increasingly, people are moving to things like Revit, which is an information-rich 3D model. Once, people would have done drawings in two dimensions; now you would create a model of a building which would have information for all of the different disciplines that go into a project: architectural, structural and engineering. That’s the future of CAD: we’re not quite there but it’s getting there.

The other major tool we use is mail and correspondence. The vast bulk of our correspondence is by email. We need to be able to create drawings and drawn information and then correspond with people across the life of a project, which can be years long.

There’s a shift away from traditional email to more instant messaging tools and other collaboration apps: have you started to see this yet?

Email is the bedrock of correspondence at this point, but I could see a shift into other formats of messaging.

We’ve been quite reliant on things like Google Drive. We built Google’s own headquarters [the Montevetro building in Dublin] using Google Drive as an information-sharing platform. There are various solutions to that, and we tend to run a number of them.

We also use Asite, Buzzsaw, BIM – there are construction industry-specific tools.

A lot of architecture firms were heavily hit by the property crash and the recession – did that have an effect on your approach to IT?

Before, in the boom, we invested quite a bit in IT – particularly in CAD servers, which sit in this building. We had servers in Dublin and Cork which replicated to each other and we used them for backup.

It was probably over-specified as a system and was very expensive. That was one element of legacy IT systems that we were left with when the downturn came.

We never had a proper infrastructure in terms of contacts, or a project database. There was a need to integrate things like mail, contacts and so on, and we had never managed to integrate those. There were bespoke solutions but they typically cost a couple of hundred grand.

Moving to Google Apps allowed us to do a lot of that for far less money. It doesn’t completely deal with storage of CAD files but I think the technology will catch up with that.

Why did you decide to move to Google Apps: purely a cost consideration or was there a strategic element to it, as well?

Four things: the first driver was the difficulty in dealing with mail storage and large format files. People will still send us a lot of large format files. We deal in them all the time and we were finding management of people’s inboxes difficult under the old system.

Two, we were using public folders in Outlook as a means of storing mail, which was not ideal.

Three was cost. Typically, we were looking at a bill of €200,000 to integrate CRM software, documents and so on, and we got a lot of the functionality for far less money.

The fourth reason was agility. We have jobs in the Middle East now and again. We also had an office in Shanghai and we still do work in China if the opportunity presents itself, and this just makes the set-up of that much easier.

In the last year or so, tablets are coming to the fore and people are on sites, making up documents or files and it’s a lot easier to integrate that using Google Apps.

Have tablets reduced your dependence on paper, and are they a cost saver in a way?

It’s a cost saver but it’s definitely a time saver. You don’t need to spend 10 minutes waiting by a printer for a set of minutes for a meeting, you just know that they’re on a tablet and you just walk out the door to that meeting. Nor do you come back from one and chuck the paper in the bin.

Another big part of our job would be getting presentations or documents that are partially complete while you’re out on the road, and marking them up or commenting on them, and that’s made far easier with a tablet. And there’s a presentation tool, as well.

How much of your own day-to-day role is given over to technology?

Not much, is the answer. We have one employee who spends his time on IT full time and principally that’s maintenance, setting up stuff then a helpdesk type of role.

That was another big driver, really. We looked down the years, we engaged with companies providing bespoke architecture solutions and not only was it a big spend but it was time: it was a project. We tried to do something with SharePoint at one stage and we spent a lot of money to develop something customised.

We also trialled Gmail as a system about five years ago and it didn’t work at the time but we came back to it about a year and a half ago. It had come on as a product, and the marketplace had evolved and there were more off-the-peg add-ons that did what we needed.

The switchover was quite painless, really, which is a credit to Baker [Google Apps partner which implemented the system for Henry J Lyons]. We trialled it with a group of key users, they got comfortable with it and it hasn’t taken much of my time.

What are the business benefits of using Google Apps, and why didn’t you adopt it before?

One of things I really like about Google is they keep improving stuff. You don’t have to load new updates or a new version; it’s just incrementally improving all the time.

One of the principal reasons we didn’t use it five years ago was, while Gmail was good, we couldn’t share emails between people [on a project] and that was still the case until recently.

We now have a Google App called Grexit, which lets you share labels and it creates an email archive for anything with a particular label on it. It’s not a Google feature; it’s an app in the marketplace.

We can add a feature like that in an hour. It’s great not having to worry that it’s a two-week IT project to do something like that.

Do you think your own background, as an architect and a project manager, gives you a different perspective on IT compared to someone who’s only ever known a computing discipline?

I think it probably would. Architecture is somewhere between problem solving and design, so certainly it gives you a strategic view. Nor do we want to pay a full-time person to think about how to do things if we don’t have to.

How has IT changed over time and how has it changed how you do your job?

When I first joined it was reasonably functional, it was set up to mirror a paper-based structure. And then the infrastructure was generally fine but now and again it went down. Touch wood, it hasn’t gone down for a long time but if it did, we’d have a completely different recovery strategy.

I think it works a little better now [than before]. It’s easier, cheaper, takes less time and we have more people as a proportion of our staff focused on drawing buildings.

The deal will see Oneview’s point of care software deployed at the Chris O’Brien Lifehouse at the hospital.

The news follows HP selecting the company as partner of choice to deliver patient infotainment as part of its global digital hospital programme.

In April, Sony Australia announced its agreement to partner with Oneview to deliver point-of-care IT services to hospitals in Australia and New Zealand.

The company appointed former investment banker James Fitter as CEO in January and today appointed James Osbourne as non-executive chairman.

While private details of users were accessed there is no indication that the hackers succeeded in gaining credit card information.

“LivingSocial recently experienced a cyberattack on our computer systems that resulted in unauthorised access to some customer data from our server,” the company said on its website.

“We are actively working with law enforcement to investigate this issue.

“The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords -- technically ‘hashed’ and ‘salted’ passwords. We never store passwords in plain text. Although your LivingSocial password would be difficult to decode, we want to take every precaution to ensure that your account is secure, so we are expiring your old password and requesting that you create a new one,” the company said.

Washington, DC-headquartered LivingSocial has more than 50m customers in 21 countries. The deals it offers each day carry discounts of up to 50pc.

The service is very popular in Ireland and in October the company launched a section of its site dealing in physical goods.

Can you give me a sense of the scale of Concern as an organisation – how big is it, across how many territories?

It’s actually a global enterprise. Dublin is our international headquarters and we also have fundraising offices in the US and the UK: in Chicago, New York, London, Belfast and Glasgow. We have around 3,500 staff globally and about 2,500 of those use technology to carry out their work.

We have programmes in 24 countries, from Haiti through sub-Saharan Africa – Sudan, Chad, Niger, through Congo to the likes of Mozambique and Zimbabwe. We’re in Pakistan, Afghanistan, Bangladesh and in DPRK [North Korea].

What does your own day-to-day role involve?

I lead what I call a diverse and geographically dispersed team of IT professionals and we deliver the full suite of IT services to our enterprise services for our back office and network management and we also have information system management for all our applications.

Then also I have a number of regional IT managers distributed through the world to manage our staff and they report back to me.

We’ve got a global team of probably about 50 IT staff. We might have one local IT support person in a country and another part-time. So it’s actually quite a large organisation.

What are the main IT applications that you use?

Our key systems are Microsoft Dynamics GP for financials and accounting, a fundraising tool called ThankQ, and Empower for HRM are our key line of business applications. We also heavily make use of SharePoint for our intranet.

These applications are all hosted on our virtual server platform – this is made up of VMware, Cisco UCS servers and EMC storage platform. We consolidated from a data centre with over 60 servers to six.

What implications does that have for your IT team?

We are small and nimble. We can scale to a very high level – a global level when we need to, when it comes to deployments – but it is a very tight team. Dublin is our core, it’s the hub and it’s where we host most of our applications that we don’t host on the cloud.

How much of your job is about keeping systems up, firefighting and so on, and how much is given over to taking a more strategic view?

It’s both. I keep myself very close to the day-to-day and I’m in constant communication with the managers who are responsible for various areas. ICT is viewed as a tool of real strategic importance in Concern. We simply couldn’t operate without it. From finance and accounting to our fundraising and how we communicate and collaborate as an organisation, it’s crucial.

But we don’t just view ICT as an operational tool. We view it as a tool to help those we serve. In fact, one of Concern’s core organisational strategic objectives over the next few years is to find ways to embed technology directly into our programming and benefit what we call our programme participants.

As an organisation with charitable status, do you find you have to be smarter with your IT investment compared to a public or private-sector organisation?

Absolutely. However, we do take great advantage of our status as a charity to get the best possible pricing. We are also part of an international ICT consortium called NetHope.

We use NetHope to integrate with the big technology companies at the highest levels and the net benefits do not just mean better pricing or free licensing or equipment, but a real opportunity for these organisations to collaborate on initiatives that have the power to change people’s lives in some of the poorest communities.

Because of budget issues, or maybe a need to be smarter about how you use technology, does that make you early adopters where it’s appropriate?

It goes both ways. Obviously, as an organisation, particularly when it comes to [managing] money, we’re risk averse. But on the flip side, when it comes to technology and our ability to adapt to new things, we would deem ourselves as very early adopters if we can get in at the right time.

We were fully on BPOS [now Office 365] 18 months to two years ago. That revolutionised how we operated on email. If you think about a traditional Exchange infrastructure, particularly where we work, for us, we would have to implement Exchange servers in local offices because there wasn’t good enough bandwidth to route back into Dublin.

Sometimes, infrastructure in the field would crash and if an email server went down, there was no email. The long and short of it is, on an almost weekly basis we could have a different country with no access to email, whereas now, the only factor in access to email is the availability of bandwidth.

We’ve basically ripped out our Exchange environment. That’s an example of something we knew was going to have a profound impact on how we were going to deploy a service. On the flip side of that, we only just virtualised last year and we were living off a whole bunch of legacy servers for longer than you would have wanted but we wanted to sweat them.

What are the challenges in ensuring you can communicate with staff carrying out Concern’s work overseas?

We have to be prepared for all eventualities because one of our programmes is emergency response. We would have a toolkit that’s designed and ready to roll in event of disasters: they’re built off a laptop, a satellite phone and a BGAN – a broadband global area network that actually looks like a laptop. You open it, point at the sky, stick a SIM card in and get half a meg bandwidth out of it, anywhere on the planet.

If we roll out into a very rural part of a country with no civil infrastructure, you have to rely on satellite-based technologies and the sun to generate power. IT in the field begins and ends with power. There are high levels of unpredictability in the field, so how we approach IT in the field is quite important.

The quality of electrical infrastructure varies wildly from country to country and unless you have that taken care of, you’ll find yourself swapping out hardware with burnt-out PSUs and blown motherboards like there’s no tomorrow.

For example, there are four different electrical standards in Africa: German, French, US and UK. So we ensure our offices are wired to a proper standard, that we have proper surge protection and earthing and so on. We also have to ensure that power supply is as uninterrupted as possible, because a local ‘grid’ can drop multiple times a day.

Can you tell us about some of the major technology projects you’re planning?

We’ve stabilised a huge amount and pushed out stuff onto the cloud and were looking to take advantage of the Lync component in Office 365. So, my plan for this year and next is to look at technologies to help us communicate and collaborate more effectively.

We’re moving back to the videoconferencing space. We’re in the process of implementing Vidyo. It’s really transformative in terms of the way you view videoconferencing. The traditional way, needed very expensive infrastructure and dedicated bandwidth. And then at the other end, when you try pulling multiple parties over different geographical spaces, Skype just won’t cut it, where you could have people on a laptop or mobile device [in the field] or 15 people sitting around a table in head office.

Vidyo scales to pretty much any available bandwidth and adjusts the quality accordingly. Legacy systems can’t do this. It’s all software driven. You can scale to high-definition telepresence in your boardrooms through to mobile devices, at a ridiculously low price. I’m looking at this not just for collaboration but to at least reduce our travel costs.

So you’re having to keep one eye on costs even as you’re taking the more strategic view with IT?

I do genuinely think we operate in a different way to traditional IT departments. We’re not an insurance company or a bank so we’re not heavily regulated – although we do take PCI and data protection extremely seriously. The only thing we have is our good name.

For example, when we moved to Office 365, it wasn’t going to impact on the way we did business, whereas a bank would have concerns about turning over their email to a third party.

I came from a consulting background and I’m familiar with the traditional CIO or IT director who tended to be deeply conservative. I’ve always been prone to looking at creative ways to looking at things and solve problems, but I do think there’s a certain conservatism to the way people look at technology – and they’re not supporting their business properly by looking at it that way.

Things are changing all the time. The buzzword now is BYOD – bring your own device. That’s happened, that ship has sailed and we’re [now] finding the whole concept of bring your own application – for example, Google Apps or Dropbox – and people can’t understand why they can’t use a tool that’s more efficient than what they’re being given in work. You have to change or you perish, so you have to adapt.

The SC Magazine Awards honour professionals working to secure enterprises of all sizes, vendors and organisations that deliver innovative security technologies.

The award was given to Brian in recognition of his professionalism, the quality of his work, the vast contribution he gives to the security industry and for his work establishing and running Ireland’s first CERT, IRISSCERT.

“It is a great honour to be selected for the award and I see this as a reflection as to how vibrant the information security industry is here in Ireland,” Honan said today. 

“As a country we have a wealth of talent working in the security field and we are quickly earning a reputation as a centre of excellence.

“Hopefully, we can build on this success and bring more recognition to the talented individuals and exciting start-ups in the field,” Honan said.

The tweet sent yesterday from @AP (account currently suspended) said, “Breaking: Two Explosions in the White House and Barack Obama is injured.” Savvy followers quickly cottoned on to the false nature of the tweet, noting that there were no corroborating reports and that the format of the tweet was inconsistent with AP’s style.

Nonetheless, the tweet represents a major security breach for the trusted multinational news agency, whose material is frequently used by major newspapers and broadcasters worldwide. Following its publication, the Dow Jones industrial average sharply fell 143 points, though this dip was quickly recovered.

“Earlier this afternoon the @AP Twitter account was hacked. Out of a sense of caution, we have suspended other AP Twitter feeds. We are working with Twitter to sort this out,” said director of AP media relations Paul Colford, in a statement issued yesterday. It seems that all AP Twitter accounts except @AP_CorpComm are inactive for the time being.

Owing to the severity of the claims made in the tweet, the FBI is also said to be investigating the incident.

Syrian Electronic Army claims responsibility

Another tweet sent from @AP_Mobile yesterday stated, “Syrian Electronic Army Was Here” and the Syrian Electronic Army Twitter feed at @Official_SEA6 (also suspended) took credit for the hack, tweeting, “Ops! @AP get owned by Syrian Electronic Army! #SEA #Syria #ByeByeObama” along with a screenshot of the fake @AP tweet.

This pro-Assad hacking group has targeted a number of news organisations of late, apparently railing against what it believes to be fabricated news about what’s happening in Syria in the media. Reuters, BBC, NPR and CBS have all been targeted, with fake news stories and tweets being published to websites and Twitter accounts.

The BBC hack last month, which affected BBC Weather, Arabic and Ulster Twitter feeds, may have been related to a phishing email sent to staff. AP also confirmed yesterday that a phishing attempt preceded the hack.

Twitter needs more security

In response to this and other high-profile Twitter hacks in recent times, the microblogging network may be preparing to launch a two-step security solution. Wired reports that two-factor authentication is currently undergoing internal testing with a view to rolling it out gradually to all users as soon as possible.

This log-in process will require not only a password but also an additional code sent to a pre-registered device, usually via SMS to a mobile phone. This level of security would prevent hackers gaining access to accounts through phishing methods alone, as they will need the users’ device and the newly generated code also.

Hacker image via Blazej Lyjak/Shutterstock

The 2013 Verizon Data Breach Investigations Report (DBIR) gathers data from a range of sources: 19 organisations worldwide comprising national cyber incident reporting groups, law enforcement agencies, a research body and forensic services firms.

The document includes analysis of more than 47,000 security incidents and the study of 621 confirmed data breaches.

Considered one of the more reliable cybercrime surveys, the 2013 edition uncovered findings which challenge conventional thinking about the nature of current cyber threats and where the real risk lies for many businesses.

It found 75pc of attacks are opportunistic: that is, not targeted at a specific individual or company. Most of these were financially motivated.

Just 19pc of all attacks analysed in the 2013 report were perpetrated by state-affiliated actors - the kind of espionage that was outlined in a widely reported and controversial study by the security firm Mandiant in February.

“In most industries, you’re still much more likely to suffer an attack motivated by financial gain or revenge than espionage. Even in the industries most likely to be targeted, the likelihood of an espionage attack is still relatively low,” the report said.

Security budget spending

The DBIR also questioned whether organisations are spending their security budgets on the most appropriate protection for the systems they have. Two-thirds of breaches involved data ‘at rest’ in databases and on file servers, and the rest was being processed when it was compromised. “Does the balance of your security efforts reflect that?” the report asked.

Many organisations take months to discover whether they have been breached at all: 62pc took months to discover and in 4pc of cases a breach went undetected for more than a year.

IRISSCERT, the Irish security incident response team, provided Verizon with statistics on incidents it observed in Ireland during 2012. It’s the second year in a row that the non-profit group has contributed to the report.

Some of the more prominent incidents recorded by IRISSCERT last year related to ransomware, where criminals hijack a company’s information on its systems and demand payment to decrypt it.

Brian Honan, head of IRISSCERT, commented: “One of the big problems organisations face in the area of information security is the lack of sharing of information about threats and attacks. Without knowing how criminals are breaching the security of other organisations many security professionals do not know where they could be best focusing their efforts. Verizon’s DBIR provides a platform for such information to be shared anonymously so that all can learn from it.”

Application programming interfaces (APIs) are in effect the key enablers of the multi-screen internet age we now find ourselves in. But as more devices become web-connected, everything from street lights to cars and a variety of ambient sensors in our homes, on our bodies and on the street will come with APIs.

Recently, Intel paid an estimated US$180m to acquire Mashery, a provider of API technology that helps major brands, including the Guardian, USA Today, Klout and Rovi, use APIs to build new revenue models and powerful web experiences for their users. Mashery, founded in 2006, has a network of more than 200,000 developers.

Intel’s acquisition of Mashery is a bet on the future of electronics; a future where a myriad of almost invisible web-connected devices connected to wireless networks will interact with software-defined networks within data centres; an internet of things.

CA says the acquisition of Layer 7 will enable it to manage and secure the emerging API marketplace with a variety of identity management technologies.

These technologies will enable organisations to manage and secure APIs across the cloud and mobile and other applications.

“The addition of Layer 7 and the synergy across our technologies will improve how we securely support organisations in their cloud, mobile and ‘internet of things’ initiatives,” said Mike Denning, security general manager, CA Technologies.

“We use APIs every day, whether accessing flight data from our mobile devices, using Google Maps from a hotel website or making payments online. There are billions of API calls a day and that number is going to increase with the proliferation of smart devices, ranging from vehicles, meters, TVs and other devices, as they start interacting over APIs.

“Without API security and management, thousands of business services are vulnerable to disruption,” Denning warned.

Explosion in the API-driven economy

“The API-driven economy has exploded, driven by today’s cloud, mobile and complex composite applications for business services,” said Paul Rochester, CEO, Layer 7.

“With more than 8,000 public APIs available at the end of 2012, there is a vast library of proprietary components and data exposed to the external world that need to be managed and secured from unauthorised access.

“API applications and services are no longer a trend, they are mainstream. The combination of CA Technologies and Layer 7 is the best option for enterprises to successfully and securely leverage all the business benefits APIs can offer,” Denning said.

Internet of things image via Shutterstock

Wellington provides 40pc of the top 50 credit unions in Ireland with IT systems to enable next-generation services, such as mobile banking and electronic funds transfer.

Wellington IT says that over the course of the next 18 months to two years it intends to make an investment of €2m, which includes hiring new software development staff.

Alex Dunne, director of Wellington IT systems, said Octagon has a strong pedigree and long history of service within the IT industry.

All of Octagon’s employees will be retained as part of the acquisition and its managing director John Hudson will join Wellington as a consultant.

Combined, the two businesses will service the 150 credit unions around Ireland.

“This acquisition manages uncertainty within the market,” Dunne said. “And credit unions can rest assured that their systems will be supported going forward.”

“People intuitively understand the importance of locking their front doors to prevent their homes from being broken into. Computer security is no different. Surfing the internet without up-to-date antivirus software is like leaving your front door open to criminals,” said Tim Rains, director, Trustworthy Computing, Microsoft.

“With the release of this new research, Microsoft is urging people to make sure they have up-to-date antivirus software installed on their computers.”

There are several reasons why computers are left without protection. Among them are a trial period has expired or the software is out of date, malware disabled the antivirus software, and computer users may not realise the importance of antivirus software, so they just don’t install it on their machines.

“Regardless of whether you use a free or paid-for solution, the importance of antivirus software cannot be overstated,” Rains said.

“By taking the proper measures to protect your computer, including the most basic step of installing antivirus software, you can dramatically reduce your risk of becoming a victim.”

Malware image via Shutterstock

Can you give me a sense of the scale of Fleetmatics as an organisation – how big is it, across how many territories?

Fleetmatics is an Irish company; we were founded in November 2004, and we started in a small office over an off-licence in Templeogue, Dublin. We had around 10 people, and now we have over 480. We sell here, in the UK and in Canada, but our largest market is the US.

We supply the software to over 18,000 customers and we track over 330,000 vehicles. That figure is from December 31. We’re very proud to have taken the company public on the New York Stock Exchange in October of last year – we were the first Irish company to do that in seven years.

What are the main IT applications that you use in the company?

We’ve a large geographical reach and we have a lot of offices for a company of our size. For that reason, we use the cloud as much as we can. From a CRM point of view, we use Salesforce, and we’re deploying NetSuite for our financial applications. We sell an awful lot over the web, and to do that we would use Webex: for example, we use it to conduct demos over the web.

From a software point of view, we’d be predominantly a Microsoft shop: SQL Server at the backend and .Net at the front end. From a collaboration point of view, on the software side we use Jira. We use LifeSize videoconferencing and we use Skype.

Can you describe a little more about how you’re using the cloud?

The internal applications are truly in the cloud ... there’s a central function that dictates how we’re going and makes sure everyone is on the same version.

How we deliver the product is through data centres – we have one in Blanchardstown for our European customers and one in Colorado for our US customers, and both centres act as DR [disaster recovery] for each other.

What does your own day-to-day role involve?

My role involves the overall strategy of the company from a products standpoint. That covers planning, developing and delivering our end-user applications.

There are two groups under my remit: product management and product development. In the product management function, we do all of the competitor analysis, we do market research, we design the look and feel of the products and we do some research on that side, as well.

Once [a product] goes through the development lifecycle, we help position that within the sales team, and how it should get included in the sales process. And obviously we are gathering all the trends that come in through various functions: sales, customer support or external trends, such as mobile adoption among our users.

Was the growth of smart mobile devices a trend that made you sit up and take notice?

Part of my role is to try and get ahead of those trends and we did notice a few years ago that smartphone adoption was really going to be very high amongst our users. A lot of our customers are owners of small-to-medium-sized businesses. These guys won’t have a lot of time; usually they have at some point taken quite a gamble on their own company, so they’ve a vested interest in knowing – even in evenings or at weekends – what’s going on in their fleet.

In 2011, we released our mobile apps and to date, they’ve been very successful. We’ve 55,000 active users on smartphones and we have noticed that over time, logging through the mobile app versus through the web has increased dramatically. As recently as February, they’re almost at the same level.

There’s a big difference between looking at a laptop screen versus a mobile: did you have to go back to the drawing board, in a way, to provide a mobile-ready product?

We did, of course. Obviously through a web browser there’s more real estate and people have more patience to sit through steps. With the mobile app, we wanted to help people to be able to get the most amount of information with the fewest amount of clicks.

With mobile apps, there’s a period at the very beginning, that if someone finds it easy to use, they’ll keep using it but if they don’t, they are more likely to abandon it. So we really had to put an awful lot of effort into the user experience. I think our mobile usage would attest to the fact that we got it right.

How much of your role has a business focus and how much involves working directly with the technology?

Given the size of the company, I have to be very involved with the business side but I also have to steer the technology and product direction. They key is to have as many talented people in charge of product development and we’re very lucky in that regard. The standard of our staff is very high. We interview a lot!

I think you have to create a culture where people can make decisions but also where there’s accountability.

Has the ratio of commercial versus technology focus changed over time for you, or do you expect it to do so in the future?

It’s hard to put a ratio on it. Obviously, at the very beginning, I was very involved on the technology side. Every year my role has been different and I expect it to continue to change as we go into new territories and acquire and deploy new technologies. My peer group is the executive team and I have to work with those guys. I expect my role to continue to evolve.

Your own background is in engineering and mathematics, so how do you map that to the commercial awareness that someone in a senior business role needs? Did it come naturally to you, or did you need to work at it or study to achieve it?

I’ve always had to be mindful of the business side and I’m a firm believer that if the product is developed in a bubble, then you’re going to be in trouble.

Even when I was up to my neck in the product side of things, I was going out to see customers and participating in sales calls so I think it was a good grounding.

From my perspective – and I’m not alone in this viewpoint – the success of Fleetmatics comes down to the sales culture and part of that is the relationship between the product and sales.

In everything we do, we have to be mindful of the end user, and what we are selling to them.

My own education on the business side has been on the job but I work very closely with the heads of sales and operations. Anyone who’s not doing that, in my role, is going to have trouble down the line.

It’s been said that a lot of computer science courses are emphasising the technical discipline but ignoring the business aspect. Given that you see a lot of graduates when you’re hiring, is this something you’ve seen, too?

Really bright coders tend to have a certain aspect: they’re fiercely intelligent and very logical. If you don’t expose them to the other side of the business, their thinking can become isolated. As you come out of college, that’s a default state.

We have an annual developers conference and it’s not about development, it’s about the rest of the business coming in and relating stories to the developers, to keep them aware that at the end of a project, there’s someone who will sell the product, someone you know who will buy it and someone who will continue to use it.

What are some of the major projects you’re working on right now for Fleetmatics – what can we expect to see?

I can’t really divulge much on our active projects. But we believe that once we get through them, our product will stand out even more in the industry, especially with the user interface, where we’ll make the information even more powerful and get it to users much more efficiently.

The Apps Status Dashboard shows that the disruption began at the close of lunchtime today and is ongoing. While Drive, Docs and Google Mail apps are orange-lit as disrupted, the admin control panel and API is experiencing a service outage as of 1.20pm.

The Google Apps team is investigating the problem and an update is promised before 4pm Irish time. At this stage, users in the US would just be waking up or getting started at work only to discover these issues.

Though it’s reported that less than 1pc of users are affected by this outage, many of them are turning to Twitter to voice their frustrations.

Launched yesterday, the free Good practice guide to Electronic Discovery in Ireland is aimed at individuals or organisations in Ireland who are responsible for carrying out the processes and procedures necessary to produce electronically stored information.

Electronic discovery, or e-discovery for short, is the digital equivalent of the common-law process whereby documents which could be relevant in a dispute are disclosed to both parties to ensure transparency.

Legal professionals say almost all cases in Ireland now involve some elements of electronic evidence. High-profile examples include the Supreme Court’s recent attempts to unravel the finances at the Quinn Group, or the ‘Lying Eyes’ case from 2008, where evidence recovered from computers was used to prove that Sharon Collins sent emails soliciting a hitman to murder her husband and his two sons.

Amount of data is increasing

The scale of the challenge lies in the massive continued growth of data: EMC estimates the rate of new information is doubling every two years.

The guide covers a range of topics, such as information management in preparation for e-discovery. It also details the steps needed to identify, preserve, collect, process and review data before it has to be presented as part of a proceeding.

Speaking last year, Dermot Moore, an information governance specialist and one of the contributors to the guide, said: “It’s a very big problem for organisations. It’s a whole new dimension that they have not had to think about before. We’ve moved from something that was very tangible in terms of paper discovery to something that’s intangible. It’s understanding what those things are – what is needed for a case, and what is within the scope?”

Part of the reason for preparing the guide is that the potential expense of e-discovery can be high, which the report acknowledged “may inhibit access to justice and generate undue cost”. It said a reasonable approach to discovery was needed “which is proportionate and cost-effective given the matter at hand”.

Colm Murphy runs the e-discovery practice at Espion, and also contributed to the guide. He said Irish organisations should take the opportunity to put controls in place to manage their information better. This makes it both easy and fast to gather and review it in the event of a dispute.

“If you have documents all over the place, unfortunately for you, you still have to go through the [e-discovery] exercise,” he said. “The very same procedures, controls and technologies apply whether it’s a HR dispute, a compliance issue or whether it’s a criminal investigation or an IT security issue. The work that you do has benefits for all of those areas.”

The guide was compiled by the eDiscovery Group of Ireland, a seven-member ad-hoc working group of technology and legal professionals, all with significant experience in handing e-discovery both in Ireland and internationally.

The group’s members are Dermot Moore, Colm Murphy, Simon Collins of Ernst & Young, Andrew Harbison of Grant Thornton, Dr Vivienne Mee of Rits, barrister-at-law Rithika Moore-Vaderaa, and Cernam founder Owen O’Connor. Mr Justice Frank Clarke of the Supreme Court also assisted in preparing the guide.

E-discovery image via Shutterstock

Small businesses (those with fewer than 250 employees) have been the target of 31pc of these targeted cyberespionage attacks attacks in 2012, the report said.  

Small businesses are attractive targets because cyber-criminals may believe they lack adequate cybersecurity measures. So they will seek to get their hands on these organisations’ bank account information, customer data and intellectual property.

Web-based attacks increased by 30pc in 2012, many of which originated from the compromised websites of small businesses.

These websites were then used in massive cyber-attacks, as well as ‘watering hole’ attacks, Symantec said.

A watering hole attack involves an attacker compromising a website that their victim of interest frequents, such as a blog. When the victim later visits the compromised website, a targeted attack payload is silently installed on his or her computer.

“This year’s ISTR shows that cyber-criminals aren’t slowing down, and they continue to devise new ways to steal information from organisations of all sizes,” said Stephen Trilling, chief technology officer, Symantec.

“The sophistication of attacks coupled with today’s IT complexities, such as virtualisation, mobility and cloud, require organisations to remain proactive and use ‘defence in depth’ security measures to stay ahead of attacks.”

A study of various attack patterns has led to security software firm Sucuri concluding that the number of brute force attacks against WordPress has trebled in recent months and that reports of attacks are accurate.

Irish web hosting provider Spiral Hosting emailed its clients to advise them of the brute force login attacks.

“There is currently a large scale brute force attack coming from a large amount of IP addresses spread across the world,” Peter Armstrong, managing director of Spiral Hosting explained.

“A large botnet has been attempting to break into WordPress websites by continually trying to guess the username and password to get into the WordPress admin dashboard. This is affecting almost every major web hosting company around the world. Our Network Operations Centre (NOC) has detected a significant increase in botnet activity in the last 24 hours.”

Brute force attacks have reached epidemic levels

Armstrong continued: “Brute force attacks have reached epidemic level. Therefore, we have joined other major web hosting providers by advising all our clients who use WordPress to install an additional plugin 'Limit Login Attempts' that will help to prevent brute force attacks.”

Armstrong said that it is crucially important that WordPress websites are kept up to date.

“Normal security procedures include regular updates of the WordPress core files, plugins and theme files. In addition to this, we also recommend WordPress administrators change their login username from the default 'admin' username, use very secure passwords, and install the 'Login Limits Attempts' plugin or other WordPress security plugins.

“Another security risk that WordPress administrators sometime forget about are inactive themes, installed on their blog but no longer in use. The files for the WordPress themes are still located in the /wp-content/themes/ directory, and even if they're not being used, they're still vulnerable to being hacked/exploited if they're not kept up to date. Therefore, we recommend WordPress administrators delete all WordPress themes except the active theme currently in use on their website,” Armstrong said.

Hacker attack image via Shutterstock

Aura had decided that the large quantity of devices made it difficult and time consuming to manage their assets and opened the group up to risks. Trilogy worked with Aura to minimise security risks, identify and react to potential failures and reduce network management costs.

The deployment of Trilogy’s edge/point portal system has made it possible for Aura staff to link to Trilogy’s IT service desk.

In addition, a dedicated team of experts remotely monitors Aura’s network, servers and PCs to identify and remove problems.

Aura CEO Paul O’Grady said Aura had been expanding rapidly in the last number of years and the company needed a system to identify potential problems before they could impact on the business.

“Instant alerts tell me of any potential problems,” he added.

Aside from the Dell products that consumers order online, buy in PC stores or that enterprises deploy across workforces, Dell – which is currently in the middle of a buyout deal to go private – has a thriving 15-year-old OEM business that manufactures customised machines and systems for other OEMs.

While Mullen wouldn’t disclose how much revenues the division brings in, it is nonetheless a multi-billion-dollar business that enables Dell to supply other OEMs across a myriad of verticals, from retail, industrial, medical, and transport. Every conceivable vertical, in fact.

“Dell is an OEM itself,” Mullen said. “But our OEM Solutions division is the business that we conduct to support organisations who have a requirement for compute power in their solutions.”

Mullen said the OEM solutions market is a global industry worth US$105bn and which is growing at a rate of 5pc a year.

She points out that while the PC market as we know it is in decline from a general business and consumer perspective, the reality is PCs and display devices continue to be in ready demand across most industry types.

“We believe the market for this is in the region of US$105bn, including the telecoms appliance business, storage acceleration, firewalls, industrial automation, factory automation, process control, video surveillance, healthcare, medical devices, retail point-of-sale kiosk solutions, vending machines …

“If you look very closely, a PC sits inside a lot of things we take for granted in the modern world as you go through life – ATMs, gas pumps – there is compute power in almost everything.”

She continued: “We are seeing a migration away from customers who have chosen to solder and build printed circuit boards (PCBs) of their own, for example, to customers who are looking for standard, off-the-shelf computers with their own brand and customised to support their and their customers’ needs as part of one overall solution.

“They want technology that keeps up with the trends but customised to meet their specific needs in the form factor they require. The concept is to leverage the broad Dell portfolio, as well as our buying power, rather than try to build a brand new system from scratch.”

Mullen said the deal with Microsoft to license Windows Embedded and install Windows in a myriad of OEM products streamlines the delivery of customised systems as it removes the need for multiple in-region suppliers.

“The licensing agreement with Dell simplifies our shared goal of simplifying IT,” explained John Doyle, director of product management for Windows Embedded at Microsoft.

“This licensing agreement with Dell exemplifies that shared goal, helping to streamline the supply-chain experience to make it easier and quicker for OEM customers to bring their innovative intelligent systems solutions and devices to market,” Doyle said.

Ireland is at the heart of Dell’s global supply chain activities

Much of Dell’s global supply chain business is co-ordinated in Limerick while the EMEA OEM Solutions business is based at Cherrywood in Dublin, where it employs up to 60 people.

The OEM Solutions division for EMEA is led by Dermot O’Connell, former country manager for Dell in Ireland.

“The whole OEM business actually started out of Cherrywood,” O’Connell explained. “A lot of new divisions for Dell, such as the Cloud Centre, tend to be conceived in Ireland.

“There is quite a lot of work involved in managing licensing agreements and hardware, and we work closely with the global supply chain team in Limerick, which is led by Sean Corkery.

“The OEM Solutions division, while it is only five years old in EMEA, is growing rapidly and we are tracking 5-10pc growth between the verticals we are tracking,” O’Connell said.

Analysis firm Ovum has urged firms to consider alternatives to what would be a costly operation – in terms of both time and money – to move to a more recent version of Windows on desktops and laptops.

XP, which is more than 11 years old, is used by 28pc of corporate users, according to Ovum. Separate estimates from Net Applications suggest the total figure could be as high as one-third of all PCs.

Ovum suggested three options for organisations keen to innovate without having to part with a large percentage of their IT spending allocation. The first is to consider desktop virtualisation [VDI]. When used in conjunction with application virtualisation, VDI offers IT shops the advantage of centralised control and administration over distributed desktop environments which can be costly to maintain.

Another alternative is to consider replacing Windows XP laptops with tablets. “A Windows laptop is overkill for many field-based employees, and they cost much more to service and support than an Android or iOS tablet,” Ovum said in a briefing note.

Option three involves switching to Google’s Chrome OS. “Cloud computing has now come of age, and many corporate IT users now spend most of their time using web-based, rather than locally installed, applications and services,” Ovum said.

Security consequences

There are also security implications from Microsoft’s decision to discontinue support for XP, as the software giant won’t release patches for the OS after April of next year.

“The potential for criminals to take advantage of this situation is significant,” said Trend Micro in a blog post. “As long as there are significant numbers of XP users, they will continue to be targeted – and new exploits will continue to see the light of day. In the absence of any security patches from Microsoft, these will be all that more dangerous.”

The security software company hammered home the point by highlighting how new security holes in Windows XP continue to be found. “Consider this: every Patch Tuesday in 2013 so far has had at least one Critical bulletin that covered XP,” it said.

Trend Micro recommended upgrading immediately, even in large organisations that have continued using XP because it’s compatible with their custom applications.

“Running software that will never be patched is a significant gamble – particularly software that has been as enduring a target as Windows XP is ... If they make the decision to stick with Windows XP past April 2014 – with an operating system that by that time will be more than 12 years old – then they should be prepared to deal with the security fallout, as well,” Trend Micro said.

What is the NAPD’s role?

The role of the NAPD as a professional organisation for principals and deputy principals is a representative and advisory role for its members, who are principals and deputy principals. It has a consultative role with the Department of Education and the likes of representative bodies, like the NCCA, for curriculum development, and we also liaise with industry, for example, like software companies.

Specifically, where does technology fit into the association’s remit?

I chair the ICT committee and it’s an exciting committee to chair because technology is revolutionising schools. Take one-to-one computing. In my own school, as an example [Coláiste Chiaráin in Limerick], we’ve had it for the last 12 years. Every single student gets their own laptop, the technology is really maturing and technologies like tablets, mobile and wireless devices are becoming real and tangible for schools. In the last two years, publishers are coming along with e-books.

Take for example our own school, 100pc of the teaching staff have their own notebook or tablet computer and they use these daily for content creation collaboration and in their day-to-day teaching. This technology has been funded by teachers themselves with the support of the school. 

Each of our classrooms is equipped with a computer, data projector, etc which was funded by the DES ICT initiatives.

The fact that wireless is stable and industry standard – it goes back to the ‘anytime, anywhere’ concept. The students we’re dealing with now are absolute digital natives. Technology and mobile computing is what they do.

How are initiatives like one-to-one computing funded?

Ultimately, they have to be funded in a way that’s sustainable or organic so ultimately it is funded by the parents. Through a mechanism like e-book rentals, there are costs that would have been going on books that can now be placed on technology. We find in our own school that increasingly more and more students are bringing in their own devices, be they tablets or notebooks.

But isn’t there still a real risk of a digital divide – that students in poorer areas could lose out?

Therein lies the challenge and opportunity for principals. Specific areas will have specific challenges.

The price point for technology has come down these years. You know of some schools where they will assist parents in paying for technology over a period of time.

Also, if schools buy in bulk they have an ability to leverage bulk discounts. The price point for a notebook a few years ago was €1,000. Now, €400 will get you an excellent tablet. We’re currently trialling a Nexus tablet which costs €300 and by any standards, that’s affordable.

Then when you look at costs like books, when those costs can be put through the device with e-books, it makes it more tangible.

We don’t have a model like in the States, where there’s technology placed in the hands of every student, so schools need to be creative.

How close are you to achieving this goal of a computing device for every student?

I think nationally a lot of schools are close to this, and a lot of schools are in the process of considering this. The new junior cycle is a huge opportunity for schools to embrace this technology and to teach and learn in a different way.

The challenges schools have had was programming and software application development needed to be mainstream, and that wasn’t possible before. Now, schools are being given the flexibility to write short courses. We run courses in innovation, entrepreneurship, digital media creation, and software engineering for gaming and programming.

Now in schools they do a reduced junior cycle which allows more scope for more subjects. You can teach programming on the curriculum.

From a schooling perspective, are there any lessons from the likes of Nick D’Aloisio, or is a 17-year-old student who sells his company to Yahoo! just an outlier?

He could be an outlier. And you have the Collisons who come from Limerick and their company Stripe was valued at US$1bn recently – are they just outliers? Schools are the incubation centres for all of these entrepreneurs. We have first-year students writing Android apps, we have fourth-year students the length and breadth of the country writing code.

In many ways, the digital natives we’re dealing with now are going to be far more informed and will have more experience of coding and programming. There are jobs and opportunities that weren’t even there five years ago.

Technology is powering this revolution. The new junior cycle will give fantastic flexibility for schools to innovate. And it sets a challenge for schools to cater for the students you’re talking about.

How is the 100Mbps broadband for schools initiative progressing? There’s been criticism in some quarters that maybe schools don’t need as much capacity as that?

Having 100Mbps broadband for schools is a fantastic project. I believe all schools need it, it really is phenomenal. If you were in industry, you would have to have it. Schools right now are considering things like e-books. We ourselves [at Coláiste Chiaráin] have used e-books exclusively for the past two years.

The next iteration of content will be about schools creating and curating their own content. Without connectivity, all of those mobile computing devices would be insular and it would be difficult to develop.

If you are in a school of 800 or 900 students, for all of the activities, down to collaborating and communicating, that level of broadband is needed.

Teaching and learning is going to be fundamentally different going forward. Classrooms aren’t going to be as structured. Classrooms can be round-room conference-style, with students engaging in more explorative learning. If we’re talking about fostering the entrepreneurs, creators and thinkers, we have to teach and engage differently with students, and being connected powers all of that.

Schools are now considering the cloud for storage, then you have Google, which is powerful and it’s free, and you need always-on connectivity for that. The 100Mbps broadband is a huge step in that direction.

Will cloud computing have a real effect on teaching and schooling?

It will change the game. As to where the cloud is at, if you look at mobile and tablet computing, that has matured ... The best example is Google Apps and all schools across the country should be using that.

Now, 40pc of a student’s assessment can be based on a portfolio and this can now be based in the cloud and the student can carry a learning diary. There’s a huge opportunity from a learning point of view. Also, people could log into a digital resource for assessments.

What does your own perspective from working in the private sector give you in your current role?

One of the biggest things, schools need to take business solutions and empower them for teaching and learning.

I think there are huge opportunities for schools to liaise with industry. More and more, if you look at the new programming courses, they’re being developed with and through industry. We’re introducing Chinese this year, as are many schools.

Personally speaking, one of my most formative experiences was working in the world of industry. For schools in many ways are businesses: they’re in the business of teaching, learning and education.

For example, schools are enterprises and they need enterprise-level solutions. A school of 1,000 people connected – 900 students plus teachers and support staff of around 100 – is as big as any blue-chip multinational that would have a presence in the country.

I’m 12 years in my current school and I’ve been working through all of the iterations of Wi-Fi and the cloud and why so many schools are jumping now, the white papers are there, the models are there. It’s kind of a perfect storm really.

The technology for students is all pervasive. We grew into it, they grew up with it.

What are the NAPD’s short-term and longer-term targets for technology?

The new junior cycle is in its infancy, starting with pilot schools at the moment. There is an opportunity here nationally. From 2014, it is going to be mainstream. The short-term target is to get as many educators as enthused as possible.

In a slightly longer term, if we transform our Junior Certificate, we can transform our senior cycle: anything that helps us, as schools, to nurture the talent and help them find their careers and their passion and move them to third level and beyond to see these changes all the way through the whole curriculum.

I think the figures bear this out, when you look at science, technology, engineering and maths [STEM] – there are 3,000-4,000 jobs nationally being unfilled. As an organisation we would be raising concerns to our members. And these are not just concerns, they’re opportunities.

I would contend that the quality of students taking the courses makes them probably far more discerning as opposed to five years ago. Students are probably arriving to courses now with far more knowledge and far more hands-on experience and they’re making more informed choices.

One of things we’re doing in next few weeks is planning on launching a blog as a showcase for ICT excellence. I’ve a particular interest in what industry thinks, in opening up the minds of managers of the likes of Google and EMC, and what education can do to interface with them.

Ger O’Sullivan gave a presentation on the junior cycle as part of this year’s NAPD annual conference. His presentation runs from 21:20 to 38:45 and the entire video gives a sense of the opportunity presented by the new junior cycle. The NAPD has also launched an educational news app on iTunes and the Google Play store. 

HP claims current data centres are approaching a breaking point because their growth is being restricted by current generations of servers which take up too much space and cost too much to buy and maintain.

First announced in 2011, the new Moonshot server is to be built with chips more commonly found in smartphones and tablets, instead of the processors that have traditionally been used to power servers. This allows the Moonshot units to deliver reduced energy use and a high-density footprint, all at a far lower cost, HP claims.

Declan Hogan, HP Ireland’s lead for servers, storage and networking, said Moonshot uses a cartridge system as opposed to traditional rack or blade servers which require their own power supply and fans.

Moonshot makeup

“The initial Moonshot server is a 4.3u chassis – a typical blade would have 16 blades in a 10u chassis. It’s kind of like a mid-range server but we have 45 cartridges which are basically 45 servers. We have shared power and shared cooling, so that’s where the saving comes from. Effectively, what we’re doing is using lots of lower-powered servers.”

The first iteration of Moonshot servers will be shipping in late May or June across Europe, and these will run Intel’s Atom processor. Over time, HP plans to make different chips available for the platform from the likes of AMD, Applied Micro and Calxeda.

Hogan said the Moonshot is suitable for organisations with more than 40 servers, carrying out tasks like analysis, high-performance computing, financial modelling or games serving.

“We see it being applied across global companies, the financial services sector and anybody doing serious data analysis that will need to scale ... a lot of the financial institutions would be doing significant data modelling. We also see it in the pharmaceutical industry, and in any online gaming companies,” he said. “Over time, we think this is going to become the model for future server deployments.”

If the product name gives a clue to HP’s ambitions, other analysts aren’t so upbeat. While HP has its sights on winning business from some of the web’s biggest names, like Amazon, Google, Microsoft and others, some have pointed out that this might not be a market that’s easily tapped.  

Shaw Wu, an analyst with Sterne Agee in the US, called Project Moonshot “a step in the right direction” in addressing the fast-growing hyperscale server market.

However, he added: “We are not sure if big customers including Amazon.com, Google, Facebook and Twitter would switch from their current model where they procure customised server and storage components from Quanta and Compal.”

In addition, twice as many IT departments in Ireland (42pc) saw big data as a “significant challenge” compared 21pc in the UK.

The report also found that the recession is continuing to exact a heavy toll on IT departments in Ireland – with firefighting identified as the key priority, taking up 45pc of Irish IT professionals’ time, well ahead of the European average at 37pc. Forty-three per cent of IT departments in Ireland said they struggle to take a long-term view and 85pc of those professionals said their budgets are getting tighter.

Less long-term IT planning in Ireland

The findings point to a decreased emphasis on long-term IT planning in Ireland, when compared to the UK and other European countries. The findings also suggest that Irish businesses are falling behind the curve compared to the rest of Europe when it comes to recognising that big data will be a priority in the coming years.

This is despite the Irish Government identifying big data as a target for jobs growth in the Action Plan for Jobs 2013. Earlier this month, the Government announced details of a €1m investment in a research programme in big data, featuring top-tier multinational and Irish ICT companies.  

The research will be focused on developing ways of generating business, profit and ultimately jobs from the high-growth area of data analytics. However, this latest research from Interxion casts doubt on whether Ireland genuinely has a distinct advantage in the area of big data, compared to other countries.

“These results show that there is still a lack of joined-up thinking between IT departments and the boardroom in Ireland, compared to other European countries,” said Douglas Loewe, country manager for Interxion in Ireland.

“As the recession continues to bite, there is less time spent on planning and as a result, IT departments are left running on a day-to-day basis with a limited view of their organisation’s long-term strategy.

“These results clearly demonstrate that those forward-thinking companies who are working in sync with their IT departments are more alert to the opportunities presented by the application of emerging technologies.

“With only half of Irish businesses recognising that big data will be a priority in the coming years, it is important for the boardroom to work with the IT department in thinking ahead to lay the foundations for any future applications of big data that may provide the business with competitive advantage.

“Big data is still in the hype cycle stage, but it’s clear that the challenges posed by the volume, velocity and variety of data will become increasingly important over the next few years,” Loewe said.

Adrift in a sea of binary image via Shutterstock