Tips on writing effective documents

Short punchy sentences work best. Don’t be tempted to stretch things out when simply starting a new sentence would make things clearer.

Competition for Google?

Another piece of interesting news this week. A new search engine site is being launched by former employees of Google, with the intention of challenging Google for the top slot.

The site’s name is Cuil (pronounced cool), which is Gaelic for Knowledge. It has been founded by Tom Costello, a former employee at IBM, and his wife Anna Patterson, who worked for Google for three years. They say that the existing search engines have not kept up with the rapid expansion of the Internet and claim that their search engine will cover more websites than any of its rivals. Three times more than Google and ten times more than Microsoft. Google does not reveal the size of its search index, though estimates put it at around 30 to 50 billion web sites. In comparison, Cuil claims to have already indexed 120 billion.

Cuil search results are not sorted by popularity. They are sorted by content and it displays them in columns with an image and some brief descriptive text. They call this new way of presenting hits “organised results” and claim that they are easier to read this way.

Another difference between Cuil and Google is that Google saves user data and Cuil does not. Cuil says it wants to analyse the web, not users. This would be of particular interest to people who are interested in privacy and data security issues.

Google is a massive organisation, which has dominated the search engine market for years. It will be interesting to see if Cuil can challenge Google. Many have tried before and failed, so in my opinion it would take some ground breaking changes to enable this. The big question is, will people embrace these changes or stick to what they know? Many people don’t like change and won’t change, even when the change could be for the better.

UK PC market doing well despite economic woes

Despite the domestic and global economic slowdown, PC sales in the UK totalled 3.1 million units in the first quarter of 2008.  This is an increase of 11.2 per cent compared with the same period in 2007, according to a new report by Gartner.

They have concluded that the decline in pricing has “helped outweigh any negative influences” driven by economic concerns in the first quarter of 2008.

“While the PC market is not immune to an economic downturn, continued strong mobile penetration helps to sustain robust growth,” said Ranjit Atwal, Principal Analyst at Gartner.

PC shipments in Western Europe totalled 15.2 million units in the first quarter of 2008, an increase of 14.1 per cent compared with the same period in 2007.

The shift in exchange rates between the dollar and the euro has allowed vendors to reduce average selling prices much faster than expected, according to the Gartner report.

The UK market was driven by strong mobile PC sales, which accounted for more than 60 per cent of total PC shipments and nearly 70 per cent of consumer PCs.

Mobile PCs saw volumes increase by nearly 40 per cent compared with the first quarter of 2007. The desktop market declined in the consumer and professional markets by more than 15 per cent year on year.

Dell and HP continued to dominate the UK market with a combined share of more than 45 per cent. Dell, who has finally entered the retail channel via Dixons and Tesco, saw a 200 per cent increase in consumer mobile PC over this period.

HP managed to drive consumer and professional mobile PC shipments growth, achieving nearly 70 per cent overall growth.

“The IT sector – be it in employment or in PC sales - seems to be bucking the downward trend of the economy at the moment,” says Derrick Cameron, MD of IT firm Eximium.  “This shows just how important the IT sector is to the economy: both in the area of the home PC or in the IT department, we are increasingly dependant on it for our work and leisure time.”

“The UK PC market performed above expectations in the first quarter of 2008. The impact of an economic slowdown and the credit crunch has not affected the PC market yet,” concluded Atwal.

Tips on writing effective documents

Be careful of tense changes. For example, in a list of bullet points, if the first one is in the past tense then they all should be. This makes that section easier to read and understand.

Portals and directories - vital online marketing tools for your business

Now more than ever, businesses need to make the most out of all possible marketing channels.  I was always taught to have a good spread of marketing and PR activity.  These days, this includes the increasing number of online business directories and supplier portals that are available on the Internet.

A lot of these services are either free or have an entry-level option that is free, so it makes no sense in these cases not to have your details registered.

Some of the directories, such as hotfrog.co.uk, include your details automatically as a way of attracting you to use their site.  Only simple contact details need to be entered, such as your company name, address, telephone number and website, and it takes little time to set up your entry.

The benefit is that they often feature highly in the search engine rankings, so it’s worth having your details registered under search terms relevant to you or your competitors might be getting the work instead of you.  Equally, you could be missing out on an opportunity to drive useful traffic to your own website.

Portals are different.  You don’t usually get on there by accident and a lot of time and effort is needed to get your profile right.  Sites like supply2.gov.uk and competefor.com are a way for the public sector to publish contract opportunities for potential suppliers to view and register their interest.  Opportunities are matched by the system to your own products or services, based on a coded list that you have to provide, and a daily alert list of matching opportunities can be sent out automatically by email, if required.  Some portals are completely free while others have a free service, e.g. contracts in your area only, but there is an upgrade path to access more opportunities for a fee.  A number of detailed questions about your business are asked by these sites as part of your profile setup, and the answers need to be carefully considered, as they are scrutinised by the buyers that use the system, to determine whether you would be a suitable supplier.  This setup takes time and effort to do, and some of the questions are not straight-forward.  However, these portals all ask similar questions so each one is slightly easier to do than the last, as you begin to have a standard set of answers to the most common questions.

Some of the sites, like supply2.gov.uk, have a further option to provide a profile that gets put directly in front of buyers when they are searching for potential suppliers, before opportunities have even been published, so it is worth completing this area of these sites, as it increases your exposure even more.

A key area is deciding how to map your products or services into the standard list that each site has.  Also, some have a restriction on the total number of products/services you can be registered for, which complicates things further.  If your offering is fairly simple, e.g. you manufacture bolts, then life is made slightly easier.  However if your product or service is complex or varied, then you will have a hard time choosing the relevant areas.  It is worth getting this right, however, as it will get the right opportunities in front of you and reduce the number of irrelevant hits you have to ignore.

When registering your interest in an opportunity on these sites, it is possible for the buyers to ask further questions they feel are relevant to the contract.  This takes the form of a Pre-Qualification Questionnaire.  Some of the questions are merely repeats of questions you should have already answered in your profile.  However, the buyer can ask anything, so be prepared to answer some qualifying questions that can be tricky.  Once again though, the more of these you do the easier it becomes, as the same questions come up time and again.  Also, it’s worth keeping a note of questions asked and what answers you gave to save re-inventing the wheel next time.

Other portals such as supplierbrokerage.co.uk and suppliermatching.co.uk are a way of connecting your business with potential customers belonging to a third-party.  In these 2 cases, the third-party is Business Link.  Having provided advice to a customer about strategic business direction, Business Link often need to select potential suppliers to help their customer implement the actions discussed.  At this point, they use these 2 portals to search for suppliers that offer the relevant product or service, and have appropriate experience.

In addition, some sites have extra questions designed to help the third-party decide what other areas you could help them with.  For example, supplierbrokerage.co.uk has a section to express interest in speaking at Business Link events, and a section to indicate a willingness to provide services under the e-voucher scheme set up to provide funding to start-ups.  If you aren’t registered then you could be missing out on these other opportunities.

Not all sites will benefit every business.  But, it is well worth exploring what is available and relevant to what you do. Whether you decide to spend any of your hard earned marketing budget is totally up to you, but it’s certainly worth at least registering your details on the free sites, and on the paying sites but at the free level, to gauge what sort of opportunities come your way.  You can always upgrade later, once you can see the value in it.

If you take no action, you could be missing out on a vital way to bring your business to the attention of potential customers, using the power of the Internet.

The Hertfordshire Business Independent (HBI) June Networking Event - Update

Following on from this post last month:

http://www.eximium.net/blog/index.php/2008/06/business-advice-hertfordshire/

about the above event that I was the speaker for, I just wanted to give you an update on the evening.

As featured in this month’s copy of the magazine, the event went very well and everyone seemed to enjoy themselves.  It was well organised and the Quality Hotel in Hatfield was an excellent venue.  My talk was described by the magazine as ‘lively’ - which isn’t bad for any talk relating to IT, as it can sometimes be a boring subject!

There were 60 business people present in the end, so I decided to structure my talk around the advisory article I wrote earlier in the year about the lessons to be learned from the issues at Terminal 5.  I covered 10 key areas to be careful of when implementing any substantial business change, especially those connected with technology.

Thanks to the team at HBI for asking me to speak at the event and to all the people that contacted me and came along:  Ryan Tobias from Business For Breakfast, Ryan Yuill and Mandy Andrews from Applied IT Solutions, Victoria Cox from Thomas Cox and Co, and Mike Waddell from Adsidia.  Also, I’m pleased to say that Ryan Tobias and Mike Waddell both won prizes in the raffle!

I highly recommend these networking events – they are informal, friendly and productive.  The next event is on 22nd September at the Cheshunt Marriott in Broxbourne.

To read the coverage on the June event in the digital edition of the magazine, please use the following links:

To read a version of the article my talk was based on, go to http://edition.pagesuite-professional.co.uk/launch.aspx?eid=1e736ccc-e947-4644-aff4-1c60f479c390&pnum=16

To see the feature about the event, go to http://edition.pagesuite-professional.co.uk/launch.aspx?eid=1e736ccc-e947-4644-aff4-1c60f479c390&pnum=30

Also, if you’re interested in having me speak at your own event, please just drop me a line from here www.eximium.net/meettheteam.asp

New style of domain names to create extra internet growth

The recent decision to open up the domain naming system will create the largest boom on the internet since its creation, according to the Internet Corporation for Assigned Names and Numbers (ICANN).

The group approved a measure this month to remove the restrictions on domain suffixes, allowing companies to register any word as an URL suffix. Where users were previously limited to 21 suffixes, such as .com and .net, sites will now be able to use such domains as .news or .bank.

ICANN says the new rules will go into effect some time next year and claim that they will have a huge impact on the industry. 

“The potential here is huge. It represents a whole new way for people to express themselves on the net,” said ICANN President and Chief Executive Dr. Paul Twomey.

ICANN plans to allow non-Latin characters as well, opening the door for domains with Chinese and Arabic characters for the first time.

The company also provided further guidance on how the new domains will be distributed and managed. By the second quarter of 2009, ICANN plans to begin accepting applications for new domains. In the case of a trademark or cyber-squatting spat, the company plans to allow trademark holders to file appeals. The appeals will then be reviewed by ICANN and a decision made.

A similar system will be put in place for dealing with attempts to register potentially offensive sites. Users will be able to file an objection which will then be passed on to an independent international review board which will base its decision on international treaties.

Derrick Cameron, MD of IT specialists Eximium comments “The lack of decent domain names has become an increasing problem for new companies.  This has meant that domain names are getting longer and longer.  This is a great opportunity to free up new names and will create the potential for many new memorable web based companies to be created.”

Tips on writing effective documents

Think carefully about your headings and the structure of your subheadings. They should be adding to the readability of your document by breaking it down into smaller chunks. Also, they should explain the content of the section. Don’t make them too wordy or the benefit is lost.

Is Oyster card security starting to crumble?

I was very interested by the news this week that Oyster cards belonging to thousands of passengers were corrupted at the weekend.  According to reports, anyone who travelled between 5.30am and 9.30am on Saturday July 12th, had their card corrupted, due to a failure in the Oyster card system.  This failure is reported to be the worst in its 5 year history.

The result of this was that thousands travelled free of charge that day.  Staff were ordered to allow free travel to anyone with an Oyster card, which had a registration error, to avoid ‘rush-hour chaos at ticket barriers’.

Tube bosses said that they were lucky that the breakdown occurred on a Saturday morning and not during the week.  Nevertheless, at least 60,000 cards have been confirmed as corrupted and it is estimated that the figure could be as high as 100,000.  All these cards will need to be replaced and an investigation into the situation has been launched, though it is thought that the fault was with the card software ‘touch-in’ system.

More interestingly, Dutch students recently claimed to have cracked the Oyster card.  At 4.02pm, Wednesday June 18th 2008, students of Radboud University claim they travelled for free on the Underground using cloned cards they had created and even managed to execute ‘a denial of service attack’ on the gates.  This came after they cracked the card in the Netherlands earlier in the year, which uses the same system. 

It is tempting to speculate that these 2 incidents, particularly as they happened within a month of each other, are somehow related.  Was this a deliberate attack?  Are the security measures that has kept the Oyster cards secure for the past 5 years starting to fall apart?

Both the OV-chipkaart in the Netherlands and the Oyster card use the same technology - NXP’s Mifare.  It was suggested that the Oyster system should be upgraded at the time of the Dutch crack, but TFL’s response was that it would not be necessary, as there were additional layers of security on the Oyster card. 

When TFL learnt that the Dutch students had gained free travel, they released this statement:

 “Londoners can have total confidence in the security of their Oyster cards. We run daily tests for cloned or fraudulent cards and any found would be stopped within 24 hours of being discovered. Therefore the most anyone could gain from a rogue card is one day’s travel. Security is the key aspect of the Oyster system and Londoners can have confidence in the security of their Oyster cards. Using a fraudulent card for free travel is subject to prosecution.”

This could be another in a long string of public sector security problems. 

I’m eagerly awaiting the results of TFL’s investigation…

Eximium announces successful accreditation by BSI to ISO 9001

Business IT specialists Eximium announced today that they have been awarded accreditation by BSI to ISO 9001 for all of their four key services: IT training, IT recruitment, IT consulting and IT solutions.  This has been the result of over 15 months work by the management team to implement a quality management system into the business that complies with the stringent requirements of the standard.

A key reason for the move was the desire to take on more work in the public sector, where ISO 9001 has become a minimum supplier requirement.  In addition, few IT companies have implemented the standard, so it was also intended to set Eximium apart from its competitors as a company that cares about quality and customer satisfaction, at its core.

Managing director, Derrick Cameron, said, “We’re delighted that the hard work and dedication of the team has paid off.  When we first started this process, we weren’t entirely sure how it would work and whether we could do it at all, but we all feel we’ve been through a massively useful process, and our business has benefited enormously from the framework of continuous improvement the ISO 9001 standard provides.”

Paula Wheatcroft, operations director at Eximium, added, “We knew our business was already a good fit for the type of business model ISO 9001 proposes, but we’ve learnt so much from the management principles within the standard and from the help and advice BSI have provided.  We really are a better organisation for it, and we can only go from strength to strength with the processes we now have in place to ensure we focus on customer needs, learn from our mistakes, and constantly improve what we do based on customer feedback.”

Eximium work with business owners, directors and managers to help them get more benefit out of their IT systems.  They can be contacted on 01582 635 078 or at www.eximium.net for advice or for further information.

Tips on writing effective documents

Try and establish a set of standards in your document and stick to them throughout. For example, if you use bullet points to show a list of possible options in one section, think about doing the same in other sections. Or, if you use italics for some words in the glossary, do the same for all of them. By being consistent like this you will make your document much easier to absorb for your readers, and almost intuitive.

Why business IT system and process changes need to be reviewed carefully after implementation

Implementing change in business is vital, and none more so than those affecting IT systems and processes. But, how many of us take the time to go back and check whether the change we made has had the beneficial effect we were hoping for, and that new issues haven’t been introduced?

Dealing with an EDI (Electronic Data Interchange) process for a customer recently, I was reminded of why this is so important.

Like many businesses, our customer receives orders electronically from their clients, and transmits their invoices back the same way. They implemented a better EDI process a year ago but it was never checked to see how much better it was actually working.

During an overall review of their systems and processes, we spotted some issues with the EDI process so we were asked to undertake a more detailed review. It turned out that instead of the benefits they thought they had achieved from the change, they had actually taken a retrograde step compared to their old process:

- More manual effort was needed rather than less
- What had been a simple process was now quite cumbersome and unwieldy
- A greater margin of error had been introduced
- The time taken for order and invoice handling had actually been increased
- staff were confused and unsure of the new process
- The key benefit of having a more automated solution to invoice transmission had not fully been achieved

Obviously, we can now work to sort these problems out for them and re-implement the process in a more streamlined way, but it’s been this way for over a year and it’s difficult to assess the detrimental effect the issues have had on the business in that time.

As well as not bringing the benefits planned, issues were introduced that needed addressing. But, it’s too easy to think “well, that job’s done now so let’s focus on something else”. The reality is that changes always introduce some issues and it’s important to find and fix these as soon as possible.  Also, things rarely work out exactly as planned so the only way to be sure that your new process is delivering what you hoped for is to undertake a thorough review with the people who are using it, at a set point after launch.

Quite often with large change projects, for example, the implementation of a new trading or finance system, the specific changes that were going to provide the real benefits of the work for the business get gradually de-scoped as the project progresses.  This is usually the result of pressures on both time and cost.  Eventually, what gets implemented is the ‘bare bones’ solution with all the tangible benefits almost completely stripped out of it.  I’ve seen this happen many times over the years.  In a way, the beneficial aspects to the work are seen as disposable, with the focus being on the ‘must haves’.  Of course, the problem here is that the beneficial parts were the real reason the work was being done.  Quite often, the beneficial aspects are re-planned for implementation after the launch - but this rarely actually happens, because the focus of the business moves on to other areas.

This is another reason why going back to check how well the new process is working, whether the expected benefits were realised, and putting a plan together to address any shortfall, is so important.

Of course, it also suggests that the benefits to be achieved should be made a constant target for the changes to deliver against, at all times during the development process.  They should not just be used as the benefit case to get the project going - after all, they are why you wanted to do the work in the first place.  Of each revision to the plan and key decision made during the life of the project, the question ‘are we still going to deliver the necessary benefits?’ should be asked and the answer assessed.  That way, you’ll have a better chance of getting what you really wanted out of the change.

To summarise, focusing on the benefits to be gained during the work, and reviewing changes once they’re implemented, are both vital aspects to a successful change project.  Otherwise, you could end up with your own version of the examples I’ve given here, i.e. a new process that isn’t delivering the benefits you were trying to achieve, and is possibly hampering your business rather than helping it.

The Facebook Generation gets the blame for recent MoD theft

An early investigation into the theft of a of a Royal Navy recruiter’s laptop from a parked car in January has blamed the ‘Facebook generation’ for lapses in security at the Ministry of Defence.

The findings into the loss of MoD data also show that the stolen laptop, which contained the unencrypted personal records for more than 600,000 recruits, was actually the fourth laptop to be stolen in the past four years.

The investigation was conducted by Sir Edmund Burton, chairman of the Information Advisory Council.  He warned that the so called Facebook generation has failed to understand the culture of security which came into being after the Second World War. 

Burton claims that “These well-developed processes and procedures have not been translated effectively into the information age…Generally there is little awareness of the current real threat to information, and hence to the MoD’s ability to deliver and support operational capability.”

The MoD has initiated an action plan in response to the report in which it outlines how it intends to implement its 50 plus recommendations.

Derrick Cameron, MD of IT firm Eximium comments “In my opinion, the report comes to some very sensible conclusions.  It’s one thing to lose a laptop containing your personal contacts book and a few computer games.  It’s a different matter altogether to lose one with details of over half a million MOD staff on it.  Serious questions have to be asked around what data should be allowed out of the office and why.”

Bill Jeffrey, permanent undersecretary at the MoD said “We deeply regret the losses of personal data. We have identified weaknesses within parts of the MoD that led to this situation, and I am confident that we are taking the necessary steps to address them,” he adds.

Tips on writing effective documents

Try and avoid waffley consultant speak. For example, don’t say “detailed analysis of the previous metrics was undertaken and opinions were formed based on the results of the said analysis” when “we looked carefully at the previous numbers and drew a conclusion” is much clearer. The problem here is that consultant speak is too passive and makes it less obvious who did what, and why they did it.

IT seminars in conjunction with Business Link East

I’m excited to announce that we’ve been selected by Business Link East to provide a series of seminars as part of their ‘growing business’ events programme.

We’ll be developing and presenting a 2 hour briefing session for them, aimed at SME business owners, directors and managers entitled ‘Getting Maximum Benefit From Your IT Systems’, in their October 2008 to March 2009 events season.  Based on our popular 1-day seminar, it will be packed with essential knowledge and skills to help delegates get the maximum possible benefit for their businesses out of their IT systems and IT providers.  There will be 6 sessions at various venues across the region.

You’ll be able to book online via http://www.bookevents.org/events/events_browse_results.asp?supplier=01&suppliername=Business+Link soon - keep an eye out for it at a venue near you.  I hope to see you there!

Tips on writing effective documents

If you’re struggling to find the right words, it can help if you just put down what you are trying to say in simple terms. Imagine you were explaining it verbally to a colleague - what would you say? Once you have that down, you can then rework it until it sounds sensible.

‘SQL Injection’ – what is it and why could my business information be at risk from it?

Many people have heard of the term ‘SQL Injection’ when talking about data security in connection to websites.  There have been a number of high profile web-based security breaches in recent months using this technique.  For example, in March this year, a pair of attacks were uncovered by researchers, one infecting 10,000 pages and another compromising 200,000 pages.

But what is ‘SQL Injection’, why is it so dangerous, how does it work and why are certain websites open to attacks using this approach?

In order to understand what ‘SQL Injection’ is, and how to avoid it, we first have to know what SQL is and why, under certain circumstances, its use can leave your website vulnerable to attack.

SQL is an acronym for ‘Structured Query Language’.  It is a standardized language for getting data into and out of relational databases such as Microsoft SQL Server, Sybase, Oracle, MySQL, etc.  This is a language consisting of statements entered as text which are then offered to the database to be performed and (usually) to get data returned to the user.

Provided the text is valid SQL and does not conflict with the security permissions granted by the Database Administrator (DBA) to the person entering the statements, the database will faithfully do what it is asked.  So far, there is nothing wrong with this and millions of websites around the world rely on things working in exactly this way.  To see how it can be misused though, we need to dig a little deeper into what SQL can do…

Let’s imagine that we have a website with a login procedure – the sort of thing you do when you access your email or bank details online – and that you type your username into a field on a website before clicking the ‘Login’ button.  The website then takes the username you have entered and incorporates it into an SQL statement that – when executed on the database server - will retrieve all of the details for your username. 

This statement could look like:

MyStatement = “select * from USERS where UserName = ‘” + MyLoginName + “’”

This needs a bit of explanation…  Firstly USERS is the name of the place where we store all information about users.  Secondly ‘MyStatement’ and ‘MyLoginName’ are what are known as variables.  Think of them as named boxes that you can put a value in.  In this example ‘MyLoginName’ would contain the username you entered when you logged in to the website.  Let’s say this is ‘Fred’ for now.  The variable ‘MyStatement’ is going to contained the constructed SQL statement that we want to give to the database to execute.  Finally, the asterisk (‘*’) is shorthand for ‘everything’.  So the above statement, when the login details are added becomes:

select * from USERS where UserName = ‘Fred’

which is the SQL way of saying “give me back all the information about the user with the name ‘Fred’ “.

So far so good.  However, USERS contains information about all of our users (not just Fred) and, as such, would be a juicy target for a hacker with malicious intent.  By building the SQL statement in the way we have, we have left ourselves wide open to our hacker manipulating the input.  Let’s see how…

The weakness lies in the fact that we blindly accept what is in the MyLoginName variable. We assume that it is going to be a user’s login name but as we don’t check that we can’t be sure of it.  Imagine that, instead of typing the name ‘Fred’ on the login screen, our hacker typed the following text:

a’ OR ‘x’ = ‘x

I know that looks strange, but as we aren’t checking that it is a valid username, there is no way we would know that.  When it gets incorporated into the SQL statement above, we get:

select * from USERS where UserName = ‘a’ OR ‘x’ = ‘x’

What that means, in simple language, is ‘give me all of the information about users where the username is the character ‘a’, or where the literal character ‘x’ is equal to the literal character ‘x’.  That must sound strange if you don’t understand SQL but think about it for a moment; adding the “‘x’ = ‘x’” has changed things entirely.  Matching the username is now irrelevant as the character ‘x’ will always match itself and that is sufficient to get the statement to return data.  And the result?  The contents of the entire USERS table will be given to our hacker!  All of the information about all of our users…

But it could be worse…

Because SQL can accept several statements at one time, separated by semicolons, our hacker could have entered the following:

a’; drop table USERS

When we incorporated that little bombshell into our statement we would have got:

select * from USERS where UserName = ‘a’; drop table users

which should get you running for the backup tapes fairly sharpish!  Why?  Because you have just allowed your hacker to delete all your user data from the database – that’s what the ‘drop table users’ statement does!

So how do you protect your website from this sort of attack?   The following points will give you some guidelines:

1.  Ensure that the security granted by your DBA to the users connecting through the website is the absolute minimum level it needs to be.  They certainly do NOT need to be able to delete tables.

2.  Speak to whoever develops your website and check that: 

a) They do not build SQL statements incorporating input text supplied by the user unless absolutely necessary.

b) If they do find it essential to do this, they validate the input before using it to check that it conforms to expected rules.

c) They should consider rewriting the SQL as a stored procedure inside the database and pass the user input as arguments that can be validated internally.

3.  As part of the development / testing process, employ professional testers to attempt SQL injection attacks on your website.  There are many more subtle ways of gaining unauthorised access than are detailed in this article and you need to be assured that you are adequately protected against all of them.

To summarise, SQL is powerful but it needs to be used carefully on web-based systems, or it can leave websites and intranet systems open to attack.  I advise caution and vigilance, otherwise your website could come crashing down, at least, or your sensitive business data could find it’s way out of your business, at worst.

Diary of a Nokia E61 User - Part 2

Mobile internet - now this is more like it!

I used to use a 3G Sharp mobile phone that had Vodaphone Live! running on it and I thought that was as good as the Internet on a mobile phone had really become. I was hugely disappointed.  It was pretty useless really and everything seemed to cost money, which is not what the internet should be about.  However, with the Nokia E61, I’ve discovered that the mobile internet can be just as good as the normal internet.  I can use our internet banking facility, update our blog, get travel directions, check websites of contacts I’ve just met, etc. There is nothing I haven’t been able to do yet and it’s proved invaluable on a number of occasions. Like the time my sat nav gave out when I was trying to find a prospective customer’s office. This is more reminicent of the good old days of using a Psion 5mx and browsing the internet, except it’s in colour, quicker, and you can do it wirelessly anywhere.

You don’t get the whole of a website on the screen, of course, but the screen size is pretty good and there is a useful zoom facility. Also, there is a clever page overview that overlays on the screen as you move around and allows you to see where you are on a page.

A number of sites, including Google, have views designed for mobile devices, which can help with the speed of browsing, and there is less moving around the screen.

Along with the notes application,email and diary, this has allowed me to stop using my laptop in a number of mobile situations, many of which weren’t that practical in the first place.  It’s so much easier to use the E61 on a train rather than to try and sit with a laptop. Plus, I can save the charge on my laptop for when I get to my destination.

Of course, there is also a web feeds reader application, so I can subscribe to the web feeds I like and keep up to date on the latest posts when I’m on the move. Why would I need a paper? They can be pretty awkward when you’re out and about as well. With the Nokia, I can access news stories all over the world and search for the content that I’m interested in.

I like the feature that I can use a wireless LAN if there is one available rather than the 3G network.  Also, I find that even at home, I reach for the Nokia rather than bother with the laptop, if I want to quickly check the internet for something.

I want to talk about the Email and Diary applications in other articles, and I’ve already written about the creative thinking possibilities with the Notes application, but when you combine the Internet browsing capabilities with these other factors, it’s astonishing how much benefit I am getting from this one tiny device!

Well done Nokia!

Choosing the right IT supplier

Assessing and implementing alongside the IT requirements of any business is usually a dreaded headache which a lot of business owners put off and finally tackle reluctantly.  There are a lot of myths and confusing  jargon associated with IT, but it really doesn’t need to be as scary or confusing as you might think. 

I read a useful article recently by Mark Greatrex, who is product and services director with Lakeview.  They are a provider of bespoke software for business management, accounting and manufacturing control.  In his article, Mark sets out clear steps you should take to help you chose the right IT supplier.

I totally agree with what Mark is saying and I’m pleased to say that our approach fits well with the points that he raises.

Mark suggests you should check you’re getting the best out of the systems you already have in place.  We often find that our customers believe a system is capable of doing a specific thing for them, only to find that they need an additional module to make it work.  At other times, it is simply that the settings on the system in question are wrong.  You might find that little or no additional spend is necessary and a simple adjustment could be all you need to allow your business to become the streamlined operation you originally envisaged.

He also says that your staff may need some additional training in order to use the system in the most efficient way possible. Some software providers fall by the way side when it comes to after sales service, training and customer care. It’s worth researching the possibility of some independent training, as there’s every chance that this gap has been noticed and that training courses are available in that area.  For example, our training courses are tailored to business people who want to learn essential IT skills, but are not interested in the technological complexities behind the scenes.

He mentions that budget is always a deciding factor of any new purchase.  Be sure to set out a clear budget from the very beginning. If you do find that you need to purchase additional systems, don’t be tempted to buy new technology for the sake of it.  Only buy what you need.  Excess technology can be a hindrance, as it can make things over complicated.

Mark states that the relationship you have with your IT supplier is key.  They should listen to your requirements and advise when they feel it is necessary.  A responsible supplier will help you to fulfil your requirements in the most efficient and cost effective way for you and not bombard you with jargon or new technology.  This is part of our commitment to our customers.  With us, you are dealing with people who understand your needs, can talk to you about them in plain English, and get your IT delivering what it truly can to make your business more profitable.

For more information about us, or to contact us, please go to www.eximium.net. 

To read Mark’s full article see http://www.smeweb.com/technology/features/top-tips-on-selecting-an-it-supplier.html.

Government IT project overrun cost millions

Government plans to introduce shared services for human resources, payroll and finance could cost the Department for Transport (DfT) £81m by March 2015 - instead of the £57m saving that was originally intended.

The figures were revealed in a scathing report by public sector spending watchdog the National Audit Office (NAO), which slammed government efforts to introduce shared services.

So far, parts of the DfT to have adopted a shared service approach are the Driving Standards Agency, Driver and Vehicle Licensing Agency and the central Department, with the Maritime and Coastguard Agency coming on board later this year.

The NAO report points to inadequate contract management and poor initial implementation within the department and says the DfT was over optimistic in setting its timetable and goals for the programme with its main IT supplier IBM.

The completion date for setting up shared services for a number of processes was originally set for last month at a cost of £55m to achieve savings of £112m.

But the inability to agree on a common set of business processes, a breakdown in supplier relations and inadequate testing led to what the NAO called “an unstable” IT system being implemented.

As a result the programme is set to go £65m over budget and projected savings have been slashed by nearly two-thirds.

The NAO said the department is making efforts to recoup savings in this area and could potentially increase gross savings up to £84.4m, less any additional cost in implementing new systems.

In a statement NAO head Tim Burr said “It is disappointing to see a programme which aimed to improve the efficiency and effectiveness of a department leaving it, on current projections, some £80m worse off. Departments need to be realistic about the challenges of implementing shared services and to manage suppliers effectively. Over the past year the department has made efforts to improve the performance of the Shared Services Programme and it cannot afford to fail.”

Derrick Cameron from IT firm Eximium said “Even given the size of this project it is remarkable to say the least that such an overspend can be achieved.  We are used to reading about projects going over budget, but this represents an overspend of about £1 for every man, woman and child in the country. It’s a good example of how important it is to be as clear as possible about objectives, timescales and costs before starting a project and flagging up any deviations as early as possible to errors can be quickly adjusted.”