14.1 C
London
Saturday, September 23, 2017
Home Tags Reduce costs

Tag: reduce costs

Organizations are moving application workloads to public cloud infrastructure as a service (IaaS) in droves.

After all, itrsquo;s a cost-effective way to get things done, right? Not necessarily.
In reality, many organizations are overspending and overprovisioning their cloud instances is a key reason why.

Analysts predict that by 2020, 80% of organizations will overshoot their cloud IaaS budgets due to a lack of effective cost optimization.In this five-part series, wersquo;ll examine some of the common mistakes organizations make when building and managing cloud services, and discuss practical tips for optimizing cloud provisioning to achieve the right balance of cost and performance.To read this article in full or to leave a comment, please click here
July 2017: New research by eProcurement provider Wax Digital reveals that procurement is just as vital for SMEs as it is for large organisations, with formal procurement processes serving an equally critical role in helping them reduce costs, keep cont...
Misys FusionBanking Corporate will underpin bank transformation project to streamline operations, reduce costs and accelerate growthLondon, UK – 25 May 2017 – Amsterdam Trade Bank (ATB) has embarked on a project with Misys to streamline its banking, treasury and trade finance operations – using Misys FusionBanking Corporate to maximise straight-through processing (STP), reduce the need for manual intervention, and significantly reduce total cost of ownership across all business functions.

FusionBanking Corporate is designed to automate... Source: RealWire
Devops and cloud—both concepts are hot, for good reason. Let’s take a look at the current state of devops and cloud, and how they fit into today’s technology sets.Devops provides an approach and a group of technologies that help enterprise developers do a better, faster job of creating applications.
It also eliminates the barriers between development and operations (thus the name “devops”).[ From IDEs to test frameworks: Must-have devops tools for Windows admins. | The InfoWorld review: Chef 12 fires up devops. ]The cloud, meaning the public cloud, provides the platform for devops.

Although you can certainly do devops on premises, most enterprises want to reduce costs and increase speed.

The cloud is where you look for those benefits.To read this article in full or to leave a comment, please click here
Cost-conscious businesses are increasingly buying unlocked smartphones for their workers, instead of more expensive smartphones with two-year service plans that are locked to a certain wireless U.S. carrier."Unlocked makes more sense," said Craig Ri...
Turkcell’s #1-rated network will benefit from TEOCO’s unified service assurance suite FAIRFAX, VA., USA – 28 February 2017 – TEOCO, the leading provider of analytics, assurance and optimization solutions to over 300 communication service providers (CSPs) and OEMs worldwide, has been selected by Turkcell, who will use TEOCO’s HELIX 9.0 unified service assurance suite to reduce costs and increase the efficiency of its multi-vendor network.Turkcell serves over 66.7 million customers across nine countries, including Turkey,... Source: RealWire
Increased fraud management and revenue assurance capabilities optimise costs for MVNOs and network operators Warrington, UK | 21 February 2017: MDS has today announced the launch of a suite of cost efficiency analytic solutions designed to help network operators and MVNOs reduce costs and improve margins by up to 15%. MDS’ solutions are already helping tier one carriers in the UK and Europe and mobile operators from Singapore to Chile to target the largest costs... Source: RealWire
Patch and security management take over 8 hours per month for over two-thirds of the companiesLondon, UK - January, 16 2017 - Shavlik, a global leader in IT management and innovative security systems, announced today the results of its yearly study regarding issues related to endpoint security and patching for IT professionals.
VMworld Europe 2016 was an opportunity for these experts to meet and share best practices.
Shavlik and AppSense used it to collect data from these frontline experts, to highlight patch management and security concerns in corporations. Shavlik and AppSense Infographic Key figures:- 80% of IT professionals have implemented a patch policy to enhance their organisation’s security.- 77% said that Microsoft OS represents the biggest challenge in terms of patching operating systems, and 59% indicated that Oracle is the most challenging 3rd party application.- 55% of IT professionals believe that the visibility they have into their company’s IT security posture is insufficient.- 55% of the companies surveyed give employees’ administrator rights, substantially increasing security risk.- Patch management takes more than 8 hours per month for two-thirds of the companies. A whopping 178 professionals responded to the survey.

For 76.5% of them, the Microsoft OS poses the biggest patch challenges for their company.

This figure is down from last year’s 86%, so Microsoft seems to be improving. Linux (19.1%) and Mac (4.2%) are also mentioned but to a lesser extent, which can be explained, at least in part, by the smaller number of devices using these operating systems, and fewer patches released for them each month. Patching the OS is only a small part of the equation when it comes to an effective patch management strategy. When asked about the challenges of patching applications, Java was mentioned as the most difficult application to update by 59% of respondents, followed by Adobe Reader/Flash Player - 38%, Google Chrome - 21%, Firefox - 18% and Apple iTunes - 10%. 79.7% of IT managers have implemented a policy to manage patching, which is good news. However, while 37.2% report spending fewer than 8 hours a month on patching, 29.6% spend more than 16 hours a month, and 14% spend more than 48! This amounts to a day and a half on average for most organisations, which is far from efficient. Finally, 54.7% of companies grant full administrative rights to their employees, making their systems more vulnerable to malware.

This approach increases risk in the event of a malware attack, since there is no way to limit the damage by restricting user rights to infected devices. Andy Baldin, VP EMEA Shavlik, comments: “The results of this survey show that the need to establish a patch management policy is recognised by an increasing number of IT departments.

Despite this, many companies spend too much time on patch management issues, and manage the rights of their employees in a way that unknowingly promotes risk.

This confirms the importance of our work in supporting companies in managing their patches, enabling them to reduce costs, save time and minimise risks to the security of their IT assets.”Baldin emphasises the importance of facilitating companies’ work to secure and manage their patching: "The results of our study shows that 7% of respondents do not have IT security systems in place or do not know if there is one, 3% have only one backup system, 13% just have antivirus, 7% a firewall and 10% an antivirus coupled with a firewall.

This means, 40% of respondents could easily improve their endpoint security.

To help organisations, Shavlik publishes a monthly report each Patch Tuesday: we watch and provide our analysis of the latest patches, to help companies prioritise the allocation of their IT security resources. " About ShavlikShavlik is a recognised leader in patch management, and a pioneer in agentless patching technology, virtual machine (VM) patching and third-party application patching.
Shavlik solutions include Shavlik Protect, Shavlik Patch for Microsoft System Center and Shavlik Empower.
Shavlik's combination of premise- and cloud-based solutions enables organizations of all sizes to begin improving organizational security in as little as 30 minutes.

For in-depth Patch Tuesday analysis, see: http://www.shavlik.com/patch-tuesday http://www.shavlik.com/ About AppSenseAppSense is the leading provider of User Environment Management solutions for the secure endpoint.

The technology allows IT to secure and simplify workspace control at scale across physical, virtual and cloud-delivered desktops.

AppSense solutions have been deployed by 3,600 enterprises worldwide to nine million endpoints.

AppSense is now a part of the LANDESK family with offices around the world.

For more information, please visit http://www.appsense.com/. Copyright © 2017, Shavlik.

All rights reserved.
With digital transformation dominating the business agenda, IT pros are under pressure to create a modern-day tech foundation sturdy enough to drive that change as they head into 2017. What milestones are they aiming for in the year ahead? Where should they direct their limited resources? According to Computerworld’s Forecast 2017 survey, IT professionals will prioritize security, analytics, XaaS or “as a service” technology, virtualization and mobile apps in the coming year.
If you’re thinking of adding those technologies to your own 2017 to-do list, read on for findings from our survey, along with real-world advice from other IT leaders. 1.
Security High-profile corporate data breaches, politically charged cyberattacks like those against the Democratic National Committee (DNC), and the October DDoS attack that took down much of the internet have kept security front and center this year, prompting many in IT to ramp up strategies and add layers to their lines of defense. In Computerworld’s Forecast 2017 survey, 47 percent of the 196 IT professionals polled said they plan to increase spending on security technology in 2017, and 14 percent chose security as the most important technology project currently underway at their organizations. Moreover, 15 percent of those surveyed said they expect security to be their top leadership challenge over the next 12 months, and another 15 percent said they’re currently beta-testing enterprise security technologies.

Even those not pursuing specific security initiatives have security on their minds: 19 percent of the respondents said their primary goal for their most important project is “to meet security, privacy or compliance goals.” At Global Strategy Group, a New York-based public affairs and political research firm, security is always a priority, but it’s at the very top of the list this election year. “As a firm that works with the DNC, security has always been a top thought, but when it becomes front page news, everyone is looking at it,” says Andrew Ho, the firm’s vice president of technology.

Global Strategy plans to tighten things up over the coming year with tools like single sign-on and multifactor authentication, but Ho says it’s really less about the technology and more about changing employee behavior. “We’re definitely looking at new technology, but it’s 70 percent about the culture,” he says. “It’s about changing people’s behavior and thinking through the psychology of what really gets hacked.
It’s not necessarily about a stronger firewall, but about people realizing they can’t do things like use the same passwords for everything.” Hiring more people to confront security challenges is another common tactic. Of the Forecast survey respondents expecting to add new employees this year, 30 percent said the reason was to bolster security initiatives, with 26 percent of them saying they anticipate new hires in the areas of security, compliance and governance. They might have trouble finding qualified talent, however: One-quarter of the survey respondents with hiring plans ranked security as the most difficult skill to hire for. 2.

Analytics As companies double down on their efforts to get closer to customers, data has taken on critical importance, with analytics serving as a springboard for success. Organizations are stockpiling data on web traffic, customer preferences, buying behavior, real-world product performance and more, creating a potential gold mine of insights—if they adopt the right strategy and use the right analytics tools to make sense of everything they collect. Some 38 percent of survey respondents said they plan to increase spending on data analytics (a category that includes big data, enterprise analytics, data mining and business intelligence tools) next year, and data analytics was No. 4 on the list of technology projects that respondents cited as their organizations’ most important initiatives. Moreover, 21 percent of respondents said their organizations are engaged in a beta test of a big data project, and nearly 30 percent pegged big data/analytics as the disruptive technology most likely to impact their organization over the next three to five years. In Edmonton, Alberta, the city government has made analytics an organizational focus for 2016 and 2017.

The plan, currently underway, is to build a federated-style data warehouse linked to data marts, leveraging big data tools like Tableau for visualization. “The goal is to break down barriers and let previously siloed information be available and useful to others to enable better decision-making,” says Bruce Rankin, service support lead for the municipal government’s Spatial Centre of Excellence. Global Strategy Group’s Andrew Ho It’s a similar story at Global Strategy Group. Over its 20-year history, the firm has collected tons of data on elections, and it’s using analytics to identify trends, says Ho. The next step is to take open technologies like R, a programming language tuned for statistical computing, and visualization capabilities like Tableau and remake static PowerPoint presentations into something dynamic that can reflect trends in polling. “We want to put an iPad in front of a client, change a variable here or there, and see how the trends change,” he says. “It’s a practice we started this year.” 3. XaaS Another year in and there’s no stopping the cloud computing juggernaut, especially as companies retool IT infrastructure for digital transformation. The “as a service” trend continues to gain traction, with 33 percent of survey respondents reporting that their organizations are planning to increase spending on software-as-a-service (SaaS) offerings next year, putting SaaS at No. 5 on the list of respondents’ most important technology projects. At the same time, 24 percent of those polled said they intend to spend more on platform-as-a-service (PaaS) technologies and 27 percent said they will put more money toward infrastructure as a service (IaaS) in 2017.

And finally, 29 percent of respondents expect cloud or SaaS systems to be the disruptive technology that has the most impact on their business over the next three to five years. As interest in hosted systems gains steam, 13 percent of the respondents said they’re beta-testing SaaS offerings, while 12 percent are taking PaaS for a spin and 8 percent are piloting IaaS. With all of that cloud activity underway, IT leaders are looking to expand their teams’ skill sets: 26 percent of survey respondents who plan to increase head count in the next 12 months said they intend to hire people with cloud and SaaS skills, putting cloud/SaaS expertise at No. 5 on the list of skills they’re seeking. Roche Bros., a 20-store Boston-area grocery chain, is moving as much of its infrastructure and applications as possible to the SaaS model, says John Lauderbach, the company’s vice president of IT. Human resources applications, sign and tag printing systems, backup and recovery tools and even mainstream productivity applications have all been moved to the cloud, helping to reduce costs and provide better reliability and 24/7 availability, according to Lauderbach. “We are four people [in IT], so for us to manage servers, facilitate patches and do backup and recovery work is a lot,” he says. “There are people who do this for a living who can do it better than we can.” 4. Mobile apps As smartphones and tablets become standard fare for consumers and employees alike, IT groups are racing back to the drawing board to retool existing applications to be mobile-friendly while creating new mobile apps to court customers and gain competitive advantage. In our Forecast 2017 survey, 35 percent of those polled said they plan to increase spending on mobile systems next year. Nearly 10 percent said they’re beta-testing mobile apps, while 21 percent of those with hiring plans said they hope to add people with mobile application and device management skills. Mott Community College’s Cheryl Shelton Mott Community College in Flint, Mich., has a mobile app to facilitate student services, but it’s also in the process of revamping its website to make it more mobile-friendly.
Students want access to critical information on their go-to mobile devices, though they aren’t married to the idea of a single-purpose app, says CTO Cheryl Shelton. “We decided to go with an adaptive web design because an app doesn’t fit our culture,” she says. “We decided to build a robust website and make that work for mobile instead of limiting ourselves and wasting a lot of time keeping an app up to date.” 5.
Virtualization The march toward wholly virtualized IT environments rolls on.

Companies are virtualizing more than just desktop systems these days and are beginning to expand their efforts to areas like servers, networks, storage and even mobile infrastructure. Some form of virtualization will be on the docket for 29 percent of survey respondents in 2017, and of those who are planning hiring increases next year, 18 percent said they will be looking for people with expertise in virtualization. Desktop systems are still the most common targets of virtualization initiatives—16 percent of respondents to the Computerworld Forecast 2017 survey said they currently have desktop virtualization beta tests underway.
Storage is the second most common technology to be virtualized, with 11 percent of respondents saying they’re beta-testing such systems, followed by server virtualization (being beta-tested by 10 percent of those polled), mobile virtualization (8 percent) and network virtualization (7 percent). Roche Bros. has already gone all-in with virtualization, using the technology for desktops, servers, networks and storage, says Lauderbach. “Everything we have is already virtual,” he says. Similarly, the Edmonton city government has been pursuing infrastructure virtualization projects for years, says Rankin. “Virtualization keeps going and growing, but it’s not at a point anymore where it’s strategic—it’s just what we do,” he says. The year of the customer IT leaders are adopting and applying these five technologies with specific business outcomes in mind. One of the most important is customer satisfaction. Nearly half (48 percent) of the respondents to the Computerworld Forecast 2017 survey said improving customer satisfaction or the customer experience was the most important business priority for IT in the coming 12 months. That makes sense to Global Strategy Group’s Ho, whose goals for 2017 include improving the customer experience. “IT is here to serve the business; our business isn’t IT,” he says. “Customers and users are the ones that need to be happy and able to do their work well.

The way that happens is that we make their experience as great as possible.” This story, "5 key technologies to double down on now" was originally published by Computerworld.
Simon Chappell launches Assured Data Protection and partners with Rubrik to offer simple, secure and scalable data management, backup and recovery ‘as-a-service’LEEDS, UK – October 18th, 2016 – Data protection expert and industry veteran Simon Chappell today announced the launch of Assured Data Protection (Assured DP) to address the burgeoning market opportunity around cloud data management, backup and recovery. Partnering with cloud data management leader Rubrik, Assured DP offers a suite of on premise and hosted managed data protection services for mid-market and large enterprises. The new Rubrik based managed services will help organisations who want to embrace the economics and agility of cloud and virtual IT to reduce costs, simplify complexity, assure compliance and scale on demand, heralding a new era in cloud data management. Executive Chairman and Co-Founder Simon Chappell, who previously founded and led Backup Technology Ltd to success before its acquisition by Iomart Group for £23m in 2013, has teamed up with former colleagues for the new venture. Rob Mackle will assume the role of CEO whilst Stew Parkin joins as Technical Operations Director, with further appointments and expansion plans due to be announced shortly. Commenting on the announcement Chappell explained, “I’d still be officially retired from the data protection business if I hadn’t been introduced to Rubrik by their value-added distribution partner BigTec. I was immediately bowled over by the incredible opportunity to change the market using new technology that revolutionises data management, backup and recovery. I decided there and then to get the old team back together, start up Assured DP and team up with Rubrik to take its disruptive cloud data management solution to market. We have a shared vision and aggressive growth ambitions that will bring huge benefits to mid-large enterprise customers as they to transition to cloud-based architectures.” “Assured DP has great pedigree and is committed to giving its customers a simpler, faster and more agile way of achieving the best possible data management, backup and recovery. This is the beginning of an exciting partnership and we are delighted to support them in taking their innovative managed data protection services to market,” added Alex Raistrick, Director of Western Europe at Rubrik. “While everyone else in the market bases its solutions on outdated 10–15 year old technologies, service providers like Assured DP can use Rubrik to offer a genuinely disruptive, fit-for-purpose alternative that’s built for the virtual, hybrid cloud reality of today’s business challenges. This is a $50bn global market that’s ripe for change,” Raistrik concluded. Rather than struggle to hit modest recovery time objectives (RTOs), or grapple with multi-tier storage/software architectures and their inability to accommodate data growth and hybrid cloud adoption, Assured DP offers an all-encompassing pay-as-you-go solution that enables customers to focus on what really matters: their own production environment. Using Rubrik’s simple, secure and scalable technology, Assured DP is able to cut RTOs from hours to seconds, delivering vastly superior levels of functionality and service at a low cost. The simplicity of the system means new customers are up and running and equipped to meet compliance requirements in 15 minutes. -ends- About RubrikRubrik has developed the world’s first Cloud Data Management platform for data protection, search, analytics, archival and copy data management for hybrid cloud enterprises. Fortune 500 companies use Rubrik to manage data at scale while realizing data-driven services anytime, anywhere. Rubrik has been named to Gartner’s Cool Vendors in Storage Technologies, 2016. For more information, visit http://www.rubrik.com and follow @rubrikInc on Twitter. About Assured Data ProtectionHead quartered in Leeds, UK, Assured DP is a specialist data protection and disaster recovery managed services provider for mid-market companies and large enterprises. With over 75 year’s collective experience and expertise in data protection, Assured DP has created an enterprise-grade platform to meet the data protection and disaster recovery needs of medium to large enterprises, corporations and public organisations. Built on Rubrik’s cloud data management solution, Assured DP provides a fully managed suite of on premise or hosted services that offer customers a simple, scalable and secure solution to their data protection requirements. For further informationMark WaiteCohesive+44 (0) 1291 626200markw@wearecohesive.com
Partnership with EBRC, the European Business Reliance Centre, to offer subscribers to its Multi-Bank Integrator™ automated banking integration platform the highest levels of resilience and securityLondon and Luxembourg, 11 October, 2016.

The B2 Group, provider of based payments, investment funds and FX automation software and consultancy solutions for transaction banks, insurers, third-party administrators, fund companies and corporates across the globe, announced today that it is partnering with EBRC to host its award winning Multi-Bank Integrator™ platform. Multi-Bank is B2’s automated banking platform for corporate cash and treasury management integration, especially those with multi-national banking relationships and subsidiaries.
Seamless integration with the corporate’s TMS or ERP systems effectively links those systems automatically with the core systems of the banks, leading to substantial cost and efficiency savings as well as real-time cash visibility and control of outgoing payments. However, market trends towards increased levels of automation mean increased security and resilience requirements, especially with cloud-based services such as Multi-Bank.

EBRC is a trusted provider of hosting services to the financial sector, with state-of-the-art Tier IV certified data centres, guaranteeing the highest levels of availability, performance and security. “We have been delighted with the success of Multi-Bank since its launch at the start of the year”, comments Phil Boland, CEO, The B2 Group, “and with our growing client base of corporate treasury departments utilising the platform more and more for high value payments and mission critical cash reporting.

The combination of our in-platform security features and EBRC’s expertise offers our clients very high levels of assurance regarding the resilience of the Multi-bank cloud and with today’s cyber threats, security is more important than ever, providing even further assurance to Multi-Bank subscribers.” “We are very proud to count the B2 Group amongst our partners” adds Yves Reding, CEO, EBRC. “EBRC prides itself in offering institutions in highly sensitive sectors such as finance the very best in data centre hosting, meaning that our cloud-based infrastructure gives B2 clients a secure, scalable and robust foundation for their mission critical applications, especially transaction and report processing. We look forward to continuing working with B2 to help provide their clients the service and assurance they require in todays evolving payments world.” B2 has also announced that the EBRC cloud-based infrastructure will be available to its insurance and asset management clients, and B2 will be exhibiting the full range of its services at the forthcoming Eurofinance conference in Vienna between October 12 and 14, 2016. For all enquiries or queries about B2 and Multi-Bank, please contact The B2 Group. --- ends --- About The B2 GroupThe B2 Group provides payments, funds and FX automation and integration STP software and consultancy solutions to banks, corporates, insurers and fund administrators across the world, especially in Europe, the Middle East and Africa. Whether it be for a corporate treasurer seeking to streamline banking integration and cash visibility, a transaction bank wishing to on-board clients more efficiently, an insurer needing to automate bank and asset manager integration or a fund administrator connecting to distribution platforms, B2 Group is a trusted provider, delivering robust technology to meet today's business challenges. Our flexible and highly secure solutions are available to run on-site or as a fully hosted cloud-based service, and come with our philosophy of 'total support', a combination of world-class software, subject-matter expertise and two decades of experience helping our clients reduce costs and increase revenue.

For further information, please visit www.theb2group.net Press contact:William Wrest, The B2 Group, Telephone:+442 030 087 397, Mobile:+447 899 842 865, Admin:+442 030 087 392, Fax:+442 074 648 656, Email: bill.wrest@theb2group.net About EBRC – European Business Reliance CentreDriven by the search of excellence, EBRC stands out by addressing the issues and challenges of the management of sensitive information and critical infrastructures.

EBRC runs its ICT “Trusted Services Europe” in its own highly secured and Tier IV certified data centres. Located in Luxembourg, in the heart of Europe, EBRC serves 280 international clients, from 40 different countries.

From Data Centre Services to integrated Cloud Computing and ICT Managed Services, EBRC ensures the end-to-end services of its Clients and can help you launch or boost your business in a stable international-minded country, with top GDP Performance and AAA rating.

For further information, please visit www.ebrc.com Press contact:Jean-François Hugon, Head of Marketing EBRC, Telephone: +352 26 06 1, Email: jean-francois.hugon@ebrc.com
Cambridge Wireless event chews the fat over key questions “Defence is only as strong as the weakest link,” said Tim Phipps of Solarflare at today’s Cambridge Wireless event on security within the Internet of Things. Today's Cambridge Wireless event was part of its Special Interest Group focusing on security and defence.
In particular, on securing and defending the Internet of Things. Speaking to an audience of about 50 network industry executives this afternoon, Phipps highlighted three security challenges for the IoT: data loss, particularly with last week’s Yahoo! hack of half a billion user accounts; hijacking, such as the controversial Jeep hack published a little while ago; and consumer products, particularly, with the latter, medical device hacks of items including pacemakers and insulin pumps. Phipps also highlighted how Ken Munro of PenTest Partners had “made children’s toys swear” by hacking them, which drew general laughs. Building on that point of how a trivial hack can lead to bigger things - in the case of Munro and an IoT kettle, the host Wi-Fi network's authentication keys - however, Phipps warned: “The attacker needs to overwhelm you in just one place to be successful.
If it delivers on the promises of the hype, IoT looks like something that will be integrated into our home life, transportation, cities, and … even improving our health." “I think this is a Wild West industry” thundered Paul Tindall of Sepura, following on from Phipps, opening a talk that focused on IoT security beyond the simple headlines. “It is fragmented and that makes security harder to apply." "If you consider the fragmentation of the standards as well," he continued, "you cannot trust security due to the fact that you’re using an unusual standard. We’ve got to apply proper governance around this.” Take the example of a body-worn sensor such as a Fitbit health monitor which generates data about you, he said. "I think I own that data.

At some point that data is aggregated and [the aggregating party] is going to fuse that data with data from other sources.
If you wrap context around those sources you turn that into valuable information.
I don’t know who owns that information.

Actually, I think that gets really complicated from a legal point of view.” The legal side of things was a point that was returned to later on. So what could possibly go wrong? Adrian Winkles of Anglia Ruskin University, an information security lecturer, said: “IoT security is not device security.
IoT is end-to-end.
It has many different facets, many different faces.

There’s a whole raft of things we have to think about.” The DDoSing of Things Referring to the recent DDoS of Brian Krebs, which was powered by an IoT botnet – “cameras, lightbulbs and thermostats” all generating 990Gbps of traffic, “which would take most government websites down” - he contrasted what people think they have, in terms of networked devices, with what they actually have in terms of traffic types.
In brief, your devices generate far more information about you than the ordinary punter ever realises. Winkles summed it up neatly: “Security is like a stack of Swiss cheese.

Each slices covers up holes in the slices below it.” “You could make a financial difference by building security in,” added Winkles, who quoted NIST: “The cost of fixing a bug in the field is $30k vs $5k during coding.” As for baking proper infosec practices into the Internet of Things, Winkles was forthright about taking a top-down approach: There’s an argument that says you start from the boardroom.

The pressure to be first to market doesn’t feature security.

The pressure to reduce costs? If you ignore security, you do so at your peril; it's going to cost you more in the long run.

Educate boardroom and senior management to build security in from the start.

Appoint a Chief Information Security Officer. What I’m touting is bottom up and top down.

The end message is to build security in. Finally, in the first half of the afternoon, Laurence Kalman, a lawyer from international law firm Olswang, spoke about the legal problems the Internet of Things throws up. “Privacy and security are what’s got everyone talking,” he said. Much of the data generated by IoT devices “is also personal data”, including a vast range of data about “an individual." This includes things such as “driving habits” in the case of smart satnavs and other sensitive data. As his slide deck put it, “the success of the IoT both from an individual device and application perspective, and more broadly as something we accept into our lives, will come down to users' confidence.” There is no law of the IoT as such, said Kalman. “Having said that, IOT has attracted significant focus from regulators,” he continued, highlighting how the EU has issued consultations and solicited other expressions of interest from the industry. “Europe could be a very productive place to do business on the IOT,” he concluded. What about the detail-slurpage? What about data ownership? “Who owns data in the IOT? The answer is, it’s complicated.

From a legal perspective, the question of ownership isn’t a simple one to answer.

There’s no property rights in it, as such.

There might be intellectual property in data if you do certain things to do it to take it beyond a certain piece of information.

Complications of data, databases, might attract copyright protection… you could see these IP rights arising at some point in the IOT value chain but its not the case that each part of IOT data will have ownership attached to it in the first place.” The Data Protection Act “has very broad application” to the IOT, he said. “In the IOT world, where there's thousands of devices and infrastructure at various stages of the chain, its very easy for infrastructure owners to fall within that domain.” In particular, it could be “the device manufacturer”, or “the social network that disseminates that data” or even “the health insurer who takes that data and offers a product from it”. “There’s no cyber security regulation as such that applies to IOT stakeholders as such,” concluded Kalman. He said the EU’s new GDPR would apply from 25 May 2016, noting that the E-Privacy Directive is currently under review and that the Network and Information Security Directive will also come into play for IoT manufacturers. One questioner from the floor touched on an area that drew great interest from the assembled audience. “Quite often I can see a conflict between business processes that need audit trails and the desire to delete data.” Kalman, answering, said: “The tendency up until now is that there’s been little focus on” what data do I need.

That sort of good housekeeping “have had less focus and that will have to change with the regulatory direction we’re receiving.

Businesses are going to have to work out where the balance lies.” ®