The changing BYOD landscape

Bring your own device (BYOD) offers great promise for businesses willing to implement the strategy, with benefits including lower device costs and less hardware training for staff.

The ability for workers to bring their own smartphones, tablets and laptops into the workplace means companies can cut out hardware expenditure as staff are using their own technology. What’s more, they’ll also be more familiar with the devices (understanding the operating system), meaning greater productivity.

Changes are coming, however, which are certain to have an effect on this trend over the course of 2015 and beyond.  

A growing security market

When companies allot devices to staff there’s often little risk of data security being compromised, as the business controls what services the equipment can access. What’s more, the company can also recall the hardware and wipe it or secure it further if necessary.

This isn’t so with BYOD, as staff are bringing personal hardware from home. It’s easy to see how a staff member could bring in a phone or tablet that has been compromised by a virus. There is then a risk of the virus spreading onto the business network.

Companies are aware of this risk, however, as a report from TechNavio at the end of 2014 found that the global BYOD security market will grow at a combined annual growth rate of 35.23 per cent through to 2019.  

“As BYOD policy is gaining popularity, implementing BYOD security solutions is highly important. [Such solutions] allow remote management of the mobile devices such as laptops, tablets, and smartphones,” the report explained.  

Tablet sales slowing down

BYOD isn’t limited solely to tablets, but could slowing tablet sales have an impact on the trend? A Gartner report released in January found that demand for the devices is continuing to slip, and growth in 2015 will only see an eight per cent improvement over last year.  

This certainly doesn’t equate to low unit shipments, as Gartner estimates 233 million units will be delivered during the year.

“In the last two years global sales of tablets were growing in double-digits. The steep drop can be explained by several factors,” said Ranjit Atwal, research director at Gartner.  

Mr Atwal explained there’s currently a lack of innovation in the space – something that is causing consumers to hold back. While smartphones continue to include ever-advancing cameras and functionality, tablets have only seen superfluous changes since initial growth in the past few years.  

“One [factor] is that the lifetime of tablets is being extended – they are shared out amongst family members and software upgrades, especially for iOS devices, keep the tablets current.”  

It’s likely that while tablet sales are slowing, the impacts on BYOD will be minimal. Staff will continue to bring the devices into the workplace, and similar two-in-one devices will take up any slack.

Managing the trend in a business environment

Key to the success of any trend in IT is a strong management strategy, ideally one implemented from the outset. Such plans ensure that areas like security are not left out in the cold, and instead are placed in the spotlight throughout use.

With BYOD it’s a good idea to use the ITIL method, a renowned framework for using IT for business transformation. Essentially, this framework means BYOD implementations are correctly managed from as soon as the project starts.  

If you’d like to find out more about the ITIL framework, get in touch with ALC training today. Courses are held throughout Australia, in cities including Melbourne, Sydney, Brisbane and Perth.  

Top 5 courses for the first half of the year

Getting up to speed with a framework or methodology is a great way for people to upskill and for businesses to create more effective staff, but it can be daunting to choose from the substantial array of courses.

To help you get started, we've put together a list of the five courses that should be considered in the first half of 2015. From ITIL to PRINCE2, it's time to become more capable.

ITIL Foundation

IT is a powerful area of business, and one with the ability to transform how companies work. Of course, it's never as easy as simply taking on a new technology.

ITIL is the best possible course of action as it's a widely accepted approach to service management that helps both individuals and organisations use IT for business transformation.

If you want to get started with ITIL, Foundation is the best possible introductory certification. ALC Training is hosting the necessary courses throughout key Australian cities from January 2015.

COBIT5 Foundation

While businesses may know how to implement IT and utilise effectively to transform operations, there's also a need to actually manage and govern the systems on a day to day basis.

COBIT5 is a great way for enterprises to do so, providing globally accepted principles and practices – as well as analytical tools – to increase trust in information systems. For companies holding back from IT it's an excellent framework to understand.

COBIT5 Foundation courses are being held in Sydney, Melbourne, Canberra and Adelaide, providing a great starting point for companies and individuals wanting to start using the framework.

TOGAF 9 Level one and two certificate course

Improving business efficiency may sound a like a difficult task, especially in larger companies with hundreds of employees. However, it's actually far easier when handled through a methodology.

TOGAF9 offers the necessary knowledge for individuals and businesses, and it's used by organisations across the globe for exactly this purpose.

The Level one and two certificate course is an excellent starting point, taking participants through the basics of TOGAF9 and setting them up for future courses.

This course is being held in Sydney, Melbourne, Brisbane and Perth through until June.

SABSA

Security has been quite a hot topic in recent years, especially as IT has continued to grow within the workplace. Now more than ever IT security needs to be a top priority, as the sheer amount of sensitive data at risk could mean severe breaches.

SABSA is an excellent solution to security concerns, as it's a proven way for individuals and businesses to implement strong security architectures. What's more, it can continually be used to effectively ensure business security.

Courses are being held in Sydney and Melbourne for the Foundation course – an excellent launching point for this capable framework.

PRINCE2 Foundation

Project management is something every business and individual is going to need at some point, whether it's for running a trade show, conference or internal project within the company. When it comes time to host such an endeavour having a strong framework is invaluable.

PRINCE2 Foundation is the best possible option for those needing a capable project management framework, as the course takes participants through the advanced PRINCE2 framework, which is designed specifically to ensure projects are handled correctly.

PRINCE2 courses are available in all major Australian cities throughout the first half of 2015.

If you'd like to sign up for one of these courses in cities across Australia, get in touch with the team at ALC Training today.

We'll answer any questions about our range of courses and the best way to move through each level.

IBM study demonstrates necessity of cyber security efforts

For many businesses a data breach may seem like something that only ever hits large enterprises, as the attackers are after sensitive records or financial information.

The truth is much more startling, however, with no company or sector safe from a data breach. Cyberattackers stand to gain a lot from a successful attack, whether it’s through selling on data or simply damaging the company for another purpose.

This past year saw the total number of attacks on US retailers drop, but the amount of stolen information climb. It’s time for businesses to start placing an emphasis on information security endeavours.

Understanding retailer attacks

There was a 50 per cent decline in the total number of cyber attacks against US retailers in 2014, according to a new study from computer company IBM.

While this may sound like an improvement over 2013, the actual number of stolen records is still high. In fact, even though the number of breaches actually dropped, attackers extracted 61 million records from US retailers.

IBM security researchers say this is evidence of “increasing sophistication and efficiency” when it comes to attacks. New methods mean cyber criminals can better plan their assaults on businesses, lifting greater quantities of information in fewer attacks. This is likely a preferable approach to carrying out many smaller breaches.

“The threat from organised cyber crime rings remains the largest security challenge for retailers,” said Kris Lovejoy, general manager for IBM security services.

“It is imperative that security leaders and chief information security officers in particular, use their growing influence to ensure they have the right people, processes and technology in place to take on these growing threats.”

Interestingly, cyber attacks slowed down on the two busiest American shopping days – Black Friday and Cyber Monday. The number of data breaches dropped by over 50 per cent from 2013 during the two days.

IBM noted that retailers and wholesalers were the top targeted industries in 2014, likely due to the substantial amount of customer information retained by these types of business. This quite a change from two years prior, where manufacturing took the top spot.

While businesses may understand why cyber attackers go after sensitive information, what actually happens following an attack?

The damage of a breach

Once attackers manage to breach a server and steal sensitive information, whether it’s credit card details or the personal data of customers, companies face a substantial degree of risk.

Firstly, there’s the threat of reputation damage, as customers will be less willing to place their trust in the IT systems of the company, knowing that a breach has occurred.

In competitive markets where other companies offer similar services, customers could easily jump ship.

There is also the financial risk of a cyber attack, as the business will need to both invest in new security systems to prevent attacks from occurring in the future and reimburse customers if necessary.

Following an attack, companies should address the breach by securing other systems, form a team to locate the source of the breach and put a fix in place and begin testing it.

Businesses should also take steps to notify customers of the attack and keep them informed of any ongoing developments.

How SABSA can help

If security systems are the wall against which cyber attacks push up against, then a strong security framework is definitely the supporting structure.

When staff can use a security architecture framework like SABSA to put strong systems in place and subsequently maintain them, ongoing security will be far easier.

Speak to ALC Training to get started with a highly capably security framework – one designed to ensure businesses are always prepared to implement strong security architectures.

 

Have you considered certifications for 2015?

With the new year just around the corner, there's no better time to assess how up-to-date you (or your business) is with the most comprehensive IT frameworks.

These methods have been utilised time and again by organisations across the globe to better utilise IT, effect stronger control over projects and ensure better security architectures are in place. There are certainly no better tools to prepare for a new year.

So, for your new years resolution, why not take on a powerful new framework?

ITIL

ITIL is best known as the widely accepted IT service management approach used by companies across the globe. It's able to help both individuals and organisations utilise IT to manage transformation and growth – key with the ongoing developments in the sector.

But what are the best courses?

ITIL Foundation: Beginners will want to start off with ITIL Foundation, the ideal starting point for anyone (whether an individual or company) wanting to get started using the tool.

ITIL Capability Certificate Courses: Following on from the beginners course are the capability certificates. These modules are the fastest way to gain expert accreditation and each focuses on a different area to provide specialised, process-level knowledge.

PRINCE2

For project management there's no better option than PRINCE2, a framework utilised by the UK government and other organisations around the world to ensure projects always go to plan. One of the best things about PRINCE is its versatility, as it can be deployed on a basic IT endeavour or a massive conference.

Getting started with PRINCE2 is easy.

PRINCE2 Foundation: Similar to the ITIL Foundation course, the PRINCE2 equivalent has been created for those who need to gain a basic understanding of what the framework actually is.

It's really useful for anyone who wants a practical understanding, but not fully-fledged professional level knowledge.

Implementing PRINCE2: One of the later courses individuals might opt for is Implementing PRINCE2, a course that's necessary if users want to actually embed PRINCE2 as the project management tool within a company.

COBIT 5

For IT governance, COBIT 5 is an excellent option. Given that IT governance has a great deal of strategic importance within organisations, it's necessary to choose a certification that's reliable and delivers the required knowledge.

COBIT 5 Foundation: Of course, there is the COBIT 5 Foundation course which is ideal for anyone new to the methodology and IT governance in general.

This course provides a comprehensive coverage of the COBIT 5 components and also uses an example-driven approach.

SABSA

The last course on the list deals with security architectures and is certainly a powerful option in a world of growing cyber threats.

This framework is designed to empower a company to carry out tasks whilst also remaining secure.

SABSA Roadmap: The course structure for SABSA starts off with Foundation, which covers the basic level knowledge. It then progresses to Advanced Modules, which count towards higher certification. Upon completion of these two courses, participants move to the Topical Master classes which cover specialty areas.

With security essential in the modern business environment, there's no looking past the benefits of SABSA.

The new year is fast approaching and it's time to get enrolled in a comprehensive certification. Doing so will mean businesses are prepared to handle any changes or new developments over the course of 2015.

Speak to ALC Training today if you'd like to find out more about the comprehensive range of courses available. We host certifications in all major Australian cities and in key locations throughout the Asia Pacific.

Pairing digitisation with PRINCE2

It can be all too easy for companies to run into roadblocks with new technology implementations, especially when they're on a similar scale to digitisation – the process of converting analogue information to the digital medium.

Like many new trends, digitisation requires effective management from the outset, in order to avoid running into issues further down the line.

With digitisation on the rise, it's now time for businesses to consider implementations and the most effective forms of management.

This article will take a look at the proliferation of digitisation in the Asia Pacific and how PRINCE2 can be effectively utilised to manage the change.  

Digitisation on the rise

Digitisation is currently experiencing growth in the Asia/Pacific, according to a new report from the International Data Corporation (IDC). This is even as consumables shipments (printer ink) remain stable.  

Greater numbers of vendors are now recognising the advantages of digitisation and are starting to offer managed print services in response.

Pankaj Chawla, an IDC research manager, explained the current reasons for digitisation growth and the likely effects of such a shift.

"Digitisation is an emerging trend in Asia/Pacific as corporations as well as government sectors in Asia/Pacific countries are trying to reduce their printing needs," he said.

"Educational institutes are evaluating the adoption of tablets; hospitals are digitising patients' records; and governments are going to digitise government records."

He went on to explain that digitisation policies will in turn lead to lower usage of paper records and printing, though it could be some time before digital alternatives are in full effect.

Governments pushing ahead

In Australia, institutes such as the State Library of Victoria are recognising the benefits of digitisation and converting paper records and historical artefacts into digital alternatives.

According to the library, hundreds of thousands of objects have now been converted, including photographs, maps and rare artworks.  

Once these objects are uploaded into a computer system, it's easy for anyone to view them even if they're not physically in the library. There is also the element of preservation, as priceless objects are kept secure and records are retained for future generations.

Businesses can see similar benefits with digitisation, especially when older records and files are place into a cloud server. Staff are able to access files without having to trawl through physical filing cabinets and there's no risk of damage to originals.

So with digitisation offering such a significant number of advantages for businesses, what's the best way to implement such a strategy?

Managing the change with PRINCE2

Digitisation is obviously a large project for businesses, especially when thousands of records and files need to be converted.

It's easy to see how without proper management such a process could derail, failing to accomplish any pre-determined objectives.

We've covered the benefits of PRINCE2 before, but it's time to take a look at how it can be put to use in a digitisation strategy.  

Using a capable project management method to carry out the transition means nothing is left to chance and the digitisation shift occurs seamlessly.

As the method can be flexible, businesses of all sizes should find it easy to tailor a specific digitisation strategy.

What's more, PRINCE2 can be used time and again on various projects, helping to ensure any endeavours within the business are guided correctly.

Digitisation is certainly the future of file management within organisations, but it's important that businesses proceed with implementations with the utmost care.

PRINCE2 is the perfect tool in this regard and is certainly the best possible option for businesses undertaking the digitisation process.

Get up to speed on the most capable methods and frameworks

If you're looking to upskill your employees to face the challenges of new projects and technology implementations – not to mention security – then frameworks and methodologies are certainly the answer.

These proven tools can provide a solid foundation for your staff, ensuring they're ready to face a number of challenges. Of course, it's important that workers undertake the right training and certification to get the most out of a particular framework or method.

Whether it's ITIL, PRINCE2 or SABSA, businesses need to consider powerful frameworks.

How ITIL can foster transformation

IT has fast become the centre of attention in businesses across the globe and it's now used for everything from internal staff development to creating stronger ties with customers.

For example, businesses use IT systems to manage staff and expand operations, as well as developing new applications for customers. A focus on mobile has also arisen in turn, with mobile communication and productivity now necessities for all companies.

The ITIL framework is designed specifically to help both organisations and individuals realise transformation through IT and offer continuous benefits over the long term. This is a framework that can be used time and again.

Key benefits include:

Managing a project with PRINCE2

It's important to effectively run projects, regardless of whether they're tiny two-day conferences or large endeavours taking place over several months.

If they aren't managed correctly this opens the door to rampant cost and deadline overruns.

The answer to project management concerns is PRINCE2, an essential tool for guidance for individuals and organisations running a project.

One of the best things about PRINCE2 is that it's exceptionally easy to learn and flexible enough to meet the needs of various projects. Like ITIL, this makes it a perfect tool that can be used time and again over the long term, for different projects within the company.

This framework was developed by the UK government, and is used throughout the public and private sector. This is for good reason too, as it offers best practice in project management.

PRINCE2 certainly needs to be considered to ensure projects never go off track.

Placing emphasis on security with SABSA

Security is a growing concern in the business world, especially with the seemingly never ending onslaught of cyberattacks against large corporations and governments across the globe.

These leave organisations facing crippling financial issues and rampant reputation damage – certainly difficult to overcome.

What's needed is a capable tool designed to ensure that the security architectures of organisations are up to task of protecting against new cyber threats.

The final framework is SABSA, a methodology designed for enterprise security architecture and service management. This is the world's leading open security architecture framework and methodology and is designed to handle the entire security process.

SABSA guides companies from the concept stages through to design, development, implementation and management. This means businesses are using a tool that leaves nothing to chance – vital when it comes to security.

Choosing a provider

These frameworks and methods may sound difficult to implement, but it's only a matter of using the right certifications and provider.

These experienced professionals ensure that all necessary topics are covered as part of the certification, placing companies in the best possible position to take advantage of the tools.

ALC Training offers ITIL, PRINCE2, SABSA and a range of other courses in cities both within Australia and across the globe. These courses are suited to groups of any size, whether it's a small team or an entire department.

Get in touch today if you'd like to get up to speed on the latest frameworks and certifications.

Trend Micro report showcases necessity of security culture

Business leaders may not have heard of a security culture, but it’s soon going to be a necessity as the number of cyber attacks proliferates.

The attack surface is now growing, according to a recent report by Trend Micro, a software security provider. This essentially means that businesses are being hit by cyber attacks from a number of different areas.

What’s needed is a rethink when it comes to security, something that may sound difficult on paper but only requires appropriate planning.

A growing attack surface

Security threats are evolving, and businesses need to start understanding the risks and what needs to be done to minimise the chance of an attack.

By doing so, a company can avoid a potentially serious data breach, one where sensitive information is exposed.

The Trend Micro report Vulnerabilities Under Attack: Shedding Light on the Growing Attack Surface, noted that Australians clicked on over 45.5 million malicious links in the third quarter of this year. This is up from 39 million in the second quarter, and 27 million in the first.

Australia also ranked fifth in the world for most point-of-sale malware infections in a country – something that businesses will certainly need to rectify to avoid potential reputation damage and customer loss.

“With this fluidity, it’s time to embrace the fact that compromises will continue, and we shouldn’t be alarmed or surprised when they occur,” said Jon Oliver, senior software architect director at Trend Micro Australia and New Zealand.

“Preparation is key, and as an industry we must better educate organisations and consumers about heightened risks as attacks grow in volume and in sophistication.’

He stated that it’s important to understand that cybercriminals will find loopholes in every device and platform.

This expanding attack surface requires businesses to be switched on when it comes to security and one of the best ways to do so is by growing a security culture.

Growing a security culture

A security culture needs to be more than just a consideration for businesses. Such an endeavour could form the backbone of security efforts.

Adopting such a culture means security efforts go above basic systems, to where staff are aware of exactly what can cause data breaches and leaks.

When all levels of an organisation are acutely aware of danger of cyberattacks, there’s a substantially reduced chance of any sensitive information being exposed.

For example, a strong security culture means staff avoid all potentially malicious emails and web links, and promptly report them to the IT department. Likewise, if suspicious hard drives are found onsite, they’re turned into the IT department and not plugged into a network-connected computer.

A security education

Businesses, whether they’re large retailers or SMEs, need to consider the value of a comprehensive security education – one designed to raise awareness of security.

SABSA, for example, is the world’s most successful security architecture, as it uses a best-practice method to deliver cohesive information security solutions.

A SABSA course will provide participants will the knowledge necessary to take charge of security in areas such as risk, assurance, architecture and design.

Preparing for the future

There’s no denying that security threats will continue to propagate over the next few years, being driven by increasing technology use both within businesses and by consumers.

This growing array of potential targets for cyberattackers will require vigilance on behalf of companies and a focus on security cultures and frameworks.

If you’d like to get started with a leading security framework, speak to the expert team at ALC Training. Courses can be delivered anywhere in Australia and to locations across the globe.

Become certified as a CISSP

Are you an IT professional ready to take your qualifications to the next level? ALC Training is one of the top providers of the Certified Information Systems Security Professional course. Our comprehensive 5-day course will cover everything you’ll need to know to pass the CISSP exam. Provided in major cities in Australia, sign up to our CISSP training today. 

Securing your architectures with the right certification

Few other things matter as much as enterprise architecture security, especially when these architectures are used for critical business operations.

These are the underlying systems that provide a foundation for the enablement of business.

Of course, to enable business it's necessary to seize opportunities through risk – something that in turn requires tight integration between risk, opportunity management and the architecture itself.

Securing your architectures

To grow, businesses need to take manageable risks to seize opportunities. This can often be an issue, however, as security needs to remain a top priority.

It's here where the Securing Your TOGAF Environment course can be extremely useful, as it's designed to teach participants how to combine proven SABSA techniques for creating enterprise security architectures with features from TOGAF.

This takes place over a period of two days, and uses both classroom lectures and hands-on exercises designed to provide the best possible learning experience.

Participants (whether individuals, groups or businesses) gain an understanding how to augment TOGAF with SABSA techniques to develop security architectures and create more tightly aligned enterprise architectures.

What businesses are left with are architectures designed to manage risk and opportunity.

What you'll learn

This course delivers a number of learning objectives, including:

Speak with ALC Training today if you'd like to start creating enterprise security architectures with the latest features of TOGAF.

ALC Training also offer a substantial number of other courses focusing on IT service management and project management, deliverable wherever in the world they're required.

SaaS now essential for business operations

Infrastructure is often costly to operate, whether it's a small-scale server in a small business designed to handle storage or a data centre run by an organisation to operate customer services.

There's no denying that it's better for a company to circumvent these high costs, especially if this can be achieved without sacrificing security or control over services.

Software as a Service (SaaS) is the answer, and it represents one of the bigger shifts in IT operations for an organisation. It involves a transition from the traditional model of onsite hardware and software to services run by a provider offsite.

It's now time for organisations of all sizes to consider this digital transition, and the best way to do so effectively.

What is SaaS?

SaaS is a truly a significant shift away from traditional software management, and involves businesses licensing software through a subscription system. This means there are no high capital costs and staff access the software through a web browser.

In turn, this makes scaling far easier, and businesses can simply request support from a provider to add further users. Following a brief call, the provider can increase a client's allocation, almost instantly.

Similar terms grouped under the "as a service" title include infrastructure as a service (IaaS) and platform as a service (PaaS).

A digital transition

Moving to SaaS means greater cost savings in the IT department, further agility and a renewed focus on innovation. A Gartner survey released on 25 November highlighted these benefits, polling respondents from a number of countries.

"The most commonly cited reasons the survey found for deploying SaaS were for development and testing production/mission-critical workloads," said Joanne Correia, a research vice president at Gartner.

She explained that while early SaaS adoption focused on small pilot projects (essentially "testing the ropes"), recent projects are on a far larger scale.

"Today, the projects are mission-critical and production grade. This is an affirmation that more businesses are comfortable with cloud deployments."

The Gartner study explained CIOs are using the cloud to create a modern IT environment, one focused on innovation. Business leaders, on the other hand, see the cloud as way solely to save costs. In these instances, they're overlooking some of the more pertinent strategic benefits offered by this transition.

Businesses will have to assess whether the SaaS model is the best possible option to both drive innovation and bring down IT costs.

Managing the change effectively

Moving to SaaS is substantial business IT shift – but there's no denying the necessity of doing so. Of course, to handle the transition without large disruption to business operations it can be a good idea to consider using a proven change management framework such as PRINCE2.

This methodology, which was designed by the UK government and has now been in use for several decades, can be utilised by companies of all sizes and for a large number of projects.

If a business is hosting a tradeshow, the framework provides a set of proven guidelines to ensure all objectives are met over the course of the event. Likewise, when moving to SaaS, PRINCE2 establishes a strong support structure that ensures there are no oversights.

It's easy to get started with this methodology, and training in the framework often means any future projects within the business are in good hands.

ALC Training is a leading provider of project management courses, like PRINCE2 and other renowned frameworks. Get in touch with us today if you'd like to ensure you start projects on the right footing.

Importance of mobile highlighted in IBM study

Staying ahead of the curve is becoming increasingly important for organisations across the globe, and technology can be a key driver.

Few other technologies are as important to businesses as mobile, whether for staff or customer use. Smartphones and tablets offer unparalleled productivity and communication benefits, and new ways for companies to stay interconnected.

Companies will now have to begin turning attention to mobile, but it's going to be essential to stay focused on security.

Thanksgiving drives mobile momentum

For the first time ever, mobile device traffic climbed above traditional PCs on the American holiday of Thanksgiving, reaching 52.1 per cent of total online traffic.

In fact, the mobile use continued on Black Friday, which saw online sales rise 9.5 per cent and mobile devices account for one out of every four purchases.

"Mobile has become the new Thanksgiving tradition as consumers find the best deals with their fingers as well as their feet," said Director of IBM Smarter Commerce Jay Henderson.

This is a significant figure, as PCs were traditionally the go-to devices for web services such as shopping. Such a shift means businesses need to take note – as consumers accessing business services on mobile require a different approach.

For example, if customers are purchasing products on mobile devices, they'll need to either optimise their website for mobile or build a version of their site that is solely for handheld devices.

Business should look to the examples set by American companies, which IBM notes have found success.

"We saw retailers harness the power of data to engage shoppers, identifying the unique preferences of their customers while quickly capitalising on online, mobile or in-store trends as they emerge," Mr Henderson said.

Of course, mobile strategies cannot exist without security. Failure to put any protective measures in place while pushing ahead with the trend could result in harm to the company.

Productivity over security

Staff using mobile devices for work stated that security efforts are now being sacrificed for productivity, in a new poll by Raytheon.

A substantial 52 per cent of the survey respondents noted that security is now being "compromised and circumvented" in order to drive further productivity benefits. This sets a dangerous precedent, especially with customers increasingly moving into mobile.

Businesses need to keep mobile security at the top of the priority list, even if it means sacrifices in other areas. While customers may find the service not as capable, the security assurances are invaluable.

Focused mobile strategies are certainly the answer, as they provide a central framework for the business. 

Ashok Sankar, the vice president of Cyber Strategies at Raytheon explained that what's needed are strategies designed to both preserve the mobile user experience while simultaneously keeping security at the top of the priority list.

While these may seem difficult to implement, they're going to prove essential as customer use of mobile devices continues to grow.

A shift to mobile can be made easier, however, if businesses adopt a capable framework.

Deploying a framework

Keeping a handle on mobile operations is certainly no easy task for businesses – regardless of size. Whether a small company or massive enterprise, mobile represents a shift in workflow that requires careful management.

IT and business leaders may want to consider training staff in a best-practice IT management framework such as ITIL. This has been designed specifically to guide IT operations, ensuring they proceed smoothly from the outset.

To learn more about ITIL and how it can be applied to the mobile IT operations of a business, get in touch with the capable team at ALC Training. ALC can deliver courses throughout the Asia Pacific and to countries across the globe.

IT and business leaders need to increase cloud knowledge

Understanding is the key to success in many areas of business – especially when it comes to the uptake of new technologies.

The cloud is just one of these technologies where success is required, given the advantages of effectively utilising the platforms. To succeed in the cloud, IT leaders and senior managers in a company need to better understand the benefits and challenges of the platforms, and the most appropriate investments. 

This article will explore the current state of cloud understanding within businesses and the most effective implementations to pursue.

The knowledge barrier

It's not surprising to find a substantial knowledge barrier for a new technology or platform, especially given the often confusing coverage of exactly what it offers.

Cloud-based services have certainly faced this issue, and a recent survey of UK SMEs by YouGov has uncovered the primary understanding barriers.

Of 529 survey respondents, a lack of knowledge, privacy and security concerns rated at the top of the concerns list.

Let's explore the five key barriers that are affecting cloud uptake among businesses:

1. Lack of knowledge: This is the most general, essentially a lack of understanding of exactly what cloud services provide. This is the first barrier to implementation that needs to be overcome, and also the most pertinent issue.

Nearly half (46 per cent) of survey respondents explained that this was their key challenge with a cloud transition.

2. Security/Privacy: Rating second on the list of barriers with 28 per cent, this is another critical area that's a common subject of misconception.

The cloud doesn't actually mean reduced security and privacy, and in many cases can actually offer improvements. For example, with a vendor running cloud operations services are monitored around the clock.

3. Connectivity/Access: Cloud platforms are hosted online, and usually offsite. This is so they can be operated out of data centres and scaled when necessary.

This may lead to access concerns, but these are unfounded. Data centres are designed to remain online even during blackouts, ensuring a company can always access the required services. A substantial 21 per cent stated this as a key issue.

4. Reliability: Similar to the above point, and coming in at 21 per cent, is reliability. This is how the cloud services operate day to day, and whether there are frequent issues. Obviously if businesses are moving into the cloud they'll want stability assurances.

Reliability isn't an issue, as services are often running on the most capable hardware, and dedicate staff constantly assess services.

5. Speed of access: Ranking as the fifth key issue with 19 per cent, speed of access is dependant on the internet connection of the business. While not so important when it comes to cloud-based file storage, it's critical when running a virtual office.

To ensure speed is never an issue, businesses should ensure internet connections are a top priority.

A cloud implementation could be difficult to put in place, but only if it's managed incorrectly by the business.

If IT and business leaders understand which technologies are likely to be most useful, a cloud effort faces a higher chance of success.

Of course, this requires another consideration – are there certain technologies that need to be considered?

What implementations should businesses pursue?

Businesses should choose cloud technologies that are known to be effective, and studies such as the YouGov report have also detailed where companies are placing cloud focus.

A significant 28 per cent of respondents said collaboration tools were the primary focus, new communication services to make it easy to work seamlessly whether at home or in the office.

File storage and back up followed with 20 per cent. These technologies make it easy to back up critical files and documents offsite on a cloud server, where they're kept secure in the event of an onsite hardware failure.

These are just two of the possible technology implementations, but they're certainly capable of showcasing the power of a cloud implementation, and overcoming business prejudices about the capabilities of a cloud platform.

The top 3 IT security failures

IT security is currently a hot topic among organisations, with data breaches continuing to proliferate across the globe, causing significant financial and reputation damage.

In fact, 1.5 million cyber attacks were logged last year in the US alone by IBM. What's more, the research found companies experienced an average of 16,856 attacks per year. Many of these attacks are unsuccessful, but the statistic serves to paint a troubling view of cyber security.

As with any problem, the solution lies in understanding – and this is especially true in regards to IT security. When organisations are aware of the various threats, it becomes easier to manage risk.

Here are the top three IT security failures and the necessary approaches to cut down on the danger of breaches – regardless of the type or size of an organisation.

1) Misconfigured systems

It's common to believe most data breaches occur due to outside attackers, malicious groups specifically targeting a particular business.

These do make up a percentage of the reason for data breaches, but misconfigured systems and applications actually take the lead as the most common causes. In another IBM study based on 2013 attacks, 42 per cent of all breaches were due to this reason.

These breaches can occur in both small and large organisations, and require diligence to prevent them from happening.

Frequent spot checks of applications and systems are an excellent way to get started, with personnel investigating potential errors or weak points.

2) End user error

This next security failure is another that may not seem to be common, but it accounts for 31 per cent of breaches in the IBM study. These types of failure are those where an individual causes the breach, either with intent or inadvertently.

It's going to be difficult for a business to prevent purposeful data breaches from occurring, but there are ways to reduce the likelihood of an accidental breach.

For example, growing what's called a "culture of security" is one of the more effective measures. This involves training staff on the dangers of data breaches, and how these events can impact not just the company but also their individual productivity.

3) Targeted attacks

Finally, the cause that many may believe is the most common actually only causes 6 per cent of breaches. These are targeted attacks designed from the outset to either cause damage to the IT infrastructure of a business or obtain sensitive information.

Protecting against targeted attacks by an individual or group is difficult, and requires a combination of factors. One of these is a comprehensive security system that's constantly updated and upgraded.

Secondly, a strong security culture and awareness among staff. This is key, as outside attackers may seek to gain access to the organisation through targeted phishing emails designed to extract information or similar method.

Developing the right mindset

Security systems are a necessary step, but they're certainly not the only one. Organisations of all sizes need to know that data breaches can occur due to a number of reasons. The question is, what can these companies do?

A strong approach is the use of a framework such as SABSA, a methodology for developing security architectures within companies. Essentially, SABSA guides the development of risk and opportunity focused architectures at the enterprise and solutions level.

It can also prove useful for aligning and integrating security and risk management into IT architecture processes. By taking the time to collate these processes, organisations can effect more comprehensive security strategies.

To start taking advantage of SABSA, get in touch with the ALC Training team to find out where the necessary certifications can be delivered.