All posts by Sandra Vogel

Local authority cloud adoption report ‘misleading’, say experts


Sandra Vogel

5 Jul, 2018

Local government is strapped for cash. Across the UK local authorities are shedding staff and cutting services, and perhaps at times like these, investment is the last thing on their minds.

But clever investment can reap rewards, as cloud services can increase efficiency and improve public access to information. It’s also an essential component of anything falling under the heading of ‘smart cities’, and smart city initiatives themselves can save local government money while creating infrastructure and services fit for the 21st Century.

So, what’s stopping local authorities from doing more with cloud, and why should those who are lagging behind think again about their reluctance?

Whatever happened to Cloud First?

Back in 2013, the Government introduced its Cloud First policy. This is based around a very clear statement that any new project should consider cloud first and foremost above all other solutions.

“When procuring new or existing services, public sector organisations should consider and fully evaluate potential cloud solutions first before considering any other option,” the policy states. “This approach is mandatory for central government and strongly recommended to the wider public sector.”

A recent Citrix report suggests progress towards a ‘cloud first’ policy is painfully slow, with 80% of councils still using on-premise infrastructure, either in isolation or together with a cloud service, to access and manage citizen data. Despite this, 75% of authorities said they were planning on investing in cloud over the next 12 months.

But that’s not the full picture. The research was based on a Freedom of Information request sent to 80 local authorities across the UK, 50% of which responded. According to the Local Government Association, there are 418 unitary, upper and second tier councils in the UK, and, an LGA spokesperson told us that the FOI requests “represent only a tenth of local authorities across England and Wales” and that the research omits the fact that “various council departments have a statutory duty to use specific IT systems in order to carry out their functions”.

An example of this can be found in adult social care where councils still use NHS Mail and N3, a private broadband network currently being phase out in favour of the Health and Social Care Network (HSCN), to share patient data with the NHS.

However, Georgina Maratheftis, programme manager for Local Government at techUK, maintains that while “there are lots of councils across the UK that are realising the benefits of adoption and using cloud services within their organisations,” but that “there are a lot more that are not and should be looking to move to the cloud”.

So what’s the problem?

There is no one single reason that some councils aren’t getting on board with cloud, but there are some fundamentals that can stand in the way of a transformation, and, indeed, of even thinking ‘cloud first’.

Maratheftis suggests there’s “difficulties in gaining the buy-in of senior leadership to see and understand the long and short-term benefits of cloud”, and that many become overly fixated on concerns around the change of working culture or overcoming the skills and capability barriers as a result of moving to new technology.

Ingrid Koehler, service Innovation lead at the Local Government Information Unit, a London-based think tank and charity, argues that authorities should be forgiven for being a little sheepish.

“Local government is naturally risk-averse and even in good times may hesitate to innovate for perfectly rational reasons,” says Koehler. “In times where finance is pressured, it can be even harder to invest in change and transformation even where savings can be calculated.”

Crashing through the barriers

With the Cloud First strategy entering its fifth year, it’s about time these barriers were overcome.

Operating through disparate systems is much less likely to afford councils a ‘single view’ of citizen data, making it tricky to provide joined-up services. Cloud services can combine both internal and public facing elements, such as helping to streamline both internal bureaucracy and public access to information.

“Local government needs to transform and use digital as a tool to both support transformation and shift thinking about how we can work with citizens and service users in a more agile way,” says Koehler.

Intranets can be revolutionised, document collaboration finally removed from the clutches of clunky email shares, and even things as apparently dull as room booking can be transformed through access to cross-council, multi-site cloud systems.

Importantly, these possibilities can reduce the internal administration burden, which in itself frees up resources and money that could otherwise be used on other areas of councils’ remit. That’s essential given the estimated £5.8 billion funding gap that local authorities are expected to have to deal with over the next decade.

“The more progressive councils will see cloud as an opportunity to reimagine how future services can be delivered,” says techUK’s Maratheftis, “as well as gain value in reducing demand on services, improving efficiencies and enhancing the customer experience.”

However, with the Cloud First strategy clearly having minimal impact, a change in culture may require more heavy-handed intervention from central government.

Image: Shutterstock

What new trends teach us about the future of collaborative tech


Sandra Vogel

31 May, 2018

Every business, no matter how small, relies on collaboration to get the job done. Ideas need to be generated, honed and perfected. Projects need to be defined, scoped, managed and evaluated. Clients – and staff teams – need to be listened to and worked with.

There are two key imperatives for effective collaboration: Pairing ‘many-to-many’ communications (like a real conversation) with the need to bypass hierarchies and old ideas about who can and can’t participate.

Combining these two gives an organisation the highest chance of getting the best ideas, while encouraging everyone to contribute means people feel valued rather than sidelined out of the important decisions.

New lines of communication

Technology is very good both of these, but it has to be implemented well to achieve them – that means picking the right product for your needs. For example, Casual Dining Group has ditched email for its staff communications, and instead uses Workplace by Facebook, a platform that supports collaboration in businesses that don’t necessarily have a traditional infrastructure in place.

“Crucially, this has allowed us to connect all of our workers, regardless of their job title or location,” Celia Pronto, Chief Customer and Digital Officer at Casual Dining Group, tells Cloud Pro. “For a restaurant business, where many employees don’t have an email address, this is critical.”

This has created benefits for the business – it has “fostered a healthy sense of competition, created a space to share best practice and garnered an openness and awareness of wider business aims,” says Pronto.

Similarly, Tinypulse, an anonymous platform for interacting with employees through questions, cheers, suggestions and direct messages has helped PR Agency NeoPR engage better with its staff.

Neo PR’s director, Gemma Spinks, told us: “Since implementing this tool we have seen increased collaboration between teams on subjects that may not have otherwise been addressed. Staff morale is also greatly improved as people feel they have an official forum to raise, discuss and share concerns they, or other team members may have.

She adds that using these types of collaborative tools “allows everyone in the team, not just the line managers, to recognise and highlight good work, successes or general pleasantness in the office.”

The workspace is evolving

In a traditional office environment, using collaborative technology often goes hand in hand with a physical reconfiguration of the workspace.

One approach that’s growing in popularity is ‘huddle rooms’ – in many ways a reaction to open plan offices which typically lack places to sit and chat. Huddle rooms have comfy seating and tables to work at, and, most importantly, are loaded with tech – big screens for video calls, interactive whiteboards, conference call setups. This makes them ideal for including remote workers who can join by voice, video and screen share.

This approach isn’t just for businesses. At Guy’s and St Thomas’ NHS Foundation Trust there is now a state-of-the-art Cancer Centre, a huddle room equipped with screens and communications equipment. This allows cases to be discussed in a secure environment, medical documents and files to be viewed, and conversations to be had with colleagues who may be at other hospitals.

Professional services company PwC has taken the concept of the huddle room one step further with its new ‘Delta Room’. Located at its office in Paris, it’s fitted with multiple large format, gesture-controlled screens that can capture information in real-time, as well as wireless audio and a mix of desk and sofa style seating. It’s an open-plan meeting space that allows people to move around freely while collaborating – and of course, it can include remote participants.

Not constrained by time and space

Collaborative technologies really come into their own when they allow people to defy time and space, and come together to pursue projects wherever they happen to be. Achieving this doesn’t necessarily require lots of futuristic looking equipment or fancy features. Often it is just about having access to shared working space.

For example, when taxi booking service mytaxi rebranded to incorporate Hailo, it needed to establish a new brand identity with a small team spread between London, Dublin, Hamburg, and Barcelona – all within four months. It needed its team to be able to work together, yet remain flexible to meet tight deadlines.

The team worked in Dropbox Paper, a shared document development system, for all elements of the project from creating strategy documents to mock-ups with feedback and wireframes. The task was so big that Gary Bramall, Chief Marketing Officer at mytaxi describes it as “…the marketing equivalent of raising the Titanic with a tiny team”

Pushing at an open door

What all of these examples show is that collaborative technology can be futuristic (like gesture responsive screens) or more traditional (like Dropbox Paper), but it can’t be exclusive or restricting. Closed door meetings are dwindling in favour of open collaboration, and the idea of having to be present in person to join in a discussion is a thing of the past.  

The cutting-edge, like PwC’s Delta Room, is all about democratising and inclusion. Whatever we see next in collaborative tech, it’s likely to push further that already open door.

Image: Shutterstock

It’s time to wake up to the cloud malware threat


Sandra Vogel

24 Apr, 2018

Cloud-based malware is a real and present danger – and it can spread through an organisation like wildfire. But it is not always on the radar of security teams, and without strong protocols in place, there are many possible routes to infection. It’s time for those organisations which don’t have strong protection against cloud-based malware to wake up to the dangers, and protect themselves.

The same – but different

Cloud-based malware is in many ways no different to more ‘traditional’ types which might break in through routes like an infected file drawn off a USB stick, or a compromised web page. It can have similar payloads – ransomware, industrial espionage, and so on. But the cloud offers two important distribution advantages: there are many more routes to infection, and cloud allows malware to spread with alarming rapidity.

Alex Hinchliffe, threat intelligence analyst at Unit 42, told Cloud Pro that cloud-based malware spreads in rather familiar ways to physical infections.

“Adversaries who may have compromised systems in the cloud may attempt to move laterally to other hosts in the cloud, using typical methods as they go, such as gaining credentials through key-logging, brute-forcing, or even additional spear-phishing attacks on employees or using password-stealing tools on infected systems,” says Hinchliffe.

The lure of cloud-based services

Thanks to the growth and development of software-as-a-service (SaaS), we are becoming more and more reliant on the cloud for the majority of our everyday computing needs.

We can share information with other people easily, no matter where they are. We can whiteboard ideas, have group conversations in virtual space, create, edit and amend content of all kinds, manage projects and teams, and so on.
SaaS allows IT teams to offer a range of capabilities they might struggle to deliver through in-house tech, and to access new services and new ways of working much more quickly than they could through in-house implementation. It helps them improve efficiency and productivity, and to punch above their weight.

Many of us have settled into a mindset where cloud apps are the norm. It isn’t a big leap from there to step outside the services sanctioned by the IT team and strike out alone, setting up accounts with web-based services that will help with a particular project. It is highly possible that the IT team only knows about a fraction of the cloud services in use at any one time.

The problem for the IT team is policing all the cloud services used to help keep internal systems safe. All it takes is a single malicious file, shared through a service that operates in your IT departments blind spot, to bring down a network.

When strengths become weaknesses

We shouldn’t be under any illusions about the danger of cloud-based malware. New research from Bitglass scanned tens of millions of files and found on average one in three corporate instances of SaaS apps contained malware.
Of the four major SaaS applications – OneDrive, Google Drive, Box, and Dropbox – Microsoft OneDrive had the highest rate of infection at 55%. Google Drive came in at 43%, while Dropbox and Box were at 33% each.

New research from Palo Alto Networks also found that 68% of cybersecurity professionals working in large organisations in the UK say the rush to the cloud is not taking full account of the security risks. Just 15% of UK security professionals said they were able to maintain consistent, enterprise-class cyber security across their cloud networks and endpoints, according to the research.

Taking control of the situation

Arguably the most appropriate strategy for getting ahead of the threat of cloud-based malware is to have effective endpoint solutions – i.e. to use trusted third-party solutions that will monitor laptop and desktop computers, tablets and phones.

This can be more complex than it seems. We’ve already noted that there will likely be many more cloud apps in play than the IT team is aware of, and the endpoint solution will need to keep an eye on all file uploads and downloads.

Of course, that’s on top of the burden of monitoring every piece of kit used by employees. This will need to include those provided by the organisation, sanctioned BYOD devices, and, inevitably, BYOD devices that are not sanctioned.

There also needs to be an effective backstop layer of protection that will come into play when an infection gets through so that it doesn’t spread into the organisation’s own cloud applications.

Strong protection is the only way to defend against infection. And this is becoming more and more necessary. While the immediate threat of Wannacry may have passed, the 300,000 computer systems infected around the world, including those within the NHS, speak volumes to the potential damage a similar outbreak could wreak.

This should be especially concerning given the NHS’ recent commitment to moving its systems to a cloud-based model, and reports that its systems have yet to reach a standard capable of warding off a similar attack in the future.

The threat from ransomware isn’t going away anytime soon, and that, along with industrial espionage and other exploits, needs to be paid serious attention.

Image: Shutterstock