Best Practices in Cloud Security

  • January 31, 2012
  • News

Spending on cloud computing is growing faster than any other form of IT spending, with organisations of all sizes looking to reap the benefits of cost savings, flexibility, increased productivity and more. In particular, the use of software as a service (SaaS) is becoming mainstream. Where organisations are reluctant to embrace cloud services, the reason is often owing to concerns over security, especially since many SaaS offerings mean that an organisation’s data processing and storage, much of which is data sensitive to the organisation, is handed over to the service provider.

However, cloud computing models can actually provide a more robust and effective level of security than technology deployed and managed in-house. For example, mitigation against the latest threats can be pushed out to all users of the service simultaneously, removing the need for patches and updates to be deployed by IT administrators to all users of the service. This also provides the assurance that all devices connected to the service are up to date in terms of their security posture.

Beyond threat mitigation, cloud delivery is suitable for a wide range of security services, from basic needs, such as malware protection, to advanced security services such as vulnerability management, security monitoring, policy compliance, and application security and testing.

As well as accessing security services, organisations will also benefit from the service provider taking responsibility for many aspects of security as it must, itself, have developed a highly secure infrastructure in line with best practice and good governance objectives. These incorporate a wide range of security controls and can attest to the quality and security of its services through management reports and audit trails.

Fran Howarth has recently published a new report that examines how the use of cloud computing can actually improve security, as well as discussing the issues and challenges that remain, including liability, contracting and SLA terms and conditions, data centre infrastructure, auditing and certification, and the need for further standards development. Download the report: Best practices in cloud security.

Continue Reading Best Practices in Cloud Security

Mobile App Accessibility

  • January 31, 2012
  • News

It is predicted that by the end of 2012 there will be more mobile phones and smartphones than people in the world. Along with this trend is a trend for mobile platforms to be the preferred gateway to the Internet. A mobile smartphone, or a tablet, plus a wireless Internet interface has become the easiest and most cost effective way of getting online. It is being chosen by the young (no need for a fixed line), citizens of the emerging countries (where there are often no fixed lines) and people in the UK who have not been online yet (including many with disabilities).

To support the disabled users, 2012 is going to have to be the year when mobile app developers understand the need for accessibility and implement accessible solutions.

In 2011 Apple showed the way to an accessible platform with VoiceOver (text to speech), Siri (intelligent voice recognition), Assistive Touch (for people with limited hand control who cannot use the complex gesture support), along with a variety of other accessibility features. Android 4.0 (Ice Cream Sandwich), which is just coming on to the market, has a built in Screen Reader. Microsoft Windows 8, expected later this year, has been previewed with a whole set of accessibility features. So this year all the major platforms will have accessibility built in. More needs to be done on all these platforms, especially to support those who have little or no use of their hands.

Looking at existing apps, it is clear that accessibility is achievable but it is also unfortunately easy to develop apps that are totally inaccessible. As has been the case with accessibility on the web, the problem is not with the technology but with the lack of understanding, by the procurers and developers, of the issues and needs for accessible apps. For example, the UK Met Office created a weather app, which was a disaster when used with VoiceOver, however, a new version has recently been published and it is obvious that the need for accessibility had been recognised and, in the process, the usability for all users has been improved.

Peter Abrahams, Bloor’s Accessibility Practice Leader, is a prominent voice in the accessibility community and has stated that his vision for 2012, along with many other members of the accessibility community, is to:

  • Ensure that procurers and developers recognise the requirement and make accessibility the norm whilst the apps market is still young.
  • Keep pressure on the platform providers to ensure that accessibility features are provided to support all forms and levels of disabilities.
Continue Reading Mobile App Accessibility

The Value of Where

  • October 31, 2011
  • News

Geographic information has many facets but the value for business today is the location, or position on the earth's surface.

Location is meaningful in many ways, such as:

  • The location of assets enables operations, management and planning.
  • The location of events facilitates the same and can predict future events.
  • The location of customers can enhance marketing and sales campaigns, insurance risk management and retail outlet planning.

When location is incorporated into the data of Information Systems, these systems are empowered to provide much more powerful decision support. In fact, location often highlights trends, risks and opportunities that would otherwise have been hidden.

The latent power of location and the business possibilities are what appeals to Natalie Newman. She entered the world of geographic information more than 30 years ago, working with land surveyors fixing the position of trig beacons. This understanding of measurement and geodesy has led to many interesting roles in the world of geographic information.

Natalie established the GIS (Geographic Information Systems) in two local authorities in South Africa. Then the opportunity to don the uniform of the South African Air Force tempted her to take up an exciting role in the Directorate of Geospatial Information. This directorate collected imagery, mapping and hydrographic information for all 3 arms of the forces. This insight into the world of defence could only broaden the view and understanding of the important role that geographic information and location can play.

The turn of the century raised the profile of the telecommunications arena and Natalie joined South Africa's Telkom, where the use of location was utilised for demand forecasting. After moving to the UK, she joined Hutchison3g as their Global Co-ordinator for Location Based Products prior to the launch of 3. She then moved to British Telecommunications where she raised the profile both inside and outside the organisation by establishing a GIS Focus Group right across the whole BT group.

Working as a Spatial Consultant with Netezza reinforced her belief that wonderful opportunities exist for location to add substantial value to all levels of information. Operations are empowered by knowing where to function. Management is informed with reporting that shows where the successes exist and where improvement is required. Strategic Planning is supported by intelligence that reveals where trends occurred and predicts where the next activity could happen.

This small piece of information, describing the location, has the potential to be a major contributor to the value of both Information and Business Intelligence.

1 Trig Beacons – A term describing control points with a fixed position (calculated with trigonometry) and used by further surveys as an accurate reference point.

2 Geodesy - The science that deals with the measurement and representation of the earth.

Continue Reading The Value of Where