What is IT outsourcing, businesses ask? What are managed IT services? And finally, what are shared services?

Although IT is now a fundamental part of the structure of a business, there is still a lot of confusion surrounding all the available management options. Search engine Google estimates there are around 135,000 searches each month for ‘What is IT outsourcing?’, 33,100 for ‘What are managed services’ and 27,100 for ‘What are shared services?’.

There is obviously a great need for clarification on the alternatives to managing the IT department in-house.

IT sourcing models

Generally, when certain business functions or operations are performed and managed by an external party, it is called outsourcing. In the case of IT support, many things can be outsourced: from the help desk to software development, from a small part of the department to all of it.

We normally define full IT outsourcing the practice of having an external provider take care of all IT support functions and operations: staff, hardware and software usually belong to the third party used, and are based at the provider’s site. This could also be located in another country or continent, taking the form of near-shoring (within the same continent) or off-shoring (overseas).

A different approach is to keep the infrastructure in-house and only outsource management and staffing to an external partner – totally or in part. When the IT department is kept in-house but completely managed by a service provider, you have a managed service. If only some staff members are managed by an external provider, like in the case where different service providers coexist in the same environment to keep competition high, it is called a co-sourced environment. Finally, managed sourcing is the practice of having some extra resources to cover for sickness, annual leave and peak in service as needs arise without having to employ contractors and going through a selection process, as these engineers are immediately procured and managed by a third party. Managed sourcing typically has a lesser supplier management framework associated with it and is suitable for quick, lower cost and high volume resourcing. This practice can lead to the supply converting into aco-sourced or managed service support service in time.

An externally managed IT support service can also be shared between a number of companies, for added cost benefits: this is a shared service, which can be especially efficient if the participating companies have similar needs and environments, and the number of those sharing is kept low. This model can also be adopted in part, limited to certain functions such as out-of-hours support or peak times.

Reasons for outsourcing

Why do people use outsourcing and managed services for their IT? There are many different reasons for this. A KPMG report entitled ‘UK Service Provider Performance and Satisfaction 2012’ shows how the drivers for outsourcing are constantly changing. If a couple of years ago the main drivers were financial – ‘cost savings’ for 83 per cent of respondents, and ‘financial flexibility’ for 41 per cent – there is now a shift towards a more holistic and strategic view of this practice. Whilst ‘cost savings’ remains very high (70 per cent) it is now followed by ‘access to skills’ for 51 per cent of participants and ‘quality improvement’ in 46 per cent of cases.

Overall, you can say that having access to skills and experience which are not present in-house is one of the main aspects of outsourcing the IT support function. Having a generally predictive cost (depending on the contract) and being able to control service quality through Service Level Agreements (SLA) are a near-guarantee for service desk cost-efficiency.

Choosing the right sourcing model

Every organisation has different needs and requirements, therefore their IT support needs to be personalised for maximum success. A pure model – full IT outsourcing or a fully managed service – can be effective for some organisations, but others may feel that a mixed model, integrating co-sourcing and shared services in their normal in-house service, works better for them.

Your service provider of choice needs to understand this and help you choose the right model for you, therefore both fit for purpose and fit for use. Having previous experience of your environment is also an important advantage, especially if IT has a strategic function for your organisation, such as in the case of banks, traders, law firms or some media companies. A thing which organisations wishing to use one of the many outsourcing solutions need to know is that the choice of service provider is as important as the choice of model.

A combination of trusted IT service provider and appropriate sourcing model is key to transform the IT function from mere business support to a business enabler. IT can then become a value-add and help organisations improve their service to their clients – with all the benefits this entails.

Ben Whitehead, Service Delivery Manager

Shedding light on the ambiguity surrounding IT outsourcing

A recent survey issued by the National Outsourcing Association (NOA) revealed that only 27% of UK citizens associate ‘a local computer company providing IT support to small businesses’ with ‘outsourcing’. However, 58% cited ‘a bank opening a call centre in India’ as an example of outsourcing – which it is not. Clearly misunderstanding the term, only 19% of respondents believe that outsourcing could help get the UK out of recession. These findings are quite worrying at a historical moment where this practice is not only important, but often vital for a company to survive in the current market.

The outcome of this ‘Public perception of outsourcing’ survey shows how outsourcing is often confused with offshoring, which generally has a negative connotation for UK citizens. Offshoring means relocating a department, certain business operations or functions to a less expensive country abroad, typically outside Europe. If this is managed by a third party, it is technically a type of outsourcing, although not the only one. If it is still managed by the organisation, then it is not, by definition, outsourcing – just a captive offshore project. With increasing concerns over job losses in this difficult economic climate, it is not surprising that 80% declared they believe ‘outsourcing hinders British businesses’ when they only have offshoring (outsourced or not) in mind.

This necessitates explaining more thoroughly what outsourcing is and how it can help the UK economy, from SMEs to large enterprises and across all sectors. IT outsourcing in particular, when correctly and appropriately implemented, does not negatively affect business growth. On the contrary, it can help organisations operate better with a more cost-efficient and productive IT service, allowing better forecasting of operational costs as well as possible cost savings, even potentially creating a competitive advantage.

Outsourcing, put simply, is the practice of contracting out certain business functions or operations to a third party and purchasing them as a service, rather than having them in-house. This has been common practice in business for a long time, and has only recently increased in the field of IT, becoming a buzzword.

In IT outsourcing, many different models exist. A third party may be involved  in just the provision of a couple of temporary staff for busy periods, holiday cover, or just a few more skilled engineers to take care of a new technology or a particular project. The outsourcing service might only cover a portion of services such as database, server or email management, or just the out-of-hours IT support. An outsourced or managed service can be shared between more than one company (shared service) or just dedicated to one.

The IT outsourcing type or model depends on factors such as scope, needs and level of control. An IT Service Desk is fully outsourced when the department is completely managed by a third party, and is set on another site to the core business. This could be in the same city, country or abroad – the term ‘nearshore’ outsourcing indicates that it is close to home, which could include other countries in Western and Eastern Europe, while ‘offshore’ normally means far away, in countries like India, China and Brazil. An organisation could choose to only outsource certain functions, for instance 1^st line support or Server management. A managed service, instead, is when the Service Desk or part of it are managed by a service provider, but on the client’s site – with staff normally being transferred into the other company with the same conditions and rights through the Transfer of Undertakings (Protection of Employment) Regulations (TUPE). The presence of various IT staff employed and managed by more than one organisation (some in-house and some by one or more service providers) creates a co-sourced environment.

Although many types and models exist, they all have the same benefits in common: IT outsourcing is a way to gain immediate access to skills and expertise that might not be present internally, even just for a period or the hours needed. It is cheaper than doing it in-house, as the expenditure would be at a fixed cost and not variable, including any training and management costs that are necessary to meet the targets set. It can add value to the company: with sector experts taking care of one particular area of IT or all of the Service Desk, the organisation is free to concentrate on more strategic tasks and on their core business, including fewer day-to-day management worries, and more time released to focus on improving their organisation.

By increasing the awareness of what outsourcing truly is and what it can do for businesses, UK citizens can understand how big an opportunity this is to help the British economy in these difficult times. The fact that the practice is increasing every year among businesses large and small is a clear indication that more and more organisations are seeing value in outsourcing – the trend will definitely not stop!

Jennifer Grant, Service Delivery Manager

This article is on Sourcing Focus: http://bit.ly/KPtysb

The GLOCAL IT Service Desk

‘Stay local, act global’ is the new mantra for IT departments

With companies becoming increasingly international and IT support more and more remote, the IT Service Desk finds itself dealing with a user base that often extends to an EMEA or global level. The idea of outsourcing to a service provider seems now more than ever a convenient and cost-efficient solution to many organisations – in fact, the IT outsourcing industry in the UK is now generating over £40 billion a year, accounting for 8 per cent of the country’s total economic output, an Oxford economics research recently revealed. Delegating management of the IT Service Desk allows companies to focus on their business whilst leaving IT-related matters such as Incident, Problem and Request management with their associated headaches – to the experts.

It is, however, wrong to think that a ‘global’ desk has to be based in India, China or Poland. Such an off-shore or near-shore solution might not be safe enough for those companies which need to keep a high level of control over the data and IP processed by their IT system, such as those in the financial, legal and public sector. But an outsourced Global Support team does not actually have to be physically located abroad – the service just needs to be able to reach offices and branches across the world, which surprisingly can be done even from Sevenoaks, London or from your very own headquarters.

In addition to this, choosing a managed service rather than a fully outsourced solution can prove an even better arrangement. In fact, whereas with full outsourcing and offshoring the level of control over the IT department can never be full because the whole infrastructure usually belongs to the provider, a managed service can provide a safer solution for those organisations which are very careful about security, such as those whose very sensitive or precious data cannot risk being stolen, leaked or lost. Many companies simply see value in knowing the people responsible for assisting their business.

Although a solution which is 100% safe does not exist, retaining ownership of the infrastructure and keeping the Service Desk in the office or near the premises means that there is a lesser risk of data security issues getting out of hand, being reported too late or being hidden. By using a trusted provider and retaining a certain level of control over the department, the chances of a security breach are therefore minimised.

A Gartner research published last month revealed that IT outsourcing is increasing all over the world: global IT spend by businesses increased 3.1% in 2010 amounting to $793bn, a slight rise from the $769bn that was spent in 2009. This shows that the market is slowly going back to pre-crisis levels of 2008, after which it fell by 5.1%. Companies are spending more even if the economic climate continues to remain uncertain and the fear of a double-dip recession is still in the air – clearly they believe IT outsourcing is worth the risk, and this could be because of the flexibility it allows them to have.

Some Support solutions, in fact, enable organisations to increase and decrease the size of their IT Service Desk according to need. This could not be so easily done within an in-house service: engineers would have to be kept even when not fully utilised, meaning inefficiency occurs, made redundant during low service needs or made to work harder and longer at peak times. If we apply this to a global scale and the implication of different employment law for each country, it gets unnecessarily complicated.

A Support services provider should be able to add and take out engineers and move them around flexibly, and some even have a multisite team hired expressly to go where needed at short notice within the provider’s clients. With this level of flexibility, the ties that bind organisations to providers can be more an advantage than a disadvantage during global expansion or difficult and rocky economic times.

Martin Hill, Head of Support Operations

Taking the third option

Many organisations are moving to a ‘best of both worlds’ between insourcing and outsourcing – Managed Services.

Efficient management of IT Support has become a crucial issue for organisations across all sectors. It is being increasingly recognised not only as a means to improve the whole business, but also as an instrument to create strategic advantage and added business value.

Many organisations identify two distinct types of management options for their IT Support – controlled and visible in-sourcing and the apparently cost-efficient outsourcing.  But for organisations dealing with high value users, non standard applications or sensitive data, outsourcing can represent too big a risk, leaving the single option of keeping IT Support in-house. Financial institutions, law firms, professional services businesses and some sections of the public sector may well then believe that they have no option but to ignore a potentially sizable benefit in cost and efficiency.

However, there is a third option embraced by a diverse pool of organisations such as software giant Microsoft, public sector body Serious Fraud Office and law firm Simmons & Simmons that allow the utilisation of outsourcing benefits with none of the drawbacks – the Managed Service.

A recent survey of CIOs showed that 19 per cent of those interviewed are already using Managed Services for their IT Service Desk, and that number is expected to rise to 34 per cent towards the middle of 2011. According to participants in the CIO Market Pulse Survey for Management Excellence they chose Managed Services primarily due to a lack of appropriate internal resources, a desire to retain control and the need to reduce costs.

A Managed Service was seen as the best option for their organisation because it was thought to be less risky than traditional outsourcing and more efficient than internal management. In fact, this solution can be regarded as more than just the halfway house between insourcing and outsourcing, it is now in many cases a superior solution incorporating all the best features of both and none of the weaknesses.

Its main strengths are similar to those of outsourcing – for instance, the provider manages all aspects of the function, from staff to operations and is responsible for Service Level Agreements and TUPE. The differences mainly involve the physical location of the team, with a Managed Service utilising the clients office space and infrastructure and an Outsource placing the team anywhere in the world.

Although outsourcing is universally assumed to be the cheapest option since it is often carried out in countries where the cost of labour is very low, statistics show that overall cost savings often don’t exceed a mere 10-15%. In fact, when the possible degradation of service and inevitable cultural changes are forced into the user base and given a cost, the actual saving can be in low single digits. The problem becomes even more acute when the user base comprises staff who generate income streams or are a high salary cost to the business.

Using high value users’ time to prop up a poor performing support function can easily be costed and the results are startling. Using just an average user cost to a business  of say £20 p.h., simple maths demonstrates that 30 extra minutes per month per user spent interacting with a poor Service Desk, in a 2000 user business will cost it £240,000 p.a. in lost working time. Using the same equation with a Doctor, Lawyer or Banker’s costs produces frightening numbers.

Moreover, offshoring presents an increased risk of data security breaches: there have been many stories in the press of offshore employees selling credit card, health and other personal details collected from client databases.  It can be difficult to control and monitor an office located on the other side of the globe, but the problem of data security does not end with offshoring – even when the outsourced support function is located near the client’s office, all information stored and processed in the systems owned by the provider is at risk, and so is the intellectual property.

If the function is run on the client site and the assets are owned by the client, there is a sense of control over the data and intellectual property. These characteristics make Managed Services similar to insourcing. However, unlike an in-house solution, management of operations, processes and staff is left to the expertise of professionals who are measured via SLA and more often than not, subject to penalties for failure to perform.

Little wonder then that organisations across all sectors are embracing ‘the third option’. Microsoft made headlines when a press release announced that their Service Desk, desk-side services and infrastructure and application support were managed onsite by a provider. Although some of the firm’s critics took it as a sign of weakness, assuming that a software company should be an expert at managing the Service Desk as well, the IT community understood that it was a strategic move driven by the desire to create cost-efficiencies in a safe way. If the likes of Microsoft choose managed services over in-sourcing and outsourcing as the best solution for them, it is likely that the model will apply for many other organisations where control and cost reduction is vital.

It appears that instead of forcing more organisations to offshore to cheaper countries, the economic environment is leading to managed services becoming the favoured choice. According to the CIO survey, 40 per cent of organisations are adopting this option as a result of the economic climate for different aspects of their IT. In comparison, only 26 per cent are turning to outsourcing and 29 per cent are keeping services in-house.

Taking all of this into account, the evidence appears to suggest that the future of IT Support as a business enabler rests on finding the right balance between control and delegation, thus ensuring efficiency meets security in an environment which remains in sight and firmly in mind. Although outsourcing and insourcing still have a place in many organisations, as sourcing models mature and evolve it is becoming apparent that a significant number of organisations will move towards more bespoke, internally managed solutions to meet their particular needs.

Richard Forkan, Director

Find this article on Outsource Magazine: http://www.outsourcemagazine.co.uk/articles/item/3589-taking-the-third-option

Are you Off-Sure about your IT Service Desk?

No matter the economic climate, or indeed within which industry they operate, organisations are constantly seeking to lower the cost of IT while also trying to improve performance. The problem is it can often seem impossible to achieve one without compromising on the other and in most cases, cost cutting will take prevalence, leading to a dip in service levels.

When things get tough the popularity of off-shoring inevitably increases, leading many decision-makers to consider sending the IT Service Desk off to India, China or Chile as a convenient solution financially – low-cost labour for high-level skills is how offshore service providers are advertising the service.

In reality things are not so straightforward. The primary reason for off-shoring is to reduce costs, but according to experts average cost savings only tend to lie between 10-15%, and what is more, additional costs can be created – research shows, in fact, that they can in some cases increase by 25%.

Hidden costs, cultural differences and low customer and user satisfaction are reasons which have made nearly 40% of UK companies surveyed by the NCC Evaluation Centre change their mind and either reverse the move – a phenomenon known as ‘back-shoring’ or ‘reverse off-shoring’ – or think about doing so in the near future. Once an organisation decides to reverse the decision, however, the process is not trouble-free. Of those who have taken services back in-house, 30% say they have found it ‘difficult’ and nearly half, 49%, ‘moderately difficult’. Disruptions and inefficiencies often lead to business loss, loss of client base and, more importantly, a loss of reputation – it is in fact always the client and not the provider which suffers the most damage in this sense.

Data security is another great concern in off-shoring. An ITV news programme recently uncovered a market for data stolen at offshore service providers: bank details and medical information could be easily bought for only a few pounds, often just from call centre workers. Of course information security breaches can happen even in-house, caused by internal staff; however, in off-shoring the risk is increased by the distance and the different culture and law which exist abroad.

Not a decision to be taken lightly, then. Organisations should realise that the IT Service Desk is a vital business tool and while outsourcing has its advantages, if they do it by off-shoring they are placing the face of their IT system on the other side of the planet, and in the hands of a provider that might not have the same business culture, ethics and regulations as they do.

So before thinking about off-shoring part or the whole IT department, organisations would be wise to take the time to think about why their IT is so expensive and what they could do to improve it, cutting down on costs without affecting quality, efficiency and security and moreover, not even having to move it from its existing location.

Here are some measures organisations could take in order to improve efficiency in the IT Service Desk while at the same time reducing costs:

Best practice implementation

Adoption of Best Practice is designed to make operations faster and more efficient, reducing downtime and preserving business continuity. The most common Best Practice in the UK is ITIL (Information Technology Infrastructure Library) which is divided into different disciplines – Change Management, Risk Management, Incident Management to name but a few.

ITIL processes can be seen as a guide to help organisations plan the most efficient routes when dealing with different types of issues, from everyday standard operations and common incidents up to rarer events and even emergencies.

Whilst incident management seems to be easily recognised as a useful tool, other applications of ITIL are unfairly seen by many as a nice to have. But implementing best practice processes to deal with change management, for example, is particularly important: if changes are carried out in a random way they can cause disruptions and inefficiencies, and when a user cannot access resources or has limited use of important tools to carry out their work, business loss can occur – and not without cost.

Every minute of downtime is a minute of unpaid work, but costs can also extend to customer relationship and perhaps loss of client base if the inefficiencies are frequent or very severe.

Realignment of roles within the Service Desk

With Best Practice in place, attention turns to the set-up of resources on the Service Desk. A survey conducted by Plan-Net showed that the average IT Service Desk is composed of 35% first-line analysts, 48% second line and 17% third line. According to Gartner statistics, the average first-line fix costs between £7 and £25 whereas second line fixes normally vary from £24 to £170. Second and third line technicians have more specific skills, therefore their salaries are much higher than the ones of first line engineers; however, most incidents do not require such specific skills or even physical presence.

An efficient Service Desk will be able to resolve 70% of their calls remotely at first line level, reducing the need for face-to-face interventions by second line engineers. The perception of many within IT is that users prefer a face-to-face approach to a phone call or interaction with a machine, but in reality the culture is starting to change thanks to efficiency acquiring more importance within the business. With second-line fix costing up to 600% more, it is better to invest in a Service Desk that hits a 70% rate of first-time fix, users for the most part will be satisfied that their issues are fixed promptly and the business will go along way to seeing the holy grail of reduced costs and improved performance simultaneously.

From a recent survey carried out by Forrester for TeamQuest Corporation, it appears that 50% of organisations normally use two to five people to resolve a performance issue, and 35% of the participants are not able to resolve up to 75% of their application performance issues within 24 hours. Once you calculate the cost of number of staff involved multiplied by number of hours to fix the incident, it is not difficult to see where the costly problem lies. An efficient solution will allow IT to do more with less people, and faster.

Upskilling and Service Management toolset selection

Statistics show that the wider adoption of Best Practice processes and the arrival of new technologies are causing realignments of roles within the Service Desk. In many cases this also involves changes to the roles themselves, as the increased use of automated tools and virtualised solutions mean more complex fixes can be conducted remotely and at the first line. As this happens first line engineers will be required to have a broader knowledgebase and be able to deal with more issues without passing them on.

With all these advancements leading to a Service Desk that requires less resource (and therefore commands less cost) while driving up fix rates and therefore reducing downtime it seems less and less sensible for organisations to accept off-shore outsourcing contracts with Service Level Agreements (SLA’s) that guarantee a first-time fix rate of as little as 20% or 30% for a diminished price. It seems the popularity of such models lies only in organisations not being aware that quality and efficiency are something they can indeed afford – without the risk of off-shoring.

The adoption of a better toolset and the upskilling of first-line analysts, especially through ITIL-related training, will help cut down on costs and undoubtedly improve service levels. However while it will also remove the necessity to have a large amount of personnel, especially at higher level, the issues with finding, recruiting and training resource will still involve all the traditional headaches IT Managers have always faced. With this in mind it can often be prudent to engage with a service provider and have a co-sourced or managed desk that remains in-house and under internal management control. Personnel selected by an expert provider will have all the up-to-date skills necessary for the roles required, and only the exact number needed will be provided, while none of the risks associated with wholesale outsourcing, or worse, off-shoring, are taken.

Improving IT infrastructure and enhancing security

Improving efficiencies in IT does not begin and end with the Service Desk of course. The platform on which your organisation sits, the IT infrastructure itself, is of equal importance in terms of both cost and performance – and crucially, is something that cannot be influenced by off-shoring. For example, investing in server virtualisation can make substantial cost savings in the medium to long term. Primarily this arises from energy saving but costs can also be cut in relation to space and building and maintenance of physical servers, not to mention the added green credentials. Increased business continuity is another advantage: virtualisation can minimise disruptions and inefficiencies, therefore reducing downtime – probably the quickest way to make this aspect of IT more efficient in the short, medium and long term.

Alongside the myriad of new technologies aimed squarely at improving efficiency and performance sits the issue of Information Security. With Data Protection laws getting tougher due to the new 2010 regulations, forcing private companies to declare any breaches to the Information Commissioner who has the right to make them public, and facing them with fines up to £500,000, security is becoming even more of an unavoidable cost than ever. Increased awareness is needed across the entire organisation as data security is not only the concern of the IT department, but applicable to all personnel at all levels. The first step in the right direction is having a thorough security review and gap analysis in order to assess compliance with ISO 27001 standards and study any weak points where a breach can occur. Then workshops are needed to train non-IT staff on how to deal with data protection. Management participation is particularly important in order to get the message across that data safety is vital to an organisation.

Taking a holistic view of IT

Whatever the area of IT under scrutiny, the use of external consultancies and service providers to provide assistance is often essential. That said, it is rare to find an occasion where moving IT away from the heart of the business results in improvements. The crucial element to consider then is balance. Many organisations, as predicted by Gartner at the beginning of this year, are investing in operational rather than capital expenditure as they begin to understand that adoption of the latest tools and assets is useless without a holistic view of IT. When taking this methodology and applying it to the Service Desk it soon becomes apparent that simply by applying a Best Practice approach to an internal desk and utilising the new technologies at your disposal, the quick-fix cost benefits of off-shoring soon become untenable.

Pete Canavan, Head of Support Services

This article is featured in the current issue of ServiceTalk

Public sector, private data – is outsourcing the Service Desk too risky?

As the Treasury announce cuts amounting to £6.25bn, £95m of which deriving from a reduction in IT spending, attention is once more directed towards outsourcing as a means to reduce IT expenditure. But Information Technology stores and processes large amounts of personal, sensitive and confidential data, and when it comes to the public sector it can have a very high level of sensitivity, hence a lot of trust is bestowed upon personnel that have access to it. It is already difficult to place confidence in in-house staff, due to the high number of data breaches that are perpetrated by internal staff, backed up by statistics, but the option of off-shore outsourcing elevates the threat level from code yellow to code red.

Widespread use of Cloud computing is unlikely to become a reality in the foreseeable future: strict regulations relating to the Data Protection Act, which the public sector in particular follows religiously, make it virtually impossible to obtain assurances that the data stored outside the organisation’s premises is adequately controlled and kept secure. However, remote access provided to support staff based at another location, be it in the same or another country, still presents a risk in that information can still be collected and recorded. 

With the government CIO, John Suffolk, encouraging the use of outsourcing to countries offering cheaper labour as a cost-cutting strategy, it is time to understand to what extent this can be done and if the public sector can really benefit from off-shoring the Service Desk after all.

Organisations in the public sector are essentially different from private companies: although it seems obvious, it is important to bear in mind that they are funded by British taxpayers, and therefore work for them. However, providing access to personal and sensitive data to companies thousands of miles away and outside the European Union which have different culture, ethics and laws might put the safety of their personal details at risk. For instance, information such as identity, financial and health records can fall into the wrong hands and be used for malicious intent. Not long ago, ITV found that British medical and financial records held abroad could be bought for just a few dollars. No matter how ‘rare’ this event might be, it is not a risk Britons are prepared to take, if the decision were up to them.

It is certainly difficult for organisations in the public sector to carry out a satisfactory level of service when their budgets are being reduced, but it is important to think about the consequences of outsourcing the IT department: a move initially intended to save money can end up making the organisation lose money as a result of large fines and court cases, and most importantly, it can lead to a loss of credibility and reputation.

Recognising a ‘safe’ provider is not easy, especially as identification of a risky supplier often only happens once a breach has been committed, when it might be too late for an organisation to escape liability and to save face. However, it is possible to assess a provider’s trustworthiness before a breach occurs: they should follow Best Practice and have a mature Information Security Management System in line with the ISO 27001 standard, assessed through an independent security review, risk assessment and gap analysis.

There are also better alternatives to extreme or risky versions of outsourcing. For example, the IT department can be kept internal, for better control, but be managed by a third party which is aware of the stringent safety measures necessary for working in this peculiar sector. That said, most information security breaches pertain to threats inside an organisation and are in many cases not a malicious act but a consequence of ignorance, frustration or lack of risk awareness. Well-trained and appropriately-skilled Support staff can reduce these security incidents to a minimum, as would implementing organisational-wide information security awareness sessions.

Management commitment within the industry is especially important to convey the significance of protecting personal and sensitive data and the seriousness of breaching the Data Protection Act, which does not only concern IT staff. Extensive training is necessary to raise awareness across the entire organisation – whenever there is a data breach it is never the provider that suffers the worst consequences, but the organisation’s reputation.

 

David Cowan, Head of Infrastructure and Security

This opinion piece appears in this week’s Dispatch Box on Public Technology: http://www.publictechnology.net/sector/public-sector-private-data-outsourcing-service-desk-too-risky

So, Microsoft outsources IT support – What’s all the fuss about?

When a press release was issued a couple of weeks ago announcing that Microsoft’s IT help desk, desk-side services, and infrastructure and application support were to be managed on-premise by Infosys for its branches across the globe, it caused a lot of controversy in the media.

Outsourcing frequently provokes strong opinions, and whilst it is often accepted that outsourcing catering or cleaning is a sensible move, outsourcing IT is often seen in a different light. There can be a supposition that the company in question has somehow lost control of what it is doing and is embarking on outsourcing as a “last resort” to help clean up the mess.

These beliefs appear to be driving much of the Microsoft criticism. People have been criticising Microsoft products for years that they are difficult to manage, so if the company that produces them can’t even manage them, what chance for the rest of us?

However, this thinking stands on shaky ground. First of all, the company has always endorsed outsourcing so it is not surprising that they are now embracing what they described as a consolidation strategy, choosing only one provider to deliver all services.

Secondly, there seems to be a lot of prejudice about organisations in the IT field, where it is thought that software producers, hardware vendors and services providers are all the same, which is obviously far from true.

It should go without saying that as Microsoft is a software company, it is not implied that it can also be an expert in infrastructure support and management. Just like organisations in many other fields, the giant turned to a managed support provider to help with improving its system while achieving its main aim, cost-cutting. It is recognised that delegating the management of support services to experts can enhance IT efficiency and overall improve the whole business operations, minimising disruptions, inefficiencies and time and money loss.

The controversy, if there was one, would be that they have chosen an Indian provider to deliver the service rather than one based in the US, given all the fuss about off-shoring stealing work from the country. But the company was probably faced with little choice: the provider has to deal with 450 locations across more than 100 countries, including issues such as managing different languages, cultures and laws. Only an offshore global giant could probably do the job for Microsoft whilst still keeping the offer affordable.

The focal point of the discussion, anyway, should not be the provider, but the service. It is remarkable that an important company such as Microsoft recognises the value of managed services, choosing this option over full outsourcing. As they and a growing number of organisations of all sizes might have understood, this solution proves ideal when the need to delegate management of IT functions is accompanied by the desire to retain a certain level of power and control over operations, to retain intellectual property, and ultimately for enhanced security.

Staying up to date with the latest techniques, solutions and best practice is something that internal IT departments can struggle to achieve, but is generally easier for a service provider working across multiple clients. This strategic move shows us Microsoft doing what it frequently does – not accepting the status quo but frequently looking for “the better way”. Whether it has made the right decision is obviously to be proven, but it is the organisations that never change that are most prone to obsolescence.

 

 

Adrian Polley, CEO

Find an edited version in the Comment section of CRN: http://www.channelweb.co.uk/crn/comment/2262088/microsoft-outsources-support

What to look for when bringing offshore work back home

If we look at the number of organisations outsourcing their software development, IT service desk or WAN support to India and other cheap-labour countries, offshoring nowadays seems not only convenient and straight-forward, but as easy as abc. But what the media doesn’t seem to cover is an issue that is not at all uncommon: it hit Barclays, Quark, Dell and a large number of other companies – what happens if all is not well and you have to take the offshored back in-house?

The phenomenon has already been dubbed ‘backshoring’ in the US, where 30% of Fortune 500 companies have experienced it, according to Oxford Analytica. As for the UK, a survey conducted by the National Computing Centre found that 14% of the respondents who have used offshored facilities for their IT have switched work back to the UK, and another 24% are considering the move. This means that nearly 40% of organisations haven’t found offshoring satisfying.

However, the problem is that once you decide to reverse the decision, the process is not trouble-free. Of those who have taken services back in-house, 30% say they have found it ‘difficult’ and nearly half, 49%, ‘moderately difficult’. When we talk about IT, in fact, we are dealing with the pulsating heart and veins of a modern business, where everything seems to rely on technology. So the costs of reversing an offshore operation do not only cover the facilities and assets – it extends to data security, staff skills, system disruptions and inefficiencies, low user or client satisfaction, client loss, and maybe much more. What happens to the CIO who proposed or supported the offshore move?

Let’s look at some examples. Barclays’ recent ‘divorce’ from Accenture appears to be peaceful and grievance-free, just the best answer to their present needs. When the application development and management of their banking systems were assigned to Accenture in 2004, around 900 employees were transferred to the provider. But only 230 are expected to be taken back. What happens to the various development, support and maintenance staff and their skills every time they are shifted to the other side? Some are taken on by the new employer under TUPE arrangements – the Transfer of Undertakings (Protection of Employment) Regulations preserve employees’ terms and conditions with the previous company – although the majority will be lost, either voluntarily or forcefully made redundant. Unfortunately, when you lose people you lose their acquired skills as well, and to that there is no remedy.

An organisation which decided to openly talk about their failure is Everdream, which provides customers with remote desktop management services, and that in 2003 decided to outsource their Californian help desk to Costa Rica to aid scalability as their business was growing. Fifteen people were sent to the provider to train the call centre employees ‘the Everdream way’. It turned out to be an ever-nightmare when trainers found themselves dealing with a completely different business culture where the idea of customer service was “move ‘em through”, clashing with the hands-on approach of the firm. The strong foreign accent also failed to impress the customers, who started to complain almost immediately. The ‘shallow talent pool’ led Everdream to pull out, as happened to Dell the previous year: customers unhappy with their Indian technical support launched in 2002 made the company decide to re-route calls back to the U.S. In Everdream’s case, the pull-out was spread across six months, making the transition softer and minimising the damage, and many employees had their jobs back. However, it did take some extra financial effort to take the work back in-house and the long-term damage, the relationship with customers, is difficult to measure.

Bad customer service and poor product quality is what brought many Quark clients to switch from their software to Adobe’s InDesign during the Indian experience, never to return – 60% of their customer base, it is claimed. When work was brought back home, the C-executive who decided and led the offshore move was fired without hesitation.

Finally, a mixture of reasons have brought many offshored Oracle projects to fail for a number of US companies, it was reported a few years ago. Communication problems, poorly skilled and trained developers and enormous cost over-runs were topped with the previously unconsidered difference in the Indian law system. Oracle jobs were re-shipped back to the US, but the unrecoverable financial loss left many organisations strained.

These examples confirm the findings of research in the area: the most popular reason for failure is the lack of preparation and execution not on the provider’s but on the client’s side. An organisation needs to be prepared and know what they want from the provider and if offshoring is the right move, to avoid disappointment. Poor joint planning is also often at the root: if the client does not clearly outline and clarify roles and responsibilities, expectations, performance metrics and flexibility prior to signing contracts, there is not much to be expected. Service Level Agreements have to be clear for both sides and have realistic metrics and targets. Experts also suggest defining an exit strategy for contract end or for under-performance, as in fact poor vendor performance is another important reason for failure. Problems related to communication between the in-house and offshore team and to their different culture are often the cause of poor execution, as highlighted with the case of Everdream.

It is important to note, nonetheless, that not all outsourcing projects end up in failure. There are plenty of instances where they do deliver real benefits, both in terms of cost-reduction and improvements in service. However, the success stories tend to involve the use of a partner closer to home, able to understand the client’s environment while allowing easier monitoring of their performance.

So in the case of offshoring gone wrong, what should a CIO take into account when considering the costs of its failure?

The most obvious, and often largest, cost comes about when taking down the offshored department and re-installing it elsewhere should things go wrong, either in-house or with an IT partner nearer to home. Then there are the costs related to lost skills: organisations are unlikely to be able to re-employ previously fired staff so it will be a case of starting again from scratch. New staff will have to be found and trained, and it will take time before service levels are sufficient to deal with business demand – meaning costs could quickly run to seriously damaging amounts.

Technical issues like data security are also not to be overlooked. Different countries have different laws, and might not be so respectful of the privacy of your data. It can be lost, stolen and leaked by redundant employees abroad, legal protection from whom might be weaker than in the UK.

Finally, one last consideration for any CIO is the cost to them as an individual. Should a project as controversial as offshoring fail the responsibility is likely to rest squarely on the shoulders of the person in control. This means ensuring offshoring is really the right path for your organisation is key, as is making sure you are able to clearly demonstrate that it was the partner, not the process, that was at fault should things go wrong – both of which being easier said than done.

 Adrian Polley, CEO

 This article has been published on CIO UK: http://www.cio.co.uk/article/3217488/what-to-look-for-when-bringing-offshore-work-back-home/?intcmp=HPF3

5 thoughts on the IT Service Desk that need re-thinking

Slowly recovering from the crisis and with a more careful eye to the unsteadiness of the market, many organisations across all sectors are considering ways to make their IT Service Desk more cost-efficient, but some ideas decision-makers might have could be partially or totally wrong.
So if you are thinking any of the following, you might want to think again:

“Our Service Desk is costing us too much. Outsourcing it to [insert favourite low-cost country abroad] can solve the problem.”

Although outsourcing has it advantages, doing it off-shore is a huge investment and has a lot of hidden costs, including losses due to inefficiencies and disruptions during the transition or caused by bad performance – bad service can damage the business. Moreover, reversing the move can be a costly, lengthy and treacherous procedure. Before they consider drastic moves, organisations should try to identify the reasons their IT expenditure is so high. Likely causes could be inefficient management, poor skills or obsolete tools and processes. Best practice implementation, using automated ITIL-compliant software and updating IT skills are a first step towards efficiency; however, a more cost-effective outsourcing solution could be handing management of the Service Desk to a service provider that can take care of service improvement on site.

“If leading companies around the world are off-shoring, it must be convenient.”

Only Global organisations seem to gain great benefits from off-shoring their IT department, often being the sole solution to reduce their otherwise enormous spending. Just because many important organisations are doing it, it doesn’t mean it is suitable for all. For example, there are important cultural differences which may not be an issue for those organisations with offices and clients spread worldwide that are already dealing with a mixture of cultures, but can definitely cause problems for a relatively European company with a certain type of business mind. Another issue is costs: many organisations find that after the conspicuous initial investment, cost saving might not exceed 10% and what is more, the new facility sometimes creates extra costs that were unforeseen, actually increasing expenditure.

“Our system has always worked; I don’t see why we should change it.”

Technology is changing regardless of one’s eagerness, and it is important to keep up with the changing demands of the market in order to remain competitive. A certain system might have worked five years ago, but new technologies and procedures can make older ones obsolete and comparatively inefficient. Take server virtualisation for example: business continuity can reach astonishing levels thanks to live migration, guaranteeing a better service with the extra benefit of energy saving through consolidation. Adoption of ITIL Best Practice processes also helps increase efficiency not only in the Service Desk, but in the business as a whole. Thanks to its implementation, organisations can save time and money and enhance the smoothness and quality of all IT-reliant operations, which helps the entire business.

“We need more 2nd and 3rd line engineers.”

When problems need more second and third-line resolution, it probably means first line is not efficient enough. Thanks to specific automated software to help with simple incidents and to the adoption of software as a service managed by an external provider, the simplest and most complex issues are being taken care of, meaning some of the work of a first-line engineer and the whole work of third-line engineers are no longer an issue for the organisation’s IT staff. However, the remaining incidents still need a more efficient resolution at first-line level: the more incidents are resolved here, the less need there is to increase the number of more expensive second-line staff. To improve first-line fix, engineers need to be trained to follow Best Practice processes that can make incident resolution fast and effective, as well as help the organisation deal with change and prevent risks connected to data security.

“I’d rather we managed our IT ourselves – control is key.”

An organisation might be proficient in its field, but may find it difficult to manage its IT Service Desk as effectively. When cost-efficiency is important, it is best to leave one’s ego at the door and have experts do the job. The IT arena is constantly changing and continuous training and updating is necessary in order to keep up with the market standards, and an organisation often cannot afford to invest in constant innovation of their IT. If outsourcing, on and off-shore, gives organisations the impression of losing control, then managed services is a better solution: the existing team and tools, or new and improved ones, can be managed by a service provider directly on the office premises, if needed. Thanks to this, organisations can focus on the more important parts of their business, leaving IT to the techies while still keeping an eye on it.

 

Adrian Polley, CEO

Find this article online at Fresh Business Thinking: http://www.freshbusinessthinking.com/business_advice.php?CID=&AID=5004&Title=5+Thoughts+On+The+IT+Service+Desk+That+Need+Re-Thinking

Do you really want to lose (inter)face?

Off-shoring of IT services and especially Service Desks is gaining popularity as Financial Directors continue to reduce IT spend and headcount. But before a decision as crucial as this can be taken it is important to assess the potential short, medium and long term impact on the user community and ultimately the bottom line.

Although the Service Desk is just a component part of IT as a whole, it remains the ‘face’ of IT and in most cases, the measurement point of both user perception of IT effectiveness and impact on the user’s ability to carry out his or her job. A good or bad Service Desk will strongly influence the user’s motivation to engage with it and ultimately, solve issues that are affecting productivity.

The Service Desk has evolved rapidly in recent years becoming ever more technical and at present, with the use of remote tools, a decent desk will be achieving in excess of 70% first time fix. The downside of this, however, is the fast reducing need for any face-to-face interaction between IT and its customers. Ten years ago an engineer would often visit the user’s desk to solve an issue, then it would just be a voice over the phone from another room in the same building and after that, perhaps from another company in the same city. Now users can find themselves contacting someone who isn’t even on the same continent.

From the users’ point of view, the lack of interface can lead to a real trust issue and a feeling of discomfort with the service they are receiving. Over the next few years it is likely that most organisations will change their desktop significantly adopting Windows 7, virtualisation, the latest versions of Office and Outlook and ever more complicated applications, as well as any number of scenarios involving personal devices. This means that users will require coaching, reassurance and genuine old-school technical support to see them through the period of change and beyond without impacting on their ability to perform well in their jobs.

Current experiences of offshore arrangements, however, show that this level of service is not always deliverable from overseas. Many organisations with a large contingent of fee-earning employees have already worked this out and are sticking with or returning to locally based highly technical Service Desk models that extract full value from the working day of the user.  Asking a Lawyer or Banker to put up with anything less than a first class service regardless of its reduced cost is a false economy – in fact, investing in the front line of IT can give valuable time back to the user that equates directly to the bottom line.

Regrettably, for those businesses that have already off-shored or are about to follow the model it may be too late. The cost in terms of business continuity as well as impact on P&L are likely to make reversing the decision hugely painful if not completely prohibitive.

It is evident that there are many benefits to outsourcing, but when taken to the extreme, as in the case of off-shoring, the apparent cost savings are potentially not what they seem. Before making a decision with such far-reaching consequences, careful thought needs to be given to the overall impact on the business, with particular attention to how end users of the service will be affected by the choice.

 

Richard Forkan, Director of Business Development

This article is featured on Director of Finance Online  http://www.dofonline.co.uk/governance/outsourcing-the-service-desk-021016.html