Tips for getting the most out of a consultant
It’s always good to have terms and conditions in place at the outset, to ensure there is no confusion about who is responsible for what. A good consultant will have a standard contract as a starting point. Review this carefully and ask for any extra clauses or amendments as you deem necessary.
Next Generation Broadband
I noticed an article today on The Guardian’s website, which talks about the massive cost involved in building Britain’s next generation broadband network. We thought it raised some interesting issues.
A recent estimate, contained in a report published by the Broadband Stakeholder Group (BSG) found that the cheapest option would be to install the fibre optic cables to the cabinets at the end of streets and would cost £5.1 billion. The estimated cost to install the cabling to every home is £28.8 billion.
Interestingly, the same report advises the government not to provide aid to support the installation. It questions whether it would be a waste of money now that there is an increased use of Wi-Fi.
The other question raised is which areas should the next generation broadband be installed in. An Ofcom consumer panel has called for it to be installed in areas which do not have first generation broadband, thus increasing broadband coverage over all and better justifying the initial costs.
To read this article in full, please use the following link;
http://www.guardian.co.uk/technology/2008/sep/08/internet.virginmedia
‘Widespread’ US web banking security flaws
Recently published research by the University of Michigan has found that 75 per cent of American online banking sites have at least one design flaw that leaves customers exposed to online crime.
The study, by Atul Prakash from the Department of Electrical Engineering and Computer Science, and students Laura Falk and Kevin Borders, looked during 2006 into the security of websites of over 200 financial institutions.
The report found that the design flaws causing the problems were not simple bugs that can be fixed with a patch, but went far deeper.
“To our surprise, design flaws that could compromise security were widespread and included some of the largest banks in the country,” said Professor Prakash.
“Our focus was on users who try to be careful, but unfortunately some bank sites make it hard for customers to make the right security decisions when doing online banking.”
The design flaws uncovered in the study included:
• Inadequate user IDs and passwords
• Placing contact details and security advice on insecure pages
• Placing secure login boxes on insecure pages
• Breaching the chain of trust, by redirecting customers redirected to other sites
• Emailing security-sensitive information insecurely
Derrick Cameron, MD of UK based IT firm Eximium comments “The review work was carried out over time and I’m sure that many of the issues highlighted have now been rectified. However, UK banks and other businesses holding secure information about their customers must never become complacent.” He adds, “As long as people hold valuable financial data online, others will try to steal that information for financial gain. Regular checks and improvements need to be made and this report from America shows what can happen if this isn’t done properly.”
Expansion onto the Butterfield Business & Technology Park
Following the announcement of our impending expansion to Butterfield Business Park;
http://www.eximium.net/blog/index.php/2008/06/business-advice-hertfordshire-3/
We are very pleased to announce that we are now successfully installed in our new, larger office at the Basepoint Business & Innovation Centre.
As previously mentioned, the centre is an environmentally friendly building with a calm and tranquil atmosphere. It has certainly worked wonders on our stress levels. We are especially enjoying the view. We can see the pond with the ducks and moor hens on it, going about their daily lives. In the recent sunshine it has been quite picturesque and you’d be forgiven for thinking that it was actually warm outside!
The building is to be officially launched at 2.45pm on Wednesday 24th September. We are very much looking forward to the grand opening and being part of the new movement towards a greater environmental consciousness within the working environment. This has become even more important since the announcement of the forthcoming carbon cap and trade scheme. This was detailed in the government’s 2007 Energy White Paper as part of their Carbon Reduction Commitment, which proposes to reduce UK CO2 emissions by 1.2m tonnes by 2020.
The move is an expansion and we do still have our office in Capability Green, so you can still contact us on those details, but the new office is our new head office, so should you wish to contact us there, the details are as follows;
Eximium Limited
Basepoint Business & Innovation Centre
110 Butterfield Business Park
Luton
Bedfordshire
LU2 8DL
Tel: 01582 439 720
Fax: 01582 439 725
Tips for getting the most out of a consultant
Don’t be afraid to ask for some free advice about your project as part of your process of choosing a consultant. A good consultant will always be willing to provide a free consultation. It will give you confidence in them and a practical idea of their skills and approach, and you should end up with some useful ideas from the unsuccessful candidates to consider as part of your project.
Are we looking after our mobile data carefully enough?
After the numerous issues with data security over the last 12 months, the BBC has reported that over 60,000 mobile devices have been left in the back of black taxis in the last 6 months, from mp3 players to laptops.
You would think that the recent high profile incidents would have alerted us all to the dangers of leaving these sorts of items for thieves, but it seems that the warnings have gone unheard. Although 80% of the taxi drivers claimed that the items were reunited with their owners, there were still 12,000 that were not, and this is just in London. How many others are being given into the hands of thieves across the country?
With mobile devices being capable of so much more than ever before, they often contain sensitive business and personal information, and can give thieves the tools to start accessing other confidential information and a whole lot more. We need to be more careful with the physical security of our mobile information devices, consider what sensitive information about us, our staff and our customers is being held on them, and how carefully it is protected.
We need to ask ourselves:
• Are we fully compliant with our obligations under the DPA, where mobile information is concerned?
• Is the information password protected or encrypted?
• Do the devices contain any sensitive information they don’t need to?
Otherwise, our confidential business and personal information could easily leak out into the public domain.
Bogus invoices from Spammers - beware of fake package receipts
Researchers at McAfee have discovered a malware-laden spam e-mail which uses the cover of a package tracking invoice to trick unsuspecting users.
The e-mail tell the user that a package sent on a recent date, in some cases 1 July, could not be delivered and that the user should open the attached file and collect the package from a local post office.
When the user loads the supposed invoice, the malware attack is launched. The attached .zip archive unloads a .exe Trojan file which then unpacks a spyware program designed to steal user data for several job recruiting sites.
The majority of the messages have attempted to impersonate UPS, although McAfee has also found examples purporting to be from the US Customs Service.
McAfee has linked the same Trojan file to another attack that targets the user with a fraudulent receipt for an airplane reservation.
The company believes that the spam attack will run for a while and is advising users to avoid visiting any suspicious URLs and not to launch any unexpected or suspicious email attachments.
Derrick Cameron, MD of UK based IT firm Eximium comments “this is yet another cunning and cruel e-mail and highlights the need for up to up-to-date anti-virus and anti-spam protection which is regularly updated. It also highlights the need to stay ever vigilant before opening our e-mails.
Another Data Security Issue
It doesn’t surprise me anymore when I hear of another Government data security issue on the news. It has become such a regular occurrence that it doesn’t even make the headlines anymore. The latest revelation is that EDS, who is the IT contractor involved, lost a 500GB external hard drive disk containing the personal data of 5,000 prison officers’ across UK.
As I said, I am not surprised, but what did worry me about this incident was that the government were unaware for more than a year. It has been suggested that the information held on the hard drive was sufficient to endanger the prison officers concerned. It included their names, date of birth, National insurance numbers and employee numbers. It has been said that it could be used to seek revenge or to blackmail prison officers and give crooks a huge advantage in targeting prison officers to bring in illicit contraband, either by some gentle persuasion or by menace and threats.
Needless to say, there are reports that the future of the EDS contract is in jeopardy and the Ministry of Justice has launched an enquiry into who was responsible and how it happened. It’s all a bit late now and anyone who would have needed to be relocated or given new identities will have been terrorised or killed already.
Tips for getting the most out of a consultant
Break the work into chunks, if you can. That way, you can work with the consultant in stages and see the results form as you go along. This also means you’ll have chance to alter course or call a halt early on if things aren’t going well. It also makes the result more organic and less prescriptive.
Support the call to save Bletchley for the nation
100 scientists have written an open letter to The Times calling for Bletchley Park to be preserved for the nation.
The site is home to the first programmable computers created during the Second World War and was the location of much of the code breaking activity helped to shorten the conflict. The story of the people behind Bletchley Park was made into the 2001 Kate Winslet film ‘Enigma’ produced by Mick Jagger.
The site is now falling into disrepair and urgent action is needed.
The letter claims “As a nation we cannot allow this crucial and unique piece of British and world heritage to be neglected in this way. The future of the site, buildings, resources and equipment at Bletchley Park must be preserved for future generations.”
Operations at Bletchley Park were set up in the first year of the war to crack German and later Japanese encryption systems. Its staff included such legendary figures as Dr Alan Turing and Dr Tommy Flowers, who built the Colossus computer. The unit was disbanded after the war on Churchill’s orders when he grew concerned that the Russians would realise how advanced the code breaking operation had become.
Its staff never spoke about their wartime role until the details were declassified in the late 1980s.
The scientists want money to be spent on restoring the historic site which, while open to the public, receives no public funding. A plan has been mooted to house a national computing museum at the site but funds are short.
“I don’t think people realise the poor state of Bletchley Park, despite the best efforts of the people who look after it,” says Derrick Cameron, MD of IT firm Eximium. “We have so many treasures in this country, but this site had a significant effect on the outcome of the war and on the development of computers. Future generations will wonder what we were thinking if we let it fall apart – that would be unforgivable.”
Tips for getting the most out of a consultant
Make sure that you give them enough background information about your business and the current situation so that they have something to base their work on. Ask your consultant to produce a project plan in the early stages, giving you a feel for how the work will progress. It might well need to change later but it’s still better for everyone to have a framework to work within.
Has The DNA Database Project Gone Sour?
I recently wrote an article about the proposed expansion of the national DNA database:
http://www.eximium.net/blog/index.php/2008/06/business-advice-luton-6/
This subject and the controversy surrounding it, have featured in the news recently too:
http://www.eximium.net/blog/index.php/2008/09/business-advice-luton-19/
As this news item states, the enquiry by The Human Genetics Commission has recommended that the government removes all the DNA profiles of innocent people and those of criminals who have served their sentence. What I found particularly interesting about this was that this inquiry was funded by the tax payer on the government’s instructions. I thought that the government wanted every UK citizen registered on the database? Isn’t that what Tony Blair said, and was then backed up by Gordon Brown?
I have to ask myself why the government instigated an enquiry at this late stage that was at odds with their vision ‘every UK citizen will be recorded on the DNA database’. Surely this inquiry should have taken place at the outset of the idea, where it could have been properly debated and then acted upon.
Are they telling us that they have only just realised that it may not be a good idea to have innocent peoples’ DNA recorded on the database, so we had to organise an enquiry to cover ourselves? Or perhaps the thoughts at the outset were, ‘Well we know we may have some issues here, but we are going to do it anyway. The overall idea is good and we can sort out the teething problems later. It would be far too much hassle to have a detailed debate or enquiry into the suitability of such an idea, and anyway people might actually object!’
And so what are they going to do with this report?
• Ignore it?
• Act upon it?
• Instigate another enquiry that may have a more favourable outcome?
• Bin the whole idea of a national DNA database?
I think this just goes to emphasise the pitfalls of not carefully planning an approach to the introduction of a new idea, then strictly following the plan, right from inception through to implementation. This becomes even more important when technology is involved.
Ask yourself, does this scenario ever happen in my business, and if so what is it costing me?
Controversy over DNA database rages
The Human Genetics Commission has urged the government to remove innocent people from the police national database. The Citizens’ Inquiry found that the database should be put under independent control and criminals who have served their sentence should be removed.
The inquiry looked into a broad selection of opinion. Alice Maynard, chair of the working group said “We wanted to hear the public’s views on the development of the national DNA database and whether storing the DNA profiles of victims and suspects who are not charged or are subsequently acquitted is justified by the need to fight crime,” she said.
The database holds the fingerprints of four million people, including around one million who had their biometrics taken, but were acquitted or who volunteered to be on the database to eliminate themselves from a police inquiry.
The panel also recommended a vigorous nationwide education campaign that explains why DNA samples are taken and the special arrangements for situations where DNA samples have to be taken by force.
“Such a database will hold an incredibly large amount of highly sensitive information” comments Derrick Cameron, MD of Eximium. “Given the Government’s track record of losing data it is an understandable concern to many that so much information is held in one place” he adds.
Tips for getting the most out of a consultant
Consulting work is a very personal process so choose a consultant that you can get along with. You will be able to tell very quickly if they are someone you think you will get along with and could have a productive working relationship with. Approach and experience are also important factors, so pick someone whose methods and background fit well with the work you need doing.
