Download download

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Product lifecycle wikipedia , lookup

Computer security wikipedia , lookup

Outsourcing wikipedia , lookup

Transcript 
IT WEEK • 1 NOVEMBER 2004
36 COMMENT Could better risk assessment methods
help Sainsbury’s to get more value from technology?
36 INTERVIEW CSC refines
IT outsourcing offerings
MANAGEMENTWEEK
WHERE TECHNOLOGY BECOMES BUSINESS REALITY
Editor: Madeline Bennett
Business security grows up
Madeline Bennett
T
he IT security industry is maturing and has become more responsive to the needs of businesses, but
government and vendors still need to do
more to ensure security is integrated into
product development, according to experts.
John Holland, European head of security firm Cybertrust – newly established
from the merger of TruSecure, Betrusted
and its subsidiary Ubizen – said, “[For
security vendors] it’s becoming less about
adding another box and more about risk
management and integrating your security
solutions into what the business is doing.”
This could be welcome news for IT
departments, which rate security as their
top concern, according to recent research.
Companies are increasingly looking for
security partners who can talk the language of business, said Holland.
“This means understanding risk, process, procedures and policies – not pieces
immediately associated with technology,”
he said. “The business side is not worried
about if you have put antivirus or a firewall
in place, they’re worried
PRIORITIES FOR
about if the business will
System
continue in light of a secsecurity
urity [problem].”
Information
The IT security indsecurity
ustry is now maturing,
Business
interaction
argued Holland. “If you
Business
look at the IT industry at
continuity
any given time, there are
always technology areas
that are in their birth, teenage or adult
stage,” Holland added. “[But now that]
security is moving towards the adulthood,
you’re not having to prove to people they
need to buy it anymore.”
However, other experts argued that
more secure development processes and
government intervention are still needed
to further improve IT protection.
“We need to draw attention to the fact
that some of our development processes
are broken,” said Simon Perry, vice-president of security strategy at software vendor
Computer Associates.
Perry said patching causes particular
concern, and that this is partly due to vendors and IT employees not being sufficient-
Agile advice for Euro IT
Madeline Bennett
T
he Agile Alliance launched its European arm last week to promote uptake
of so-called Agile IT processes that aim to
improve software development and the
management of IT projects, though some
analysts said the methodology currently
takes too narrow a focus.
Agile Alliance Europe, a non-profit organisation, offers a forum for software developers, IT managers and business people to
share ideas and access data about Agile
methods. Agile is a set of
principles and methodologies for developing
software and managing
IT projects.
The launch of the
European branch of the
Hanly: higher
value software
itweek.co.uk
Agile Alliance follows the establishment of
the US arm in 1992. For the past 18 months,
the alliance has set up special interest
groups in various European locations as
focal points for information sharing.
However, it is now ready to launch for
general membership, giving more UK and
European firms an opportunity to learn
about and adopt the processes, according
to Brian Hanly, a director of software consultancy Exoftware, which is a key sponsor
of Agile Alliance Europe.
Hanly said more use of Agile processes
would lead to better value and quality in
software.“It will impact value for money in
the software development industry,”he said.
“So much is wasted on this area at present,
there’s a lot of poor quality products.”
Hanly said Agile processes can help
firms respond to changes more easily and
argued that traditional methodologies treat
change negatively. “Change is inevitable,
especially considering how fast technology
ly proactive. “We have got
better at discovering the
current security stance
77%
and closing off vulnerabil73%
ities before exploits occur,” he said at a recent
57%
security event in London.
“That’s critical, but in the
56%
long term it’s also still just
being reactive.”
Perry added that the government could
do more to monitor the quality of IT products and encourage better security. “If the
government can recall a pizza because the
quality is not right, why does software have
no recall programme?” he asked.
Perry argued that the government
should do more to promote quality control
schemes such as Common Criteria. This
government scheme grades and certifies
technology products against set criteria, to
encourage security to be built in during
the development process and to help organisations to assess the level of protection
offered by various IT systems.
www.cybertrust.com www.ca.com
www.commoncriteriaportal.org
IT STRATEGY
AGILE METHODOLOGIES
The Agile Alliance, a non-profit
• body,
is promoting Agile IT process-
•
es for better software development
and project management.
It shares information and aims to
improve the quality of software.
changes. You have to embrace it,” he said.
Analyst firm Forrester Research recently called for more focus on tools as part of
the methodology.“Agile development processes explicitly de-emphasise tools, but
tools are nonetheless crucial to Agile projects’ success,” the firm said. It said software
configuration management, unit testing
and build management tools would be key
to the success of the Agile approach.
But Hanly denied that Agile does not
place enough importance on tools. “We
look at people and processes first, and then
tools. You definitely need automated testing and continuous integration. Just don’t
get caught up on the tools, as interaction
with the business is more important.”
www.agileallianceeurope.org
CONTENTS
36 COMMENT Sainbury’s decision to
overhaul its IT systems could
backfire if it sets up manual processes without assessing risks and
benefits, warns Madeline Bennett
37 INTERVIEW Keith Wilman, UK chief
executive of IT services company
CSC, explains the latest trends
in outsourcing in the public and
private sectors in the UK
Mail scanner
spots danger
in content
David Neal
Messaging specialist Sendmail has
released a new message management
application, called Mailstream Content Manager (MCM).The system can
filter out spam and viruses, scan text
and attachments and enforce internal
usage policies, according to Sendmail.
“This product is not just an upgrade, it is a way of managing both
emails and applications,” said JF Sullivan, head of marketing at Sendmail.
MCM is the first app developed on
Sendmail’s Advanced Content Engine –
technology acquired with the purchase of a startup last year. Built on
Extensible Stylesheet Language (XSL),
the system processes messages, and is
designed to easily integrate with firms’
existing infrastructure.
According to Sullivan this openness is important because it is impossible to predict how messaging is likely to develop.“You have to be able to
integrate it into everything you have.
It must be easily adaptable and ready
for the next big thing,” he added.
Sullivan also emphasised MCM’s
ability to monitor outbound messages
as well as internal ones.“Previously,
tools would be bought by network
security people who would look to
see whether it protected them from
external threats,” he said.“Now, with
[regulatory] compliance issues and
other issues, [messaging] has come to
the attention of the CEO and CIO.”
Sullivan promised that support for
anti-spam systems using Sender ID and
DomainKeys would be added in future.
The MCM system, available now, has a
dashboard interface and flow controls
such as message throttling. It provides
an overview of spam and virus attacks
being blocked, and includes other
admin tools such as a log of blocked
messages for further review.
www.sendmail.com
35
MANAGEMENTWEEK
IT WEEK • 1 NOVEMBER 2004
Sainsbury’s discounts IT
Sainsbury’s recent decision to reclaim control of its IT systems, write off huge technology
investments and beef up manual systems may be too drastic, warns Madeline Bennett
T
he recent announcement that
Sainsbury’s plans to overhaul
its IT operations because of falling
sales should serve as a warning to
other firms. The supermarket chain
blamed the drop in sales on poor
stock control and under-performing IT systems, which left goods
stuck in depots and warehouses.
A security expert recently told
me the Sainsbury’s situation was a
prime example of poor risk management. He argued that the supermarket had tried to cut its costs
without taking into account the
risk of not having people in place
to get goods on the shelves.
This is a classic trap that firms
can fall into – I want to cut my
costs, so I must cut the number of
staff, and I must buy more technology to replace the human element. All very well if firms follow
proper risk evaluation processes.
I could have told Sainsbury’s its
new stock control systems weren’t
working long ago, without the aid
of complex risk assessment methodologies – simply based on my experiences at my local store.
Over the past five years there has
been a slack attitude to stock management. Many items were off the
shelves by lunchtime on weekends,
and a game of bakery roulette left
either hundreds of unwanted loaves
lingering on the shelves at closing
times – or not a roll in sight.
In an attempt to turn its fortunes
around, the retailer is writing off
£260m worth of technology and
supply chain systems and plans to
cut 750 head-office jobs, while taking on an extra 3,000 in-store staff.
The firm said it will replace its
automated supply chain system with
a manual stock control process, and
undertake renegotiations with
Accenture, its current IT outsourcing partner, in an attempt to reclaim
control of its IT capabilities.
Sainsbury’s move may indicate a
growing divide between the needs
and expectations of outsourcing
customers and suppliers. While
Sainsbury’s argued some of the IT
systems implemented by Accenture
were unusable, the consulting firm
countered that it did not have control over some automation systems.
As further evidence of a divide,
we have the recent decision by investment bank JP Morgan to pull
out of its outsourcing deal with
IBM and rehire 4,000 IT workers it
had earlier transferred to the company to cuts costs.
But other evidence points in the
opposite direction. Outsourcing
specialist TPI says that mega outsourcing deals are on the up again,
indicating that some firms are still
willing to invest trust – and huge
amounts of cash – in third parties.
I can’t imagine Sainsbury’s will
be a participant in any more mega
IT agreements for a while, judging
by its recent experiences. But its
decision to revert to manual processes could leave the supermarket in a
worse position than when it started.
CSC refines outsourcing bids
Keith Wilman of services firm CSC explains the latest trends
in IT outsourcing in the public and private sectors in the UK
OUTSOURCING INTERVIEW BY LEM BINGLEY
IT Week:As head of IT services giant CSC
in the UK, can you explain your firm’s current business priorities?
KeithWilman: Firstly, it’s to be number two
[in the market]. Which might seem like a
crazy goal, but in terms of worldwide revenue, CSC is at $15bn but IBM Global Services, at number one, is around $40bn.
That’s too big a gap to close in the medium
term, but EDS is at $21bn and dropping, so
our goal is to overtake EDS.
What about your position in the
UK market?
[Analyst company] Ovum Holway
would say we are already number
two in outsourcing in the UK,
behind EDS. And again we expect
EDS to fall back. It’s now at about
£2.1bn revenue; we’re over a billion.
to gain a stronger reputation in business
transformation. We do a lot of business
transformation in our IT outsourcing, it
just doesn’t come across as strongly as it
does for some competitors, such as Accenture. So we’ve set up a separate business
unit. Another area is world sourcing.
Do you mean offshore outsourcing?
We pitch it differently. We take a lot of people on board from our clients when we do
outsourcing. The [client’s staff]
don’t want to hear that you’re
going to sack them all, and the
client doesn’t want to hear it either.
We wouldn’t win business, or
hearts and minds, that way.
How will you increase revenues? Wilman: work
We’re changing the business to try on global scale
36
So what does world sourcing mean?
We look at our assets globally. Sure,
we are putting work into India –
we have 2,000 people there and it’s
growing rapidly – but we will put
work where we need to put work. For years
we ran some operations out of Australia,
because that let work follow the sun. But
no one thought of that as offshoring.
Why the recent move into public sector
outsourcing in the UK?
Three years ago, when we had absolutely no
government business, the government said,
look, we’d really like more than one top-tier
firm bidding. And it said the same thing to
IBM. Government business is counter-cyclical. When the private sector is not doing so
well, government tends to spend money. So
we decided to go for 40 percent of revenue
through the public sector.
Has this proved successful?
After a couple of false starts [on tenders
for work with the DVLA and Crown Prosecution Service] we learned how to bid for
government contracts. We were ticking all
the right boxes but then there was the
price. We were used to bidding for commercial contracts but government is fundamentally different. Government has to
have an open tender and tough competition. It’s also pretty expensive to get involved, so we had to change our ways.
Having made the decision to
invest £3bn to upgrade the supply
chain process, why throw all these
developments down the drain? Yes,
some elements may have proven
complex and unworkable, but surely
these could be simplified. Properlydeveloped supply chain technology
can offer firms a centralised, realtime management system that
ensures stock levels are monitored
and replenished according to need.
When deals go wrong it’s tempting to take a completely new tack.
But before taking such an extreme
step, it might be worth examining
root issues such as comms channels
or contract management to see if
the problems might lie there. ITW
[email protected]
ABOUT KEITH WILMAN
Wilman is president and chief
• Keith
executive of CSC’s UK division.
joined the IT services firm in
• He
1997 as vice-president responsible
•
for the British Aerospace account,
then CSC’s largest global outsourcing contract. He has also served as
UK chief operating officer.
Before joining CSC,Wilman was
managing director of Easam, a UK
software and services firm.
The Office of Fair Trading is concerned
about public sector IT procurement processes. Are there positive examples?
I think Richard Granger [director general
of IT at the NHS] showed us all how to do
it [with the NHS’s National Programme
for IT]. He got so quickly to contract, he
has to be applauded for that. He’s shown
that it can be done.
But there are predictions that the project
will run 400 percent over budget...
There is a cost of procurement and a cost
of deployment. The users will have to learn
to use [the new system]. But there’s nothing special about that – most people have
computer skills across the board these
days. So I don’t know why anyone thinks
it’s going to be so expensive. ITW
itweek.co.uk
Related documents
Software Development Process Models
Software Development Process Models
Agile_03 -
Agile_03 -
Project Risk Management
Project Risk Management
IT Outsourcing
IT Outsourcing
Strategically Evolving Project Manager
Strategically Evolving Project Manager
Empowered, agile marketing
Empowered, agile marketing
Here Today, Outsourced Tomorrow: Knowledge Workers in the Global Economy
Here Today, Outsourced Tomorrow: Knowledge Workers in the Global Economy
WHO WE ARE
WHO WE ARE
Collaborative marketing tools are paving the way for
Collaborative marketing tools are paving the way for
Luxury Goods
Luxury Goods