Archive for the ‘IT managed services’ Category

IT Support: grow-your-own or buy organic?

May 12, 2011

IT support staff are for many companies what vegetables are to your body – essential elements for efficient functioning and critical to avoid major failures. Exactly like cultivating your own greens, having an in-house IT team may give you a sense of trust and control unlike other solutions. However, it is also expensive and time-consuming, therefore not always convenient.

A ‘home-grown’ solution may suit larger organisations that either have the need to train analysts to use their self-developed software, have security or strategic reasons to have total control over the IT department or have the resources (financial, human and time-related) to train and manage a large IT personnel base – although this is quickly moving away from the norm for even these sizes of business.

Other organisations, smaller and more prone to seeking cost-efficiencies even outside of the office, might find an outsourcing or managed service solution more suitable. Of course, getting engineers from a service provider is like getting veggies from a market stall or through online shopping – it is generally easier and cheaper, but the risk is that they are not trustworthy. The engineers provided by a third party are completely out of your control: you don’t know where they come from, if they were trained correctly or if they will harm your company by stealing data.

But this might not be a huge problem for small companies for which IT is not strategic. A full outsourcing or offshoring solution could suit organisations which do not need engineers with very specific knowledge or strict SLAs and for which data security is not a major issue. However, companies which do need security and efficiency, but also to cut down cost and access expertise they lack internally, would need a solution that merges control with delegation.

Going back to the vegetables metaphor, to balance the need for quality and reliability with the desire to delegate cultivation and management, you would probably go to a trusted organic greengrocer’s, where products feature quality labels, PDO and organic certificates, and a reliable, experienced source.

It is in fact important to carefully choose a support provider that can meet your specific needs, with certified, trained and up-to-date engineers able to meet targets measured through KPIs. Managed services, moreover, will allow the organisation to keep some kind of control over the IT department while leaving its management to the experts.

All in all, there isn’t one best choice: an organisation might find advantage in keeping the department in-house, having a co-sourced solution or outsourcing management or the whole department to a third party. The important decision is to choose carefully based on the organisation’s features, needs and goals so that IT can be used as part of their overall strategy for business success.

Pete Canavan, Head of Support Services

This article has appeared on Computing magazine and Computing.co.uk: http://www.computing.co.uk/ctg/opinion/2069345/support-grow-organic


Advertisements

Surviving IT spending cuts in the public sector

February 15, 2011

How to create cost-efficiencies in the post-Spending Review scenario

After the announcement of 25%-40% budget cuts last year, it is reasonable to expect IT to be one of the departments to suffer the most in public sector organisations. However, cuts in IT support and projects may bring inefficiencies and disruptions, which can then lead to real losses and increasing costs.  More than ever, CIOs and IT Directors at public sector organisations are taking various options into consideration, from quick-fixes to farther-sighted ideas, trying to find a solution that will produce savings without compromising on service quality and data security, and perhaps even increasing efficiency. Here are some common ideas analysed:

Solution 1: Reducing headcount

Firing half of your IT team will produce immediate savings since you will not have to pay them a salary the following months, but when Support staff is insufficient or not skilled enough to meet the organisation’s needs it can lead to excessive downtime, data loss, security breaches or the inability to access applications or the database. A ‘quick-fix’ such as this represents a false economy. Reviewing resource allocation and improving skill distribution at Service Desk level, on the other hand, can be a valid solution. Indeed many IT departments can find themselves top heavy with expert long serving team members where the knowledge supply out-weighs the demand. A larger proportion of lower-cost 1st line engineers with improved and broader skills and a fair reduction of the more deeply skilled and costly 2nd and 3rd line technicians can not only reduce staff spend, but also create efficiencies with more calls being solved with first-time fix.

Solution 2: Offshoring

Although the thought of employing staff who only ask for a small percentage of a normal UK salary may sound appealing, offshoring is not as simple as ABC. It requires a large upfront investment to set up the office abroad, with costs including hardware, software, office supplies and travel and accommodation of any personnel that manages the relationship with the supplier. Organisations are not able to afford that kind of investment, especially since this solution only creates cost-savings in the long term – but the public sector needs cost savings now. Furthermore, the different culture and law can represent a risk to information security: data could be easily accessed by staff in a country thousands of miles away and sold for a couple of dollars, as various newspapers and TV channels have found out. With the extreme sensitivity of data processed by Councils, charities and the NHS, no matter how hard foreign suppliers try to convince the public sector to offshore their IT, it is unlikely this will happen – it is simply too risky.

Solution 3: IT Cost Transparency

Understanding the cost of IT and its value to the organisation, being able to prioritise and manage people and assets accordingly and knowing what can be sacrificed, can help identify where money is being wasted, which priorities need to be altered and what can be improved. For instance, do all employees need that piece of software if only three people actually use it more than twice a year, and do you need to upgrade it every year? Do all incidents need to be resolved now, or can some wait until the more urgent ones are dealt with? Do you need a printer in each room, and when it breaks do you need to buy a new one or could you make do with sharing one machine with another room? These and many other questions will lead to more efficient choices, but only after having identified and assessed the cost and value of each aspect of IT, including people and assets.

Solution 4: Cloud computing

There are contrasting opinions on this matter. The Government CIO, John Suffolk encourages the use of this service, and reckons that the public sector would be able to save £1.2bn by 2014 thanks to this solution. However, many believe that placing data in the hands of a service provider can be risky due to the highly sensitive nature of the data involved, so traditional Cloud computing may not be an ideal solution.

A shared environment such as the G-cloud, where various public sector organisation share private data centres or servers, may be a safer option that allows the public sector to achieve major efficiencies and cost savings, while minimising issues related to data security.

Solution 5: Shared Services

A shared service desk is not for everyone – it can only work if the organisations sharing have similar needs, culture and characteristics, and as IT can be a strategic advantage for competitive businesses, sharing the quality may mean losing this advantage. But for the public sector, this solution may be ideal. Local councils with the same functions, services and needs will be able to afford a higher level of service for a reasonable price, sharing the cost and the quality.

Solution 6: Service Management Good Practice

‘Doing more with less’ is one of the most used quotes since the recession started. And it is exactly what the public sector is looking for. Public organisations don’t want to be ITIL-aligned, obtain certifications, and tick the boxes. All they want is efficiency and cost savings – and through the right Service Management moves, after an Efficiency Review to find out what needs improvement and how, this can be obtained through the right choices regarding people, processes and technology.

Solution 7: Managed Services

A solution where the IT Service Desk is kept internal with its assets owned by the company, but managed by a service provider is becoming more and more popular among organisations from all sectors. When the sensitivity of data and a desire for a certain level of control over IT rules out full outsourcing, but in-house management does not allow to reach potential cost savings and efficiencies, a managed service may represent the ideal ‘in-between’ choice. The post-Spending Review public sector, then, may benefit from a flexible solution that is safer than outsourcing, but more cost-effective than an in-house solution.

Every challenge can be a new opportunity

Although budget reduction may affect investment in large IT projects and shiny new technology, it also represents the ideal opportunity to analyse what is essential and what is not, and to prioritise projects based on this. The public sector, then, find itself prioritising for effectiveness over compliance, cost-efficiency over cheapness and experience over offers, when choosing providers and tools for their IT. This will lead to the choice of solutions that will help organisations run more smoothly and safely, invest their resources better and, ultimately, deliver a service that will bring maximum customer and user satisfaction.

Martin Hill, Head of Support Operations

(also on Business Computing World: http://www.businesscomputingworld.co.uk/how-to-create-cost-efficiencies-in-the-post-spending-review-scenario/)

10 things we learnt in 2010 that can help make 2011 better

December 23, 2010

This is the end of a tough year for many organisations across all sectors. We found ourselves snowed-in last winter, were stuck abroad due to a volcano eruption in spring, suffered from the announcement of a tightened budget in summer, and had to start making drastic cost-saving plans following the Comprehensive Spending Review in autumn. Data security breaches and issues with unreliable service providers have also populated the press.

Somehow the majority of us have managed to survive all that; some better than others. As another winter approaches it is time to ask ourselves: what helped us through the hard times and what can we do better to prevent IT disruptions, data breaches and money loss in the future?

Here are some things to learn from 2010 that may help us avoid repeating errors and at the same time increase awareness of current issues, for a more efficient, productive and fruitful 2011:

1- VDI to work from home or the Maldives

Plenty of things prevented us getting to work in 2010; natural disasters, severe weather and industrial disputes being the biggest culprits. Remote access solutions have been around for a long time, but desktop virtualisation has taken things a stage further. With a virtual desktop, you’re accessing your own complete and customised workspace when out of the office, with similar performance to working in the office. Provided there’s a strong and reliable connection, VDI minimises the technical need to be physically close to your IT.

2- Business continuity and resilience with server virtualisation

Server virtualisation is now mainstream, but there are plenty of organisations large and small who have yet to virtualise their server platform. When disaster strikes, those who have virtualised are at a real advantage – the ability to build an all-encompassing recovery solution when you’ve virtualised your servers is just so much easier than having to deal with individual physical kit and the applications running on them. For anyone who has yet to fully embrace the virtualisation path, it’s time to reassess that decision as you prepare for 2011.

3- Good Service Management to beat economic restrictions

With the recent economic crisis and the unstable business climate, the general message is that people should be doing more with less. It’s easy to delay capital expenditure (unless there’s a pressing need to replace something that’s broken or out of warranty) but how else to go about saving money? Surprising, effective Service Management can help deliver significant cost-efficiencies through efficient management of processes, tools and staff. Techniques include rearrangement of roles within the IT Service Desk to get higher levels of fix quicker in the support process, and adoption of some automatic tools to deal with the most common repeat incidents. Also getting proper and effective measures on the service, down to the individuals delivering it, helps to set the bar of expectation, to monitor performance and improve processes’ success.

4- Flexible support for variable business

An unstable economic climate means that staffing may need to be reduced or increased for certain periods of time, but may need rescaling shortly afterwards. At the same time epidemics, natural disasters and severe weather conditions may require extra staff to cover for absences, often at the last minute. Not all organisations, however, can afford to have a ‘floating’ team paid to be available in case of need or manage to get contractors easily and rapidly. An IT Support provider that can offer flexibility and scalability may help minimise these kinds of disruption. In fact, some providers will have a team of widely-skilled multi-site engineers which can be sent to any site in need of extra support, and kept only until no longer needed, without major contractual restrictions.

5- Look beyond the PC

Apple’s iPad captured the imagination this year. It’s seen as a “cool” device but its success stems as much from the wide range of applications available for it as for its innate functionality. The success of the iPad is prompting organisations to look beyond the PC in delivering IT to their user base. Perhaps a more surprising story was the rise of the Amazon Kindle, which resurrected the idea of a single function device. The Kindle is good because it’s relatively cheap, delivers well on its specific function, is easy to use and has long battery life. As a single function device, it’s also extremely easy to manage. Given the choice, I’d rather the challenge of managing and securing a fleet of Kindles than Apple iPads which for all its sexiness adds another set of security management challenges.

6- Protecting data from people

Even a secured police environment can become the setting for a data protection breach, as Gwent Police taught us. A mistake due to the recipient auto-complete function led an officer to send some 10,000 unencrypted criminal records to a journalist. If a data classification system had been in place, where every document created is routinely classified with different levels of sensitivity and restricted to the only view of authorised people, the breach would have not taken place as the information couldn’t have been set. We can all learn from this incident – human error will occur and there is no way to avoid it completely, so counter measures have to be implemented upfront to prevent breaches.

7- ISO27001 compliance to avoid tougher ICO fines

The Data Protection Act was enforced last year with stricter rules and higher fines, with the ICO able to impose a £500,000 payment over a data breach. This resulted in organisations paying the highest fines ever seen. For instance Zurich Insurance which, after the loss of 46,000 records containing customers’ personal information, had to pay over £2m – but it would have been higher if they hadn’t agreed to settle at an early stage of the FSA investigation. ISO 27001 has gained advocates in the last year because it tackles the broad spectrum of good information security practice, and not just the obvious points of exposure. A gap analysis and alignment with the ISO 27001 standards is a great first step to stay on the safe side. However, it is important that any improved security measure is accompanied by extensive training, where all staff who may deal with the systems can gain a strong awareness of regulations, breaches and consequences.

8- IT is not just IT’s business – it is the business’ business as well

In an atmosphere where organisations are watching every penny, CFOs acquired a stronger presence in IT although neither they nor the IT heads were particularly prepared for this move. For this reason, now the CIO has to find ways to justify costs concretely, using financial language to propose projects and explain their possible ROI. Role changes will concern the CFO as well, with a need to acquire a better knowledge of IT so as to be able to discuss strategies and investments with the IT department.

9- Choose your outsourcing strategy and partner carefully

In 2010 we heard about companies dropping their outsourcing partner and moving their Service Desk back in-house or to a safer Managed Service solution; we heard about Virgin Blue losing reputation due to a faulty booking system, managed by a provider; and Singapore bank DBS, which suffered a critical IT failure that caused many inconveniences among customers. In 2011, outsourcing should not be avoided but the strategy should include solutions which allow more control over assets, IP and data, and less upheaval should the choice of outsourcing partner prove to be the wrong one.

10- Education, awareness, training – efficiency starts from people

There is no use in having the latest technologies, best practice processes and security policies in place if staff are not trained to put them to use, as the events that occurred in 2010 have largely demonstrated. Data protection awareness is vital to avoid information security breaches; training to use the latest applications will drastically reduce the amount of incident calls; and education to best practices will smooth operations and allow the organisations to achieve the cost-efficiencies sought.

Adrian Polley, CEO

This article has been published on Tech Republic: http://blogs.techrepublic.com.com/10things/?p=2100

Taking the third option

October 26, 2010

Many organisations are moving to a ‘best of both worlds’ between insourcing and outsourcing – Managed Services.

Efficient management of IT Support has become a crucial issue for organisations across all sectors. It is being increasingly recognised not only as a means to improve the whole business, but also as an instrument to create strategic advantage and added business value.

Many organisations identify two distinct types of management options for their IT Support – controlled and visible in-sourcing and the apparently cost-efficient outsourcing.  But for organisations dealing with high value users, non standard applications or sensitive data, outsourcing can represent too big a risk, leaving the single option of keeping IT Support in-house. Financial institutions, law firms, professional services businesses and some sections of the public sector may well then believe that they have no option but to ignore a potentially sizable benefit in cost and efficiency.

However, there is a third option embraced by a diverse pool of organisations such as software giant Microsoft, public sector body Serious Fraud Office and law firm Simmons & Simmons that allow the utilisation of outsourcing benefits with none of the drawbacks – the Managed Service.

A recent survey of CIOs showed that 19 per cent of those interviewed are already using Managed Services for their IT Service Desk, and that number is expected to rise to 34 per cent towards the middle of 2011. According to participants in the CIO Market Pulse Survey for Management Excellence they chose Managed Services primarily due to a lack of appropriate internal resources, a desire to retain control and the need to reduce costs.

A Managed Service was seen as the best option for their organisation because it was thought to be less risky than traditional outsourcing and more efficient than internal management. In fact, this solution can be regarded as more than just the halfway house between insourcing and outsourcing, it is now in many cases a superior solution incorporating all the best features of both and none of the weaknesses.

Its main strengths are similar to those of outsourcing – for instance, the provider manages all aspects of the function, from staff to operations and is responsible for Service Level Agreements and TUPE. The differences mainly involve the physical location of the team, with a Managed Service utilising the clients office space and infrastructure and an Outsource placing the team anywhere in the world.

Although outsourcing is universally assumed to be the cheapest option since it is often carried out in countries where the cost of labour is very low, statistics show that overall cost savings often don’t exceed a mere 10-15%. In fact, when the possible degradation of service and inevitable cultural changes are forced into the user base and given a cost, the actual saving can be in low single digits. The problem becomes even more acute when the user base comprises staff who generate income streams or are a high salary cost to the business.

Using high value users’ time to prop up a poor performing support function can easily be costed and the results are startling. Using just an average user cost to a business  of say £20 p.h., simple maths demonstrates that 30 extra minutes per month per user spent interacting with a poor Service Desk, in a 2000 user business will cost it £240,000 p.a. in lost working time. Using the same equation with a Doctor, Lawyer or Banker’s costs produces frightening numbers.

Moreover, offshoring presents an increased risk of data security breaches: there have been many stories in the press of offshore employees selling credit card, health and other personal details collected from client databases.  It can be difficult to control and monitor an office located on the other side of the globe, but the problem of data security does not end with offshoring – even when the outsourced support function is located near the client’s office, all information stored and processed in the systems owned by the provider is at risk, and so is the intellectual property.

If the function is run on the client site and the assets are owned by the client, there is a sense of control over the data and intellectual property. These characteristics make Managed Services similar to insourcing. However, unlike an in-house solution, management of operations, processes and staff is left to the expertise of professionals who are measured via SLA and more often than not, subject to penalties for failure to perform.

Little wonder then that organisations across all sectors are embracing ‘the third option’. Microsoft made headlines when a press release announced that their Service Desk, desk-side services and infrastructure and application support were managed onsite by a provider. Although some of the firm’s critics took it as a sign of weakness, assuming that a software company should be an expert at managing the Service Desk as well, the IT community understood that it was a strategic move driven by the desire to create cost-efficiencies in a safe way. If the likes of Microsoft choose managed services over in-sourcing and outsourcing as the best solution for them, it is likely that the model will apply for many other organisations where control and cost reduction is vital.

It appears that instead of forcing more organisations to offshore to cheaper countries, the economic environment is leading to managed services becoming the favoured choice. According to the CIO survey, 40 per cent of organisations are adopting this option as a result of the economic climate for different aspects of their IT. In comparison, only 26 per cent are turning to outsourcing and 29 per cent are keeping services in-house.

Taking all of this into account, the evidence appears to suggest that the future of IT Support as a business enabler rests on finding the right balance between control and delegation, thus ensuring efficiency meets security in an environment which remains in sight and firmly in mind. Although outsourcing and insourcing still have a place in many organisations, as sourcing models mature and evolve it is becoming apparent that a significant number of organisations will move towards more bespoke, internally managed solutions to meet their particular needs.

Richard Forkan, Director

Find this article on Outsource Magazine: http://www.outsourcemagazine.co.uk/articles/item/3589-taking-the-third-option

The peculiarities of Metro Bank’s IT outsourcing model

October 20, 2010

Recently-launched Metro Bank has made headlines these last few months for more than one reason: it is the first high-street bank to launch in over 100 years; it follows a retail store model, offering longer opening hours and no weekly closing day; and virtually all of their IT is outsourced to a Managed Services provider.

The news of a bank outsourcing its IT does not come as a complete surprise, as many banks outsource certain functions such as software development, IT Support etc. There are elements of novelty in this choice, though – for instance the fact everything but security and the local networks and terminal devices is being outsourced, which puts a lot of technology in the hands of the provider. It is also unusual that they have chosen a new provider, niu Solutions, which is a merger of four different IT and telecom providers and has little track record as a unified company. And finally, what is most interesting about Metro Bank’s set-up is that they are using a new ‘pay-as-you-grow’ Managed Service model that is highly-virtualised, flexible and scalable – something only a start-up is likely to have considered.

Some publications reported that the bank is using cloud computing, but they are probably mistaking the somewhat flimsy term with plain virtualisation. This is not a shared service – the bank has paid upfront for the hardware and has employed the provider to manage their systems, which run remotely from two data centres in the UK.   While it’s likely that the provider will be looking to add customers to the model, there’s little doubt that Metro will insist upon a high degree of separation of “their” equipment in the provider’s datacentre to help minimise security risks.

With any financial firm, but particularly a retail bank, information security is an overriding concern.  As well as the detailed personal and financial records they hold for their customers, there is also concern about who has access to the various financial systems that are used for recording and executing financial transactions.

Locating kit at a provider’s premises introduces a transfer of control issue, but Metro bank will mitigate that by ensuring data at rest is encrypted, and that the right security standards are enforced at the provider’s datacentres.

Clearly it is in the provider’s interest to supply a good and secure service to retain their clients and their reputation, and the advantage of dealing with a supplier is that roles and responsibilities should be clearly defined and contracted.  This is in contrast to relying on internal staff – the assumption might be that this improves security, but it also introduces the risk that there is less formality and, consequently, fewer proper control measures.

The biggest concern in a modern bank is logical security, rather than physical. Access to accounts and key financial systems will be highly restricted and audited. Since operational security at Metro Bank is retained in-house, the risks of a provider’s rogue employee having the level of access necessary to steal data or using the system for criminal purposes is relatively low.

A concern in any outsourcing arrangement is the financial stability of your chosen partner.  Such concerns would be particularly acute for Metro Bank as there would be serious repercussions if, for example, a company failure meant it couldn’t get access to its systems.  Clearly Metro will have done its homework on its chosen provider and insisted on various safeguards and insurances.

The new ‘pay-as-you-grow’ model appears to be convenient especially because of its scalability potentials – after an upfront payment for hardware, the bank pays a cost per user and increases its spend as the client and user base grows. With any new venture, it can be difficult to predict what the level of growth will be, and by adopting this model Metro will only pay for the growth as it’s achieved – rather than needing to make significant upfront investments to ensure growth isn’t hindered. Also, by leaving IT to the experts the bank is able to concentrate on customers and operations without having to worry about IT availability and support, sure of getting a high quality service thanks to SLAs.

This model is certainly interesting, but needs to show it can work in order to gain more trust among both banks and bank customers, and therefore be embraced by a larger number of companies. Retail banking is a better candidate for the model than, say, Investment Banking where the breadth of systems typically used and high-speed real-time requirements for data delivery might deter the organisation from being so bold. Nevertheless, this innovation can create many benefits from a business point of view: if this model manages to work over time, it could create many more opportunities for service providers to enlarge their range of work, and for banks to embrace cost-efficiencies that will enhance their competitive value and, ultimately, their potential for success.

Adrian Polley, CEO

The perils of commoditising IT Support

September 2, 2010

The term ‘commoditisation’ seems to rear its head whenever there is a perceived trend for technology to become standardised and, however unlikely it is to become prevalent, there are often many positives that can be identified from its methods. After all, standardisation should mean technology becomes more affordable and reliable in the first instance and easier and cheaper to support once implemented. However, when this trend spills over into IT Support and Service Delivery, then the positives become much more difficult to identify.

Its stealthy advance into the marketplace is understandable. For a large-scale, multinational provider of IT Support, being able to implement ‘off-the-shelf’ models means quicker turnaround and less upkeep once the service is underway. It is also easier to market – do you want the gold, silver or bronze package, sir?

In fact, not only is it easier, due to the sheer size of these providers and the inevitable lack of mobility this brings, it is often the only type of solution they can offer. It is in their collective interests to tell you that your environment, and therefore the solution they provide, is the same as the business next to you.

The obvious problem they then experience is differentiating themselves from their competitors. Better customer service? More experienced account managers? They simply care that little bit more? The spiel is varied and endless but it never really answers the question any IT Director assessing Support providers should ask. What will your service do to meet the specific needs of my individual business?

For a convincing answer to that question, it is likely you will have to turn to a smaller, niche provider of IT Support. With an ear to the ground and, in many cases, a specialism in a specific vertical or business type, they will soon debunk the myth of the ‘one-size-fits-all’ approach to IT Support.

Of course, tailoring the model is only part of delivering the right IT Support service. Not only should the set-up be right in terms of balance, but the processes used also need to be considered. Again, here lies an area fraught with danger when it comes to standardisation. Best Practice guidelines such as ITIL can undoubtedly provide many benefits, in terms of both performance and efficiency; however, simply implementing ITIL to the letter, as many providers will, is likely to not only be a waste of money but inhibitive to the service in the long run. Even ITIL, the benchmark for Best Practice in IT Support, needs tailoring to the environment in question before it truly performs to its capabilities.

Once the service is up and running, the single largest and most important component is the people that staff it. As a result of technological evolution, advancements in software and the trend towards remote fixes, there has been a cultural change in the way engineers have to work, and the skills they need to bring to the table.

With advanced software able to take care of the most common incidents, the first-line engineer will have to take on some of the responsibilities usually attributed to second-line technicians – especially as virtualised environments allow so many more fixes to take place remotely. As a result they will have to acquire the skills necessary to resolve more challenging issues, therefore need to always be up-to-date with the newest technologies and have a broader but shallow knowledge, as more technical problems can be left to the provider to deal with remotely.

Now many of the larger IT Support providers will no doubt claim this standardisation of skills will lead to IT Support becoming what in economical terms can be described as a ‘perfect market’, where a broader, shallower skill-set will mean lower salaries for engineers, price-war between support providers to win a tender, and competition not only within the same city or country, but extended globally to places where the standard skills can be accessed at a lower cost.

But where the problem with this argument lies is under their ‘one-size-fits-all’ approach – the way to deal with more calls resolvable at the first line is to overload the Service Desk with these ‘commoditised’ engineers to deal with them. With people always the biggest cost, this increase in headcount will inevitably lead to more cost, negating the efficiencies involved in this approach which are generated from so-called ‘less-expensive’ engineers.

A law firm, financial institution and a charity need IT staff with different experience, skills and even mind-set, in line with the organisation’s environment, business culture and goals. Staffing a service desk is never as simple as matching a skill set to a CV and a niche provider should recognise that and provide the right mix of resource to keep numbers (and therefore cost) as low as possible.

Needless to say, there are huge differences between support providers and it is not always the case that the big boys are the wrong choice. Many smaller organisations provide standard services and are unwilling to create the service that best supports each individual client. The fact is, though, that unlike software and hardware, which could potentially benefit from a degree of commoditisation, a service does not come in an out-of-the-box package. Not all businesses are the same –they all have their individual needs, goals, ethics and indeed, technologies and therefore need someone that has the right skills and expertise to understand their unique features and design the best strategy for them, tailored to the client and not rolled out from a standard blueprint.

It is unusual for a support provider or indeed, an individual engineer to have experience in all sectors, hence it is essential to find someone ‘niche’ enough to really be able to add value to a business. Sure an organisation could save money when compared to insourcing by partnering with a standard support provider but they are unlikely to deliver any real assistance in driving the business forward.

Organisations are beginning to see IT as a vital part of the business, including it in their overall strategy and recognising its place as the number one tool for business success. An IT Support provider that can understand the particular needs, aims and environment of the organisation in question and be part of their business strategy is able to create business value simply by bucking the trend for standardisation.

Richard Forkan, Director

Getting back to work – but with a service provider

June 16, 2010

IT professionals can learn from the tough times.

As the UK officially leaves the recession, although, it must be said, staggering instead of marching triumphantly, the IT job market seems to be coming back to life, but with a substantially changed face. IT professionals looking to get back to work after they were made redundant or to make that career move they postponed while things were tough, should take this opportunity to learn from the past twelve months and make a more informed choice when choosing their new employer.

As IT Support and Managed Services acquire larger space in the UK business services market, the timing is right to take IT professionals through the characteristics, as well as the advantages, of working for an IT services provider. It is also important to raise awareness of the skills and role shift that is occurring, which can have a strong influence on one’s decision.

Working for an IT Services company

When working for a service provider you are able to acquire experience in different sectors, depending on the spread of clients, of course. Working on different client sites means gaining the sort of experience normally associated with a number of jobs while keeping the security of continuous unbroken employment. For those IT professionals looking to specialise in a certain sector, there are service providers with extremely niche specialisms that are able to cater for this. Thanks to this, technicians get to practise and develop a great variety of skills, keeping up-to-date with the latest technologies and practices as the provider will want to keep them appropriately skilled.

When Service Level Agreements are involved, the performance of each individual is monitored and assessed. Thanks to this, engineers learn to keep their standards high and therefore become acquainted to being at their most efficient.

Most of the professional advantages can also be seen on a more ‘personal’ level. Being in a variety of environments can help keep one’s enthusiasm fresh, and staff can get to experience different organisations, verticals, technologies and ways of working. This is crucial to deciding which best fit their personality and ambitions. Unlike what happens in non-IT organisations, where it is not unlikely that CIOs, IT Directors and managers do not come from an IT background, engineers find themselves dealing with IT professionals who fully understand their personal and professional skills, which are appropriately valued. Finally, there is also a personal investment in the company which is sustained through a continuous employment.

The changing IT job market

Many analysts have announced a growth in demand of permanent IT staff, in fact research conducted by e-Skills UK shows that the IT industry will continue to grow at a rate of 1.3% per annum, more than four times the average growth rate for all sectors (0.3%). However, the IT workforce is experiencing a restructuring and skills shift, partly because some work is being outsourced, partly due to a standardisation of IT assets and procedures, and also because of the IT environment switching to a software-intensive platform. Jobs related to management, strategy, planning and software development are on the increase, whereas there is less need for more hardware-related or admin jobs such as line repairer and database assistant. According to the survey ‘Technology Counts: IT & Telecoms Insights 2010’, by 2018, the number of IT managers is expected to represent 27% of the IT workforce, strategy and planning professionals 13%, and software professionals will cover 32%. Computer engineers, on the contrary, have an average growth of -0.2% per annum, meaning that in 2018 they are expected to represent only a 3% of IT professionals.

Agile skills

New technologies and job roles bring along a shift in skills. Organisations are now looking for agile skills in their Service Desk engineers: support personnel have to be able to successfully implement new processes based on standard Best Practice, and be familiar with the latest tools that can speed up operations. Adoption of ITIL (Information Technology Infrastructure Library) practices is becoming essential, as is a knowledge of virtualisation. Thanks to an accurate selection of software to help with first-line resolution, and the use of outsourced devices such as servers and data centres whose management is the provider’s responsibility, basic and complex incidents are being taken care of, and on-site engineers are left with anything in the middle. The role of first-line engineers is then extended to some of the tasks originally belonging to second-line technicians, and because of these changes first-line engineers will need to have a broader technological knowledge.

As for higher-level IT professionals, the current upskilling requirements identified by eSkills UK concern the management of business process change, data management and security, leadership and business. The increased need for business skills is due to the fact that the IT department is acquiring a more strategic position within an organisation. Now that the more technical part of IT is moving towards a commoditisation and starting to be easier to deal with, managers and directors need to be able to focus on ROI and cost-effectiveness, and to have the ability to handle increasingly global supplier relationships. As organisations adopt a holistic view, IT is seen as part of the business and not as a service, and IT and business people work together for business transformation – the latter gaining awareness of the power of technology, and the former acquiring broader and deeper business skills, in order to create business value.

The right place to be

Working for a service provider, then, has never been so attractive. A more strategic use of IT means many organisations will search for appropriately-skilled staff externally, leaving selection and management to an expert service provider in order to focus on more strategic parts of the business, and surely IT professionals will want to be in the right place when this happens.

Adrian Polley, CEO

This article appeared in the May/June edition of ITNOW

Public sector, private data – is outsourcing the Service Desk too risky?

June 3, 2010

As the Treasury announce cuts amounting to £6.25bn, £95m of which deriving from a reduction in IT spending, attention is once more directed towards outsourcing as a means to reduce IT expenditure. But Information Technology stores and processes large amounts of personal, sensitive and confidential data, and when it comes to the public sector it can have a very high level of sensitivity, hence a lot of trust is bestowed upon personnel that have access to it. It is already difficult to place confidence in in-house staff, due to the high number of data breaches that are perpetrated by internal staff, backed up by statistics, but the option of off-shore outsourcing elevates the threat level from code yellow to code red.

Widespread use of Cloud computing is unlikely to become a reality in the foreseeable future: strict regulations relating to the Data Protection Act, which the public sector in particular follows religiously, make it virtually impossible to obtain assurances that the data stored outside the organisation’s premises is adequately controlled and kept secure. However, remote access provided to support staff based at another location, be it in the same or another country, still presents a risk in that information can still be collected and recorded. 

With the government CIO, John Suffolk, encouraging the use of outsourcing to countries offering cheaper labour as a cost-cutting strategy, it is time to understand to what extent this can be done and if the public sector can really benefit from off-shoring the Service Desk after all.

Organisations in the public sector are essentially different from private companies: although it seems obvious, it is important to bear in mind that they are funded by British taxpayers, and therefore work for them. However, providing access to personal and sensitive data to companies thousands of miles away and outside the European Union which have different culture, ethics and laws might put the safety of their personal details at risk. For instance, information such as identity, financial and health records can fall into the wrong hands and be used for malicious intent. Not long ago, ITV found that British medical and financial records held abroad could be bought for just a few dollars. No matter how ‘rare’ this event might be, it is not a risk Britons are prepared to take, if the decision were up to them.

It is certainly difficult for organisations in the public sector to carry out a satisfactory level of service when their budgets are being reduced, but it is important to think about the consequences of outsourcing the IT department: a move initially intended to save money can end up making the organisation lose money as a result of large fines and court cases, and most importantly, it can lead to a loss of credibility and reputation.

Recognising a ‘safe’ provider is not easy, especially as identification of a risky supplier often only happens once a breach has been committed, when it might be too late for an organisation to escape liability and to save face. However, it is possible to assess a provider’s trustworthiness before a breach occurs: they should follow Best Practice and have a mature Information Security Management System in line with the ISO 27001 standard, assessed through an independent security review, risk assessment and gap analysis.

There are also better alternatives to extreme or risky versions of outsourcing. For example, the IT department can be kept internal, for better control, but be managed by a third party which is aware of the stringent safety measures necessary for working in this peculiar sector. That said, most information security breaches pertain to threats inside an organisation and are in many cases not a malicious act but a consequence of ignorance, frustration or lack of risk awareness. Well-trained and appropriately-skilled Support staff can reduce these security incidents to a minimum, as would implementing organisational-wide information security awareness sessions.

Management commitment within the industry is especially important to convey the significance of protecting personal and sensitive data and the seriousness of breaching the Data Protection Act, which does not only concern IT staff. Extensive training is necessary to raise awareness across the entire organisation – whenever there is a data breach it is never the provider that suffers the worst consequences, but the organisation’s reputation.

 

David Cowan, Head of Infrastructure and Security

This opinion piece appears in this week’s Dispatch Box on Public Technology: http://www.publictechnology.net/sector/public-sector-private-data-outsourcing-service-desk-too-risky

Doing more with less: an opportunity to learn

May 7, 2010

Budget reduction teaches organisations to prioritise – a lesson to be learnt not only by the public sector.

The recently announced budget has not been kind to public sector IT, just as expected. Large cuts mean that most technology projects will have to be shelved, but this does not make the level of performance the sector is craving for impossible to be reached – on the contrary, budget reduction is the kind of incentive that drives organisations to prioritise and to seek efficiencies, focusing more on operational, rather than capital expenditure. This does not apply exclusively to the public sector, of course: many private companies are struggling with similarly tight purse strings, so there is a lesson to be learnt for them as well from such challenging circumstances. 

Quick-fix plans which consist of simply reducing the number of personnel and only purchasing tools to replace the most obsolete assets are unlikely to represent the best way to preserve, let alone increase efficiency. With most operations nowadays recognising that IT forms the backbone of the organisation, it is clear that a wiser roadmap must be designed. Clear-sighted organisations, then, will have a strategy which sees them realigning roles and improving skills within their IT department, implementing relevant Best Practice processes and adopting tools and technologies that can help towards reducing overall operating costs while improving efficiency, such as virtualised servers and automated service desk management software. Scoping and planning is vital in order to design a strategic solution that is bespoke, fit-for-purpose and scalable, hence fit not only for present conditions but the medium term as well, and to demonstrate clearly what cost efficiencies a well-balanced mix of people, process and technology can achieve. 

In terms of staffing, it seems that many IT Service Desks lack the skills and tools to deal with most of the calls at first-line level, and therefore become overburdened with an unnecessary (not to mention costly) number of second-line engineers, which are also, because of their more ‘flexible’ nature, often slower in dealing with incidents. An up-skilling of first line support in conjunction with Best Practice procedures and the adoption of automated software which can deal with simple and repetitive incidents such as password resets may take the level of first-time fix from as little as 20-30 per cent to 60-70 per cent. This means that a smaller total number of support personnel are needed, especially at second line, and that the business will be remarkably improved, with incidents taking less time to be resolved, resulting in a more efficient service for users.

Best Practice implementation is a key component in this cost-effective innovation project. The adoption of procedures based on a discipline such as ITIL (Information Technology Infrastructure Library) will help any organisation function in the best possible way. The processes described by ITIL deal, among others, with the management of incidents, risks and change. The latter is of particular relevance: to deal with any alteration to the system, be it small or large, without causing inefficiencies, disruptions and consequently business or client loss it is important to have a mature level of Change Management already in place.

Because of the difficulty of accepting change and truly understanding this new way of working, ITIL-based experiential learning sessions are an important aid in delivering the discipline so that change can effectively happen, and to guarantee active participation of all staff taking part in the training. This should not only be limited to people that are directly affected, but extend to management who equally need to embrace the importance of best practice.

Another smart innovation that takes the idea of ‘doing more with less’ in its most literal form is that of virtualisation. Through virtualising both the desktop and server environment cost savings from a reduction in user downtime and further improvements in levels of remote (and therefore first line) fixing can be substantial, not to mention further benefits seen in terms of reduced server maintenance costs (from personnel to energy consumption).

The steps to take may appear quite clear and straightforward, but current in-house skills, resources and experience might not be enough to deal with such innovation and, as a result, many organisations will need the expertise of a service provider. With regards to the public sector, the cheapest outsourcing option, commonly seen as offshoring, may be automatically ruled out due to information security issues. However, security concerns private organisations as well, especially ones which withhold information that is extremely sensitive, such as law firms and banks. These particular companies cannot risk the loss of reputation, not to mention a hefty fine that can follow a breach of the Data Protection Act by a non properly-trained employee or a non-secure service provider.

There is a solution, though, where cost-efficiency can be achieved at the same, or a lower price than an in-house solution. As predicted by analysts in the sector, it is probable that many organisations will be more and more driven towards adopting a managed service solution in the next couple of years. With Managed Services, Service Desk management is taken care of by a third party, often in the office premises, and while personnel and procedures are left in the hands of the provider the organisation still retains ownership of assets and power over data, particularly important when information withheld within the system is sensitive and cannot risk leakage or loss.

It is not uncommon to achieve cost savings of 15 per cent or more when compared to a similar, in-house option, saving organisations money and improving the overall functioning of operations, in turn creating more business opportunities and enhancing the users’ ability to maximise productivity.

When it comes to innovation and change, and especially when that may involve reductions of any kind, it might be true that a view from the inside is not likely to be the most objective. With that in mind, working with a specialist partner would seem to be the most logical conclusion; however, doing more with less is far more likely to be attainable in the long term if management visibility and control is retained internally to ensure IT is kept close to the heart of the organisation at all times. Balance, it seems, is key to success.

 

Jerry Cave, Director

This article features on the BCS website and in the BCS Service Management e-newsletter: http://www.bcs.org/server.php?show=conWebDoc.35420

Sharing the IT Service Desk: sharing cost, sharing quality

May 4, 2010

The importance of IT, just like that of public transport, seems only to be truly appreciated when it stops working properly and stranded users are left to reflect on the value of a more efficient system. The IT quality issue can become particularly important when inefficiencies and disruptions not only slow down the system and create delays, but get in the way of business operations or, even worse, cause losses. As many organisations might have unfortunately already experienced, an extra minute of downtime might lead to money loss, system malfunction can cause loss of data and lack of proper data protection measures can bring information security breaches, causing not only costly fines, but damage to the organisation’s reputation that might not be repairable.

The problem is that high-quality IT support is not always seen as affordable, especially when an organisation needs a bespoke, hyper-efficient, extremely secure service that can understand and meet the needs typical of their particular industry. In reality, however, there are ways to access an excellent service at a cost well within that of most IT budgets. Sharing an IT Service Desk with other organisations within your sector is an easy way to gain access to high levels of IT skills and expertise which are at the same time tailored to your organisation. Staff working for two or more organisations with similar needs, structure and business culture can acquire deeper knowledge of the environment, and the organisations taking part in the share can benefit from shared experience, avoiding the dangers incurred by others.

There are obvious concerns regarding this solution. Organisations might think their data and intellectual property are not secure or that sharing with someone that might well be a competitor could damage them or negate any competitive advantage their IT might bring. Furthermore they could argue that sharing support personnel might mean that there will be less attention towards their business or worse, that resources will be stretched thin due to dealing with the increase in incidents.

In fact the structure of a shared service desk should, if managed by the right provider, guarantee an improvement in service levels when compared to an in-house desk. Service Level Agreements and Key Performance Indicators will ensure the provider is always hitting the levels your organisation requires while having access to a central pool of staff trained to follow best practices and experienced in your specific industry can only improve performance. Take into account the fact that the shared aspect of the service means all of this will be delivered for a reduced cost, and the benefits in terms of efficiency also become apparent.

Despite its obvious benefits, a shared service is not for every organisation. The primary benefits are seen when the sharers are similar organisations and as such there are valid concerns when it comes to how a shared service might compromise any advantage IT might bring over competitors. Due to this there are industries and business sectors where a shared service may not be appropriate – retail or banking for example – but for organisations in the public sector or industries where collaboration is commonplace, such as Law firms, the likelihood of competitive advantage being affected is slim.

Organisations which realise that the kind of service they need to provide might be out of reach when the cost is shouldered alone are likely to turn to this innovative solution more and more in the future, identifying it as a valid alternative to full-scale outsourcing or off-shoring, where the cost advantage is often to the detriment of performance levels. While clearly not applicable to every organisation, as a model, shared services can be used as a route to bypass the dangers typical of services that achieve cost-reductions by cutting down on quality.

 

 

Pete Canavan, Head of Support Services

This article is featured on Director of Finance: http://www.dofonline.co.uk/management/cutting-costs-on-it-service-support-051004.html