Latest news on our public sector strategy

Since the announcement of our successful accreditation by BSI under ISO 9001, we’ve made an important move into securing public sector work.  The potential for us in this sector was a major strategic reason for ensuring our compliance to this key quality standard.  We’re now going through the process of finding contract opportunities that suit our skills and putting together tenders.  There are lots of opportunities out there but public sector procurement procedures are quite a minefield. 

So, to help us navigate our way through the complexities of the tendering process, I’m pleased to announce that we have engaged the services of Steve Emmett at CIP4B&IT Ltd.  As an expert in the field of public sector buying, Steve has been helping us with the task of identifying suitable opportunities and creating relevant tenders.  Earlier this month, he helped us work on our first major tender, for a contract to supply an online information portal to a major local government body.  Following a pre-qualification process, we were successfully shortlisted and given the opportunity to tender.  In what was an extremely short timeframe, Steve provided some vital input into our tender document, and we were all delighted with the quality of both the final proposal we produced as a result, and the subsequent presentation we were required to make to the awarding authority’s assessment panel.

Unfortunately, we heard this week that we haven’t won that particular contract.  Obviously, the whole team is disappointed.  However, it was always unlikely that we would win our first tender.  Nevertheless, it was a great learning experience for the team and, with the feedback we’ll get from this bid, Steve can help us go on to put a better proposal together for the next tender, and so on.  I’m very optimistic that, with Steve’s help, we’ll have a great chance of winning contracts in the near future.  Like many things, this process will take effort and it won’t be easy.  But, with such a high percentage of all buying coming from this sector, it’s something we can’t afford to ignore.

Watch this space for more news as our campaign progresses.

Steve can be contacted at steveemmett@icfba.biz for further information on the services he provides, including how he helps businesses to secure suitable public sector contracts.

Scottish Hacker to Appeal to Europe after Lords Rejection

Glasgow born Gary McKinnon has vowed to take his case to the European Court of Human Rights, after his appeal was rejected by the House of Lords yesterday. He is accused of hacking into secret American military computers, and therefore faces a long-term prison sentence.

In an interview with BBC Radio 5 Live, he said he was “pretty broken up” by the ruling, but claims that he only acted in the public interest. “I am…sorry I did it, but I think the reaction is completely overstated - it felt like a moral crusade.”

McKinnon achieved a form of worldwide fame after gaining access to 97 US military and NASA computers.  It is believed to be the biggest military hack in history. After gaining access, he hacked into and disrupted numerous US military computers in 2001 and 2002.  This was all done from his North London bedroom. Since his arrest in 2002 he has never been formally charged in the UK.

McKinnon has consistently claimed that he is “a bumbling hacker” who was never a threat to security, and that he was only looking for UFO files that he believed the US government was keeping under wraps.

Derrick Cameron, MD of IT specialists Eximium comments “There is no doubt what McKinnon did was wrong, but the question should be - what were his intentions?”  Cameron adds, “perhaps the US authorities should consider using his services in future to test the security of their computer defenses.”

Another Data Security Meltdown!

It would seem that the lessons which should have been learnt from the loss of sensitive data of people claiming child benefit were not learnt at all. Revenue and Customs lost disks containing personal details in the post, back in November 2007.

See our article on this:

http://www.eximium.net/blog/index.php/2007/12/it-advice-bedfordshire/

An investigation into another case of sensitive data not being protected began on Tuesday. The Government launched the investigation after a laptop containing the bank details of over a million people was sold on eBay for just £35!

Andrew Chapman, an IT manager bought the laptop and found that it contained customers’ credit card applications, account details, signatures, mobile phone numbers and mothers’ maiden names. Natwest Bank and The Royal Bank of Scotland have confirmed that their customer’s details are among the details found.

The computer belonged to a former employee of the company, Graphic Data, who digitally store information for a number of British banks and Building Societies. He placed it for sale on eBay, without erasing the sensitive data stored within it. A spokes person for Graphic Data said the company did not authorize the sale of the computer.The identity of the seller of the laptop has not been disclosed and Graphic Data and eBay have also launched investigations.

All this on top of the admission by the Home Office that it has lost 43 laptops and 94 mobile phones in 3 years.

The catalogue of losses are as follows;

August 26 2008: The sale of the laptop on eBay for £35.88.

August 22 2008: A memory stick containing details of 127,000 criminals in England and Wales is lost, including the names, addresses and dates of birth of 33,000 persistent offenders.

July 18 2008: Ministry of Defence admits that 658 laptops have been stolen and 89 lost in four years. Only 32 were recovered. It also admitted to losing 26 portable memory sticks since January 2007, with 19 of them classified as secret.

January 19 2008: A Royal Navy officer had his laptop stolen in Birmingham, containing the bank and passport details, National Insurance numbers, doctors’ addresses and family information details of 600,000 potential armed forces recruits.

January 18 2008: Details of benefit claims, mortgage payments and photocopies of passports were found on a roundabout in Devon. Other confidential data had been found at the same location before in November 2007.

December 23 2007: Nine NHS trusts admitted to losing patient records. In one case they lost the names and addresses of 160,000 children.

December 17 2007: The details of 3 million candidates for the driving theory test were lost in transit in Iowa.

December 11 2007: Two non-encrypted computer discs containing the names and addresses of 7,658 Northern Ireland motorists were lost.

November 20 2007: The two computer discs holding details of 25 million people including 7.25 million families receiving child benefit were lost.

When will the lessons finally be learnt? They are there for all to see and it would seem that they will be for a long time to come yet.

Tips for getting the most out of a consultant

If you are hoping that the consultant will tell you what needs to be done, make sure you can trust them.  Try and check them out, ask for some literature, look at their website, etc.  Read the words carefully, as a lot of consulting work comes down to words and the interpretation of them.  You need to be sure that their approach fits with what you are looking for.

Living With The Apple iPhone 3G

July 11th 2008 saw the much-anticipated release of Apple’s iPhone 3G, the long-anticipated successor to the original 2G version.  The advantages for ‘on the move’ internet browsing were so apparent that many observers believe that it was responsible for the lower than expected sales of the 2G version on initial release.  Certainly there was a degree of ‘stock dumping’ in the form of a £100 price cut by O2 in the weeks preceding the announcement of the 3G launch date.  This led to the bizarre situation where it was cheaper to buy an 8Gb 2G iPhone than the equivalent iPod Touch which lacks the phone technology!

By common consent, the day of the launch was a disaster!  Reminiscent of the Heathrow T5 debacle, queues formed at Apple, O2 and Carphone Warehouse stores that quickly ran out of stock yet couldn’t even register the phones that they did have.  Impatient and frustrated would-be customers were given various explanations and excuses for the failures but, ultimately, the blame must lie with O2.  In an attempt to avoid the ‘unlocking’ of phones from the O2 network that bedevilled the 2G version – only possible because the phone was purchased separately from the contract – the contract for the 3G version must be taken out at the time of purchase and for whatever reason, the O2 network infrastructure could not cope with the entirely foreseeable demand.  That, combined with yet another ‘system failure’ that saw the loss of manually-collected customer details at the point-of-sale, merely exacerbated the frustration of customers already at breaking point.

With those problems overcome however, does the product merit the hype?  Overall, I would say yes.  Although some of the features don’t quite live up to expectations – that searching the phonebook sometimes seems to take an inexplicably long amount of time and the  ‘swipe to scroll’ interface can lack immediacy are just two examples of areas that I would expect to see improved in a future software update – the majority of the interface and functions simply feel so ‘right’ that it is difficult not to fall in love with the device.  Some of the features may seem like ‘data-feed gadgetry’ for the sake of it (I can’t see anyone to whom it really matters relying on the ‘Stock Prices’ or ‘Weather’ functionality…) but there are really useful features too, such as the GPS location facility and the high-speed internet browsing and email functions that are available whenever you have a 3G signal.  This really comes into its own if you subscribe to Apple’s MobileMe service with its ability to synchronise your mail, calendars, contact details and browser bookmarks across iPhone, Mac and Windows PCs and MobileMe platforms.  This shouldn’t be revolutionary but for the small business user who has not been able to justify the use of a full Microsoft Exchange installation, it is.   Give yourself a week of using it and you will wonder how you survived before!

So, what are the downsides?  Only one really – battery life!  Industry-watchers discussing the 3G iPhone before its release identified this as a likely problem as 3G is much more power-hungry than 2G.  To be fair, it’s no worse than other 3G phones with a full battery lasting a day of average usage.  The catch though is what’s meant by ‘average usage’. Here the iPhone is a victim of its own success – it’s simply so usable that you just want to keep using it!  The 3G, wi-fi and large, well backlit screen all have high power demands and the need to get through a working day on a single charge may, just may, mean that you will have to ration your usage.  My solution though would be to invest in a second charging unit for the desk and then not worry about it.

My advice?  Get one tomorrow – you won’t be disappointed!!

Tips for getting the most out of a consultant

Make the brief really clear. Think in detail about what it is you want to achieve.  You might not have all the answers about how you’re going to get there but it’s important for both of you to know where you want to go.

Dates for Business Link IT Seminars

Following on from this post last month, about the IT seminars for business people I’ll be presenting in conjunction with Business Link East:

http://www.eximium.net/blog/index.php/2008/07/business-advice-bedfordshire-11/

I’m pleased to announce that I now have the dates and venues for each of the 6 sessions. 

Here they are:

20th November 2008 – Knights Hill Hotel, Kings Lynn
26th November 2008 – Wyboston Lakes, Bedford
11th February 2009 – Holiday Inn, Peterborough
19th February 2009 – BioPark, Welwyn
5th March 2009 – Denny Brothers Conference Centre, Bury St Edmunds
25th March 2009 – Pontlands Park, Chelmsford

The session is entitled “Getting Maximum Benefit from Your IT Systems” and will last for 2 hours, starting at 10am.  Last week, I gave a 20 minute taster of the session to the events team and I had lots of positive feedback.  There will be room for 30 business owners, directors and managers at each session (no previous IT knowledge or experience necessary!) so I’d be delighted to see you at one of these sessions.  The cost hasn’t been decided yet, but it will either be fully or part funded by Business Link, so the most it is likely to cost is £30 per person.

Please just drop me a line or leave a comment on this post if you would be interested in coming along to one of these.

The future of public services belongs to technology

Prime Minister Gordon Brown has claimed that technology is key to improving public services in a new report published this month.  The Government currently employs 10,000 IT staff who are working on improving public services and this is set to grow in an attempt to meet government targets.

Technology enables public services to offer more personalised services by providing information on citizens and enabling the Government to tailor delivery, while joining up systems reduces the number of departments people have to deal with.

The report called ‘Excellence and fairness: Achieving world class public services’ has drawn a number of important conclusion about the future of IT within government.  In particular it singles out how NHS Direct has allowed well structured information to be made available online in order to improve people’s lives.

In 1997, NHS Direct was launched as a phone-based service – now it receives more visits online than telephone calls as the percentage of citizens using the internet has risen from 10 per cent to 70 per cent in the past 10 years.

“NHS Direct is a great example of how properly thought through technology can create an effective information system.  Because of the very nature of the service, it allows huge numbers of people unlimited access so that, whilst it no doubt has high set up costs, once the data is in, there are relatively small running costs.  This means that in the long term it will offer a better service whilst saving money – an idea that Eximium is very enthusiastic about,” comments Derrick Cameron, MD of IT firm Eximium.

Tips on writing effective documents

Try not to write long paragraphs as this is difficult to read. Break sections into new paragraphs if they become too long, but make sure you find the right place to do it.

Wesbite Security and ‘https’ - How Does it Work?

Anyone who has looked at the address bar in their web browser might have noticed that the majority of web pages that they visit begin with the acronym ‘http’.  A few might even know that it stands for ‘hypertext transfer protocol’ – the protocol (or ‘language’) of the World-Wide Web.  Sometimes though, they might notice that a web page begins with ‘https’ and if they are particularly observant, that such pages are accompanied by the image of a closed padlock – usually somewhere in the status bar.  That gives us a clue as to what is going on: the ‘s’ stands for ‘secure’.

So why might we want a ‘secure’ protocol?  The most common place that we will find ourselves on a secure page is where the information being displayed or entered is sensitive and must be protected from a ‘man in the middle’ attack where the data could be intercepted between the server and the browser. The obvious example of this is a page where credit card or bank details are being entered. Obviously, with the rapid growth of e-commerce, these types of web pages are proliferating.

For the more technical amongst you, the data on a secure page is transmitted through ‘SSL’ – a ‘secure socket layer’ and uses a different port – normally 443 instead of 80.  In order for this to work, an SSL certificate registered to the website owner must be installed by the web server.  To go even more technical for a moment, SSL uses one of the most secure cryptographic mechanisms currently available using two keys – one public and one private – that is theoretically unbreakable within a reasonable amount of time.  If this sounds like double-dutch to you then don’t worry – you don’t need to understand how it works in order to use it.  What you do need to know is that you can trust it and the only habit you need to adopt is to check that if you are entering sensitive data the address of the web page begins with ‘https’ and, probably, that there is a closed padlock (or similar) displayed somewhere in your browser window.  It is worth taking a few minutes right now to familiarise yourself with your favourite browser and discover the difference between a secure and insecure web page.

To help you with that here is an example of a secure page:

https://www.paypal.com/uk/cgi-bin/webscr?cmd=_send-money&nav=0.1

and an insecure one:

http://www.bbc.co.uk

See if you can spot the difference!

Finally, if you are developing or specifying the creation of a web site for your own company and you expect your users to enter sensitive data, you must ensure that such pages use the secure protocol otherwise you will lose valuable business as potential customers will abandon the checkout process if they feel the security of their personal data is threatened.

Other useful links:

http://en.wikipedia.org/wiki/Https
http://en.wikipedia.org/wiki/HTTP
http://www.instantssl.com/ssl-certificate-products/https.html

Internet Privacy Debate Heats Up

More and more people are worried about their privacy when it comes to the Internet and they have every right to be.  Information about us is collected and stored in many different ways on the Internet.  Most of which we are aware of and consent to, such as contact forms and questionnaires, but what about the information stored about us which we have no knowledge of, or access to?

I recently posted this article about a new search engine called Cuil:

http://www.eximium.net/blog/index.php/2008/07/it-advice-luton-11/

One of the advantages of this site is that it analyses the web, not the user and doesn’t save user data like other search engines, such as Google.

Google has confirmed recently, in a letter to the US government, that it is watching the way we surf, using it’s double-click ad serving cookie, and is saving this user data.  The advantage for them is they can target ads at specific user groups based on the type of surfing they do, something  called ‘behavioural advertising’ (although they say they don’t do this at present).  This is potentially worth big bucks to advertisers, but is it ethical?

It was exactly this which caused public concern recently, when BT, Talk Talk and Virgin Media, three of the UK’s largest Internet Service Providers, sold their customers’ private browsing history to an advertising broker called Phorm.  This kind of secret invasion of privacy worries many people and has prompted calls for ISP’s to withdraw from what is known as ‘deep packet inspection systems’ all together.

For further information on this issue and for links to other websites containing information and petitions against Phorm go to   http://www.badphorm.co.uk/page.php?2

Tips on writing effective documents

When proof reading your document, try reading it out loud. Anything you stumble over when reading probably doesn’t scan very well and needs rewording.

UK based SMEs need to tighten up on security issues

UK Managing Directors need to tighten up their security procedures. In a warning from the Economic and Social Research Council (ESRC), British firms were shown to be the most likely to fail at effectively securing their data.  This issue could have a serious effect on a large portion of the UK economy.

The small business sector makes up 51.9 per cent of the UK’s annual turnover.  It also accounts for 99.3 per cent of businesses, according to official figures from the Department for Business, Enterprise and Regulatory Reform.

“Information security is now a mainstream political issue, and no longer the province of technologists alone,” said Tyler Moore of the Computer Laboratories, University of Cambridge. “In 1999 it became clear that even the latest and greatest technology will not solve all our problems if those who protect and maintain them are not sufficiently motivated. The issue is one of incentives.”

“Security is about assessing and dealing with the risk of different types of people who interact with your information.  Whether they are staff, customers or strangers, they all present a potential risk to the security and long term future of your business” comments Derrick Cameron, MD of IT based firm Eximium.

The high level of reported fraud is now staggering.  It cost UK businesses over £705m in the last six months, 74 per cent up on the same period last year and hitting £317m in April 2008 alone, says research from accountants BDO Stoy Hayward.

Banks and insurance firms suffered costs of more than £636m, or 90 per cent of the total cost of fraud in the first half of 2008: management fraud accounts for 46 per cent of fraud cases whilst third party fraud accounts for 32 per cent, costing businesses a total of £541m.

Tips on writing effective documents

The Oxford comma in a list of items (i.e. the comma before the ‘and’ at the end of the list) can be helpful, especially if the list is complex or has extra commas. For example, “we looked at Spain for sales, Poland for marketing, and France for quality assurance.”

Microsoft hints that Windows 7 will be available earlier than expected

They may not be led by Bill Gates on a day to day basis any longer, but Microsoft has given its clearest indication yet that Windows 7 will be with us sooner rather than later.

The US based software giant has offered an approximate launch date of January 2010 for the forthcoming operating system for PCs.

CEO Bill Veghte has been quoted in a letter titled ‘An Update on the Windows Roadmap’ as saying “You have told us you want a more regular, predictable Windows release schedule. Our plan is to deliver Windows 7 approximately three years after the January 2007 general availability launch date of Windows Vista.”

This means that the arrival of Windows 7 would not throw up the application incompatibilities that accompanied the arrival of the much criticised Windows Vista.

“You’ve also let us know you don’t want to face the kinds of incompatibility challenges with the next version of Windows you might have experienced early with Windows Vista.  Our goal is to ensure that the migration process from Windows Vista to Windows 7 is straightforward,” he wrote.

Derrick Cameron MD of IT firm Eximium comments “In the past there have been delays of up to a year on the final introduction of various Microsoft products.  Whilst it is interesting that this release appear to be coming early, it won’t surprise me if this launch doesn’t go entirely to plan.”

Tips on writing effective documents

Using commas helps enormously with readability. There is a lot of debate on this subject and editors in the publishing industry are removing more than ever, but my advice is to use them wherever a natural pause is implied or required. For example, instead of “when it works it works really well” it is clearer if you put “when it works, it works really well”.